Google AdSense Meta Refresh Hijacked

aaronwall writes "With the latest Google Update Bourbon it appears that Google has had their AdSense site hijacked in the search results by a meta refresh. In March GoogleGuy commented that this sort of activity usually happens to low quality websites."

bring in the clowns

[jack_call]

In March GoogleGuy commented that this sort of activity usually happens to low quality websites

1. Yes! I've noticed it alot on /.
2. I for one welcome our new AdSense overlords
3. in soviet russia low quality websites hack YOU!
4. I host a low quality website You insensitive clod!(tm)

Re:bring in the clowns

[sound+vision]

5. In Korea, only old people hijack sites.

Re:bring in the clowns

[dokkeri]

Well, that about wraps up the conversation for this topic. Nothing to do here guys, let's go home.

Re:bring in the clowns

[stlhawkeye]

1. Recite tired Slashdot attempts at humor 2. .... 3. Profit!

Re:bring in the clowns

[AndroidCat]

My pr0n site hijacked your honored site!

Re:bring in the clowns

[Reverend528]

In the post 9/11 world, even google isn't safe.

Re:bring in the clowns

[jelle]

Imagine a beowulf cluster of low quality web sites.

M$ Wins

[jk0]

I knew I should have gone with Microsoft...

for those too lazy to RTFA

[professorhojo]

for those too lazy to RTFA, it appears google adsense wasn't exactly 'hijacked', but was victim of its own slightly buggy (at the moment) trust algorithms. from the comments there, it's apparantly only a real hijack if visitors get something other than a 301 as well in an attempt to divert their visit. here's what the 'hijacker' himself had to say on jensense.

"I want to thank JenSense and others for posting this thread. I just got off the phone with two different tech writers explaining why I would have a meta redirect on my site. It isn't an attempt to profit from either Google's page rank or some cloaked affiliate link. I am no hijacker. In fact, I'm not sure how I could in any way benefit from this link. The simple fact is this: I write and syndicate articles all over the web. I used to put into those articles direct links to sites I was talking about. A couple years ago I had a problem when I had written and syndicated several articles about GoTo.com when they changed their name to Overture. There were dozens of websites to notify and ask them to update the links in my articles. So I decided to begin using meta refresh redirects rather than listing the URL's directly. I can then keep the links current in all the articles I write. Hopefully Google will look at this and decide to make some changes so this won't occur. It's hard to believe I got a number 1 listing without trying."

Re:for those too lazy to RTFA

[ad0gg]

It is a hijack. What he is refering to is that he isn't a hijacker since he isn't profiting off the link. He using the common 301 redirect hijack that has plague google for a while. If you view the cache of his website, you'll see that googlebot is getting a different page than normal users. Googlebot is getting a 301 to adwords. The inbound(trust) links are credited towards the hijacking site as seen here. If you check the first result, you'll notice no link to the hijackers page yet is credited as an inbound link.

Re:for those too lazy to RTFA

[hankwang]

for those too lazy to RTFA, it appears google adsense wasn't exactly 'hijacked', but was victim of its own slightly buggy (at the moment) trust algorithms.

That's not what I read there. The TrustRank issue was mentioned, but that's about sites that are linked to from Yahoo's RSS feed and thus suddenly from one day to the next are linked to from many sites that use those RSS feeds. Apparently, obtaining a massive number of links within a day's time triggers some spam filter in Google.

Page hijacking is normally that a big website uses a redirect to a small website. Then Google sees that the big website's redirected page has the same content as the small site's page, and throws out the small site's page from the index due to duplicate content. However, this is not the case here since the small site (hijacker) should not be able to trigger the dupe filter for the big one (Google), so it must have been something else.

That you can get a pagerank 9 on a redirecting URL was already well-known, but that won't help you since the pagerank only counts for the target of the redirection and will not increase the pagerank of other pages on your own website.

Re:for those too lazy to RTFA

[Eric+Giguere]

As someone who's written books with actual URLs on the printed page, I can understand his desire to have some way to update stale links without having to track down and change every copy. Automatically redirecting is not a big deal -- this is how TinyURL and other similar (and useful) services work. Most of the printed links in my new book (see below) are done in this way to keep them from breaking when the destination site changes things around and they don't bother to redirect incoming links to the correct location.

There is a difference between "redirecting" and "hijacking". Redirection by itself is not hijacking.

Eric
Buy your dad this book for Father's Day

Re:for those too lazy to RTFA

"I just got off with two different tech writers"
pull!

lol soz i have some scary misreads

Re:for those too lazy to RTFA

Your comment accusing other people of not reading the article is ironic considering you don't appear to understand the issue.

Imagine you have a site called www.superwidgets.com and you sell widgets and you get 10,000 unique visitors per day from Google. Then suddenly a competitor sets up a 302 redirect site to yours that Google thinks is the original and removes yours from their search engine result pages as a duplicate. That means you get 0 unique visitors per day from Google.

What better term for this is there than "hijacked"?

Don't be a Google-apologist. This is a serious problem, and this proves it even more. The fact it was fixed quickly is meaningless. It only got fixed quickly because it happened to Google. When it happens to www.superwidgets.com, that small site is s-c-r-e-w-e-d.

Re:for those too lazy to RTFA

[Buran]

Just to clarify that a bit -- 301 redirects are not a hijack. They just mean that a resource is 'moved permanently' and search engines will change their databases to point to the new location. I have done this with two paths on my own website here at work and in time Google picked up on the redirections and cleaned its database. It's also useful because this way visitors who got to the site by clicking on old links don't get 404 errors and lose interest -- they just get redirected to the correct page. (It's implemented as ModRewrite instructions in the htaccess file for the site).

It's only a hijack if you're specifically targeting search bots with customized pages and doing sneaky things that way. Which this guy might or might not be doing ... I couldn't verify anything in that blog post. None of the tests listed to reproduce what is described worked -- no hijacks are apparent anywhere, or even the guy's site, in the search results..

Re:for those too lazy to RTFA

[Buran]

Agreed (see comment #12648734 for my take on it and what I legitimately use 301 redirects for).

I haven't seen your books -- do the links on the pages link to your own site where you keep a database of where each link will go that you maintain manually? That's a good idea. Too many books about the Net go out of date fast because the links are out of date by the time the book gets published -- but someone's still got to keep up with it -- that would be you, if you do the database thing. How automated is it?

Re:for those too lazy to RTFA

[Eric+Giguere]

I'm not currently using a database, no, because there aren't enough links to justify that. Some of the links aren't simple redirects, either, as in when an URL in my book points to a page that is actually a collection of links that the reader can navigate to. If I had a lot of links, I'd automate it like you said, though.

The point is to keep the paper book as current as possible to avoid reader frustration. E-books have the same problem, of course.

And no, you probably wouldn't have seen my books unless you were into some obscure topics like J2ME programming. My latest one is less obscure, although frankly the typical Slashdotter is not the target audience...

Eric

In other news

Pretty much nobody who doesn't either run a major website or read Slashdot every single day without ever missing will have ANY IDEA WHATSOEVER what this slashdot blurb even means

Re:In other news

[NickFitz]

Must be why they put that "News for Nerds" bit at the top.

Re:In other news

I do neither. Perhaps you're just ignorant.

So, ummm...

[th3space]

Does that mean that Google is a low-quality website, or did someone fall asleep at the wheel and leave some holes in the new implementation? Oh well, I never see ads now, thanks to my Firefox...

Re:So, ummm...

A FIRE FOX? I want one! The pet stores don't sell them, do they? Or wait.. You didn't light a poor fox on fire and called it a "Fire Fox"? Shame on you.

Re:So, ummm...

[th3space]

Of *course* I light him on fire...how the hell else would I get the point across to him?! He has to learn to obliterate ads from my view, and conflagration is really the most effective tool at my disposal...if only I could have a piece of software that would do these things for me, I'd save a fuck ton on foxes...

Re:So, ummm...

[btSeaPig]

dude - FireFox can't block text ads that aren't in an iframe.

Re:So, ummm...

[th3space]

you can right-click and select 'block iframe'...of course, I might be wrong on that point, I'm not exactly in front of my home PC...and it's not like they allow us to use good software here at work...but I'm pretty sure that I've managed to block most iframes, including those with text ads rather than image ads...

Re:So, ummm...

FireFox can't block text ads that aren't in an iframe.

you can right-click and select 'block iframe'...of course, I might be wrong on that point

Read that exchange again and reflect upon just how obviously wrong you are. Reading and comprehension skills aren't overrated.

Re:So, ummm...

Umm, ever hear of Greasemonkey?

You can certainly post-process the page with Greasemonkey to eliminate textads, if you want.

If the site layout is consistent enough, Platypus + Greasemonkey can get rid of them.

Re:So, ummm...

[sfjoe]

I would bet it's holes in the implementation due to a rushed implementation with shifting requirements.
I know little of AdSense and nothing of Google's internal processes. However, AdSense sounds like something the marketing nitwits are in charge of. I think we all know about trying to code an application with the requirements being changed on an hourly basis. I have yet to meet a marketing exec that was capable of formulating a plan and following it. If that's the case here, I'd bet this isn't the last we'll see of bugs in the feature.

Re:So, ummm...

[Craig_P92669]

They require us to use FF at work for internet browsing due to security concerns with IE.

Re:So, ummm...

".. can get rid of them with less effort than writing a Greasemonkey script by hand", rather.

