or Connect
AppleInsider › Forums › Software › Mac Software › Google's VirusTotal adds desktop file analysis client for Apple's OS X
New Posts  All Forums:Forum Nav:

Google's VirusTotal adds desktop file analysis client for Apple's OS X

post #1 of 27
Thread Starter 
Google's online malware analysis tool VirusTotal, which acts as a "meta scanner" for suspicious files, on Monday announced the availability of a new desktop upload client for the Mac.




Using the new tool -- which has long been available for Microsoft's Windows platform -- Mac owners can more easily upload suspicious files for VirusTotal to analyze, which the company hopes will help beef up their database of OS X threats. VirusTotal works with more than 50 computer security vendors, allowing users to subject possible malware to a battery of tests without needing to install multiple desktop scanning applications.

According to the company, users can drag-and-drop individual files, entire folders, or even a complete binary application for analysis. Installing VirusTotal will also add a new entry to the "Open With" option in Finder to send a file for scanning from the context menu.

The Mac has become an increasingly popular target for malware authors, with some reportedly netting as much as $10,000 per day from their creations. While a number of third-party firms make antivirus software for OS X, Apple has also worked to add built-in protections.

Apple debuted a system known as XProtect -- which automatically quarantines files based on a frequently-updated list of malware downloaded from Apple's servers -- alongside Snow Leopard. The company then added Gatekeeper, which is designed to prevent users from "unknowingly downloading and installing malicious software" by helping ensure that only software from the Mac App Store or registered Apple developers can be run, in Mountain Lion.
post #2 of 27
I thought google WAS spyware
post #3 of 27

over my dead body

There is more stupidity than hydrogen in the universe, and it has a longer shelf life.

Frank Zappa

Reply

There is more stupidity than hydrogen in the universe, and it has a longer shelf life.

Frank Zappa

Reply
post #4 of 27
Quote:
Originally Posted by Hydrogen View Post

over my dead body

Why?
post #5 of 27

"Honest, Boss, I was just trying to see if the company office documents might contain a virus."

post #6 of 27
Quote:
Originally Posted by justp1ayin View Post

I thought google WAS spyware
They are!
post #7 of 27

Haha, that's like trying to cure AIDS with AIDS

 

No, thank, you.

post #8 of 27
"According to the company, users can drag-and-drop individual files, entire folders, or even a complete binary application for analysis. Installing VirusTotal will also add a new entry to the "Open With" option in Finder to send a file for scanning from the context menu.

The Mac has become an increasingly popular target for malware authors, with some reportedly netting as much as $10,000 per day from their creations. While a number of third-party firms make antivirus software for OS X, Apple has also worked to add built-in protections. "

If I didn't know any better, it sounds like AI is shilling for this product. I've been using Macs for 15 years and not ONCE have I had malware or needed something like this.
post #9 of 27
Quote:
Originally Posted by Slurpy View Post


If I didn't know any better, it sounds like AI is shilling for this product. I've been using Macs for 15 years and not ONCE have I had malware or needed something like this.

my first thought as well. Especially the way the 'article' is worded to sound like there is a huge threat out there. When in truth most Mac malware is actually Flash or Java based and solved within a few days.

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #10 of 27
My question relates to privacy. If you do anything with Google, then you give up document,nets, pictures, etc., think Gmail, Google , Search, Maps, ...... Remember you are the product they sell not the customer they service.
post #11 of 27

Wait what? Since when does Google own VirusTotal? 

 

On-topic, VirusTotal is actually really useful when you have a suspicious file you want investigated - for example, if you suspect your own antivirus is missing something or giving you a false positive. It's also good if you're a sysadmin / tech support person / similar: you can use VirusTotal to scan Windows executables from a Mac without an AV installed.

post #12 of 27
Quote:
Originally Posted by DarkLite View Post

Wait what? Since when does Google own VirusTotal? 
http://www.pcworld.com/article/262047/google_buys_browser_based_malware_scanner_virustotal.html
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #13 of 27

I started removing old Google software from my machine and my performance improved vastly (what the heck did Google need to install on my machine ANYWAY). Now they want to write more stuff for my Mac? No thanks! 

post #14 of 27

From their Terms and Conditions page (exact quote):

 

Quote:
 

When you upload or otherwise submit content, you give VirusTotal (and those we work with) a worldwide, royalty free, irrevocable and transferable licence to use, edit, host, store, reproduce, modify, create derivative works, communicate, publish, publicly perform, publicly display and distribute such content.

