

Google Hacked? - DanielBMarkham
http://www.googlewatchdog.info/2007/09/spam-and-virus-sites-infesting-google.html
It seems the more popular the site, the more people are desperately trying to game the system. Has it reached the point where any startup looking to burn through a lot of hits had better think a bit about how to handle the attacks? You obviously can't spend a lot of time defending a site that isn't even popular yet, but you can't get caught blindsided either, right? I wonder where the balance is.
======
icey
The headline is a bit of a stretch; the author in the article is merely
_speculating_ that their database has been hacked. I'd be pretty shocked if
that were actually the case.

Instead, it looks like someone has found a flaw in the current ranking
algorithm and is using that to their advantage.

~~~
DanielBMarkham
Apologies for using the word "hacked" -- I meant the system was hacked, not
necessarily the database. Durn title was long enough already.

I wasn't trying to do a Digg, honest. My point was that as sites grow in
popularity, there's this huge arms race that goes on. In addition, as the
internet goes everywhere, you can pay a thousand people a buck a day to do the
hacking for you. It's a huge problem, and some thought has to be given to it
even as a startup, imo.

------
andres
Lately my parents have been complaining about certain search results on Google
linking to completely different pages than what they clicked on (like car part
search results linking to travel websites). They are using a combination of
Windows, IE, and AOL so who knows what the hell is going on. I've gone over it
with them step-by-step on the phone and there is definitely something there.
It must be some program running locally because the same search result on my
mac goes to the right page.

To deal with the problem... my dad reinstalled Windows.

~~~
BrandonM
I think this is a nameserver problem. My girlfriend's parents' computer did
this, too, and there was an entry in the registry which I needed to change in
order to fix it. Obviously, the problem originated from some type of malware
changing the registry, but after that, it doesn't require a program to
continue running. What happens is that the request for a website is sent to
the malicious nameserver, which returns its own malicious IP. The address is
then scanned for certain information (e.g. Google search information), and if
it finds anything relevant, it redirects the user to their own ad-riddled
site; otherwise, it redirects them to the originally-intended site. Obviously,
this is a security issue in that all information you are transmitting is going
through a malicious site. I would recommend trying to do something about this
problem ASAP, even if it involves re-installing the OS.

------
ajju
The author makes a claim but doesn't cite a single example of this. This is BS
until I see proof.

~~~
r7000
I've seen it. Unfortunately, I can't remember the query phrase but I remember
being confused about the pages and pages of .cn sites with no other results.
It didn't reoccur on subsequent searches so I forgot about it.

------
zach
It's incredibly frustrating to see how search quality is an arms race just
like email spam. First there was keyword stuffing, then link trading, keyword
stuffing on many other sites, blog spam, made for AdSense pages and now we
don't even understand what is going on.

~~~
DanielBMarkham
There's a lot of ways you can trick or "hack" Google. I can think of 2 or 3
right now that might work, and I'm sure there are others.

This looks like something that involves a lot of resources. We may be seeing
the beginning of a sort of economic Web war, where one side spends tens of
millions to break into and use a trusted system and another side spends tens
of millions to prevent it. We've seen a lot of little petty stuff with botnets
and DOS attacks over the years, but it could be that the game is scaling up to
a even higher level.

