Oh come on, I sent the newsdesk this like 30 mins ago, no props for me ? :p
A human error at Google caused its main search engine to briefly identify every site on the web as a potentially malicious destination that represented a threat to end users, the company said. Starting early Saturday morning California time, the world's largest search engine flagged each search result with the warning: "This …
While i admit it's not my most attractive trait...
I'd love to know how the internet was affected in those few minutes. Was there a sudden drop in site visits? did Amazon, mybook, facespace, BoBe and the like go silent?
It would probably be quite a significant drop in visits as even i, tech savvy as i am, google more often than i type the TLDs.
The power of "may".
Not "will" or "does" or "won't" or "cannot" - there's no such thing as certainty, especially where lawyers are concerned (as they wouldn't make any money then). So everything contains an element of doubt: "might", "may", "could".
So the statement that Google puts out; "This site may harm your computer" cannot be denied. Yes it's unhelpful, tells nothing about the degree of risk and merely increased the levels of doubt and paranoia, but wrong? No.
Personally, I'd like to see this sort of disclaimer on everything. Something along the lines of: "this product is not guaranteed safe under every circumstance", or maybe better: "you might die after handling this item". if it reduces the worth of all the (already worthless) warnings, caveats and disclaimers we see every day, then people might, just have to start thinking for themselves and apply what little common-sense they have to assessing the degree of risk, and whether it justifies the potential gain.
It didn't affect IE. Well not for me and anyone else I've seen who posted on various forums. I have Opera, Firefox and Safari and it affected all of them but at the very same time not IE. Strange...
It's long since fixed now though. Perhaps someone forgot to do some testing at Google?
I thought it was a prelude to the end of the world, perhaps a giant hack from China...but then I do have a propensity for melodrama.
Warning: This site may harm your computer.
...did anyone else get one of those warnings along the lines that the Googeloïd Search Engine *might* have consented to give you one more result for your query (which was concerning a problem with a SATA drive, in case you were wondering) but *as* that page was listed in a the IWF blocking list, Googeloïd sadly *cannot* show the corresponding link in its search results (even though I am not even using Google from the UK). It then proceeds to give you a link to a vanilla protest page at chillingeffects.org.
If anyone clicked on the "Safe Browsing" diagnostic page, they would have seen a 502 server error, suggesting that every site is classified as unsafe by default and the diagnostic tool overrides that.
So it's not that everything was flagged as potentially dangerous, it was that everything was not marked as 'known to be safe'.
I did a search for "Microsoft" and take a screenshot, seemed most appropriate to me... *gets coat*
I got growled at for saying "That's bollocks!" in earshot of a small child when searching for Wordpress themes earlier and getting everything listed as malware. Even G makes mistakes. The Big G is, of course, Jesus Christ himself, Ian Gillan. Until Google sings Child In Time like Ian Gillan then it will remain just G.
Well, such is the devastating power of the wildcard...
Google has provided an official explanation...
It seems that their update file of malware-suspected sites contained a wildcard typo, a "/" that effectively meant "everything"! Human error, easily overlooked, I guess....
It was actually fixed while I was in the middle of typing my "Hey guys, your malware checker is borked" email to Google HQ.
I mean, I know that the Googloids are hellbent on taking over the entire world for their own nefarious purposes, but I didn't know that they had already developed mind-reading to that degree. It was a bit spooky from where I was sitting I can tell you!
Funnily enough, the following message was going to be the one to El Reg saying that Google was knackered. Oh well, late to the party as usual I suppose...
Google didn't mistake the whole web for malware - its adverts ^w sponsored links at the top of the search results were OK apparently. I didn't get a screenshot though.
Click a sponsored link - that's OK, anything else is bad - a way to boost revenue or keep the advertisers happy?
'...or maybe better: "you might die after handling this item"...'
Technically, you could put 'you will die after handling this item'. If you handle it, you've survived long enough to handle it - and make no mistake, you WILL die at some point thereafter. So you'll definitely die after handling any item you handle.
It wasn't working in IE, i did take a screenshot of google saying that google wasn't safe for your computer. It will cause my joy for time to come. I also sent the an email to El Reg, this was about 10-15 minutes after it had started (i had to find the email address and take the screenshots)
I did notice that there was sometimes a server error, and once it said i was unauthorized to access that page. The really odd part was that under certain search conditions the sites showed up as fine, i believe it was with quotes but am not sure.
