Google mistakes entire web for malware A human error at Google caused its main search engine to briefly identify every site on the web as a potentially malicious destination that represented a threat to end users, the company said. Starting early Saturday morning California time, the world's largest search engine flagged each search result with the warning: "This …
This post has been deleted by its author
The power of "may".
Not "will" or "does" or "won't" or "cannot" - there's no such thing as certainty, especially where lawyers are concerned (as they wouldn't make any money then). So everything contains an element of doubt: "might", "may", "could".
So the statement that Google puts out; "This site may harm your computer" cannot be denied. Yes it's unhelpful, tells nothing about the degree of risk and merely increased the levels of doubt and paranoia, but wrong? No.
Personally, I'd like to see this sort of disclaimer on everything. Something along the lines of: "this product is not guaranteed safe under every circumstance", or maybe better: "you might die after handling this item". if it reduces the worth of all the (already worthless) warnings, caveats and disclaimers we see every day, then people might, just have to start thinking for themselves and apply what little common-sense they have to assessing the degree of risk, and whether it justifies the potential gain.
Caveat emptor!
It didn't affect IE. Well not for me and anyone else I've seen who posted on various forums. I have Opera, Firefox and Safari and it affected all of them but at the very same time not IE. Strange...
It's long since fixed now though. Perhaps someone forgot to do some testing at Google?
Unlike them.
I thought it was a prelude to the end of the world, perhaps a giant hack from China...but then I do have a propensity for melodrama.
Warning: This site may harm your computer.
...did anyone else get one of those warnings along the lines that the Googeloïd Search Engine *might* have consented to give you one more result for your query (which was concerning a problem with a SATA drive, in case you were wondering) but *as* that page was listed in a the IWF blocking list, Googeloïd sadly *cannot* show the corresponding link in its search results (even though I am not even using Google from the UK). It then proceeds to give you a link to a vanilla protest page at chillingeffects.org.
If anyone clicked on the "Safe Browsing" diagnostic page, they would have seen a 502 server error, suggesting that every site is classified as unsafe by default and the diagnostic tool overrides that.
So it's not that everything was flagged as potentially dangerous, it was that everything was not marked as 'known to be safe'.
I did a search for "Microsoft" and take a screenshot, seemed most appropriate to me... *gets coat*
I got growled at for saying "That's bollocks!" in earshot of a small child when searching for Wordpress themes earlier and getting everything listed as malware. Even G makes mistakes. The Big G is, of course, Jesus Christ himself, Ian Gillan. Until Google sings Child In Time like Ian Gillan then it will remain just G.
Well, such is the devastating power of the wildcard...
Google has provided an official explanation...
http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html
It seems that their update file of malware-suspected sites contained a wildcard typo, a "/" that effectively meant "everything"! Human error, easily overlooked, I guess....
It was actually fixed while I was in the middle of typing my "Hey guys, your malware checker is borked" email to Google HQ.
I mean, I know that the Googloids are hellbent on taking over the entire world for their own nefarious purposes, but I didn't know that they had already developed mind-reading to that degree. It was a bit spooky from where I was sitting I can tell you!
Funnily enough, the following message was going to be the one to El Reg saying that Google was knackered. Oh well, late to the party as usual I suppose...
Google didn't mistake the whole web for malware - its adverts ^w sponsored links at the top of the search results were OK apparently. I didn't get a screenshot though.
Click a sponsored link - that's OK, anything else is bad - a way to boost revenue or keep the advertisers happy?
'...or maybe better: "you might die after handling this item"...'
Technically, you could put 'you will die after handling this item'. If you handle it, you've survived long enough to handle it - and make no mistake, you WILL die at some point thereafter. So you'll definitely die after handling any item you handle.
/pedant
It wasn't working in IE, i did take a screenshot of google saying that google wasn't safe for your computer. It will cause my joy for time to come. I also sent the an email to El Reg, this was about 10-15 minutes after it had started (i had to find the email address and take the screenshots)
I did notice that there was sometimes a server error, and once it said i was unauthorized to access that page. The really odd part was that under certain search conditions the sites showed up as fine, i believe it was with quotes but am not sure.
