Blog

Google glitch causes confusion

This morning, an apparent glitch at Google caused nearly every [update 11:44 am] search listing to carry the "Warning! This site may harm your computer" message. Users who attempted to click through the results saw the "interstitial" warning page that mentions the possibility of badware and refers people to StopBadware.org for more information. This led to a denial of service of our website, as millions of Google users attempted to visit our site for more information. We are working now to bring the site back up. We are also awaiting word from Google about what happened to cause the false warnings.
[Update 12:31] Google has posted an update on their official blog that erroneously states that Google gets its list of URLs from us. This is not accurate. Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google's search listings. We are attempting to work with Google to clarify their statement.
[Update 12:41] Google is working on an updated statement. Meanwhile, to clarify some false press reports, it does not appear to be the case that Google has taken down the warnings for legitimately bad sites. We have spot checked a couple known bad sites, and Google is still flagging those sites as bad. i.e., the problem appears to be corrected on their end.
For more information about how the process works and the relative role that Google and StopBadware.org play, please see our Clearinghouse page or this question in our FAQ.
[Update 1:36] Google updated its statement to reflect that StopBadware does not provide Google's badware data.
[Update 2:35] Hopefully this will be the last update, as Google has acknowledged the error, apologized to its customers, and fixed the problem. As many know, we have a strong relationship with Google, which is a sponsor and partner of StopBadware.org. The mistake in Google's initial statement, indicating that we supply them with badware data, is a common misperception. We appreciate their follow up efforts in clarifying the relationship on their blog and with the media. Despite today's glitch, we continue to support Google's effort to proactively warn users of badware sites, and our experience is that they are committed to doing so as accurately and as fairly as possible.

109 responses to

Google glitch causes confusion

wmc says:

It's amazing what results an automated update can have. Actually I'd have expected, G would test drive updates on basically everything. But then again, a test phase would probably take too long and give malware sites too much of a headstart... Well, glad it was over quickly.

Great Unwashed says:

So someone made an error, it happens and it is easy to explain to your customers with a link to the google blog. Stop crying, nobody died it was nothing but a minor inconvenience.

What is annoying though is google's blog post SUGGESTS that the error (the addition of the / URL) was by StopBadware and StopBadware SUGGEST that it was Google. Both companies made vague statements that hint it was the others fault but do not outright say so and neither have admitted it was their fault. This makes both StopBadware and Google look bad. Politicians often refuse to say "I made a mistake, sorry" and I'm not sure what psychology research this is based on but refusing to do so just makes the person who made the mistake look worse.

It would be good for PR if someone put their hands up and said "whoops. my bad."

As for changing search engines, yeah right. You might for a couple of days then you will be back on google.

Florian says:

Human errors are possible, but the damage done to many reputable websites is gigantic. I'm pretty shocked that this whole system of flagging doesn't include more verification steps when there is an update, it's obviousely flawed. Incidents like this one could seriousely damage or ruin businesses, I got 3 calls from scared customers.

Fil says:

How to disable this "feature" in Firefox? I didn't even know it existed.

Torrence says:

I am told it is your web site and coding that went all crazy. Glitches happen, but what will destroy confidence in a company is keeping quiet. Google has yet to explain what happened.
Your headline is wrong. It is not just confusion, but damage to millions of websites that are now flagged as harmful. I will use Yahoo from now on, thank you very much.

lolTorrence says:

kk, but millions will still use google

Torrence says:

Google says it is unclear what caused the problem, which is now resolved, but that it will make a statement later.

"There was a fault. We don't know the nature of it yet. Everything has been solved. We are still making initial enquiries, " a Google spokesperson told BBC News.

Friðrik Már J... says:

I'm really excited to know what went wrong from a software engineering standpoint.

Please keep us posted on what Google says, or post a reference to any official statement they make online.

Maxim Weinstein says:

@Torrence: A false report indicated it was a result of a problem at StopBadware.org. This is not correct.

It appears that the false flags were removed fairly quickly and that Google's search results are working properly again.

Sukhinov Anton says:

It still written in «Google Webmaster Tools» that my site is ditributing malware. This message appeared 1 hour ago.

Should I request a review, or this notice will be removed automatically later?

Eric Wernier says:

Wow Torrence, were you really let down for the whole 30 minutes or so? I'm interested to know what happened as well, but it wasn't the end of the world for me. You have a good time with your Yahoo search.