Teach me not to use preview....

Greasemonkey

Platypus

Re:So, ummm...

As an example, here's a Platypus-generated script to get rid of textads on kuro5hin.org :

// ==UserScript==
// @name Platypus-<a href="http://www.kuro5hin.org/">http://www.kuro5hi n.org/</a>
// @namespace Platypus
// @include <a href="http://www.kuro5hin.org/">http://www.kuro5hi n.org/</a>
function do_platypus_script() {
platypus_do_function(window, 'smart_remove',document.evaluate('/HTML[1]/BODY[1] /TABLE[4]/TBODY[1]/TR[1]/TD[1]/TABLE[2]/TBODY[1]/T R[1]/TD[1]', document, null, XPathResult.FIRST_ORDERED_NODE_TYPE,null).singleNo deValue,'null');
platypus_do_function(window, 'smart_remove',document.evaluate('/HTML[1]/BODY[1] /TABLE[4]/TBODY[1]/TR[1]/TD[1]/TABLE[1]/TBODY[1]/T R[1]/TD[1]/TABLE[1]/TBODY[1]/TR[1]/TD[1]', document, null, XPathResult.FIRST_ORDERED_NODE_TYPE,null).singleNo deValue,'null');
platypus_do_function(window, 'smart_remove',document.evaluate('/HTML[1]/BODY[1] /TABLE[4]/TBODY[1]/TR[1]/TD[1]/TABLE[1]/TBODY[1]/T R[1]/TD[1]', document, null, XPathResult.FIRST_ORDERED_NODE_TYPE,null).singleNo deValue,'null');
platypus_do_function(window, 'smart_remove',document.evaluate('/HTML[1]/BODY[1] /TABLE[4]/TBODY[1]/TR[1]/TD[1]/P[1]/TABLE[1]/TBODY [1]/TR[1]/TD[1]', document, null, XPathResult.FIRST_ORDERED_NODE_TYPE,null).singleNo deValue,'null');
}; // Ends do_platypus_script
window.addEventListener("load" , function() { do_platypus_script() }, false);//.user.js

Re:So, ummm...

[th3space]

Point. I'd offer up some explanation about how I'm busy today or this, that and the other...but I really don't know how the hell I overlooked that...

I am shamed, now and forever more.

Re:So, ummm...

Kinda ironic, considering the latest string of firefox related expliots. I guess its the lesser of two evils?

Re:So, ummm...

[th3space]

Yeah, well, our IT department is run by a bunch of monkeys who couldn't get their thumbs out of their bu^F^F^F^F^F^F^F^F^F^F.....



signal lost, employee ID no longer valid.

Re:So, ummm...

[beatdown]

dude - FireFox can't block text ads that aren't in an iframe. Adblock can. I never see google ads anymore.

Re:So, ummm...

So, if Adblock is modified so that it can block Google text ads, or more likely another extension is written just to block them specifically, does Google's share price take a dive? :)

Re:So, ummm...

[ScytheBlade1]

Yes, reading his logic on the surface level, something is wrong with it.

However, he's not totally wrong.

Google adwrds ads *can* be hosted in an iframe. A large number of sites do this, probably to avoid the delay in doing it server side themselves, and rather wanting to offload it all on google.

There's a reason that he mentioned the iframe thing, that's because it actually is an iframe. Just not always.

Re:So, ummm...

[th3space]

Actually, I went home and tested this theory of mine...Slashdot itself puts their AdSense junk in an iFrame...I was able to block it most easily...I also went to a couple of other sites I knew to use the AdSense stuff, and found that a good many of them also use iFrames - though some do not...

So there you go.

WTF??

Anybody care to translate this to english?

Re:WTF??

[northcat]

This is what I mean when I say slashdot readers are non-technically oriented idiots. (Parent is not the only such post which says it didn't understand the summary)

Petition

There is an Online Petition if any webmasters are affected by this issue. More attention needs to be brought to it - of course getting slashdotted is a fair bit of attention in itself! They have been denying there was an issue for some time!!

Re:Petition

[beatdown]

Yes, online petitions are really effective.

Too Late!

[imscarr]

Its already fixed.

Re:Too Late!

[Scrameustache]

So, basically, this thread should be entitled "bug in beta software found, fixed"?

Next up: Sky blue, water wet.

Out of date

[Spez]

Its not even true anymore if you search for "Adsense" or "google adsense" in google, you'll get the Google Adsense page.

Re:Out of date

[slummy]

No kidding, the purpose of the article was to point out the fact that Google updated their engine to fix the problem.

Re:Out of date

Its been hand fixed. Look at positions 4 and 5 for "adsense" tho

Re:Out of date

[NitsujTPU]

It's a weekday at a search engine... they just dropped the guys listing.