The most annoying part was not that it was indicating that all sites were harmful, it was that to get to the sites from google you would have to copy and paste. that and didn't have link for cached pages (why would they cache a potentially harmful website.)
Grabbing my coat, its the one in the back as I was here first, nothing more to see.
"make no mistake, you WILL die at some point thereafter"
Not necessarily: I intend to live forever, or die trying.
Copy and paste? Why? I went to the error page and simply removed the google part of the URL - no copying or pasting, just a simple select + delete
(and change the urlencoded parameters back, but then I can't imagine many people knowing how to decode the %xx codes).
My first thought when I realised what was going on was to email the reg, but I googled the contact details and couldn't get through :)
I for one am glad this has happened, the panic and chaos us on-call admins received during this 'outage' was funny to say the least, it's almost as if most peoples IT systems 'extend' off Google! How many times can you say 'its Google's problem, wait 30 minutes and try again.'
Well done Google for fixing it and blaming it on a very realistic issue.
Love it ! Google, one of the biggest internet companies in the world.
,,,,and they don't test their changes off line on a parrallel system? (Perhaps they don't have the budget to do this)
Surely there is something seriously wrong here wrt change control, management, redundancy, techical ability etc.
,,,or are they so big and so complacent they test live by using us lot as the guinea pigs and just roll out the changes.
A couple of useful lessons here are that even the largest company makes mistakes and can be complacent or over confident. Roll on SAAS and the cloud - we're all doomed I tel you ! (Well not really, but all we're doing is placing our eggs in someone elses basket)
<Q>Google didn't mistake the whole web for malware - its adverts ^w sponsored links at the top of the search results were OK apparently. I didn't get a screenshot though.</Q>
So, if google had marked "all links unsafe" in this temporary (comedic) bug/feature. Then why were the adverts not also included?
Does this imply that the malware checks are not done on the adverts? If you pay Google enough, does this mean it will turn a blind eye to your Malware product? From previous El'Reg articles about "Free" Adobe Acrobat... I guess this is the case.
that this happened on a weekend! I can't imagine explaining to our users that no, this isn't our fault and that no, I nor anyone else at tech support, can fix it. Particularly since the warning page bears a striking resemblance to some of the internal blocks' messages, and could easily be mistaken for one at a quick glance. OK, I can imagine it. It's not very nice.
@Thomas Baker: It affected all browsers. It affected IE7 for me. Besides, it was a server side thing, so I doubt the browser would make much difference. And for everyone here whining about not getting 'credit', stop being such a pathetic attention whore. I noticed the issue, like a lot of the world, but I just ignored it and got on with my day and waiting for Google to sort it out. I didn't send it into a load of IT sites then came back looking to see if someone had mentioned my name. Do you REALLY think you're the only ones who noticed this issue and the only ones who sent in a tip. Get over yourselves.
..that the Vietnamese bloke who owns my local pub had exceeded his usual obsessive secrecy mode.
(i.e., when accessing some pages on, for example the Telegraph.co.uk, I get "Page blocked by your System Administrator")
I was using Firefox, and switched to IE, and it worked. Like the poster above, I thought FF was borked. Took me awhile to realise the search engine on IE was Yahoo.
So I guess the poor sod at Google is about as bright as I am (Hint: think Toc H lamp. Google for it, if it'll let you.)
The occurrence of phrases such as "internet down", "traffic down 93%" - the stock reaction seems to have been "google went down and we couldn't access the internet".
Google != the internet. They're a search engine - and that's all. It's testimony to the prominence of Google in people's thinking, that to lose Google is to lose the net.
Personally I use ask, not google - I don't like google - they can't be trusted. To have untrustworthy people appoint themselves as gatekeepers to human knowledge is foolish. That we stand around mutely while it happens, aware of their inherent untrustworthiness, says a lot about the people we have become.
To the people who thought that because Google went down they couldn't access the internet, please return your computers to the shop you bought them from and tell them you're too stupid to own one.
Reminds me of a -sane - government official responding to a pestering about some imagined danger to public health/safety on Radio 4 years ago ...
After repeatedly telling the interviewer that there was no significant risk, that the risk was insignificant, that whilst it was theoretically possible the likelihood was negligible, the interviewer hit him with a perfect...
"Yes, bit it *is* possible, isn't it?" (=all Radio 4 listeners should begin/continue to panic)
To which the weary interviewee responded, patiently, but with the gentle sigh of someone seeking to reassure a child, "Almost everything is almost always a possibility."
