Human Error Causes Google's 'Epic Fail'
After what many were calling an epic fail by Google this morning, Marissa Mayer has published a post on the official Google blog apologizing for the inconvenience and dubbing the incident 'human error'.
This morning between 6:30 a.m. PST and 7:25 a.m. PST every Google search result displayed the notice "This site may harm your computer." Clicking on the link would take you to a support page effectively blocking any access to all sites in the results.
Monitoring malicious sites is pretty much part of the territory for Google, and shows they take malware on the Web seriously. Google receives a list of malicious sites from StopBadware.org that is used to flag search results that may pose threats to users. According to Mayer, the list is maintained by humans due to the research involved for each case.
"We periodically receive updates to that list and received one such update to release on the site this morning." Mayer said in the post, "unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs."
Google reports the errors first appeared between 6:27 a.m. and 6:40 a.m. and began disappearing between 7:10 and 7:25 a.m.
If you're interested in learning more about Google's efforts when it comes to malware, take a look at their analysis of malware in The Ghost in the Browser (PDF).
Update: The StopBadware blog talks about the 'Google Glitch'
StopBadware says that the glitch "led to a denial of service of our website, as millions of Google users attempted to visit our site for more information."
Additionally, StopBadware claims Mayer's statement about Google getting URLs from StopBadware is not accurate: "Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google's search listings. We are attempting to work with Google to clarify their statement."
Update 2: Google post updated
Google updated its post to say that StopBadware does not in fact provide a list; instead, it helps Google to "come up with criteria for maintaining this list."
Matt Cutts tweets that the error was on Google's side
Share
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
Glad to see the clear and human explanation of what went wrong so quickly after the event, from none other then Melissa Mayer.
I saw this happening, and was wondering what was wrong with google. If I was trying to go to the site by copying, pasting the url, Firefox wasn't still letting me in.
It's an interesting tale, but the question of what exactly the human error was is even more interesting. More on my blog:
http://smoothspan.wordpress.com/2009/01/31/balancing-process-and-agility-googles-cautionary-tale/
Is it not weird that every website's sublink indicated potential "harm for your computer"?
On the other hand, could Google publicly admit that they have been hacked?
what's going on Google? You're slacking in your macking, slipping on your pimping. Mayer's mistake, slow emails forced to load basic HTML. come on guys.
I expected Go Ogle to say, "If you don't like it, don't use it." Go Ogle Search Beta. Lots of search engines out there. Don't put all yer searches in one basket.
In a second I was thinking Google was censoring all the results. Just another validation on its power. Who would click on an unknown link given such warning from the almighty Google?
Most companies enjoy “security” insofar as they haven’t been targeted yet, or suffered a human error resulting in a catastrophic exposure – something Google found out the hard way. While various systems of security are important, no system can overcome laxity, ignorance, or deliberate intent to harm. Necessary is a sustained culture and awareness; an efficient prism through which every activity is viewed from a security perspective prior to action.
Price Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be, basically, clueless regarding IT risk and its tie to overall enterprise (business) risk. Data breaches and accidents are due to a lagging business culture – absent a new eCulture, breaches and accidents will - and continue to - increase. Here, Google was fortunate, and hopefully its #1 asset, its reputation, will remain intact, but where I am CIO we cannot take chances. Check your local library: A book that is required reading is "I.T. WARS: Managing the Business-Technology Weave in the New Millennium." It also helps outside agencies understand your values and practices.
The author, David Scott, has an interview that is a great exposure: www.businessforum.com/DScott_02.html -
The book came to us as a tip from an intern who attended a course at University of Wisconsin, where the book is an MBA text. In the realm of risk, unmanaged possibilities become probabilities –Read the book BEFORE you suffer a bad outcome or, worse, propagate one.
It's a PEBCAK error, that the best part about it. At least Google is willing to admit it: http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html
How much this caused websites to loose traffic in that short span of time.
I noticed this about 5 minutes before it was fixed, you know what? It was one of the worst 5 minutes of my life. I could not Google... I almost had to Yahoo!
Sorry for Google's error, but hey we're all human.
All the best!
Regards,
Erwin Chua
IM Entrepreneur
http://winning2win.com
liiwaan
its good on google's part on admitting the problem.
Effect of downsizing (right) people ?
Google management have felt how vulnerable Google can be.
Being an amateur I see from these reports something undefined has gone wrong with Google. Sadly, you are all too darned fond of languages most decent honest people do not understand. As a result, can someone advise one what has gone wrong since I seem to have got an irreparable or unremmovable virus by what seems to be the fault of Google. My PC keeps seizing up after rebooting when it reaches the Desktop. It began with the sudden appearance on the screen of a programme telling me to open it. After I done this it seems to have got installed and jiggered my system. Can someone help me out at this address. Omaghhlad@Gmail.com Thanking you in anticipation of some help.
Ken Brasdlet, Northern Ireland