Google Text Ads For Known Malware Sites 110
notthatwillsmith writes "We all know that Google purges known 'attack sites' — sites that deliver viruses, spyware, or other malware to visitors — from its index of searchable sites, but that doesn't stop the text ad giant from happily selling ads linking to those sites. One wouldn't think it would be any more difficult to cross-reference the list of purged sites with the list of advertisers than it was for the main search index, would it?" To be fair, the article says that Google shut down the ad when notified of it; and no other examples of linked malware are offered. Was this a one-time oversight?
give 'em a break (Score:5, Insightful)
To be fair, the article says that Google shut down the ad when notified of it; and no other examples of linked malware are offered. Was this a one-time oversight?
Given the amount of business Google gets, how can you possibly consider one instance anything but an oversight?
This is NOT "stuff that matters"
News flash! Local traffic cop overlooks jaywalker. Corruption, or honest mistake, you decide!
Smoke, no fire (Score:3, Insightful)
A one-time oversight? Probably not. Look, domain names are not exactly made of gold. It is entirely possible for an advertiser to create a domain name specifically and solely for the purpose of advertising on a particular ad network. That means no chance for Google to match it to its blacklist -- the site isn't in the blacklist anyway, or anywhere else for that matter. There's no need to SEO a link you're paying to advertise, after all. That's probably why the link doesn't come up in Google: Nobody links to it, nobody talks about it, nobody's SEOed it.
Bottom line: Without a human eyeball checking each submitted ad, and a team of investigators checking each suspicious-ish looking one, this sort of thing is not going to get caught until it's reported. Google isn't going to be our nanny in this regard. Oh well.
Re:Notify the end users (Score:5, Insightful)
That might viloate the google/website contract. Howewver, that's not the issue here. Google is running ads with links to malware sites, not ads on the malware sites (though they probably do that too).
Re:give 'em a break (Score:5, Insightful)
You can't expect them to check every single link on every single page in real time.
I could easily set up a page that waits for a visit from the google page-checker then modifies itself to contain bad stuff. That would give me a window of attack.
Re:Responsibility (Score:5, Insightful)
That doesn't sound like a blind eye.
Quit trolling
Furthermore its a fine line between due diligence and big brother. Especially in in today's internet climate. I am not surprised that the group doing the adwords doesn't know enough about the group doing the filtering to be able to filter automatically. Its very easy to say Google should know what Google is doing but we all know that interdepartmental communications in large companies sometimes don't work all that well.
It would be interesting if the bloggers that posted this "poke the big guy piece" had more than just this one incident. It would also be interesting to know how many other sites have been removed. If this was the first and they are now going to be crosschecking, then it shouldn't happen again.
But no one ever clicks on the ads (Score:4, Insightful)
So why worry?
At least this way the malware companies pay someone and end up infecting no one.
Seriously have YOU ever clicked on an ad?
I've put adwords on my site www.gentooxo.org thinking it would help me pay for the site's hosting and the bandwidth I use to distribute my customized-for-olpc linux distro but you know what? According to my stats NO ONE has ever clicked on an ad!
And that's after about two thousand visits to the site and maybe 200 downloads!
Here is my 'required by google' policy on the ads:
http://gentooxo.org/disclaimer.shtml/ [gentooxo.org]
So useless are the ads that I am thinking I will simply drop them...
Re:give 'em a break (Score:5, Insightful)
You guys are missing the point. Its not a matter of humans checking each link and making an oversight. Its a matter of Google accepting ads from sites that its magical filtering system knows for a fact are spam sites/link farms/malware etc. If they didnt accept ads from sites that their database knows to be not so great websites then there wouldnt be any oversight. Computers dont make oversights so the only way this could have happened is if Google decided to apply a different standard for filtering their advertisers than they do to regular webpages.
Re:Is there a demand for guides in the bad places? (Score:3, Insightful)
http://astalavista.box.sk/
Yeah, that used to list the bad places. Now it mostly lists the awful ones.
Google doesn't give a damn as long as they're paid (Score:4, Insightful)
You want proof? Google for "spybot" or for "adaware" and see how many deceiving pieces of malware are advertised in the sponsored links:
"spybot": 3 sidebar, 1 at the top.
"adaware": 3 at the top
"ad-aware": 1 sidebar, 1 at the top
I'm always sure to tell my friends and relatives the actual URL for Spybot S&D or LavaSoft because of these scamming low-lifes. I've reported them a half-dozen times to Google, gotten an automated response, and never seen a change.
Re:Tech support - unsafe site my ass (Score:3, Insightful)
I recently got infected with Antivirus 2008. Googling for a solution, mainly which windows exploit was used to get it on the system I found the following type of comments.
"You are infected with a malware that you picked up because of your browsing habits"
Yeah right, I got infected because of Google Ads, which can be found on many a mainstream site.
As they said, infected due to your browsing habits.
If you were running an ad blocker, you couldn't have been infected by an ad. It almost certainly required scripting, with a good chance it required cross-site scripting, as well. Thus, scripting off by default, regardless of your ad viewing preferences, would have stopped it in most cases, and even if you had that mainline site whitelisted, the malware site it tried to load stuff from would have fallen into the no-scripting default and thus would have been blocked.
Also, browsing habits could well be defined as inclusive of the platform you choose to browse from, and almost certainly would include your choice of browser. You don't here of so many getting infected running say firefox on MS, and even fewer running any of the even semi-common Linux platform browsers...
All of those can be reasonably included in browsing habits, yet changing just one of them, one of adblocker, script-blocker, browser, browser-platform, would have likely made you immune. Change all four of them, still keeping in mind they all fit reasonably within the definition of browsing habits, and the chances of being infected by an ad that's blocked, requiring scripting that's turned off, targeting a browser you aren't running, on an OS that if you run at all, you don't consider secure enough to browse the web with, are practically nil!
So yes, browsing habits, indeed. Just because they are common browsing habits doesn't make them /safe/ browsing habits.