06:19 AM

Stopping Google Blog Spam

Removing spam from your Google blog - in seven 'easy' steps

4:19 PM -- Today is no different from yesterday or the day before: Nope, it’s just another day that Google has made things a little worse for Yours Truly. Full disclosure: I don’t actually use Google anymore. I’ve long since realized that Yahoo’s Overture actually has better results than Google and a much bigger index, which helps when searching for esoteric strings. So the only time I find myself on the search giant is when I’m bug hunting or debugging someone else’s problem.

That brings me to my first Google rant of the day. My girlfriend emailed me today, asking if Google was down. Clickity clickity... Nope, looks good to me. But it appeared that every time she went to the page, she was getting something that looked like this:

Figure 1:

It appears that someone at her office did something that caused Google to basically shut down "search" for everyone in the office. Most Internet users would be helpless without Google, but thankfully my girlfriend knows the ways of Yahoo, so she continued about her day. But there are still hundreds of people at her company left without Google search for as yet-unknown reasons.

Google provides no way to rectify the situation, so guys like me end up playing tech support for them. I tell people to use another search engine. (I’m probably not the best Google tech support person, am I? I’m guessing they aren’t banking on me telling hundreds of people at a time to stay off their site.)

After the drama, I look through Technorati and find a spammer on Blogspot. (See Attackers Abuse Google Blogger .) The spammer has decided to take my content and re-post it as its own. That wouldn’t be a problem, except that they’ve posted it to the Google-owned Blogspot. Google isn’t just a search company -- it's also an advertising company, and it often hosts security hole-ridden beta applications and spam. You’d think it would be easy enough to tell Google to cease and desist with the spam, but no. That would be too easy and responsible of Google. So here’s the easy seven-step process for removing spammer’s content from Blogspot:

  1. Identify the content on Blogspot that is infringing on your copyright. (So far so good.)

  2. Show where your original content lives and the date that you posted it. (Easy enough.)

  3. Provide contact info. (Not sure why that’s necessary to remove a spammer, but okay...)

  4. Include the statement “I have a good faith belief that use of the copyrighted material described above on the allegedly infringing web pages is not authorized by the copyright owner, its agent, or the law.” (Um... okay?)

  5. Include the statement “I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.” (Why didn’t Google just add those two sentences together and make them one bullet?)

  6. Sign the paper. (Yes, PAPER... Right back to 1980 we go!)

  7. Send or fax the paper to Google. (I could have sworn Google was an Internet company!)

Google has actually made it harder to stop a spammer than it is to be a spammer. And people who have been infringed upon actually have to spend money -- long-distance phone call or postage -- to stop spammers on Google’s own domain. This by no means guarantees that it will be removed in a timely manner, either. Isn’t it time we demand Google fix its own problems rather than placing the burden on everyone else?

At a minimum, let’s demand that Google’s legal department start using email.

– RSnake is a red-blooded lumberjack whose rants can also be found at Ha.ckers and F*the.net. Special to Dark Reading

  • Google (Nasdaq: GOOG)

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Register for Dark Reading Newsletters
    White Papers
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    The Changing Face of Identity Management
    Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
    Flash Poll
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    Published: 2015-10-15
    The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

    Published: 2015-10-15
    netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

    Published: 2015-10-15
    Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

    Published: 2015-10-15
    Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

    Published: 2015-10-15
    Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

    Dark Reading Radio
    Archived Dark Reading Radio

    The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

    So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

    Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

    Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.