Re:Out of date

Yeah, I'm sure it would've been fixed just as quickly if this had happened to www.johns-star-wars-figures.com.

Google-apologists make me sick. Almost as much as people that think that Google's current missteps are actually planned in some way to make search better. Google search is going down the tubes and the only sad thing about that is that there isn't an obvious alternative... yet.

Content hijacking

[manmanic]

This problem has been around awhile, and is part of the larger problem of search engines filtering out duplicate content. Great for the users, but it can be a real problem for site owners suffering from plagiarism or content theft. There's some information at the Copyscape plagiarism search service about what you can do about it.

A link to webmasterworld?

AKA spammaster world or search "optimization" world. Choose one.

----------

Slow Down Cowboy!

Slashdot requires you to wait 2 minutes between each successful posting of a comment to allow everyone a fair chance at posting a comment.

It's been 7 minutes since you last successfully posted a comment

Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator.

Easy Fix

[Nytewynd]

Google just string replaces any occurances of "www.all-in-one-business.com/adsense/" with "google.com/adsense" in the future. No need to rewrite the algorithm.

For that matter, if I were writing a search site, I would probably code it so my site came up first on every query. Even when it wasn't relevant. For example, a query on "Spicy taco recipes" would still lead to #1 being Nytewynd's page (404: no tacos found)

Re:Easy Fix

[Doros]

Actually, Google AdSense already was at the very top of the page, even when it was "hijacked." Google puts its own sponsored links before the actual search results.

Re:Easy Fix

[Frogbert]

yeah that will be great until 6000 other people do it.

The site's registered with 'real' information, lol

[Honest+Man]

Something tells me this guy didn't expect to be caught - since the site's registered with his own information LOL..