David Bradley says:

Matt Cutts says Google will make an announcement on their blog soon...

Mark says:

Does StopBadWare notify websites that it makes malware accusations against? What recourse is provided when websites suffer harm as the result of false StopBadWare accusations?

Eric Wernier says:

Read the google blog, they have your answers.

Maxim Weinstein says:

@Sukhinov: If a Google search for site:yoursite.com still shows the warning, you should submit the review (through Webmaster Tools for fastest results) and also check your site carefully in case it really was compromised.

Matteo says:

but why the Google News's site went down this afternoon,
and what's really happened?

Maxim Weinstein says:

@Mark: Google actually determines whether a site is bad and puts up the warnings with no involvement from StopBadware.org. We serve as a support mechanism for site owners to assist them in cleaning their sites and navigating the review process. We also offer an appeals-like review process of our own for users who are not having luck with Webmaster Tools.

I believe if someone is registered with Webmaster Tools, they will be notified when Google detects their site as bad. They might also attempt to send e-mail to webmaster@domainname, though I'm not sure about that.

We may offer a similar notification service across several data providers in the future.

Ingo says:

Here is a short video and some sceenshots from the google bug.

Chuck Wekch says:

From the Google Blog mentioned:

We work with a non-profit called StopBadware.org to get our list of URLs. StopBadware carefully researches each consumer complaint to decide fairly whether that URL belongs on the list. Since each case needs to be individually researched, this list is maintained by humans, not algorithms.

We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs.

Jimmy says:

When I search youtube on chrome I get 'www.youtube.com is suspected of being a phising site'.
My blog 3 days earlier got flagged by this bullshit system even though it hosts no malware and the IP listed that contains malware isn't on my server. Ditch the stupid system all together if you're going to ignorantly brand websites as guilty until proven innocent.

http://www.google.com/safebrowsing/diagnostic?site=http://blog.jimmyr.co...

Torrence says:

I am sorry. I just got scared is all. Since malware sites are removed from Google search, I was afraid all my work was going to be gone. I do apologize for being so freaked out. Please forgive me.
Peace and Love
Tory

David Bradley says:

It's fixed and Matt Cutts announced the explanation http://bit.ly/H8Vz

ferdi tayfur says:

but why the Google News's site went down this afternoon,
and what's really happened?

Christian says:

This is not good. Now webmasters etc. have to explain this glitch to their users for many days to come.
Errors like this SHOULD NOT HAPPEN! As Google basically is THE search engine, a glitch like this has very, very serious impact all over the world.
Today I lost a little respect for the code people at Google/StopBadware...

AJ Ward says:

Frankly, i =DO NOT WANT= google "protecting" me in this manner. If I click on a link, I EXPECT to go to the site that was referenced. If my computer starts to melt as a result of that action, so be it, MY BAD!
STOP INTERFERING WITH MY INTERNET!!!!!!!!!

Matt says:

AJ Ward, you can still visit the URL - or just use a different search engine. It only affects a tiny fraction of results (except earlier today...)

Samrat says:

@Maxim Weinstein

Googe said it gets data from u which is then updated to their servers and there was an error in the checkin..this doesn't mean that u had given the wrong data.. Google never blamed you.. But you are reading the article in a wrong way..(or am i Wrong!!)

Pavan Kumar says:

This is really horrible blame game, they blaming you and you throwing mud on them. The sufferers are we users. Anyway, it finally got a good end and that's what we all need. Don't bother who is responsible... :-)

JBilinski says:

Everyone clearly just wants to keep their job. This kind of thig is going to happen -- there's no perfect system. Somone may have lost a few bucks, but, I'm sure there's no legal liability (didn't you read that disclaimer?).
Bottom line: someone discovered an undesireable feature and hopefully it won't be expressed again.

Tom says:

The people who claim they don't want google protecting them are silly. Besides, google still gives you the URL, you just have to indicate you really wanna go there by copy pasting the URL to your address bar (which takes SECONDS).

Also, to the idiot who wanted to turn off the feature in Firefox: Firefox didn't glitch, and if you like getting viruses you can go to Tools -> Preferences -> Security and uncheck the "Block Reported Attack Sites". If you also would like to give your login information to [email protected]/hacks/haxx0r/login, you can also uncheck "Block Reported Web Forgeries".

Maxim Weinstein says:

@Samrat: It is incorrect that they get their data from us. They generate their own data.

