UK Web Focus (Brian Kelly)

Innovation and best practices for the Web

Google Breaks!

Posted by Brian Kelly on 1 Feb 2009

There was much lively discussion from my Twitter community yesterday – and not on from the football fans whose teams were involved in a flurry of goals in the second half. Josie Fraser was one of the first to report the incident:

Google’s gone a bit mental. Every site it returns for any search comes with a ‘this site may harm your computer’ warning 2:52 PM yesterday

Phil Bradley commented seconds later:

Google malware error running wild Everyone is seeing this from what I can tell. 2:54 PM yesterday

Twitter posts about Google problemsAnd then there was a flurry of comments from people confirming that the problem was widespread.

Now I could use this as an example of showing the benefits of Twitter when something significant happens in the world. And I suspect that when the next major incident (bombings, severe weather problems, major accidents, etc.)  occurs we’ll hear stories of how Twitter was used and we’ll have another of influx of subscribers.

But as I suspect that many readers of this blog will be aware of the benefits which Twitter can provide I’ll instead comment on the incident itself.

The official Google blog has described this incident in a post entitled “‘This site may harm your computer’ on every search result !?!?“.  The post summarised the incident:

If you did a Google search between 6:30 a.m. PST and 7:25 a.m. PST this morning, you likely saw that the message “This site may harm your computer” accompanied each and every search result. This was clearly an error, and we are very sorry for the inconvenience caused to our users.

And goes on to explain what happened:

What happened? Very simply, human error. Google flags search results with the message “This site may harm your computer” if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers. We maintain a list of such sites through both manual and automated methods. …

We periodically update that list and released one such update to the site this morning. Unfortunately (and here’s the human error), the URL of ‘/’ was mistakenly checked in as a value to the file and ‘/’ expands to all URLs.

So a simple human error caused all results returned by Google to be flagged with a worrying message. Now the Google blog posts points out that the problem was quickly resolved, claiming that “the duration of the problem for any particular user was approximately 40 minutes“.

But should this act a a wakeup call warning us of the dangers of a reliance on Web 2.0 companies?

It should be pointed out that this isn’t really a question of the ownership of the service. Does anyone really think that if a global search engine was nationalised that it would be immune to human errors? The incidents we’ve seen in recent years with government data clearly demonstrates this.

However as my colleague Paul Walk commented in an email shortly after this incident in a paper he had just submitted to the Museums and the Web conference “ I talked about distributed web services and chains of responsibility“. The Google incident would have provided a great example of such dangers, if it had only happened before he had submitted the paper!

Now Phil Bradley has already written about this incident, including a screen image of a Google search warning about the possible dangers of visiting the Goole Google site itself! But I think that I’d agree with Paul Walk that the more interesting issues are to do with the chains of responsibility, rather than a destination site which people visit, even one as popular as Google.

Google may have quickly fixed this particular problem. But we’ve not seen the end of discussions of the implications of breakdowns in cloud services. And what will this incident do for the trust people may previously have had in Google?

11 Responses to “Google Breaks!”

  1. What I found particularly interesting were the comments from people who were saying that they thought Google had been hacked, worried about their data, their account, email and so on. I wonder just how many of those people have now happily gone back to sleep until the next time, without having put any contingency plan in place.

    That people just did not know what to do was of interest to me – the number who seemed to equate Google=Internet was quite frightening. I guess most of ‘us’ would just have shrugged and used another search engine instead, but it was clear from the torrent of tweets that many people were just completely lost.

    While I agree entirely with your comment on reliance on Google, I think there’s a better example out there, and that’s Pageflakes. This is/was a home or start page resource that I used, as did many hundreds of thousands of other people. This went down towards the end of last week, apparently because it was being moved to new servers. However, it’s not come back up again, and there are a lot of doubts that it ever will again. Huge numbers of people have lost considerable amounts of work and data, and if they weren’t lucky/sensible enough to have created a backup at somewhere like Netvibes they’re going to have a long and painful time trying to re-create that content.

    That Google got something wrong isn’t really the story (as you say); that we are, do and have to trust cloud computing with our data and yet have little or no control over it, surely is.

  2. Andy Turner said

    “a screen image of a Google search warning about the possible dangers of visiting the Goole site itself!”

    A serendipitous (or Freudian?) typo, Brian. I’ve always considered it safest to stay well away from Goole.

  3. Oops, well spotted Andy. Typo fixed – and my apologies to any readers from Goole!

  4. Tom Franklin said

    I think that the dangers of using Web 2.0 sites because of this type of problem are grossly exageerated. Is it any less likely to happen at a commerical or university hosted service? I think not. And given the number of users and the number of support staff it is likely to be both spotted and fixed more quickly than in a university (many of which do not have full 24/7 on site coverage).

    So, I would suggest that the quick fix is actually a plus for sites like Google (or Goole for that matter).


  5. Tom is right. I don’t think that this “should this act as a wakeup call warning us of the dangers of a reliance on Web 2.0 companies”, but what it should do is act as a caution against the idea that *any* IT service in the cloud or not can have 100% uptime without fault.

  6. It’s not really a “cloud”, is it? It’s more like a private parking lot we’re given greater and lesser access to.

    My “oh no!” moment can when I thought it was only Google’s blogger / blogspot that was in trouble. When I realized they were flagging everything, I switched search engines and went off to find the latest news.

    However, it did make me mindful that it’s been awhile since I made an off-line back-up of my blog postings and key emails.

    So, yeah… a bit of a wake up. :)

  7. Nick Sharratt said

    @Tom Franklin – one difference is in terms of liability and managing business risk. While Google may have the resources to respond and fix this quickly, do they have any liability as far as an institutions users/customers are concerned? Nope. So, if a programme/module were to rely on a 3rd party service, say something much less reliable them Google (twitter?), and a student were to say that they couldn’t complete their work on time because the service was unavailbale, would that third party have any interest in providing details of the aledged incident for an award board or exenuating circumstances panel to consider? Where would the liability lie if that student were to sue the institution for failing if the evidence was not available to validate their claim?

    In particular, where would the liability fall if an individual academic (or even a group) had decided to use that 3rd party service without the support and express permission from their institution? Would a union defend an academic in such an instance if the institution were to deem the individual liable for having made the decision without confirming the business risk to the institution was acceptable and managed?

    Then imagine the situation where a choice of cloud computing were to fundamentally support an entire module (say, an exercise based in second life), and that service becomes unavailable and the entire module fails to run? While similar problems can certainly arise within services provided in house, at least the legal implications of that are well defined and the institution can retain ownership of the issues and manage them acordingly.

    This is not to say use of 3rd party services is “bad” or impossible to manage – but I do hope everyone is taking suitable precautions not to proceed without due consideration of the total business/individual risks involved and putting in necessary contingencies.

  8. derl said

    mistakes happen, the service is actually good at preventing users from visiting bad websites along with the reporting web forgery in firefox which warns you of sites that try to steal your login

  9. […] Google Breaks! […]

  10. As Tom Franklin says, the service was broken and was quickly fixed. And we need to remember that should problems can happen with managed services. Indeed, as described in a recent tweet the JISC email service broke recently. Now should JISC take HEFCE (the email provider) to court?!

  11. Joanna said

    I wouldn’t use gmail for anything but spam filtering until they started letting us retrieve & backup our own mail, but now I’ve never gotten around to doing that. Still, the point isn’t that most web 2.0 companies are safer than most universities’ file system. The point is that *all* data should be backed up at multiple sites, and that if a company goes bankrupt all their assets can be sold to any bidder. I assume our data is an asset?

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: