Google glitch causes confusion
Posted by Maxim Weinstein
This morning, an apparent glitch at Google caused nearly every [update 11:44 am] search listing to carry the "Warning! This site may harm your computer" message. Users who attempted to click through the results saw the "interstitial" warning page that mentions the possibility of badware and refers people to StopBadware.org for more information. This led to a denial of service of our website, as millions of Google users attempted to visit our site for more information. We are working now to bring the site back up. We are also awaiting word from Google about what happened to cause the false warnings.
[Update 12:31] Google has posted an update on their official blog that erroneously states that Google gets its list of URLs from us. This is not accurate. Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google’s search listings. We are attempting to work with Google to clarify their statement.
[Update 12:41] Google is working on an updated statement. Meanwhile, to clarify some false press reports, it does not appear to be the case that Google has taken down the warnings for legitimately bad sites. We have spot checked a couple known bad sites, and Google is still flagging those sites as bad. i.e., the problem appears to be corrected on their end.
For more information about how the process works and the relative role that Google and StopBadware.org play, please see our Clearinghouse page or this question in our FAQ.
How to disable this "feature" in Firefox? I didn't even know it existed.
I am told it is your web site and coding that went all crazy. Glitches happen, but what will destroy confidence in a company is keeping quiet. Google has yet to explain what happened.
Your headline is wrong. It is not just confusion, but damage to millions of websites that are now flagged as harmful. I will use Yahoo from now on, thank you very much.
kk, but millions will still use google
Google says it is unclear what caused the problem, which is now resolved, but that it will make a statement later.
"There was a fault. We don't know the nature of it yet. Everything has been solved. We are still making initial enquiries, " a Google spokesperson told BBC News.
I'm really excited to know what went wrong from a software engineering standpoint.
Please keep us posted on what Google says, or post a reference to any official statement they make online.
@Torrence: A false report indicated it was a result of a problem at StopBadware.org. This is not correct.
It appears that the false flags were removed fairly quickly and that Google's search results are working properly again.
It still written in «Google Webmaster Tools» that my site is ditributing malware. This message appeared 1 hour ago.
Should I request a review, or this notice will be removed automatically later?
Wow Torrence, were you really let down for the whole 30 minutes or so? I'm interested to know what happened as well, but it wasn't the end of the world for me. You have a good time with your Yahoo search.
Matt Cutts says Google will make an announcement on their blog soon...
Does StopBadWare notify websites that it makes malware accusations against? What recourse is provided when websites suffer harm as the result of false StopBadWare accusations?
Read the google blog, they have your answers.
@Sukhinov: If a Google search for site:yoursite.com still shows the warning, you should submit the review (through Webmaster Tools for fastest results) and also check your site carefully in case it really was compromised.
but why the Google News's site went down this afternoon,
and what's really happened?
@Mark: Google actually determines whether a site is bad and puts up the warnings with no involvement from StopBadware.org. We serve as a support mechanism for site owners to assist them in cleaning their sites and navigating the review process. We also offer an appeals-like review process of our own for users who are not having luck with Webmaster Tools.
I believe if someone is registered with Webmaster Tools, they will be notified when Google detects their site as bad. They might also attempt to send e-mail to webmaster@domainname, though I'm not sure about that.
We may offer a similar notification service across several data providers in the future.
Here is a short video and some sceenshots from the google bug.
here's Google's blog post about it: http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html
just good ol' human error. perhaps they will sanitize the blacklist for "/" and other entries moving forward.
I forgot to post the url:
http://blog.polymorph.at/?p=16
;)
From the Google Blog mentioned:
We work with a non-profit called StopBadware.org to get our list of URLs. StopBadware carefully researches each consumer complaint to decide fairly whether that URL belongs on the list. Since each case needs to be individually researched, this list is maintained by humans, not algorithms.
We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs.
When I search youtube on chrome I get 'www.youtube.com is suspected of being a phising site'.
My blog 3 days earlier got flagged by this bullshit system even though it hosts no malware and the IP listed that contains malware isn't on my server. Ditch the stupid system all together if you're going to ignorantly brand websites as guilty until proven innocent.
http://www.google.com/safebrowsing/diagnostic?site=http://blog.jimmyr.com/High_Quality_on_Youtube_11_2008.php&hl=en
For italian user:
Informazioni è aggiornamenti qui
http://mmblogfree.blogspot.com/2009/01/google-in-tilt.html
I am sorry. I just got scared is all. Since malware sites are removed from Google search, I was afraid all my work was going to be gone. I do apologize for being so freaked out. Please forgive me.
Peace and Love
Tory
It's fixed and Matt Cutts announced the explanation http://bit.ly/H8Vz
Got some people scared, especially my roommate. Check out Google trends now.
http://www.google.com/trends/hottrends?q=warning+visiting+this+web+site+may+harm+your+computer!&date=2009-1-31&sa=X
but why the Google News's site went down this afternoon,
and what's really happened?
This is not good. Now webmasters etc. have to explain this glitch to their users for many days to come.
Errors like this SHOULD NOT HAPPEN! As Google basically is THE search engine, a glitch like this has very, very serious impact all over the world.
Today I lost a little respect for the code people at Google/StopBadware...
Frankly, i =DO NOT WANT= google "protecting" me in this manner. If I click on a link, I EXPECT to go to the site that was referenced. If my computer starts to melt as a result of that action, so be it, MY BAD!
STOP INTERFERING WITH MY INTERNET!!!!!!!!!
AJ Ward, you can still visit the URL - or just use a different search engine. It only affects a tiny fraction of results (except earlier today...)
@Maxim Weinstein
Googe said it gets data from u which is then updated to their servers and there was an error in the checkin..this doesn't mean that u had given the wrong data.. Google never blamed you.. But you are reading the article in a wrong way..(or am i Wrong!!)
This is really horrible blame game, they blaming you and you throwing mud on them. The sufferers are we users. Anyway, it finally got a good end and that's what we all need. Don't bother who is responsible... :-)
Everyone clearly just wants to keep their job. This kind of thig is going to happen -- there's no perfect system. Somone may have lost a few bucks, but, I'm sure there's no legal liability (didn't you read that disclaimer?).
Bottom line: someone discovered an undesireable feature and hopefully it won't be expressed again.
The people who claim they don't want google protecting them are silly. Besides, google still gives you the URL, you just have to indicate you really wanna go there by copy pasting the URL to your address bar (which takes SECONDS).
Also, to the idiot who wanted to turn off the feature in Firefox: Firefox didn't glitch, and if you like getting viruses you can go to Tools -> Preferences -> Security and uncheck the "Block Reported Attack Sites". If you also would like to give your login information to PayPal@notreallypaypal.co.uk/hacks/haxx0r/login, you can also uncheck "Block Reported Web Forgeries".
@Samrat: It is incorrect that they get their data from us. They generate their own data.
@Pavan: We're not interested in pointing fingers, and I don't believe Google is, either. We're trying to ensure that anything stated publicly is factually accurate.
This incident was pretty bad in general, but especially within the adultbusiness.
As such a substantial part of adult sites are flagged and they should stay that way due to malware, but for those adultsites that adhere to a high degree of security and respecting numerous filters, it is not going to be easy to explain towards their users/customers what happened.
I have already received numerous questions by mail concerning webcamsfan.com which has an all time clean record with numerous safeguards.
My sites credibility has been damaged.
This is very bad. The person who did the error should be fired.
According to a statement issued this morning by Matt Cutts, "We [Google] work with a non-profit called StopBadware.org to get our list of URLs."
Mr. Cutts goes on to explain that, "We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs."
See http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html
StopBadWare has replied that, "Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google’s search listings."
Asserting that "no data that we generate is supposed to affect the warnings" is not the same as asserting that StopBadWare did not supply a list with the defective URL at issue.
If StopBadWare was responsible for the inclusion of the inclusion the URL of '/' it should admit it now. This incident deserves to be treated with honesty and transparency by StopBadWare. Potentially millions of Adsense publishers and and other online operations suffered financial damages as the result of be falsely identified with malware.
Here is a very simple question: Did StopBadWare send Google a defective URL list that led to problem?
Human errors are possible, but the damage done to many reputable websites is gigantic. I'm pretty shocked that this whole system of flagging doesn't include more verification steps when there is an update, it's obviousely flawed. Incidents like this one could seriousely damage or ruin businesses, I got 3 calls from scared customers.
So someone made an error, it happens and it is easy to explain to your customers with a link to the google blog. Stop crying, nobody died it was nothing but a minor inconvenience.
What is annoying though is google's blog post SUGGESTS that the error (the addition of the / URL) was by StopBadware and StopBadware SUGGEST that it was Google. Both companies made vague statements that hint it was the others fault but do not outright say so and neither have admitted it was their fault. This makes both StopBadware and Google look bad. Politicians often refuse to say "I made a mistake, sorry" and I'm not sure what psychology research this is based on but refusing to do so just makes the person who made the mistake look worse.
It would be good for PR if someone put their hands up and said "whoops. my bad."
As for changing search engines, yeah right. You might for a couple of days then you will be back on google.
It's amazing what results an automated update can have. Actually I'd have expected, G would test drive updates on basically everything. But then again, a test phase would probably take too long and give malware sites too much of a headstart... Well, glad it was over quickly.
Really impressive that Marissa Mayer herself gave such a clear and transparent explanation of what went on, what they did to fix it, and what the impact was. If not for that detailed explanation, I think the public response could have been much worse. A lesson for all large online service providers.
I hope they clear up their statements. Where do they get their data from it does seem to match yours?
@Mark: Let me clarify. The only URLs we ever submit to Google are ones that they have previously told us are bad and that we are sending back to them because we believe the site should be rescanned to see if the badware is gone. The last such list we sent was yesterday at 5 p.m., and it did not contain a '/' as one of the records.