@Pavan: We're not interested in pointing fingers, and I don't believe Google is, either. We're trying to ensure that anything stated publicly is factually accurate.

Joergensen says:

This incident was pretty bad in general, but especially within the adultbusiness.

As such a substantial part of adult sites are flagged and they should stay that way due to malware, but for those adultsites that adhere to a high degree of security and respecting numerous filters, it is not going to be easy to explain towards their users/customers what happened.

I have already received numerous questions by mail concerning webcamsfan.com which has an all time clean record with numerous safeguards.

My sites credibility has been damaged.

Tony Evans says:

This is very bad. The person who did the error should be fired.

Mark says:

According to a statement issued this morning by Matt Cutts, "We [Google] work with a non-profit called StopBadware.org to get our list of URLs."

Mr. Cutts goes on to explain that, "We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs."

See http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-...

StopBadWare has replied that, "Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google’s search listings."

Asserting that "no data that we generate is supposed to affect the warnings" is not the same as asserting that StopBadWare did not supply a list with the defective URL at issue.

If StopBadWare was responsible for the inclusion of the inclusion the URL of '/' it should admit it now. This incident deserves to be treated with honesty and transparency by StopBadWare. Potentially millions of Adsense publishers and and other online operations suffered financial damages as the result of be falsely identified with malware.

Here is a very simple question: Did StopBadWare send Google a defective URL list that led to problem?

Lenny Rachitsky says:

Really impressive that Marissa Mayer herself gave such a clear and transparent explanation of what went on, what they did to fix it, and what the impact was. If not for that detailed explanation, I think the public response could have been much worse. A lesson for all large online service providers.

Acai Berry says:

I hope they clear up their statements. Where do they get their data from it does seem to match yours?

Maxim Weinstein says:

@Mark: Let me clarify. The only URLs we ever submit to Google are ones that they have previously told us are bad and that we are sending back to them because we believe the site should be rescanned to see if the badware is gone. The last such list we sent was yesterday at 5 p.m., and it did not contain a '/' as one of the records.

CasTex says:

That was weird, my site (http://www.downloadic.com) was seem to be harmless, but now its ok...

BdR says:

This is unacceptable!
Should not happen again or Google is out and Yahoo is back...

Gary says:

How odd, that one simple mistake on Google's end can buzz the whole World. Guys, check the blog-search for the term "This site may harm your computer". At the time of this post 1000+ entries for the past few hours and about 20 new posts pop up every minute. Incredible

John says:

I wonder if google in any way can be liable for this incident.
There is no doubt that the responsibility solely is at Google, but because of this incident, many website owners are facing negative impacts due to wrongful labelling of their website.

In example the website http://cybersexcam.vipsexcam.com which was hurt badly today as they had just launched an expensive campaign.

Who will cover their losses in this respect?

DDR SDRAM says:

Saw this when I got online earlier today. However it took a couple of searches before I actually realized that it wasn't just the first result that I was looking at which suddenly had this status.

Whatever the cause, it's nice to know that it's fixed now. Was quite a shock for a moment until I realized that sites all around were affected!

This Site May H... says:

Some people just need to step of their high horses.

Well done to the Google team for reverting the error swiftly. I mean, most could see this for a max of 40 minutes. I wish our tech team could fix their problems as quickly.

But, at the end of the day - human error happens, afterall, We ARE human. The Big G needs to just put a more robust QA in place.

Sam Johnston says:

I couldn't believe my eyes when I saw this before and figured it was just that I'm using bleeding edge browsers (WebKit and Firefox 3.1b2)... or that as I was trying to index trademarks in response to the Psion Netbook debacle I'd somehow upset the machine.

"Moral of the story: Wherever black or white-listing is implemented there are more moving parts and more to go wrong. In this case the offending service provides a tangible benefit (protecting users from malware) but those of you whose leaders are asking for your permission to decide what you can and can't see on the Internet should take heed - is the spectre of censorship and the risk of a national Internet outage really worth the perceived benefit? Will such an outage be rectified within an hour as it was by Google's army of SREs (Site Reliability Engineers)? And perhaps most importantly, will the scope of the list remain confined to that under which it was approved (typically the 'war on everything' from child pornography to terrorism) or will it end up being used for more nefarious purposes? In my opinion the benefit rarely outweighs the (potential) cost."

rb says:

The real problem is the lack of checking software on every possible condition.

William says:

Has anyone noticed that the BitDefender website is listed as malware still?

Pages