I expect he's already had calls from Google.

~~~~~~~

Using 2 day old cached answer (or, you can get fresh results).
Displaying E-mail address (use sparingly -- this will make it more likely that you will trigger our rate limiting system).

Registration and WHOIS Service Provided By: directNIC.com

Intercosmos Media Group, Inc. provides the data in the directNIC.com
Registrar WHOIS database for informational purposes only. The information
may only be used to assist in obtaining information about a domain name's
registration record.

directNIC makes this information available "as is," and does not guarantee
its accuracy.

Registrant:
K S Bidwell Enterprises
956 South Highway 25W
Williamsburg, KY 40769
US
(606)539-0091

Domain Name: ALL-IN-ONE-BUSINESS.COM

Administrative Contact:
Bidwell, Kevin ksbidwell@usa.net
956 South Highway 25W
Williamsburg, KY 40769
US
(606)539-0091

Technical Contact:
Bidwell, Kevin ksbidwell@usa.net
956 South Highway 25W
Williamsburg, KY 40769
US
(606)539-0091

Record last updated 07-17-2002 09:20:43 AM
Record expires on 01-11-2006
Record created on 01-11-2001

Domain servers in listed order:
NS.VALUEWEB.NET 216.219.253.211
NS2.VALUEWEB.NET 216.219.254.10

By submitting a WHOIS query, you agree you will use this data only for
lawful purposes. You also agree that, under no circumstances, will you use
this data to: a) allow, enable, or otherwise support the transmission by
email, telephone, or facsimile of mass, unsolicited, commercial advertising
or solicitations to entities other than the data recipient's own existing
customers; or to (b) enable high volume, automated, electronic processes
that send queries or data to the systems of any Registry Operator or
ICANN-Accredited registrar.

The compilation, repackaging, dissemination, or other use of this WHOIS
data is expressly prohibited without the prior written consent of
directNIC.com.

directNIC.com reserves the right to terminate your access to its WHOIS
database in its sole discretion, including without limitation, for
excessive querying of the database or for failure to otherwise abide by
this policy.

directNIC reserves the right to modify these terms at any time.

NOTE: THE WHOIS DATABASE IS A CONTACT DATABASE ONLY.
LACK OF A DOMAIN RECORD DOES NOT SIGNIFY DOMAIN AVAILABILITY

Already fixed

[inherent+monkey+love]

Yes its an issue, and yes Google has already dealt with the offending entry. Nothing more to see hear.

Re:Already fixed

[soupdevil]

Nothing more to see hear.

smell, touch or taste.

Re:Already fixed

[MynockGuano]

>look
Dark
There's nothing you can taste, nothing you can see, nothing you can hear,
nothing you can feel, nothing you can smell, you do not even know who you are.

>

Usually

[Shurhaian]

"Usually" is a very important word.

One of the biggest rules of statistics: There's always an exception.

Define "low quality"

[pakog]

plenty of variables here. lets get a little more depth.

WTF??-"Sound" Effects.

"Anybody care to translate this to english?"

OOPS!

Wha??

[Intron]

When I google too much bourbon, my senses get hijacked, too!

Google cloaking the cause?

In Googleguy's comment, he says that "spammy" sites with low pagerank are more likely to get "hijacked".

Recently, Google's AdSense pages made headlines for cloaking - something they rectified by temporarily imposing sanctions upon the AdSense pages.

It seems to me that the resulting low pagerank for the AdSense pages would quite easily account for the fact that they got "hijacked".

So basically, Google did something many people (a.k.a. whiny morons) thought was "spammy", they subjected themselves to the same sort of punishment they dole out to "spammy" pages to shut up the whiners, and, as a result, they ended up having the same minor bug that affects "spammy" pages affect their own pages.

Big deal.

Re:Google cloaking the cause?

Gee, how could I have missed this? Oh, I forgot:

Google is perfect. Anyone that says otherwise is a "whiny moron". Any site that disappears from Google's search engine results pages deserves their fate because, being perfect, Google does not make mistakes with their algorithms.

Re:Google cloaking the cause?

Google is perfect. Anyone that says otherwise is a "whiny moron".

Straw man. It's not the criticism of Google that makes them a whiny moron. It's the fact that they are criticising Google for <GASP!> deciding what is relevent to your search criteria! Because a search engine that does that must be completely evil!

Content hijacking on the high seas.

"Great for the users, but it can be a real problem for site owners suffering from plagiarism or content theft."

What? So much for IP theft only happening to the big boys. Quick! Let's eliminate IP laws before the situation gets out of hand, and they file for an extension.

BTW Anyone who complains about other people's bugs better keep in mind that Taco's "Between Posts" timer is busted.

Finally

[RedElf]

A google story in the news thats actually News!

Just because its google doesn't mean its news two to three times a day.

Hey guys - this is a BIG deal

[Gieckboy]

Adolescent sniping is all well and good (this being Slashdot and all) but this should be a big deal to you even if you refuse to take the time to understand the specifics (RTFM).

Here's what's going on. Google has a flaw in their algorithm in the way it deals with 302 redirects. Instead of following the internet standard of following the 302 redirect to the new location and indexing that, Google sometimes applies the information, PageRank, and Google ranking position of the 302 destination page back to the page doing the redirecting.

This means that a third-party (usually a shady webmaster) can steal the ranking position of a competitor's site. The original site is usually removed entirely from the Google index further compounding the damage.

Google has repeated denied that this problem exists (here on /.) but now they themselves have been a victim of a '302 hijack'

If Google can be hit by it - anybody can be hit by it. This is big enough to seriously f'up the Internet - get it?

Re:Hey guys - this is a BIG deal

[bigberk]

This is big enough to seriously f'up the Internet - get it?

Oh come on, you're exaggerating. A failure of 10 root DNS servers is big enough problem to seriously f'up the Internet. The mishandling of 302 redirects allows easy mischief and much confusion, but no catastrophic problems as far as I can tell.

