December 14, 2004 2:05 PM PST
Desktop search new target for viruses?
Foad Fadaghi, senior industry analyst at Frost & Sullivan Australia, said that most viruses are designed to harvest e-mail addresses and other personal information from an infected system. He warned that because desktop search tools such as those recently announced by Google, Microsoft and Yahoo can index and categorize that information, virus writers are likely to start exploiting the technology.
"Desktop search products are very efficient at harvesting data, so it wouldn't be surprising if exploits are sought by malicious coders. Any software that can index and capture data on a user's PC will be subject to virus and Trojan exploits. It is just a matter of time," Fadaghi said.
Neil Campbell, the national security manager of IT services company Dimension Data, said that any change in the desktop environment can create new security vulnerabilities, so when companies decide to adopt a new product they should look beyond the user benefits.
"It sounds like great technology, but don't deploy it without considering the security implications. With any new product area there is a need to consider security," Campbell said.
According to Campbell, virus writers are unlikely to start targeting the new tools immediately--but only because they are not common.
"It is not going to be in the virus writers' best interest to target them immediately. I would expect the spread of a virus to be inhibited because of the low take-up rate--at least to start with," Campbell said.
Viruses have already used Internet search engines to harvest e-mail addresses. In July, a MyDoom variant pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines--including Lycos and AltaVista--off the Web completely.