Randomness (r_ness) wrote,

  • Mood:

"Whitelisting: You're Doing it Wrong"

That's the subject John Bambenek wishes he'd come up with earlier today when Google's malware detection went awry.

Google explains:
What happened? Very simply, human error. Google flags search results with the message "This site may harm your computer" if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers. We maintain a list of such sites through both manual and automated methods. We work with a non-profit called StopBadware.org to come up with criteria for maintaining this list, and to provide simple processes for webmasters to remove their site from the list.

We periodically update that list and released one such update to the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs. Fortunately, our on-call site reliability team found the problem quickly and reverted the file. Since we push these updates in a staggered and rolling fashion, the errors began appearing between 6:27 a.m. and 6:40 a.m. and began disappearing between 7:10 and 7:25 a.m., so the duration of the problem for any particular user was approximately 40 minutes.
Unfortunately, as StopBadware.org reports, that problem resulted in "led to a denial of service of [StopBadware's] website, as millions of Google users attempted to visit [their] site for more information".

Hilarity and mutual finger-pointing ensued, but everything is fine now, they say.

Good thing it didn't happen on a weekday, eh?
  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.