Re:Hey guys - this is a BIG deal

[Gieckboy]

Google is how the majority of people on the internet get around. If Google starts showing all spam instead the intended sites that's a big deal right? Sure the internet will recover but Google's basically the main hub for searching right now so it'd definitely hurt.

Re:Hey guys - this is a BIG deal

[odano]

They are how the plurality of people get around, not the majority

Re:Hey guys - this is a BIG deal

[curunir]

This is big enough to seriously f'up the Internet - get it?

The fact that you used the word 'Internet' instead of 'Web' makes me disinclined to believe you. Google indexing affects web sites. The rest of the Internet is unaffected. Your ability to download from a torrent, place an VoIP call, play internet poker or even post sophemoric comments on Slashdot is completely separate from Google's indexing and any problems they may have.

Your argument sounds like the kind of blogger argument that disregards the possibility that blogs aren't the be all and end all of human existance.

Re:Hey guys - this is a BIG deal

[Frank+T.+Lofaro+Jr.]

302 redirects are temporary, 301 is permanent.

Following a 302 and using the resulting page in the index would be breaking spec.

If I give you a URL and it 302 redirects somewhere, and tomorrow I change the redirect, remove the old redirected to page (assuming it is all on my site) and put a new one where the new 302 points to - your links will get broken if you threw out the original URL and kept where it (originally) pointed to.

E.g.

a ---(302)---> b

I give out URL a.

Then, I change where a points

a ---(302)---> c

deleting b and creating c at the same time.

If you keep using URL a like you are supposed to, you are OK. If you treated "a" as a 301 and kept URL b, you now get a bad URL.

Now one could say treat 302 as a 301 if it crosses sites. This would stop most 302 Google poisonings, but what if I have multiple domains and I am doing something legitimate (e.g. make topicsubtopic.com point to topic.com/subtopic until I make topicsubtopic its own independant site). In which case it would hurt me. Or treat a 302 normally, but treat it as a 301 if the destination page is reachable via a non-redirect link. (people could make links to 302 destinations then and break things). Of course one could decide to treat a 302 normally, unless something on the same domain points directly at the 302 destination. So if site A 302 redirects to a page on site B, as long as site B itself has a non-redirection link to that page - then Google could treat the 302 as hostile (throwing it out or treating it as a 301). But domain level assumptions are bad - 2 unrelated entities can share a domain, and 2 separate domains can be controlled by one (or cooperating) entities.

One could also create a new meta tag that means I allow the following pages/domains/etc to 302 redirect to me - if it is not there - Google could treat the 302 as a 301 or not index it. That would be the cleanest solution I think.

Re:Hey guys - this is a BIG deal

[drew]

Remember when AltaVista was the way the majority of people on the web got around? AltaVista started sucking and people stopped using it. Now it's all but dead, and has been for some time. There web was around long before Google, and somehow people managed.

If Google starts showing all spam instead the intended sites, people will start using Yahoo. Or MSN. Or....

Google's death would hardly doom the web, much less the Internet. At some point people would decide that they don't like the results that Google is providing any more, and move on. And Google would become just as much a footnote in history as AltaVista.

Re:Hey guys - this is a BIG deal

Following a 302 and using the resulting page in the index would be breaking spec.

Only if you *kept* the linked page and threw away the original.

The solution is simple: return the redirected link until the redirect goes away - which is what you should be doing in the first place.

Re:Hey guys - this is a BIG deal

[Rakishi]

Depends, AOL Search uses the Google engine. Add that in and Google is over 50%.

Re:Hey guys - this is a BIG deal

[IO+ERROR]

Here's what's going on. Google has a flaw in their algorithm in the way it deals with 302 redirects. Instead of following the internet standard of following the 302 redirect to the new location and indexing that, Google sometimes applies the information, PageRank, and Google ranking position of the 302 destination page back to the page doing the redirecting.

This doesn't sound like a bug at all. This sounds more like Google actually bothered to implement the HTTP specification correctly, and the web site with the redirect did not. Go read it and pay careful attention to the subtle but important differences between 301 and 302. The methods by which user agents (including search engines) should handle these responses are outlined there.

Re:Hey guys - this is a BIG deal

[Threni]

> This is big enough to seriously f'up the Internet - get it?

Google's a company that can do what it wants. If one company can f'up (sic) the Internet, then it doesn't say very much about the internet, does it?

Re:The site's registered with 'real' information,

Didn't you slashtrolls have your panties in a bunch because someone posted the bitter groklaw chick's personal information on the net?

Nah - just a quick N' dirty patch

[Gieckboy]

they did a manual adjustment - this problem has been around for 2 years and Google still hasn't managed to fix it

Re:The site's registered with 'real' information,

[Honest+Man]

After looking at the guy's site, its quite obvious he wanted caught - to advertise his business.... Google should bill him for his increase in sales... *sigh*

Re:The site's registered with 'real' information,

[localzuk]

What would they call him about? He did not actually do anything wrong.

He hasn't got any form of contract with google and he hasn't broke any laws...

I saw this two weeks ago with "Google"

[DeadSea]

Two weeks ago if you searched for "google" on www.google.com, the first result that you got was https://desktop.google.com which redirects to the google home page. Google desktop seemed to have hijacked the google search homepage!

Of course, the slashdot editors rejected the story.

Google needs to adjust their canonicalization algorithm so that a page the redirects is not chosen as the canonical url.

Re:I saw this two weeks ago with "Google"

[Stauf]