If you do not want the content provided by you to VirusTotal to be disclosed in the manner set out in these Terms or in the Privacy Policy, do not send it/share it with VirusTotal or the VirusTotal Community.

 

No, they don't own your content (you retain ownership rights except in cases of copyright infringement), but you're letting them and third parties use your content (in the broadest sense possible), including storing, reproducing, displaying and distributing it publicly.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #15 of 27
Quote:
Originally Posted by Suddenly Newton View Post
 

From their Terms and Conditions page (exact quote):

 

 

No, they don't own your content (you retain ownership rights except in cases of copyright infringement), but you're letting them and third parties use your content (in the broadest sense possible), including storing, reproducing, displaying and distributing it publicly.

Isn't that there so they can share uploaded files with antivirus vendors?

 

edit: yeah, it is:

Quote:
 When you submit a file to VirusTotal for scanning, we may store it and share it with the anti-malware and security industry (normally the companies that participate in VirusTotal receive files containing virus samples that their engines do not detect and are catalogued as malware by at least one other engine). The samples can be analysed by automatic tools and security analysts to detect malicious code and to improve antivirus engines. Participating anti-malware and security companies will adhere to VirusTotal's Best Practices when using the samples.
post #16 of 27
 
Originally Posted by Slurpy View Post

If I didn't know any better, it sounds like AI is shilling for this product. I've been using Macs for 15 years and not ONCE have I had malware or needed something like this.
Originally Posted by charlituna View Post

my first thought as well. Especially the way the 'article' is worded to sound like there is a huge threat out there. When in truth most Mac malware is actually Flash or Java based and solved within a few days.

 

Quote from VirusTotal:
VirusTotal, is offered freely to end users as long as its use has no commercial purpose and does not become part of any business activity. Even though the service works with engines belonging to different enterprises and organizations, VirusTotal does not distribute or advertise any products belonging to third parties, but simply acts as an aggregator of information. This prevents us from being subjected to any kind of bias and allows us to offer an objective service to our users.

 

I'm sure AI is making a ton of money from "shilling" this service. :rolleyes:

post #17 of 27
Quote:
Originally Posted by DarkLite View Post
 

Isn't that there so they can share uploaded files with antivirus vendors?

 

 

Antivirus vendors don't need an implicit license to create derivative works from, publish, or display your works publicly to do their job, but the Terms of Service specifically allows it.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #18 of 27
Quote:
Originally Posted by Suddenly Newton View Post
 

 

Antivirus vendors don't need an implicit license to create derivative works from, publish, or display your works publicly to do their job, but the Terms of Service specifically allows it.

Creating a virus detection from an uploaded file could be seen by a court as a 'derivative work' - the legal status of 'derivative work' as applied to software is somewhat unclear, and such a signature could easily contain unique (and potentially copyrighted) sections of the file in question. The distribution of said signatures to their consumers could also constitute publication (and possibly 'displaying' too). 

 

Also, apart from anything else, why would you upload private data to VirusTotal? It's a virus scanner - the only things you should be giving to them are files you think are malware. 

post #19 of 27
Quote:
Originally Posted by DarkLite View Post

Creating a virus detection from an uploaded file could be seen by a court as a 'derivative work' - the legal status of 'derivative work' as applied to software is somewhat unclear, and such a signature could easily contain unique (and potentially copyrighted) sections of the file in question. The distribution of said signatures to their consumers could also constitute publication (and possibly 'displaying' too). 

Also, apart from anything else, why would you upload private data to VirusTotal? It's a virus scanner - the only things you should be giving to them are files you think are malware. 
This is completely and totally the wrong interpretation of what Google is doing. Nobody is going to claim copyright on a virus. The whole point of a virus is to remain secret. The useful purpose of VirusTotal for Mac is to scan for Windows and Android viruses from a platform that can't be infected by either. We can throw in Office and Java to boot. However, this move is part of a Google effort to undermine user confidence in the security of OS X. We can conceive of a possible introduction of Chrome OS for Apple hardware somewhere down the line. The easily persuaded may be led to believe that a future Chrome OS is safer than OS X because it has VirusTotal built-in.
post #20 of 27
I learned my lesson long ago with regard to Google when I stored some pdfs in Gmail. The scanning was so brutal, it corrupted many of my pdfs rendering them unusable.

