Google Blogoscoped

Friday, November 3, 2006

Slow Google Malware Alert Removal?

Sven from the adult animation studio Rum Runners emailed in this – I can’t verify anything but Sven’s full name (withheld upon request) and the malware interstitial he mentions:

Recently one of our computers was hit by a malware virus (a trojan that tracks FTP log-in info, hacks your website and then sets up your site to transfer the malware to your patrons). Nasty nasty nasty malware. Well after a week of fighting this with the help of our hosting company, we finally managed to stop the attack from ever rearing it’s ugly head again...

But Google had cached the page and put the malware interstitial up. [NSFW: You can see it searching for brickhouse betty, and clicking on the first result, The result was also second searching for cartoon sex, but I can’t see it anymore for this query.] We called. We emailed. Again. And again. And again. We got no help. I called and demanded that this be addressed as not only was Google crushing our traffic by not taking down the incorrect interstitial warning, but they were also spreading the malware by not clearing out their cache of our site. Eventually I had to code the page to not allow archiving in order to get rid of this cache link. It took a whole month for the link to come down from when we told them what was going on and it was our changes that actually caused the link to eventually be removed. Google just didn’t care. At this point it’s already been about 6 weeks. Our traffic has plummeted. Google has not taken down the warning, nor do they have a way to request the site be re-evaluated for malware. The system has value, but the problems far outweigh this value.

While Google wasn’t able to comment on this specific (classic “who watches the watchmen?”) case, they did tell me this:

Our guidelines are that it’s safer to err on the side of caution with malware. Reincluding a site when we are not entirely confident the site is clean could hurt our users. Also, it takes quite a long time to do a malware reinclusion because checking a site for malware tends to be fairly difficult.

Hmm. When Sven speaks of problems outweighing the value of malware warnings, I think he’s speaking strictly from a Rum Runner webmaster perspective – because users won’t really perceive this as a big problem (they can move on to elsewhere). And it’s not Google’s fault the Rum Runner server was infected at one time. Still, it might be good for Google to offer a more streamlined “reinclusion” process.


Blog  |  Forum     more >> Archive | Feed | Google's blogs | About


This site unofficially covers Google™ and more with some rights reserved. Join our forum!