Google can kill your site and business by mistake in any moment!
No apologies! No regrets!
Google Safe Browsing (GSB) is a monster, activated by default in Chrome, Firefox, Safari, Opera, etc.
It is watching every time when you visit a web page or download a file.
“Google Safe Browsing helps protect over three billion devices every day by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files.”
But if your file/site is flagged as malicious by GSB – you are dead!
Flagged file makes all web pages, contained links to that file malicious too.
In some cases, the full web site may be blocked!
You will see a full screen red banner: “The site ahead contains harmful programs”.
It’s very bad for downloads and business reputation of your company.
You may ask: “Why?”, but you will never receive a detailed answer.
The Google’s suggested way to ask for a review using Webmasters Search Console.
You will wait for 72 hours, then receive only short: “review failed”.
You will receive a report with the same links/ files flagged as dangerous.
You cannot ask Google to re-check the files using the review.
Also, you can post a message to Google Webmaster forum.
But you will never receive an answer from Google!
I found an old answer of “Sergey_Semenov”. Seems like he works in Google:
“If it doesn’t help after a review in console, send Chrome issue report from browser (Alt+Shift+I) saying you’re a good white-hat company and your files is absolutely clean. It clearly helped us because we had all issues in google console disappeared after Chrome issue report without requesting another review. ”
Bingo! Good Suggestion! Use the problem form report to report false positive!
Of course, you will never receive an answer.
Is Google Safe Browsing a good antivirus?
Hmm… It is questionable. Your files are reported clean by 60 antiviruses on Virustotal.
But it means nothing for GSB.
GSB does not use Virustotal service at all.
I made a simple test.
I uploaded new executable built from empty test project and signed by digital signature.
Surprise! It was flagged as malicious!
What else is needed to say about GSB antivirus possibilities?
Google Safe Browsing is a black box.
And sometimes it gives false positive alerts.
But Google do not accept false positive alerts.
If you visit Safe Browsing web site, you will find a form to report malware or phishing, but there is not false positive form.
Google always right! Errors are impossible for Google!
But I see that they hide the errors using their “no answer” wall.
How much does it cost to file a lawsuit?
$200 000 – $300 000
Do we have a chance to win?
Your business is dead. And you will be dead.
This is a sad real story.
November 29. Google Safe Browsing bug affects several independent companies, developers of Windows software.
Safe Browsing flagged their binary files as “unwanted software” [WNC-611600].
Affected: Greatis Software (RegRun, UnHackMe, BootRacer), Scooter Software (Beyond Compare), IBE Software (HelpNDoc), Blumentals Software (HTMLPad, WeBuilder, RapidPHP), Balanced Scorecard Software (BSC Designer), SpamBully, Gillmeister Software (Rename Expert) and others.
Safe Browsing blocked the web pages contained links to the binaries and some web sites.
All binary files were signed by digital signatures. All this software is not brand new. RegRun was created in 1998. Most of the other affected software also has a long history.
One common thing: software is related to the Delphi programming language.
It is not a new:
“Delphi applications considered ‘dangerous’ by Google Chrome”
Have the story ended well?
December 3: Issue was resolved.
After three days Google, probably, fixed the bug, because the affected files magically became good. Google fixed the “Delphi bug”!
No response from Google.
Do I need to live in fear the rest of my life about the bug getting back?
Detailed information about incident is here:
This not the end!
I released a new beta version. One hour after that it was detected as malicious.
My site was blocked again, because it contains a link to malicious software.
I don’t know what to do next.
What do I and affected people want?
Google must have a ticketing support system, operated by humans, to quickly fix false positive errors.
We want to get a response from human, not from a robot!
Is it too much to ask? Google? Google?
Don’t be Evil! Please!