Two weeks ago if you searched for "google" on www.google.com, the first result that you got was https://desktop.google.com/ which redirects to the google home page. Google desktop seemed to have hijacked the google search homepage!

This is more as a result of Google not giving their own pages an enhanced pagerank then from any sort of accidental hijack. I would guess that people don't link to google.com very much at all - it's a very simple, no-info search page after all. So people link to Google's new desktop search and Google's pageranker thingy sees that as relevant to a search for 'Google'.

It's a symptom of Google doing the Right Thing(tm) when it comes to indexing their own data.

Re:I saw this two weeks ago with "Google"

[DeadSea]

According to google, the google home page has 3.5 million incoming links. That is hardly "people don't link to google.com very much at all".

That and "www.google.com" is the only page on the internet that gets a perfect 10/10 page rank. That could be by definition, or it could be that it actually has enough incoming links to deserve it.

Re:I saw this two weeks ago with "Google"

[Stauf]

My theory was more along the lines of: "When Google released Desktop Search, the flurry of activity meant that for a while at least, desktop.google.com got more hits then google.com, inflating it's pagerank and putting it above www.google.com in a search for 'Google'."

"very much at all" was probably a bad choice of words, but "people didn't link to google using the keyword 'Google' as often as they linked to Google Desktop Search with a keyword containing the string 'Google' within whatever arbitrary time period the algorithm uses between indexes of those sites" is really rather cumbursome.

I don't get it

[mcc]

If the 302 page is just a redirect, why do they apply the redirectee's pagerank to the 302er's page, and not the other way around (apply the 302er's pagerank to the ridirected page)?

Re:I don't get it

Because Google are a bunch of well meaning and hard working folks, but they are still a bunch of collective idiots.

It's one thing to do something wrong, recognize it and fix it. But they seem to have reached the point in size where they think that they no longer have to listen to the reason of anyone outside their corporate walls.

Google has reached the turning point from "innovative, young and energetic" to the "bloated, closed-minded and all-for-profit" mentality that all companies go through when they "grow up".

Re:I don't get it

[hanssprudel]

If the 302 page is just a redirect, why do they apply the redirectee's pagerank to the 302er's page, and not the other way around (apply the 302er's pagerank to the ridirected page)?

They don't. A PageRank is something that Google assigns to a URL rather than a page, based on how many pages containing the keyword links to it and some other stuff. The issue is that Google finds two URLs that lead to the same page, one is the page itself, and one is a 302 redirect.

Now when you search for a term and this page hits, Google doesn't want to display two links to the same page, so Google it has to decide which is the canonical address for the page. The way that it does this is simply to take the URL with the greater PageRank as the canonical URL, and returning that.

The issue is that this allows one, in theory, to hijack google entries by 302 to the page in question, and getting a higher pagerank for your URL then the real one. In this case the old URL will be suppressed, and Google will link to your URL instead. Once this is done, you can change your page to a phishing page or something, and get people.

Note, however, that if Google did not follow 302s, then this could still be done by simply proxying the actual page. If a request to my URL simply made the webserver fetch your page an return it, Google could never tell which was the real page, and which was the copy. It would have to return both (in which case I would be first if I had greater pagerank) or suppress one, and then they are back to the canonical problem.

Hijacked? No, ESCORTED.

[YetAnotherName]

Look, you type "google adsense" and you click the first link (or I'm Feeling Lucky), and the result (as far as the end user is concerned) is Google's Adsense page. That's not a hijacking. That's an escort service (albeit the far less fun kind).

And what's the new use of the word "bourbon"? I prefer mine in liquid form.

Slashdot blacklists itself!

[Animats]

Yesterday, the Slashdot home page was, instead of showing Apache headlines, showing a message that the Slashdot RSS feed had been blacklisted. Apparently, Slashdot's RSS feed server blacklisted Slashdot's own home page builder.

Yes, you too can shoot yourself in the foot.

Re:Slashdot blacklists itself!

Screenshots here and here

Re:Slashdot blacklists itself!

[jmv]

Yup. I can confirm seeing that for the Developers headlines yesterday.

It wasn't intentional...

[RoloDMonkey]

According to a post under TFA by the owner of the site, he didn't do this on purpose.

Posted by: kj at May 25, 2005 12:35 AM

I want to thank JenSense and others for posting this thread.

Thanks for the comment Air Charter. I just got off the phone with two different tech writers explaining why I would have a meta redirect on my site.

It isn't an attempt to profit from either Google's page rank or some cloaked affiliate link.

I am no hijacker. In fact, I'm not sure how I could in any way benefit from this link.

The simple fact is this: I write and syndicate articles all over the web. I used to put into those articles direct links to sites I was talking about.

A couple years ago I had a problem when I had written and syndicated several articles about GoTo.com when they changed their name to Overture. There were dozens of websites to notify and ask them to update the links in my articles.

So I decided to begin using meta refresh redirects rather than listing the URL's directly. I can then keep the links current in all the articles I write.

Hopefully Google will look at this and decide to make some changes so this won't occur. It's hard to believe I got a number 1 listing without trying.

Re:It wasn't intentional...

Long live the Speaker Bracelet

You can deliver mine in a candle truck.

Re:It wasn't intentional...

[RoloDMonkey]

Long live the Speaker Bracelet

You can deliver mine in a candle truck.

Hah! You're the first person I know that's realized what my sig means, congratulations.

