Google! Don’t be evil!

Google can kill your site and business by mistake in any moment!

No apologies! No regrets!

How?

Google Safe Browsing (GSB) is a monster, activated by default in Chrome, Firefox, Safari, Opera, etc.
It is watching every time when you visit a web page or download a file.
“Google Safe Browsing helps protect over three billion devices every day by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files.”

Google Safe Browsing

Google Safe Browsing

But if your file/site is flagged as malicious by GSB – you are dead!

You are dead!

You are dead!

Flagged file makes all web pages, contained links to that file malicious too.
In some cases, the full web site may be blocked!

Google "Harmful Programs" alert

Google “Harmful Programs” alert

You will see a full screen red banner: “The site ahead contains harmful programs”.

It’s very bad for downloads and business reputation of your company.

You may ask: “Why?”, but you will never receive a detailed answer.

The Google’s suggested way to ask for a review using Webmasters Search Console.
You will wait for 72 hours, then receive only short: “review failed”.

You will receive a report with the same links/ files flagged as dangerous.

Malware Found!

Malware Found!

You cannot ask Google to re-check the files using the review.

Also, you can post a message to Google Webmaster forum.

But you will never receive an answer from Google!

I found an old answer of “Sergey_Semenov”. Seems like he works in Google:

“If it doesn’t help after a review in console, send Chrome issue report from browser (Alt+Shift+I) saying you’re a good white-hat company and your files is absolutely clean. It clearly helped us because we had all issues in google console disappeared after Chrome issue report without requesting another review. ”

Bingo! Good Suggestion! Use the problem form report to report false positive!

Of course, you will never receive an answer.

Is Google Safe Browsing a good antivirus?

Hmm… It is questionable. Your files are reported clean by 60 antiviruses on Virustotal.
But it means nothing for GSB.

GSB does not use Virustotal service at all.

I made a simple test.
I uploaded new executable built from empty test project and signed by digital signature.

Surprise! It was flagged as malicious!

What else is needed to say about GSB antivirus possibilities?

Google Safe Browsing

Google Safe Browsing

Google Safe Browsing is a black box.

And sometimes it gives false positive alerts.

But Google do not accept false positive alerts.
If you visit Safe Browsing web site, you will find a form to report malware or phishing, but there is not false positive form.

Google always right! Errors are impossible for Google!

But I see that they hide the errors using their “no answer” wall.

How much does it cost to file a lawsuit?
$200 000 – $300 000
Do we have a chance to win?

Your business is dead. And you will be dead.

This is a sad real story.

Grim Reaper

Grim Reaper

November 29.  Google Safe Browsing bug affects several independent companies, developers of Windows software.
Safe Browsing flagged their binary files as “unwanted software” [WNC-611600].

Affected: Greatis Software (RegRun, UnHackMe, BootRacer), Scooter Software (Beyond Compare), IBE Software (HelpNDoc), Blumentals Software (HTMLPad, WeBuilder, RapidPHP), Balanced Scorecard Software (BSC Designer), SpamBully, Gillmeister Software (Rename Expert) and others.

Safe Browsing blocked the web pages contained links to the binaries and some web sites.  

All binary files were signed by digital signatures. All this software is not brand new. RegRun was created in 1998. Most of the other affected software also has a long history.

One common thing: software is related to the Delphi programming language.

Google Safe Browsing Bug

Google Safe Browsing Bug

Delphi bug?!

It is not a new:
“Delphi applications considered ‘dangerous’ by Google Chrome”

Have the story ended well?

December 3: Issue was resolved.

Recovered Successfully!

Recovered Successfully!

After three days Google, probably, fixed the bug, because the affected files magically became good. Google fixed the “Delphi bug”!

Silently!

No response from Google.

Google Silence

Google Silence

 

Do I need to live in fear the rest of my life about the bug getting back?

Fear

Fear

 

Detailed information about incident is here:
https://productforums.google.com/forum/?utm_medium=email&utm_source=footer#!msg/webmasters/CThwZ6Oq9Ck/5BrzxeFsBAAJ

This not the end!

December 5
I released a new beta version. One hour after that it was detected as malicious.
My site was blocked again, because it contains a link to malicious software.
I don’t know what to do next.

Don't be Evil!

Don’t be Evil!

What do I and affected people want?

Google must have a ticketing support system, operated by humans, to quickly fix false positive errors.
We want to get a response from human, not from a robot!

No robots

No robots

Is it too much to ask? Google? Google?

Don’t be Evil! Please!

 

Dmitry Sokolov
Greatis Software