Risk
7/14/2008
03:16 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Search Security Mistaken For Censorship

By warning users of a hack on a net neutrality opponent's Web site, Google was accused of trying to silence critics of a policy it supports.

Google is known for its code of conduct -- "Don't be evil" -- as much as its computer code. But as the company has become a dominant force online, Google's detractors have become more willing to see evil in its actions, even when they're seeing things that aren't there.

On Friday evening, the Web site of the Progress & Freedom Foundation was hit with a SQL injection attack that temporarily turned it into a malware distribution vector -- the injected script called out to a malicious third-party site that attempted to infect visitors' computers with malware.

Google has been automatically flagging malicious sites in its search results list for about two years and, upon detecting the hack at pff.org, its anti-malware code began adding a warning to search results listings for certain PFF pages.

But because the warning applied to Web pages that contained documents expressing opposition to net neutrality, a policy that Google supports, some saw politically motivated censorship.

Google "appears to be blocking a site which expresses opinions with which it does not agree ...," said Brett Glass, owner of wireless ISP Lariat.net, in an e-mail sent to David Farber's Interesting People mailing list. "When one does a search for the terms 'neutrality' and 'site:pff.org' ... many of the pages and documents on the site -- in particular, white papers expressing views with which Google disagrees -- are tagged with a warning that 'This site may harm your computer.'"

Glass didn't immediately respond to a request for comment. In previous e-mail messages and online posts, he has been critical of net neutrality.

As Google senior engineer Niels Provos and PFF visiting fellow Berin Michael Szoka explained in reply messages, there wasn't any political censorship. The PFF site was flagged as part of a technical process based on Google's anti-malware code. Sites that believe they have been unfairly or incorrectly labeled as having malware can appeal to StopBadware.org, which helps moderate potential disputes.

"Some of our critics are unfortunately quick to leap to political conclusions when a technical explanation is the answer," said Google spokesperson Adam Kovacevich.

However, the political and technical appear to be destined to collide as Google's influence grows. Indeed, in many ways politics and technology have fused.

Back in May, U.S. Sen. Joseph Liberman sent Google CEO Eric Schmidt an open letter seeking the removal of Islamic terrorist videos from YouTube. YouTube responded by saying it does remove videos that violate its terms of service, but that it would not remove "legal nonviolent or non-hate speech videos."

Outside the United States, in countries like China, for example, Google has been more willing to accommodate politically directed requests.

And because of that, Google will find it hard to avoid being seen as a suspect when speech gets silenced, even when it has acted in good faith.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2003-1598
Published: 2014-10-01
SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.

CVE-2011-4624
Published: 2014-10-01
Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.

CVE-2012-0811
Published: 2014-10-01
Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files gene...

CVE-2012-5485
Published: 2014-09-30
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

CVE-2012-5486
Published: 2014-09-30
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.