Earlier this morning, you may have been surprised to see that every Google search you performed resulted in links to sites which were, according to Google, potentially harmful to your computer. As it turns out, Google’s malware detection system got a little trigger-happy – due to a human error.
Google’s malware detector works via a partnership with the non-profit organisation StopBadware.org, who aid Google by supplying them with a list of sites known to install malware. Google updates these lists regularly, but sadly, the URL “/” got accidentally added to the list- effectively blacklisting every site on the internet (except YouTube, actually).
Unfortunately (and here’s the human error), the URL of ‘/’ was mistakenly checked in as a value to the file and ‘/’ expands to all URLs. Fortunately, our on-call site reliability team found the problem quickly and reverted the file. Since we push these updates in a staggered and rolling fashion, the errors began appearing between 6:27 a.m. and 6:40 a.m. and began disappearing between 7:10 and 7:25 a.m., [all time sin PST] so the duration of the problem for any particular user was approximately 40 minutes.”
The error was quickly fixed by Google, and the company has promised to review their policies regarding the malware detector blacklists, and assures us it won’t happen again.
And I was wondering why Disney.com would want to install malware in my computer.
You’d think with all that computing power, ub3r 3li3t3 engineers and QA testing that Google wouldn’t get it this bad.
“Google Labels Entire Internet As Dangerous”
Here I thought Google was just catching up on what the rest of us knew already.
The fun thing is, they also labeled their own site as dangerous.
http://petrie.dereferenced.org/~nenolod/googlefailsit.png
My thoughts exactly. But it was weird though, like being in a bad trip.
Not that I’ve ever been in one I don’t use those substances but if I had one, it’d probably look like that
Yep, I was researching for a paper, trying to get to some academic journals, and every one of them was dangerous. I know the LHC is supposed to create a black hole that will destroy us all, but a physics journal on the web won’t hurt.
It could hurt your mental stability. “This paper just blew my mind!”
This is why I disabled that functionality a long time ago in my Firefox. I’m tired of applications taking up time and resources just to force me to play ‘Mother-may-I…?’ with my own computer. Just disable this “feature” in Firefox along with the so called phishing checker and see how much faster your browser opens and pages load…
This is a joke–security is a process every user needs to learn, not an external entity they can depend on to do the work for them. Every time people try to abstract security the process into security the application feature we only end up with wasted cycles and slower machines as layer after layer of software is ineffectually applied over a broken system when something else shows up.
Look at our recent history!
Virus –> Antivirus –> Spyware –> Antispyware –> etc…
Get off the treadmill people! I did and run Linux on most of my machines now, with each new machine planned for Linux compatibility. If its advertised as compatible and doesn’t work I return it and demand my money back. Thankfully this hasn’t happened all that often lately…
–bornagainpenguin
At the risk of going off topic here, I agree with the first part of your message. Security is 99% common sense. That being said, the act of using Linux doesn’t make you secure. For the moment it seems that way, as there hasn’t been any serious threat in the wild. Do you think it would stay that way if everyone suddenly dropped Windows and switched to a Linux-based os? If it was suddenly a big enough target, or to put it more precisely, _the_ target to attack?
“At the risk of going off topic here, I agree with the first part of your message. Security is 99% common sense. That being said, the act of using Linux doesn’t make you secure. For the moment it seems that way, as there hasn’t been any serious threat in the wild. Do you think it would stay that way if everyone suddenly dropped Windows and switched to a Linux-based os? If it was suddenly a big enough target, or to put it more precisely, _the_ target to attack?”
For the most part I agree with you. However, it isn’t because Linux isn’t targeted. Look at the server side, plenty of Linux targets there. It’s the home users that are responsible. I do believe malware would rise if everyone switched to Linux, but not because it would become a target. Merely because you would have more people downloading stuff and running it without regard to where it came from.
No, people aren’t stupid, they just aren’t educated. MS is trying, with UAC, but I think it’ll take a lot more than that. Your average Linux user is just better educated. I think if people started moving to Linux in droves we wouldn’t see the same scale of this problem. The RTFM attitude is diminishing every day, and people would have more than adequate help and education. I could be wrong, but those are my thoughts. As to the actual topic.
I thought maybe someone hacked the entire internet and inserted malware into every site on the internet! Then I came down off my high and realized someone probably just screwed up.
Linux servers get attacked too. A lot of the attacks are brute-force (password dictionary) or application-level (taking over someone’s php message board), but they do happen in practice.
I think the design would make it quite a bit safer than windows, but you are right, to make an OS truly secure, users/computer operators need to be educated and informed.
Yeah, today it also reported video.google.com, one of their own services as malicious. Wonder why it didn’t work recursivly, blocking google search itself also..?
Someone typed ‘google’ into Google today