Risk
7/14/2008
03:16 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Google Search Security Mistaken For Censorship

By warning users of a hack on a net neutrality opponent's Web site, Google was accused of trying to silence critics of a policy it supports.

Google is known for its code of conduct -- "Don't be evil" -- as much as its computer code. But as the company has become a dominant force online, Google's detractors have become more willing to see evil in its actions, even when they're seeing things that aren't there.

On Friday evening, the Web site of the Progress & Freedom Foundation was hit with a SQL injection attack that temporarily turned it into a malware distribution vector -- the injected script called out to a malicious third-party site that attempted to infect visitors' computers with malware.

Google has been automatically flagging malicious sites in its search results list for about two years and, upon detecting the hack at pff.org, its anti-malware code began adding a warning to search results listings for certain PFF pages.

But because the warning applied to Web pages that contained documents expressing opposition to net neutrality, a policy that Google supports, some saw politically motivated censorship.

Google "appears to be blocking a site which expresses opinions with which it does not agree ...," said Brett Glass, owner of wireless ISP Lariat.net, in an e-mail sent to David Farber's Interesting People mailing list. "When one does a search for the terms 'neutrality' and 'site:pff.org' ... many of the pages and documents on the site -- in particular, white papers expressing views with which Google disagrees -- are tagged with a warning that 'This site may harm your computer.'"

Glass didn't immediately respond to a request for comment. In previous e-mail messages and online posts, he has been critical of net neutrality.

As Google senior engineer Niels Provos and PFF visiting fellow Berin Michael Szoka explained in reply messages, there wasn't any political censorship. The PFF site was flagged as part of a technical process based on Google's anti-malware code. Sites that believe they have been unfairly or incorrectly labeled as having malware can appeal to StopBadware.org, which helps moderate potential disputes.

"Some of our critics are unfortunately quick to leap to political conclusions when a technical explanation is the answer," said Google spokesperson Adam Kovacevich.

However, the political and technical appear to be destined to collide as Google's influence grows. Indeed, in many ways politics and technology have fused.

Back in May, U.S. Sen. Joseph Liberman sent Google CEO Eric Schmidt an open letter seeking the removal of Islamic terrorist videos from YouTube. YouTube responded by saying it does remove videos that violate its terms of service, but that it would not remove "legal nonviolent or non-hate speech videos."

Outside the United States, in countries like China, for example, Google has been more willing to accommodate politically directed requests.

And because of that, Google will find it hard to avoid being seen as a suspect when speech gets silenced, even when it has acted in good faith.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

CVE-2014-0600
Published: 2014-08-29
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVE-2014-0888
Published: 2014-08-29
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.