This is possible because a link to a normal website was redirected automatically to an executable file (probably from apache), as you can see for skype where the page www.skype.com/go/getskype appears in the first position and if you click Skype will start downloading automatically. You also have the choice of clicking the View as HTML link and just as with other formats, the file information is displayed.
Anyway, this must be a bug. I mean what use is from having the executable files indexed, as in the View as HTML section there is no relevant information. Plus this is a security risk, even a high one. Because sites full of spyware might use this redirect bug to have spyware executables indexed and when the user will click it automatically installing all the malware in the world. I've tested this. For instance if you search for Backup4all (a backup program), beside normal results from clean sites, you'll get either on page one or two (depending on the google server) a link from yaguo.com that is an executable file containing spyware (yes I've downloaded this specifially and monitored it, and it installs spyware). So if a normal user searches to install a clean program it's possible to accidentally end up installing some spyware. This is wrong and should be corrected.
4 comments:
Interesting. Searching for "Machine: Intel 386" yields lots of files. Haven't figured out valid AMD or ppc variations on that, though.
I'm pretty sure this is intentional, but I agree it may not be a great idea.
Great post, thank you
To my surprise I've seen that some websites started publishing articles about Google's binary search capabilities. First of all "Websense researchers used the Google API to find malicious executables in Google's index, and seems like they've found lots of "goodies":
Our results show that we were able to collect thousands of pieces of malicious binaries, mostly posted to newsgroups with false names that would normally trick a user, we found many on forum sites, as well as regular personal, educational, compromised, and underground sites. We also found several pieces of spyware on poker and casino sites. We found variants of the Bagel, and Mytob worms, various trojans, and many other malicious binaries.
Of course that this doesn't happen only in Google, if you do the same search on MSN or Yahoo you'll see that these also index .exe files. This might become the next feature in web filtering (parental control) programs, more exactly a filter for possibly dangerous files that show up in search engines (.exe, .dll, .reg ...).
Anyway, if you want to read other articles on this subject just choose one of the below links:
PC World
ArsTechnica
Websense
Thestandard.com
Arnnet.com.au
PCWorld.idg.com
Idgns.com
Infoworld.com
Computerworld.com.au
Cio.com
Blog.syscentral.deTweakers.net
Home.nl
Webwereld.nl
Internetstandard.pl
Networkworld.com
News.yahoo.com
Post a Comment