Re:Hijacked? No, ESCORTED.

[adpowers]

I believe Bourbon is the name of this Google update. The slimy search engine optimizers (whose posts you can read if you click the link to webmaster world) name the updates of Google's index in order to keep track of them easier. If you read a little of the thread, I believe they refer to code words for past updates as well.

Meta Refresh?

[PhoenixRising]

Seeking a bit of clarification: where are meta refreshes involved in this? Or should the article title read "Google AdSense 302 Redirect Hijacked"?

It would take longer than a day to fix that mess.

There are millions of pages that have been 302'd.

It impacts more than just a page when it causes Google to trip various filters.

Not only that

[broothal]

Check the pagerank of this site and take a wild guess whom they hijacked...

You don't have to have a higher PR

page to have an impact. The page that the 302 is directed at becomes marked as duplicate content and falls over, enough pages fall and Google marks the site as spam so the site falls. Get the picture.

Absent the "highjacking" part it causes a problem for the page that is a 302 target.

This has been laid out many times to google over a period of years.

Re:Hijacked? No, ESCORTED.

[brickballs]

i wouldnt call the web master world guys slimy. theres definately some slimy guys out there, but wmw seems like one of the better groups

my thoughts as a 'victim' of this process.

[Eric+Coleman]

From reading the responses here and from the last time this topic surfaced on slashdot, it seems as though people don't fully comprehend the crappiness of the problem.

I run a game programming website as a hobby, so my livelihood doesn't depend on google's ranks. But my page rank has descreased and I have fewer back links as reported by google. The links to my site and it's content have not decreased, but google's reporting says it has.

This is simply the effect where the cause is some casino website that does this damn 301 redirect to my website. I had a leeching problem for a while, so I analyed my web server logs to find out the culprit, in doing so I found some odd web log spam for some website in china and a casino website doing a redirect and theft of my site's content.

I don't make any money off my website, it's a very small niche, but the content is good and it had a nice page rank for a while, so it was an easy target. And there really isn't much I can do. My site got hijacked, google indexed the hijacking page as though it was mine, then they change their page after being indexed in google so that now display advertisements instead of doing the redirect.

As a hobbyist, I can't get into litigation with a damn casino website in a different country. I know a lot of complaints are from the so-called "search engine optimizing" companies, but as an honest webmaster with no comercial interest in google, it's still a pain in the butt. There is absolutely nothing honest webmasters can do to prevent this or to rectify it. The ball is in Google's court to give credit where credit is due, and that's the final target URL, not the referer.

Re:my thoughts as a 'victim' of this process.

[Frogbert]

Couldn't you just ban access to clients comming in with the Casinos referrer? /n00b

Re:my thoughts as a 'victim' of this process.

Some people may ridicule, so called, SEO(Search Engine Optimization) experts, and I kind of understand. Some people may say that getting traffic from free search engine to generate clicks and making money isn't really business, and I kind of understand that. But here's what's happening. 90% of internet users use search engine to look for what they want to find, so you have to take the presence of Search Engine into consideration. If you have to make your website visible to search engine(Google) in order to get traffic, then there are two ways. Either you rank well in Google or you pay money to Google and advertise. If problems like this exist and you cannot get much traffic from natural rank, then you'd have to pay Google to get traffic. It is Google's problem, yet it is designed so that Google will make profit ...

Re:my thoughts as a 'victim' of this process.

[Stauf]

Redirect anything with the casino's referrer back to the casino's main site with a 301.

(I believe the hijack is actually using a 302 - page moved temporarily, not a 301 - page moved permanently, if you use a 301, google should update the listing whereas with a 302, google doesn't update the listing but shows different content under the link.)

Re:my thoughts as a 'victim' of this process.

[hankwang]

Couldn't you just ban access to clients comming in with the Casinos referrer? /n00b

You could do that, but what counts whether you can convince Googlebot not to follow redirects. Unfortunately, Googlebot doesn't tell you about the referrer.

Here's mine:

[bhsx]

My mom washed my Google AdSense, and IT BLEW UP!!!

Re:Hijacked? No, ESCORTED.

[adpowers]

Well, I was referring to some of the posters on the board. When I see them post about how they were punished during the last update or how they're "rising for some very competitive keywords", I get the feeling that they aren't the most honest internet folk. I regularly monitor my standings in Google for some words related to me, but I don't feel like I'm being punished when I go down in ranking. Of course, I'm not using slimy tactics to try and raise my PageRank, so they have no reason to punish me. Also, I monitor most of my keywords out of curiosity and not because I'm trying to pump up a page for a certain query (current sig excluded :) ).

Re:Hijacked? No, ESCORTED.

[brickballs]

fair enough, i guess there are a few rotten apples in every tree.

Re:Hijacked? No, ESCORTED.

[adpowers]

Actually, now that I think about it, I believe it isn't the index but the algorithm. They update the index every day, but the algorithm isn't updated as often (and is what causes more variety in results, I imagine).

Re:The site's registered with 'real' information,

[Honest+Man]

What ever happened to sending someone an email instead of exploiting the problem to make money? He may not have broken any laws but ... never mind, ethics have no place in modern society, why bother - ironic that I got rated troll for the first time 'ever' since coming to /. Oh well.

Re:thats about right then

[zakkie]

Sarcasm noted, but what's scary is that that is almost exactly what 99% of Flash developers would think!