Google To Send Detailed Info About Hacked Web Sites - Slashdot

Slashdot

Google To Send Detailed Info About Hacked Web Sites 58

Posted by kdawson on Wednesday October 14 2009, @12:28AM
from the see-yourself-as-others-see-you dept.

alphadogg writes "In an effort to promote the 'general health of the Web,' Google will send Webmasters snippets of malicious code in the hopes of getting infected Web sites cleaned up faster. The new information will appear as part of Google's Webmaster Tools, a suite of tools that provide data about a Web site, such as site visits. 'We understand the frustration of Webmasters whose sites have been compromised without their knowledge and who discover that their site has been flagged,' wrote Lucas Ballard on Google's online security blog. To Webmasters who are registered with Google, the company will send them an email notifying them of suspicious content along with a list of the affected pages. They'll also be able to see part of the malicious code." Another of the new Webmaster Tools is Fetch as Googlebot, which shows you a page as Google's crawler sees it. This should allow Webmasters to see malicious code that bad guys have hidden on their sites via "cloaking," among other benefits.

This discussion has been archived. No new comments can be posted.

Google To Send Detailed Info About Hacked Web Sites

Search 58 Comments Log In/Create an Account

Comments Filter:

Gentlemen, check your Webmaster tools (Score:4, Interesting)

by symbolset (646467) writes: on Wednesday October 14 2009, @12:38AM (#29741147) Homepage Journal

This is a great service. Google should set up an opt-in email notification as well.
It helps the webmasters build better sites and teaches them to check the Google website tools that allow them to groom their site for best indexing on Google. That's great.

Share
twitter facebook
Good idea, but... (Score:4, Interesting)

by PrimaryConsult (1546585) writes: on Wednesday October 14 2009, @01:35AM (#29741385)

If Google's determination on whether a site has malicious content is based solely on crawling it, wouldn't a hacker be able to manipulate robots.txt to ignore the file with the malware? These tools would allow a hacker to test that theory out, by trying different things on his own sites and seeing what generates an email, instead of waiting around for Google to re-crawl them and having to check each one to see if it is filtered...

Share
twitter facebook
Happened over here (Score:3, Interesting)

by orta (786013) writes: on Wednesday October 14 2009, @03:37AM (#29741861) Homepage Journal

This happened to my site and the google webmaster tools were helpful but frustrating, it took 2 weeks of my site being banned in all major browsers before they officially sanctioned it OK. It did give me a list of all the URLS where there was problems, so it wasn't too hard to debug.

Share
twitter facebook
Re:Who requests (Score:3, Interesting)

by complete loony (663508) writes: <Jeremy.LakemanNO@SPAMgmail.com> on Wednesday October 14 2009, @06:59AM (#29742715)

Company? what the...
You obviously have no idea about the early days of the internet and HTTP. The whole point of HTTP was to publish documents, if you host something you are implicitly allowing other people to fetch a copy of it.
robots.txt came about in the very early days of HTTP. An enterprising hacker wrote a crawler to index the whole internet (which wasn't that big at the time). But his crawler got stuck fetching pages from one machine with dynamically generated pages. This obviously tied up the bandwidth, CPU and disk IO of the server which annoyed it's owner. So the 2 people had a polite conversation via email and the opt-out robots.txt was invented.

Parent Share
twitter facebook
Re:Happened over here (Score:2, Interesting)

by johndoejersey (679948) writes: on Wednesday October 14 2009, @07:34AM (#29742849) Journal

My experience was less than 8 hours. A day or two later I realised I missed my .htaccess file had been gazumped as well. Though google seemed to miss that one....

Parent Share
twitter facebook
Re:Google needs to clean up their own act first, (Score:3, Interesting)

by tlhIngan (30335) writes: <`ten.frow' `ta' `todhsals'> on Wednesday October 14 2009, @11:06AM (#29745033)

Google has a malware hosting problem of their own.
Google Spreadsheets can be abused to create phony login pages. Here's one for "Free Habbo credits", designed to collect Habbo logins. It's been reported via the usual "Google abuse" mechanism, repeatedly, and it's still up. It's been up since October 28, 2008.
We track major domains being exploited by active phishing scams. ("Major" here means only that it's in Open Directory, with about 1.5 million domains.) There are 39 exploited domains today. Only 7 have been on that list since 2008. The most abused site is Piczo.com, which is a hosting service/social network/shopping site for teenagers.
Just about everybody else has cleaned up their act. 18 months ago, that list had 174 entries, including Yahoo, eBay, Microsoft Live, and TinyURL. All those companies have become more aggressive about checking for phishing scams that were injected into their domain. Google's cluelessness in this area ought to be embarrassing to someone.
Let me guess - you want Google to remove people's documents arbitrarily? That's what you're saying.
Right now, Google's right to not do anything - how would you feel if someone just took down one of your documents arbitrarily? Not even a DMCA notice, just a vague "this is a hacker tool" thing? And how do you differentiate between "fake login page" and "log in page mockup"? After all, when designing a UI, you can do it in any medium you feel comfortable in.
So yeah, Google is clueless. They're so clueless, they'd rather not remove someone's document because there can be many legitimate reasons for it to be there. And I suppose, as much as Google would like to remove it, doing so sets a bad precedent. Your Google Doc annoys someone? Click "report abuse" and Google will take it down. Better than DMCA notice.
At best, Google can remove it from the index. But allowing Google to arbitrarily remove any document by an anonymous person invites a whole new can of worms. Might as well ban bullets, they've been used to harm people.

Parent Share
twitter facebook
Re:Academic cloaking (Score:3, Interesting)

by skeeto (1138903) writes: on Wednesday October 14 2009, @12:02PM (#29745881)

You can report sites that use cloaking here: http://www.google.com/contact/spamreport.html [google.com] . I don't know what good it does since the sites I have reported have never been acted upon.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

995 commentsZimmerman Charged With 2nd-Degree Murder
910 commentsIn Nothing We Trust
810 commentsTSA's mm-Wave Body Scanner Breaks Diabetic Teen's $10K Insulin Pump
743 comments$60 Light Bulb Debuts On Earth Day
734 commentsWindows 8 Won't Play DVDs Unless You Pay For the Media Center Pack

Love is a grave mental disease. -- Plato