Pause. Silence. End of interview.
The only certainty in life is death - even taxes are optional (NB, the British invented Income Tax - a "temporary measure" if I recall my history correctly - to pay for the Napoleonic wars; if we disinvented it, would the rest of the world follow again?)
I'm just waiting for a flurry of lawsuits to roll in... 40 min of no google referrers would be a significant chunk of change for alot of large e-commerce sites... Not to mention the click-arb sites stuck in between, and the people that rely on PPC for their business...
There's no way Google can tell what's happened to a webpage since it was last spidered...
OK, so the pages on most well-known big domains are likely to be fairly innocuous, but once you start trawling through individual users home pages, anything could have happened in the past few months...
Then again, 99% of malware exploits Windoze boxes, and I'm typing this on a Linux box - so unless the malware is smart enough to hack the root account, I think I'm pretty safe...
Well, we covered it there at 14:35 GMT.
Then again at 14:43 and 14:53. So we were first to publication :-P~~~
(It's now 16:12 and a google news search for "google malware" (no quotes) has the earliest reference as:
Google crashes; says all Internet is bad
iTWire, Australia - 1 hour ago
Clicking on any search results takes me not to the page in question but to a Google page advising of the risks of malware. I am told I can continue on if ...GOOG)
This gestapo thing deserves a black helicopter. I were doing some happy googling when the intarwebs went dead... quick switch to yahoo to find out what google badware alliance actually is. As a result i think i'll skip on google, if i can dodge that overlord of the internets. I mean, anonymously sending an alert that isn't even researched by stopbadware.org, and your site is unreachable by the formerly blue G giant. It makes me wonder though that why oh why is the el reg not on badware list all the time, considering the people you make angry daily.
I personally think this should be a wake up call to all internet users.
I'm now starting to think "monopoly" (microsoft springs to mind), what if in 10 years time and google's beaten all other search engines into ground and this happens? Most techs would be fine but bugger me would the rest suffer.
I now firmly believe Google's access gateway to information is far to powerful right now, let alone 10 years in the future.
"Do no Evil" yeah right.
Title says it all. What a bloody great idea to castrate the Internet, which was designed from the ground up NOT to have any single points of failure, by introducing one. EU take note, this is what they'd like to have everyone use, so take the advice they give you when you're fabricating that Internet Rule Book out of whole cloth with much NaCl. 
I wonder if Fx3's "safe" browsing took a hit, too? I can't tell as it's turned off and the lookup URLs munged about 30 milliseconds after I install Fx on any of my systems, but IIRC that all comes from the Goog, too. If I ever decide to rummage through the code, I might just make a port that disables this "functionality" out of the box and replaces Google with Scroogle SSL as the default search plugin.
On that note, what should I call the unbranded results, since I'm not allowed to call it IncandescentVulpine for trademark reasons? I'm thinking Earthbadger, which sounds nice; wouldn't that look bloody wonderful in your httpd logs? I'll give ElReg the diff and they can call it Airvulture, in keeping with the [mystic elements][animal] naming scheme. Or I might just be a lazy bastard and go back to using Konq ;o)
What I want to know is what yahoos stats looked like during that 45min period. I can imagine they got bombed with traffic especially since i was struggling to get their site to respond during the period.
nice screen shots... look very similar to the ones i emailed the register at 15:13.
"Google mistakes entire web for malware"
40% of it wants to sell you crap you don't need, 40% of it wants to waste your time, and the other 20% is hawking viruses to take over your computer so they can sell you crap you don't need and waste your time ALL THE TIME.
I'd say Google's right on the money ;)
Sorry folks, it's my fault. I dropped the internet. Must have caused a glitch. It seems to be OK now. I'll take it back to Big Ben before something really bad happens.
PS Cade, we all know you're on a personal crusade against the Big G (yes, they ARE a big nasty corporation hell-bent to making money. Hey, guess what, the *entire* US -world?- economy is!), but putting stuff like "blocking access to the entire net" in this abstract makes you sound like a raving loonie, sorta.
The worst thing is that the standard malwear warning advises users that the requested site "may harm your computer" but that you "may continue at your own risk" but supplies no obvious method of doing so. There's no "OK" button. Unless you know to manually change the URL in your browser (or use another search engine) you're goosed.
Paris, because she likes being goosed.
This post has been deleted by its author
Biting the hand that feeds IT © 1998–2019