
Google.com partially dangerous - s_chaudhary
https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en-US#url=google.com
======
maze-le
> Attackers on this site might try to trick you to download software or steal
> your information

Thats an awful description of googles business model, but partly true...

~~~
shawabawa3
Well I tried to download chrome yesterday, and you STILL get
www.downloadchromenow.com and other spam site adverts at the top of the
results, which absolutely serve malware/spyware

Until they sort out their ads it's true, it is a dangerous site

~~~
woogley
Like the other peer comments, this does not show up for me. I'm afraid there's
a good chance you already have some malware (or at least a rogue extension)
that is inserting ads into your pages.

~~~
emodendroket
How would you know? The results are different for everyone, aren't they?

~~~
woogley
There's some conjecture involved but I would be very surprised if Google
actually sold AdWords for their own browser.

~~~
ceejayoz
Deliberately? No, of course not.

They can't just ban the word "Chrome" from AdWords, though. Spammers/malware
authors are very good at figuring out what's needed to slip through the
automated systems.

~~~
MichaelGG
They've done this for Skype too. And the funnier thing is when I reported it
to Skype, they claimed it was "OK" because it said TOM in the description
(Skype's Chinese sponsor). Except the link did not have anything to do with
Skype or TOM.

~~~
nitrogen
Also important tools like PuTTY.

------
plank
Good* for Google to spot their own website being not completely safe! Wonder
if they did click on
[https://www.google.com/webmasters/hacked/](https://www.google.com/webmasters/hacked/)
themselves to see how to get Google.com unhacked.... ;-) * Actually, I think
it IS good that there is no 'whitelist' of domains which are surely safe, and
that it checks even the company's own main website.

~~~
make3
after all, Google once "sold" some guy the google.com domain by accident

~~~
michaelmcmillan
If I remember correctly, that guy was an employee. Still no excuse though.

------
lrvick
Related: The blog that announces their new security suite for Chrome, fails
the security suite for Chrome. See screenshot
[https://twitter.com/lrvick/status/692282829619777537](https://twitter.com/lrvick/status/692282829619777537)

~~~
closed
Thanks to this comment, I've been tinkering with the security suite, and
thought it would be worth noting that it can also flag a site as insecure due
to your extensions. That doesn't look like the case here, but it's nice it
flags them.

------
Animats
Google is at the top of SiteTruth's list of major sites currently being
exploited by phishing scams. 37 of them right now.[1] This list comes from a
join of PhishTank and Open Directory - sites with some reasonable reputation
and an active report in PhishTank. At one time, Microsoft and Yahoo were at
the top, but they got better.

Any popular free hosting service ends up hosting phishing sites, but Google
doesn't aggressively clean them out. Here's Google's oldest phishing site,
from 2010.[2] It's an attempt to steal Habbo logins (Habbo is an old virtual
world, similar to The Sims.) Lately, phishing via Google Drive is picking up.
Phishing sites hosted on Google Spreadsheets have finally disappeared; you can
put HTML in a spreadsheet cell and host a site that way. For a long time,
Google didn't recognize that this was a way to host a fake site.

At least all the fake sites are under Google's subdomains (sites., drive.,
etc.) There used to be exploits using "google.com" as an open redirector.

[1]
[http://sitetruth.com/reports/phishes.html](http://sitetruth.com/reports/phishes.html)
[2]
[https://sites.google.com/site/freehabbocoinsgbbo00/](https://sites.google.com/site/freehabbocoinsgbbo00/)

------
putasidemobile
This is almost surely not content hosted on Google.com, but content hosted on
sites which Google redirects to.

If Google serves a single malicious site as a linked result (or in a redirect)
it will flag Google.com as hosting malicious content.

This has been the case for years now, also for other Google properties, like
Youtube and DoubleClick.

~~~
OJFord
Right, but it's still odd that other Google TLDs (as reported in this thread)
are not flagged.

------
LaFolle
Even, github.com is partially dangerous. "Dangerous websites have been sending
visitors to this website, including: github.com/mgp25, github.com/racaljk, and
github.com/100pcrack"

~~~
tamana
Yes , github hosts UGC which has a lot of spam/malware.

~~~
victorhooi
What is UGC, in this context?

~~~
Zacru
User Generated Content

------
nerdponx
I was very tempted to click on those Google group links, but I didn't have the
balls.

~~~
maze-le
Stangeley, 7b726aeb-a-62cb3a1a-s-sites.googlegroups.com is considered "Not
dangerous".

see:
[https://www.google.com/transparencyreport/safebrowsing/diagn...](https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en-
US#url=7b726aeb-a-62cb3a1a-s-sites.googlegroups.com)

~~~
hartpuff
Yeah, I clicked on a bunch of "dangerous websites" linking to/from different
sites, and all of them were rated "Not dangerous".

------
bluesilver07
>Some pages on google.com contain deceptive content right now. Talk about
being honest about oneself..

~~~
jobigoud
Oh, a liar's paradox. Maybe it's this very page that is deceptive. In which
case none of google.com is deceptive, but this page is.

------
rzhikharevich
Interestingly, google.ru is "Not dangerous".

