Google Blogoscoped

Saturday, January 31, 2009

Google: Every Site May Harm Your Computer

For a short while today, Google classified all results as harmful, several people reported. Basically no matter which URL you saw in the search results... they all had the text “This site may harm your computer” printed above the snippet. Clicking on the result in Google would yield the advisory page usually reserved for malware-infested websites only. The interstitial reads:

Warning – visiting this web site may harm your computer!

Suggestions:

• Return to the previous page and pick another result.
• Try another search to find what you’re looking for.

Or you can continue to [URL] at your own risk

According to Google, this bug lasted around 40 minutes for any particular user (within a time frame of 55 minutes) before it was fixed. Google by now blogged about it, saying:

What happened? Very simply, human error. Google flags search results with the message “This site may harm your computer” if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers. We work with a non-profit called StopBadware.org to get our list of URLs. StopBadware carefully researches each consumer complaint to decide fairly whether that URL belongs on the list. Since each case needs to be individually researched, this list is maintained by humans, not algorithms.

We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here’s the human error), the URL of ’/’ was mistakenly checked in as a value to the file and ’/’ expands to all URLs. Fortunately, our on-call site reliability team found the problem quickly and reverted the file. Since we push these updates in a staggered and rolling fashion, the errors began appearing between 6:27 a.m. and 6:40 a.m. and began disappearing between 7:10 and 7:25 a.m., so the duration of the problem for any particular user was approximately 40 minutes.

The StopBadware blog says that the glitch “led to a denial of service of our website, as millions of Google users attempted to visit our site for more information.” For the future, Google say they will put up “more robust file checks” to prevent such things in the future.

[Thanks Peter B., David Mulder, TV Smith, Emil S., Russell O., Eric J., Simon M., Peter A., Maarten van V., Scott S., Jitendra Jain, Philippe L., Alex Leonard, Go Madrid, Jon G., AnthonyP, Andrew C., Steve Johnson, Pokemo, Andrew M., John Stevens, TomHTML and Stephen Tordoff!]

Update: Apparently Google’s partner StopBadware wasn’t too happy that the glitch was sort of implied to have come from them, so in their blog post they added:

Google has posted an update on their official blog that erroneously states that Google gets its list of URLs from us. This is not accurate. Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google’s search listings. We are attempting to work with Google to clarify their statement.

The existing FAQ at StopBadware explains:

How and why is StopBadware.org involved in Google’s warnings?

Google independently checks the web for badware and badware-linking code, and places warnings in its own search results. StopBadware’s role is to help site owners who want to remove the warnings to learn about badware and website security. StopBadware also administers an independent review process through which a website owner can request the removal of a warning.

Although Google’s warning pages contain a link to the StopBadware.org site for more information, the decision to post a warning page is an independent decision made by Google, not by StopBadware, and does not reflect any testing or review by us in advance. Also note that URLs appearing in the Badware Website Clearinghouse are automatically posted as part of Google’s warning process without any review, research, or editing by us.

Google by now updated their blog post in response to this, moving the blame more towards them:

beforeafter
“We work with a non-profit called StopBadware.org to get our list of URLs. StopBadware carefully researches each consumer complaint to decide fairly whether that URL belongs on the list. Since each case needs to be individually researched, this list is maintained by humans, not algorithms. “We maintain a list of such sites through both manual and automated methods. We work with a non-profit called StopBadware.org to come up with criteria for maintaining this list, and to provide simple processes for webmasters to remove their site from the list.
We periodically receive updates to that list and received one such update to release on the site this morning.” We periodically update that list and released one such update to the site this morning.”

[Thanks Grega M.!]

Advertisement

 
Blog  |  Forum     more >> Archive | Feed | Google's blogs | About
Advertisement

 

This site unofficially covers Google™ and more with some rights reserved. Join our forum!