back to article Google malware watchdogs bite mom-and-pop shops

One morning last week, Alan Jay, director of Digital Spy, woke up to discover that Google was warning millions of web surfers that his UK-based entertainment news site was one "that may harm your computer." Those brave enough to click on the Google link anyway were invited to learn more about malware by visiting a page at …

COMMENTS

This topic is closed for new posts.
  1. Graham Marsden

    Objective...?

    > A Google spokeswoman says the company uses an objective set of criteria to label potentially harmful sites

    Criteria 1: Can they afford to take legal action against us...?

  2. Lexx Greatrex

    Another example of a non-story with a trumped up headline

    Good one Reg. Maybe you should consider running stories about cute animals stuck up trees as well? Oh the injustice!

  3. gollux

    If you're serving malware ads...

    Then I do not want to visit your website. Period. Got Lopped in the good old days, it probably has caused me to not really feel too sorry about people who complain about Adblock and any other method of blocking ads ever since. Served ads need to be filtered for quality, and if you as a website owner don't do this or cannot do this, then your website will be rightfully flagged as spreading harmful content. And it's not only small mom and pops that have been flagged for this. Life's not fair, it may be unfair you get flagged, it's doubly unfair that I visit your site and get my computer compromised.

  4. Angus

    @Lexx

    Ehh? Non Story? Just what about this do you consider not worthy of reporting?

  5. Daniel

    not trumped up at all

    1. there is no way that any commercial site publisher can filter *every* ad. Oh, they could of course limit themselves to using google ads ...

    2. Google do have a habit of penalising people in various ways, *without* giving any adequate explanation. I'm thinking about site operators who have losts over 10k visitors a day due to being black listed for some violation of *google rules* - no statement though about what the problem was.

  6. Dafydd Lawrence

    @gollux

    Ermm... not sure how you suggest you should "..filter for quality". Served ads are served from the ad company's servers. They are not read by the website owner and then displayed by the website owner's server.

    The story mentions that he was using a big name ad company and the story also mentions that very large sites have also had this problem.

    The onus is 100% on the ad serving company that takes the order for an advert. They should check the quality of that advert for possible problems.

    It should also be the ad network that gets blocked not the website. Therefore the space where the advert is should be saying this advert may contain malware so has been blocked, then the rest of the site will work fine.

  7. Steven Hewittt

    Google's bad

    It's nothing to do with Google. Bottom line is that they are just a search engine. It's up to businesses and end-users how to protect desktops from malware - not a bloody search engine.

    I can manage my AV, anti-malware, firewalls and IDS - my responsiblity. I don't need a search engine doing it for me thanks.

  8. umacf24

    Criterion 2

    Do they serve Google ads?

    More seriously, would Google ads actually protect against being listed.

  9. Anton Ivanov

    Google was right to stop this one

    Looking at the URL in the screengrab that is definitely badware and definitely likely to damage your brain. Dunno about your computer

  10. Anonymous Coward
    Anonymous Coward

    Which should be blocked?

    Which ad networks are used for this purpose? I want to put their IP address in my hostfile under 127.0.0.1 and get their domain address blocked in Zone Alarm.

  11. Andrew Heenan

    So Why Aren't They THANKING Google.

    Every example in your story WAS using malware; albeit in ads, hit counters (never trust them!) or other third party stuff.

    Since Google, each site has had the opportunity to clean up, and remove the cr*p.

    All have done so - suggesting that all agree with Google's findings (as would all sentient beings).

    So instead of whining about how hard done by they all are, why aren't they thanking Google?

    There is a case for arguing that Google should send a note to 'postmaster@***.com on each occasion ... but how many of them monitor that - or even display a working email address?

    Google's malware labeling is a major plus - and no responsible site would use such silly innuendo to undermine it. Real 'red top' stuff.

  12. Anonymous Coward
    Anonymous Coward

    @Lexx

    Good one Lexx. Maybe you should consider posting against the correct story. Or are you just nuts?

  13. Anonymous Coward
    Anonymous Coward

    Class action

    "Criteria 1: Can they afford to take legal action against us...?"

    If it is the USA then I'm bloody sure they can - lots of hungry scum (sorry I mean lawyers) over there willing to do all sorts of speculative lawsuits for peanuts.

  14. Ben Gibson

    Many people seem to be missing the point.

    Which is Google is using its vast share of the search engine market to blacklist small companies for very small offenses, whilst large companies can do exactly the same thing, only delivering literally millions of infected ads instead of a few and not be penalised.

    And for those who fail to see why this is a news worthy item you need to look at what this means, not just this single isolated case.

  15. Anthony

    Ads

    I object to all advertising whether it's bad for my computer or not. If only there was a piece of software out there that stripped the adverts out. Maybe Google will invent a widget.

    I appreciate the bigger picture here, in all seriousness, but Google has always differentiated between big and little fish. Take China for instance. The technology is there to block a site? Why not just block the originating adserver and tell the ad owners, they are the ones with the most revenue to lose and it wouldn't affect my surfing or the webmasters site. Google seems to be going after every other app it can compete with (or thinks it can) so why not embed adblock?

