[Update: Google has fessed up in a blog post. Apparently the problem was caused when a URL of '/' was added to the StopBadware block list. The incident also caused a DoS attack on the StopBadware site due to the volume of users clicking on links in the warning messages.]This morning, some time after 9am EST, Google's StopBadware feature went haywire. StopBadware is a Google initiative to maintain blacklists of malicious and phishing URLs. It can be leveraged by third parties via the Google SafeBrowsing API. As can be seen in the associated screenshot, the functionality was broken as a search for 'test' indicated that every search result could contain malicious content with a link stating 'This site may harm your computer'. Clicking on any search results would take the user to a warning page as opposed to the actual destination.
The issue has now been resolved, but it illustrated two things for me - the power of Google and the potential of user driven reporting sites like Twitter. We trust Google. It's been our friend for a long time, so when it starts telling us that every site is malicious we get worried. A Twitter search for posts related to the problem shows plenty of confusion and speculation as to what the problem was.
More interestingly, it provided timely information based on the start and stop time of the bug. Posts that I reviewed show that the issue began just after 9am EST and was resolved approximately an hour later. Others, suggest that problem was not fixed but rather code was rolled back to restore a stable state. Was it a regression bug introduced during an upgrade? Seems likely.
Thankfully the crisis has been averted so the world can keep turning on its axis. Nothing to see here, move along.
- michael
Posts
0 comments:
Post a Comment