We’re not quite sure what’s going on, but a couple of minutes ago any search result from Google started being flagged as malware with a message stating “This site may harm your computer”. Including Google’s own websites as you can see above.
Twitter is abuzz with people reporting the massive error (also look for tags #googmayharm or #googmayhem), and it’s clear that this is happening around the world. Apparently, it’s happening with any browser on any platform too.
Clicking the message takes people to a support page from Google (image below), but this is being bombarded with millions of people right now so it’s very slow to respond. I saw the page briefly, and it pointed to StopBadware.org (which is obviously also loading slowly or not at all right now).
Update: it seems to be fixing itself. I’m having no more issues on Google Belgium, still getting warning messages for malicious software when I search Google.com. Also, it only seems to occur when you’re searching as a signed-in user now.
Update 2: it seems to be fine now. Lasted about 15 minutes (Google says the window was more like 55 minutes). You can take a deep breath now and go on with whatever you were doing before :)
Now we just have to wait for Google to tell us what went wrong. It’s quite clear that a meltdown of this size, no matter how short it was, will be the topic of discussion for the coming days (and not only at the Googleplex, I’d wager).
Update 3: Marissa Mayer has now explained the error on the Official Google Blog. She puts it down to human error after a ‘/’ was mistakenly put in an update sent from the non-profit StopBadware.org to Google (the non-profit also posted more details). The result was every URL in Google’s database being classified as “malware” until the stray ‘/’ was removed.
Here’s the official post from Mayer below:
If you did a Google search between 6:30 a.m. PST and 7:25 a.m. PST this morning, you likely saw that the message “This site may harm your computer” accompanied each and every search result. This was clearly an error, and we are very sorry for the inconvenience caused to our users.
What happened? Very simply, human error. Google flags search results with the message “This site may harm your computer” if the site is known to install malicious software in the background or otherwise surreptitiously. We do this to protect our users against visiting sites that could harm their computers. We work with a non-profit called StopBadware.org to get our list of URLs. StopBadware carefully researches each consumer complaint to decide fairly whether that URL belongs on the list. Since each case needs to be individually researched, this list is maintained by humans, not algorithms.
We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here’s the human error), the URL of ‘/’ was mistakenly checked in as a value to the file and ‘/’ expands to all URLs. Fortunately, our on-call site reliability team found the problem quickly and reverted the file. Since we push these updates in a staggered and rolling fashion, the errors began appearing between 6:27 a.m. and 6:40 a.m. and began disappearing between 7:10 and 7:25 a.m., so the duration of the problem for any particular user was approximately 40 minutes.
Thanks to our team for their quick work in finding this. And again, our apologies to any of you who were inconvenienced this morning, and to site owners whose pages were incorrectly labelled. We will carefully investigate this incident and put more robust file checks in place to prevent it from happening again.
Thanks for your understanding.
Posted by Marissa Mayer, VP, Search Products & User Experience