Thanks for the reminder of this, although I'd already decided that I wouldn't use it because I've not had a virus since Apple's System 7. I'd almost forgotten how intrusive Google can be and is.

No need for this as Clam AV takes care of my suspect Windows originating files.
post #21 of 27
Quote:
Originally Posted by DarkLite View Post

Creating a virus detection from an uploaded file could be seen by a court as a 'derivative work' - the legal status of 'derivative work' as applied to software is somewhat unclear, and such a signature could easily contain unique (and potentially copyrighted) sections of the file in question. The distribution of said signatures to their consumers could also constitute publication (and possibly 'displaying' too). 

The issue isn't whether your particularly odd and narrow interpretation of the term "derivative works" is correct; the issue is that it's isn't the only possible interpretation. The wording of the terms of service is too broad in this regard, and does not limit third parties to just accessing your files to perform antivirus services. In fact, there is no limitation spelled out whatsoever about what third parties can do with your files.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #22 of 27
Even if you don't use google you still run a risk of them finding and using your info. That's why I stay away from All SOCIAL MEDIA, like Facebook etc.
post #23 of 27
Originally Posted by anantksundaram View Post
Why?

 

Why would you check for something that will never be there by using the only instance of the thing for which you’re checking that will ever exist?

 

Originally Posted by monstrosity View Post
Haha, that's like trying to cure AIDS with AIDS

 

Well, you know what they say, “Fight pustules with pustules.” 

 

Wait…

post #24 of 27
Quote:
Originally Posted by monstrosity View Post
 

Haha, that's like trying to cure AIDS with AIDS

 

No, thank, you.

 

Luckily I had just put my coffee down before reading that.

 

Quote:
Originally Posted by Czarembo View Post

No need for this as Clam AV takes care of my suspect Windows originating files.

 

This, basically.

"We're Apple. We don't wear suits. We don't even own suits."
Reply
"We're Apple. We don't wear suits. We don't even own suits."
Reply
post #25 of 27

Quote:

Originally Posted by AppleInsider View Post

The Mac has become an increasingly popular target for malware authors

 

If you mean it's gone from 0.02 % of total malwares to 0.12% I suppose that's an increase.  On the other hand being a "target for" and being "affected by" are not the same thing.

 

 

Originally Posted by AppleInsider View Post

 with some reportedly netting as much as $10,000 per day from their creations. 

 

Whoa there.  ONE was estimated (by Symantic for cryin' out loud) to have done this.  Once.  In 2012.  For a limited time.  The quote makes it sound as if there are many more successfully making thousands daily, with "some" netting $10,000 daily, continually since the Flashback reports two years ago right through today.   Which, unless I missed some articles, has not been even speculated.  

 

I'm as cognizant of bad folks on the net as anyone and have no doubt people have been malwared out of plenty of money on OSX, but those two statements are awfully shoddy writing.

post #26 of 27

I don't think AI is shilling this because I saw a lot of Mac sites carrying this story on the Mac# app.

 

The moment I saw Google, I decided mentally not to download this app.

 

What can I say? AI has made me shit-scared of Google. I keep hearing Geena Davis' voice saying 'Be afraid. Be very afraid.'

post #27 of 27
Quote:
Originally Posted by Hydrogen View Post
 

over my dead body

 

It is from Google;

it looks like crap;

it uploads your stuff so that they can look into it.

 

What's NOT to dislike? 

 

Irrelevant news; move along, citizens.

iMac Intel 27" Core i7 3.4, 16GB RAM, 120GB SSD + 1TB HD + 4TB RAID 1+0, Nuforce Icon HDP, OS X 10.9.1; iPad Air 64GB; iPhone 5 32GB; iPod Classic; iPod Nano 4G; Apple TV 2.
Reply
iMac Intel 27" Core i7 3.4, 16GB RAM, 120GB SSD + 1TB HD + 4TB RAID 1+0, Nuforce Icon HDP, OS X 10.9.1; iPad Air 64GB; iPhone 5 32GB; iPod Classic; iPod Nano 4G; Apple TV 2.
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac Software
AppleInsider › Forums › Software › Mac Software › Google's VirusTotal adds desktop file analysis client for Apple's OS X