Internet users this morning would have received a surprise if they tried to use Google Search: Every single query response was tagged with the warning "This site may harm your computer." Clicking the search result link would provide a dead end error page reading "Forbidden", while clicking on the warning link leads to a Web Search Help page. This page explains that sites that Google has identified in this manner may install malware when visited. The safety feature is meant to make Google users feel safe, and identify dangerous sites, as the Help page continues to explain. The only problem today is that every page was tagged with the dangerous site identifier. As of this writing, any Google search will provide a list of "dangerous sites," and no way to click through to the actual Web sites. Of course, directly typing the URL will take the browser to where the user wants to go, but is avoiding typing not the main reason that people use the search bar in the first place? Related comments to this event began before 7:00AM on the East Coast. No response available on the Google Blog as of yet.
Update: Google released information about the incident through a blog post. Marissa Mayer, VP, Search Products & User Experience, says it's a "human error". See full post below:
"This site may harm your computer" on every search result?!?!
1/31/2009 09:02:00 AM
If you did a Google search between 6:30 a.m. PST and 7:25 a.m. PST this morning, you likely saw that the message "This site may harm your computer" accompanied each and every search result. This was clearly an error, and we are very sorry for the inconvenience caused to our users.
What happened? Very simply, human error. Google flags search results with the message "This site may harm your computer" if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers. We maintain a list of such sites through both manual and automated methods. We work with a non-profit called StopBadware.org to come up with criteria for maintaining this list, and to provide simple processes for webmasters to remove their site from the list.
We periodically update that list and released one such update to the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs. Fortunately, our on-call site reliability team found the problem quickly and reverted the file. Since we push these updates in a staggered and rolling fashion, the errors began appearing between 6:27 a.m. and 6:40 a.m. and began disappearing between 7:10 and 7:25 a.m., so the duration of the problem for any particular user was approximately 40 minutes.
Thanks to our team for their quick work in finding this. And again, our apologies to any of you who were inconvenienced this morning, and to site owners whose pages were incorrectly labelled. We will carefully investigate this incident and put more robust file checks in place to prevent it from happening again.
Thanks for your understanding.
Update at 10:29 am PST: This post was revised as more precise information became available (changes are in blue). Here's StopBadware's explanation.
Posted by Marissa Mayer, VP, Search Products & User Experience