  16. Anonymous Coward
    Anonymous Coward

    Ad servers

    Yup, I agree that it would be somewhat smarter to block the Ad server that's pushing the crap rather than the poor site that's in the crossfire.

    The problem here is that this is Google which is an Ad serving company first and foremost. An ad company taking the opportunity to block another ad company's adverts? Now *there's* an anti-competitive practice lawsuit in the making.

    They're taking the easy way out rather than admitting that their business model doesn't have the impartiality required to offer this sort of service in a free and fair manner. Also, I suspect that they have a fundamental aversion to the concept of blocking the ads and allowing you to still see the site on which they would have been presented.

    TeeCee

  17. Anonymous Coward
    Anonymous Coward

    Here endeth the lesson ...

    ... that if you're serving up ads, you'd best make sure that they are your OWN ads, served by your own server and pre-validated before every amendment to ensure they contain only pure HTML, no flash, no javascript etc.

    By doing so, not only will you sidestep objections from google and the like, you will also be making your site a much less user-hostile place, one which people might actually stop and read rather than immediately pressing the BACK button to avoid the annoyances of the ads.

    And in any case, nobody in their right might actually allows their browser to reach well known adserver sites such as doubleclick.

  18. Anthony

    @TeeCee

    True, of all the things Google wishes to do and do better, becoming embroiled in anti-competitive lawsuits won't be on their list. However is it such a stretch to suggest that in order to be safe (from Googleblock) a user should a) host their own ads as suggested above or b) use only ads marked safe by Google.

    Personally I don't see why everyone and his dog *NEEEDS* to be ad supported. Everywhere. Every page. Several ads. But let's pretend it's a necessary evil and without it all the important net things will never happen like web 3.0 or 4G or 18+ servers. If we HAVE to have ads they should be cleared somewhere centrally OR you run the risk of the GoogleBanHammerWidgetforWindows (Mac version coming soon). The obvious solution would be for pre-approval by Google and using GoogleAds. Maybe all pages could have a standard GoogleLayout and use standard GoogleClickToPay methods to ensure revenue streams (less any GoogleFees) between advertiser and advertisee.

    Not that I'm advocating this, just it would seem an almost logical solution to the problem, especially when one of the site owners in the story says that he doesn't rely on his site for revenue. Why not take down ALL THE ADS then?

  19. Anonymous Coward
    Anonymous Coward

    60% of users using the Google Toolbar with warnings enabled?

    I find it hard to believe that his traffic could fall from ~1600 unique visitors to ~600 unique visitors on the basis of Google warnings, as that would suggest that 60% of his visitors are using the Google Toolbar.

    Is it really that ubiquitous?

  20. Craig Edwards

    google toolbar

    No, google's web search engine presents this malware warning when searching without the toolbar. You do not need the toolbar to come across this text.

  21. Alan Jay

    If Google want to play at being god...

    I think the point that many of you are missing is that where adverts are the issue that Goolge has the technology to help stop the adverts being served but instead of providing that information so that the adverts can be stoped they tell you the page that they were being served from.

    Now anyone who has a site that serves adverts will know this is less that useful. The minimum you need is (1) "where was the advert called from - the country - to deal with geo-targeting of advertsing systems" (2) the time it was called (3) the name of the malware being directed towards (4) the advertsing server / network the file is being loaded off and (5) if possible the name of the advert file that is the problem - at the moment usually a flash swf file.

    In fact the final bit of information will often be enough.

    I'm pretty certain that when they set their test suite on a site that it records this information and if that is the case they could stop the advert being delivered which is surely their goal.

    Hopefully Google's Policy team will realise that they can help the situation more by providing enough information to allow the advert to be stopped than the current policy which is to hide their head in the sand and blame the site that was unfortunate enough to have the advert served on there site.

    For those who say the sites should be more careful I would say that the example we say was subtle in the way it worked it didn't attack always and didn't appear to be harmful at all. Even more sophisticated all the celver code was held on a remote server which was interrogated in some hidden code to see if it should deply the badware. This is non trivial (if you don't know what you are looking for) and hard if you do.

    It has taught us to be much more circumspect but also highlighted the fact that there is an organisation out there that could really help fight this problem but they choose to sit on their hands while waving them shouting "its there" when in fact it is somewhere else.

    The additional problem is that as people see more of these "warnings" against sites they use regularly they will loose their effectiveness. A warning that really means something is worthwhile otherwise users will think that Google is "crying woolf" and start ignorning then and problem is that they also use this same warning for sites that have been compromised by hackers and which are dangereous to all visitors rather than being dangerous to 1 in 250,000.

  22. Morten Ranulf Clausen

    @Anthony: ad-killer

    May I suggest searching for the Proxomitron. It's ancient, it's clunky, and it works. 3 out of 3 ain't that bad... :-) Seriously, I hardly ever see ads any more. I'm a parasite. So sue me. Obnoxious ads constitute a crime against humanity and should be punished accordingly. Dixit.

  23. andy

    Lowe Alpine

    wonder why google thinks a site full of rucksacks is harbouring nasties?

This topic is closed for new posts.

Other stories you might like