Early April Fool's? Options

[Randy]

Well it's not April yet, so I guess Google must be having a bad morning. Surely they haven't been hacked have they?

I'm getting Google's malware warning for practically every site in every search I conduct this morning. I get the same warning behavior in every browser I have installed. No matter whether I'm using my normal IP as assigned by my ISP or if I go through a proxy.

It makes Google completely unusable since they ship you off to their warning page with no way to proceed to the real site. And their safebrowser diagnostic tool only produces a server error. Could it be that easy to mess with Google? Take their safebrowsing thingee offline and screw with every search?

If it's a hack, I've gotta admit it's a pretty funny one!

(IMG:style_emoticons/default/lol.gif)

Attached thumbnail(s)

 

[Jill]

Yeah, that's all the news on twitter. I wonder if it was a hack?

@robwatts said it was prolly to get people to click on the ads instead, since it is a recession and all!

[Randy]

(IMG:style_emoticons/default/hysterical.gif)

I doubt they'd intentionally ruin their business just to push ads.

Whatever it was it looks like it's fixed now. Or at least I'm not seeing it anymore in my searches. And I note the safebrowsing tool is back up and working again too.

Surely Search isn't that dependent upon safebrowsing being reachable is it? If that's what threw things for a loop I would encourage them to make sure to separate the two or build a failsafe into the code.

[harpsound]

However, the message popped up even for well-known, trusted sites because of an error in a list of web addresses compiled by a non-profit group that works with Google to protect users against visiting sites that could harm their computers, she said.

Link What did happen at Google

Google is using non-profits as part of their algorithm??

[Randy]

Not as part of the ranking algorithm harpsound. What they're referring to there are the folks at stopbadware.org, which is a non-profit and makes its data available to several partners, including Google. I think pretty much anybody can download and make use of their data clearing house.

Interesting that Google is laying the blame clearly on their doorstep. One would think Google would have had a failsafe in place to stop what sounds like nothing more than malformed data from screwing the pooch as it were. After all, they are a for profit business who relies on a lot of good will from the public.

FTR, Marissa Mayer's full statement is here for your reading pleasure. Funny how a little / can cause so much headache, hunh? (IMG:style_emoticons/default/lol.gif)

[madams]

Millions of Iinternet users hit by major technical fault at Google

News item here...

[Randy]

The interesting part to me were all of the corrections flying back and forth to explain the relationship.

First Google said they get the bad url from SBW. Then SBW corrects them in their own press release and Google updates their post. Now they both agree that StopBadware.org doesn't actually provide the list of potentially malicious URLs. Google does that. Then the SBW folks are basically just an appeals process for webmasters, who send Google urls to reconsider after they've already been flagged and someone has complained.

Interesting little drama played out in real time!

[Jill]

Heh...so they lied and tried to blame the other company? (IMG:style_emoticons/default/nono.gif)

[Randy]

I think it was probably being posted by someone who didn't understand how that malware warning system worked Jill. Another honest human mistake. I didn't realize that the bad urls didn't come from SBW either, but then I shouldn't be expected to know since I don't have anything to do with the system, nor do I actively use it. (IMG:style_emoticons/default/wink1.gif)

The rumor early on, and I didn't see the original Blogspot post myself until after Marissa had already corrected it, was that Matt Cutts was the original poster. Which sort of makes sense on two fronts. First, that if he was available immediately and Marissa wasn't, I'd probably choose him to make the post too. He is one of the public faces of Google to the webmaster community after all. It also makes sense in that his being the fearless leader of the Spam team doesn't mean he'd have any personal, intimate knowledge of how the malware stuff works. That's going to likely be somewhat outside the scope of what his normal job duties cover.

No clue if this rumor is true or not. I did see Matt's name mentioned several places in the ongoing comments right after it was discovered, and it does make some sense on a couple of fronts.

Either way, some people got waaaaaaaaaaay too bent out of shape over it. I can see novice users not getting it that something was wrong with Google and perhaps thinking their PC was infected, even though one has nothing to do with the other. Google doesn't scan users computers after all. But the reaction of some webmasters, who shouldn't be quite as inexperienced as novice users was simply over the top.

In my mind this overreaction points to the fact yet again that far too many people with e-commerce sites rely way too much on Google for their income. These people obviously still don't understand that they need to have multiple traffic and income channels. Personally, I couldn't tell there was any adverse effect at all on any of my sites. Traffic numbers overall and from Google specifically were right in line with the norm.

In fact, most of my sites had a larger than normal sales day as compared to recent Saturday's, or even as compared to historical data. I'm not going to "blame" Google for the uptick in sales any more than I'd blame them for a downturn in sales. The whole thing lasted less than an hour after all.

[Randy]

The funniest vicious rumor I've heard:

Google did this on purpose, and picked a Saturday morning (US Time) on purpose so it wouldn't really hurt their busness. They did it because they wanted to see just how important they are in the grand scheme, which one would think they could only gauge by going offline. They didn't want to go offline, but they wanted a reaction they could gauge. They got it.

And the funniest statement I've heard:

Isn't it incredible how one tiny misplaced byte of information can make such a large and successful company look really, really stupid?

(IMG:style_emoticons/default/giggle.gif)

[1dmf]

Well I seem to recall you all ridiculed me when I said there was a major .co.uk JavaScript problem.

Do you beleive me now? (IMG:style_emoticons/default/mf_tongue.gif)

[Randy]

Completely different thing there 1dmf. Which if I recall correctly was corrected when you did something with your own browser.

Though you'll never hear me say Almighty Google hasn't made and won't continue to make mistakes. All one need do is attempt to validate their pages to see they do. Not to mention my pet peeve, where they force a redirect to so many https pages, but images being served by these pages are coming from a non-secure location. Thus throwing a browser warning.

[Nueromancer]

Heh...so they lied and tried to blame the other company? (IMG:style_emoticons/default/nono.gif)

I think what happened was the some one didnt quite undersand the ful ins and outs of how teh badware scanner works and made some aspumptions having said that some of the self apointed anti spammers have made similar mistakes in the past ie marked an entire /16 as spammers.

shows that hireing loads of stanford grads with 4.0 GPA's dosent make up for having some olds with some serious experiance on big systems :-) alowing the sytem to have a / as a valid as insane. Nor was having any system to check the results of roling out a new block list.

[1dmf]

Which if I recall correctly was corrected when you did something with your own browser.

It's not my browser, I just use it (IMG:style_emoticons/default/wink1.gif)

Lol yeah those 'do you want to display secure & non-secure errors' are a joke!