The most annoying part was not that it was indicating that all sites were harmful, it was that to get to the sites from google you would have to copy and paste. that and didn't have link for cached pages (why would they cache a potentially harmful website.)
Grabbing my coat, its the one in the back as I was here first, nothing more to see.
"make no mistake, you WILL die at some point thereafter"
Not necessarily: I intend to live forever, or die trying.
@Mark Dowling
Copy and paste? Why? I went to the error page and simply removed the google part of the URL - no copying or pasting, just a simple select + delete
(and change the urlencoded parameters back, but then I can't imagine many people knowing how to decode the %xx codes).
My first thought when I realised what was going on was to email the reg, but I googled the contact details and couldn't get through :)
I for one am glad this has happened, the panic and chaos us on-call admins received during this 'outage' was funny to say the least, it's almost as if most peoples IT systems 'extend' off Google! How many times can you say 'its Google's problem, wait 30 minutes and try again.'
Well done Google for fixing it and blaming it on a very realistic issue.
Love it ! Google, one of the biggest internet companies in the world.
,,,,and they don't test their changes off line on a parrallel system? (Perhaps they don't have the budget to do this)
Surely there is something seriously wrong here wrt change control, management, redundancy, techical ability etc.
,,,or are they so big and so complacent they test live by using us lot as the guinea pigs and just roll out the changes.
A couple of useful lessons here are that even the largest company makes mistakes and can be complacent or over confident. Roll on SAAS and the cloud - we're all doomed I tel you ! (Well not really, but all we're doing is placing our eggs in someone elses basket)
<Q>Google didn't mistake the whole web for malware - its adverts ^w sponsored links at the top of the search results were OK apparently. I didn't get a screenshot though.</Q>
So, if google had marked "all links unsafe" in this temporary (comedic) bug/feature. Then why were the adverts not also included?
Does this imply that the malware checks are not done on the adverts? If you pay Google enough, does this mean it will turn a blind eye to your Malware product? From previous El'Reg articles about "Free" Adobe Acrobat... I guess this is the case.
that this happened on a weekend! I can't imagine explaining to our users that no, this isn't our fault and that no, I nor anyone else at tech support, can fix it. Particularly since the warning page bears a striking resemblance to some of the internal blocks' messages, and could easily be mistaken for one at a quick glance. OK, I can imagine it. It's not very nice.
@Thomas Baker: It affected all browsers. It affected IE7 for me. Besides, it was a server side thing, so I doubt the browser would make much difference. And for everyone here whining about not getting 'credit', stop being such a pathetic attention whore. I noticed the issue, like a lot of the world, but I just ignored it and got on with my day and waiting for Google to sort it out. I didn't send it into a load of IT sites then came back looking to see if someone had mentioned my name. Do you REALLY think you're the only ones who noticed this issue and the only ones who sent in a tip. Get over yourselves.
..that the Vietnamese bloke who owns my local pub had exceeded his usual obsessive secrecy mode.
(i.e., when accessing some pages on, for example the Telegraph.co.uk, I get "Page blocked by your System Administrator")
I was using Firefox, and switched to IE, and it worked. Like the poster above, I thought FF was borked. Took me awhile to realise the search engine on IE was Yahoo.
So I guess the poor sod at Google is about as bright as I am (Hint: think Toc H lamp. Google for it, if it'll let you.)
The occurrence of phrases such as "internet down", "traffic down 93%" - the stock reaction seems to have been "google went down and we couldn't access the internet".
Google != the internet. They're a search engine - and that's all. It's testimony to the prominence of Google in people's thinking, that to lose Google is to lose the net.
Personally I use ask, not google - I don't like google - they can't be trusted. To have untrustworthy people appoint themselves as gatekeepers to human knowledge is foolish. That we stand around mutely while it happens, aware of their inherent untrustworthiness, says a lot about the people we have become.
To the people who thought that because Google went down they couldn't access the internet, please return your computers to the shop you bought them from and tell them you're too stupid to own one.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
