When you tried to visit Social Media Today on Jan. 15 you were probably greeted with this giant scary warning:

Warning!

"Content from Smartdatacollective.com, a known malware distributor, has been inserted into this webpage." Oh yeah? Since when? Google helpfully tells you since when:

Image

So, for the last 90 days Google found no problems. That's a pretty shabby record for a known malware distributor. The short story is none of the Social Media Today sites were infected with malware, and Google's hysteria took down over 175 sites. And how is their warning not libelous?

Badware Gonna Get You!

Google blacklisted the entire iSocket ad network because their mighty cadre of malware scanners thought they detected some Badware. That's what Google calls it, Badware. Like weird parents who try to control their kids with scary stories: "The Badware's gonna GET you if you DON'T watch OUT." Or your crazy auntie (me) running around singing "Nananananananana BADWARE."

Of course Google promises solemnly that they care deeply about us and thus are totally careful about flagging sites as infected. Because when they block an ad-serving network for malware that also blocks the sites that run the ads.

While Google's assurances feel rather hollow at the moment, their concern is well-founded, because thanks to the incurably insecure Microsoft Windows the Internet is little more than a giant worldwide botnet of infected Windows machines pumping out malware and spam 24x7x365. It's pretty much a sewer, and I don't mean like a seamstress or tailor, and infected Web pages are a major source of infection. A single ad server can infect thousands of sites.

Getting Clean

But we know what the road to hell is paved with. Google blocks first and reports later. They send emails to sites they are blocking. Then Webmasters need to clean up their sites, and then ask Google for a review. Your only recourse is Google Webmaster Tools, which is a nifty little toolkit, but it requires a fair bit of hoop-jumping to get it set up for your sites, so if you don't already have an account you have a lot of work to do.

Webmaster Tools gives a detailed report with links to allegedly-infected pages and copies of the offending code. It's usually not updated until several hours after that first email notification. Then to get your site off Google's blacklist you have to request a review-- which you can do only from Webmaster Tools. You can't talk to a human. No phone, no email, no other recourse no matter how much business you're losing. Google cheerily advises "If you don't see a warning in Webmaster Tools, but your site is flagged, please check back later." As Ernest Tubb sang, Thanks, thanks a lot.

Google reportedly realized their mistake yesterday and lifted the block an hour after they placed it. But it took from 7-12 hours for the reversal to propagate across the Internet.

Dodgy Ad Servers, Google Paranoia

The iSocket ad code that triggered Google's freakout response does look a little dodgy. (You can see it here on Pastebin.) This pulls elements (like ads) into a customer's Web page from iSocket's servers, so the code we see on the page isn't the problem, but what it potentially pulls in. This isn't exactly a best practice, but ad networks do it this way because it's the most reliable way to dynamically insert code into a web page that their customers probably won't screw up. So it's hard to see what Google freaked out at. Perhaps it found some actual malicious content on a site somewheres, and the common denominator was similar invoking code, and because it's a trigger-happy automated system that was enough. We'll never know because Google won't tell.

John Ramey, founder and CEO of iSocket, was kind enough to offer some information:

"First and foremost: there is zero evidence yet to suggest that isocket actually served malware on SMT. After thorough investigations, we see no evidence that our systems were hacked, exploited, security was breached, etc. We believe Google had a false positive, then made a gross error in applying that punishment across a wide swatch of publishers. There seems to be no rhyme or reason to it.

"Google PR gave us word tonight that Google lifted the world wide block within an hour of it first happening, by around 9am PT. Google wouldn't have manually intervened and removed the block if there was actually a wide spread issue with isocket. The problem was, it takes Google's system a long time to undo what it took only minutes to create...they have the moral obligation as the Internet Police to improve both the system for flagging problems, and their ability to quickly correct mistakes when they happen."

Mr. Ramey is right. There is no due process, no meaningful appeal, and Google won't talk to anyone. And they get away with it because they have a giant monopoly on search and Internet services.

Who Pays?

The nice people at Google have not responded to my repeated requests for comment, and have made no public comment. If there are people there. I'm starting to believe it's just a giant automated algorithm. But there is a bit of comedy to enjoy-- go to Google's About page to read all about how "#1: Focus on the user and all else will follow." Visit their News page to read-- absolutely nothing about how they mistakenly shut down 175+ sites and cost them a day's business.

When a kid throws a rock through your store window, she buys you a new window. Doesn't Google owe a whole lot of people for disrupting their businesses for a day?

So....rock, meet hard place, our brave new Google world devoid of humans, guilty until proven innocent, and no penalties for Google's mistakes. Or Microsoft's either-- don't forget they play the key role in these follies, by creating the problem and doing little to cure it.