~~~
fishnchips
Obviously, Russian internet must be so much less corrupt ;)

~~~
dexterdog
It just a relative score within the TLD

------
zeeshanm
Duckduckgo.com is not marked dangerous:

[https://www.google.com/transparencyreport/safebrowsing/diagn...](https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en-
US#url=duckduckgo.com)

~~~
FlyingLawnmower
Same with bing.com and yahoo.com

------
OJFord
"Google considered harmful"

~~~
basicplus2
may contain nuts? :)

------
JimWestergren
Also 4331 URLs removed from Google index [1] because of DMCA requests sent to
Google:
[https://www.google.com/transparencyreport/removals/copyright...](https://www.google.com/transparencyreport/removals/copyright/domains/google.com/)

[1] [http://domainstats.io/tools/dmca](http://domainstats.io/tools/dmca)

~~~
miket
Was recently reported that Google receives 100K DMCA requests per hour:
[http://www.theverge.com/2016/3/7/11172516/google-takedown-
re...](http://www.theverge.com/2016/3/7/11172516/google-takedown-
requests-75-million)

~~~
JimWestergren
4331 URLs removed _from the google.com domain_. Sorry for not being clear.

------
billhendricksjr
> Some pages on google.com contain deceptive content right now.

So can I believe this page or not?

~~~
JBiserkov
To _some_ extent...

------
cowholio4
I think the big problem is that Google does a poor job cleaning up user
generated content on their own properties. Google Groups, Google Drive,
Feedburner, GoogleSites and Blogspot are continuously used to deliver
phishing/malware. It also doesn't help that google sometimes hosts those on
it's google.com domain or uses their google.com domain to redirect to those
sites.

------
nxzero
Funny, everyone knows Google is dangerous.

In all seriousness though, they've got one of the largest public facing
systems in the world. Given the surface area and traffic volumes, it's
surprising that the don't have more issues than they do.

~~~
tamana
Public facing systems isn't the issue, user generated content is.

~~~
nxzero
If the user generated content was private and hard to share or view in bulk,
it be less of an issue.

------
hunvreus
Google.com also fare poorly on its own performance test:
[https://developers.google.com/speed/pagespeed/insights/?url=...](https://developers.google.com/speed/pagespeed/insights/?url=google.com)

------
awendt
> Don't panic.

> Users sometimes post bad content on websites

> that are normally safe.

~~~
peg_leg
Mostly harmless

------
cojant
If you type www.google.com it finds it not dangerous... Strange.

------
warrenmca
also microsoft.com, yahoo.com, cnet.com (no surprise there!)

------
melor
Sure is dangerous sometimes for my work productivity...

------
oolongCat
I really really dislike this. Why does google get to decide which websites are
good and which are not. Unless someone subscribes to this service google
should do what it does best, search.

One day they decide everyone should be mobile friendly, the next day they
decide which sites are bad and which are not, what more?

Every single day, google is giving me more reason to use alternative search
engines.

~~~
d_theorist
Nobody is being forced to any attention to their pronouncements. The only
reason they are of any relevance is that a lot of people freely choose to use
services and software that incorporate them.

~~~
userbinator
The concern is primarily because Google has, to many people, become "the
Internet itself" \--- it is in a position of immense power to control what the
majority of the Internet-using population sees. This isn't quite the same
situation as some random white/blacklisting site's opinion.

~~~
oolongCat
Precisely!

------
thewhitetulip
Google is at a very influential position these days, everything is Google, and
Facebook is trying it's damnest to become like Google.

Google, for the most parts, is the Internet, chrome, gmail, search engine,
android, good lord even walking robots! We are lucky that they g+ failed
miserably :D

Otherwise we'd not have Internet, we'd have Google, nothing in the world
beyond it. Nobody to check it's power, except maybe the EU, but that's their
jurisdiction.

I recently bought a macbook pro, whenever I visit google.com using macbook I
get a small popup -> visit your privacy setting, no other platform did I ever
get that popup. They apparently discriminate it. For work we use US network,
and there I regularly see that popup, never on an Indian IP that I got that
message. Apparently they think Indian's do not care much about their privacy.
Too much for Don't be evil.

~~~
dgacmu
You're getting downvoted because you're making an easily falsifiable claim.
AWS hosts an absolutely staggering number of websites. Heck - DreamHost has
1.5 million sites. EIG, through a ton of subsidiary brands, hosts millions of
sites:
[https://en.wikipedia.org/wiki/Endurance_International_Group](https://en.wikipedia.org/wiki/Endurance_International_Group)

It may be surprising to those of us who hang out on HN, but Hotmail has over
360 million email customers. Yahoo (okay, okay) has over a quarter of a
million. Yandex and QQ have dominant regional market share.

Access? Comcast, Verizon, I'm looking at you, at least in the U.S.

Backbone? Hi, AT&T, L3, NTT, <list of non-Google/Facebook companies>.

Amusing that you have a _Mac_ book pro. I think there might be a $579B company
with a huge market share of the mobile market (safari, not Chrome) sitting
there.

Facts and actual data talk, not fear and rhetoric. The world has nuance that
deserves credit.

~~~
thewhitetulip
This is the reason Steve Jobs hated social networks. had he been on a social
network in 1980s telling everyone that "hey PCs are going to be a big deal
ten-twenty years later" he'd have been ridiculed, and shown the The
Dunning–Kruger effect, yeah know that.

Ultimately everything in life is an opinion, all that matters is we do what we
feel is right and in general isn't outright incorrect, just because you people
have the ability to downvote comments doesn't make you more informed than I
am, especially when you don't understand what i am trying to say or i am not
clear at what I say, that doesn't give you the right to be derogatory though,
but this is HN and that behaviour is expected.

