Sophos Could Be Gmail Antivirus Service

    December 6, 2005
    WebProNews Staff

One curious researcher wanted to answer the Gmail antivirus question – who’s providing the service? – and compared Gmail virus detection results to those generated by several antivirus product vendors.

The blogger/security researcher at The Billy Goat Curse posted a report about Gmail’s antivirus service. That blogger thinks Google is using a solution from Sophos to scan and detect malware in messages in Gmail.

Using a service at, where malware files can be submitted to determine how a variety of antivirus solutions would detect them, the blogger found that Sophos detections exactly matched those accomplished by Gmail. Over 50 samples of malware were used in the testing.

The blogger also theorized Google is keeping Sophos’ name quiet because the antivirus service is still in beta testing. Google keeps a lot of services in beta, and the bigger picture with beta means not having to explain to one’s shareholders how a product or service will impact earnings as they would with a formally released product.

Some details of the testing were provided in the post:

The AV signature database between vendors is as unique as a fingerprint, so I decided to fingerprint the AV vendor! Using malware collected from my secret source of malware, and GHH honeypots, I started to compare Gmail with all of the AV vendors.

The chart below is one of my results, you can see that the Gmail results and Sophos results are exact (like DNA)…

David Utter is a staff writer for WebProNews covering technology and business. Email him here.