Slashdot Mirror
Google Blocks Porn In Base, Patches Appliance
An anonymous reader writes "The search giant has moved to fix a problem in Google Base which didn't properly block pornographic material in their search results. According to Google, the filter was broken for 'some period of time' but the company didn't elaborate. Nathan Weinberg could have been one of the first to report the incident on his blog, Inside Google, writing: 'Holy crap, there is a lot of porn at Google Base! Looks like, just like Google Images, Google Base could become a huge source of porn, and eventually a place where porn will be sold. I even noticed some movie reviews.'" They've also recently corrected a problem with their search appliance. geo_2677 wrote to mention a Securityfocus.com article discussing the rapid patching of the Google search boxes in response to a vulnerability.
Google may have quickly released the patch once they were notified like a good company should, but TFA reveals that the patching is far from complete:
/. mention of any patch for the Google Search Appliance.)
A small sample of 43 appliances taken this week showed that 23 remained vulnerable, 8 were patched, and the status of 12 could not be determined. If this sample is representative of all deployed Google Search Appliances, more than half may still be vulnerable.
A patch that hasn't made it to half of the vulnerable devices? We've got a problem here. Google should have made it clear to the owners of the Search Appliance that there's a patch to install. (Fault the media while we're at it... this is the first
You'd think Google would have built in an auto-updater, but clearly not with this low of a response rate.
Looks like they may need to add a new button to their site : "I'm feeling horny"
must ... resist ... obvious ... zero ... wing ... pun
... speak ... at ... normal ... rate
can't
Because this is on the company level. GOOGLE is doing this - not the feds.
Show this to your friends and family that don't know what a real hacker is
Hate to say it, but pr0n did help Al Gore's internet get off the ground. I wonder if Bill put him up to it.....
" i r 1337. j00 a l0z3r "
That talk kinda makes you cry, doesn't it?
That's right..cry those nerdly tears
Are Belong to PRON *s
--
No, really.
Google's SafeSearch can be turned off, China's Great Firewall cannot.
I'm a little concerned that Al Qaida is known as "The Base" in English.
This isn't some Google search tool to find Bin Laden is it? I've not used Base before, what does it do?
Saskboy's blog is good. 9 out of 10 dentists agree.
I'd swear there is no spyware on this machine, but I just got a popover advert when I opened this topic. It was right on top of the comments section. Strangely enough, it disappeared automatically after a few seconds (it had an area that looked like a close button which I did not click, shocked as I was to see something like this happening on slashdot. Obviously, you can never be sure what will actually happen when you click such a close button anyway...).
I think it was some kind of DHTML thing - anyone else got this as well?
Every expression is true, for a given value of 'true'
I got the same thing. /. going down hill?
I wonder if the Google filters remove "All The Base Are Belong To Us" ?
Wellybog
http://www.wellybog.com
Google's selling of the box may open them up to problems they wouldn't otherwise have.
E.g. supposedly the appliance is derived from their main codebase. So if you get a box and figure out some exploits, perhaps you've figured out how to exploit the thousands of machines that Google uses to crawl.
It is a bit like Cisco fiasco recently: they give a smart guy a box, he can find some problems (and get in trouble at Black Hat) -- but if he finds flaws he can exploit thousands of boxes out there.
On the other hand, if Cisco didn't give you your own box to poke and prod, you might never discover the flaws in the boxes out there in the universe (before getting caught) -- it would just take too long, esp. if the bug was timing dependent. Same for Google -- the selling of the appliance, for what little money it brings in, reveals info to bad guys. A risk-averse shop might forgo that income completely.
http://www.thebricktestament.com/the_law/when_to_
Oh, when COMPANYs do it, then it's fine.
(Where's the logic in that? For me as a user a repressive society is a repressive society. I don't care if companys, private organisations or the state take my freedoms.)
Are you sure it was a popover ad? There some times that I have noticed what appears to be a pop-over ad, but is really a normal sidebar ad positioned in the center while my computer/network is being slow in downloading/rendering the page. As the rest of the page came in, the ad then slides to the proper place.
I mostly notice this on theonion, but I've seen it in lots of places. Of course, this could be a new advertising scheme... center("ad"), and at the very last of the page, they place a correctly.position("ad"), leaving the ad centered until the entire page loads.
You can still get all the pr0n you want. The problem was that SafeSearch was including pr0n in the results. Some dad uploaded pictures of his two-year-old daughter to share with family. But, when he searched for those pictures, he found a hell of a lot more than he was looking for.
Considering the society we live in, SafeSearch is a good default--after all, you wouldn't want something that could easily get you fired popping up on your monitor just for doing an innocent search. It's also good of Google to offer the simple ability to tell them not to be your nanny.
Cheers,
b&
All but God can prove this sentence true.
That wasn't a bug! It was a feature. The best one!
You can't handle the truth.
...that uses Google Images API with the SafeSearch in "reverse" mode, that is performs search twice, with SS on and off, and displays only images that would are filtered off by SS?
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
I get the same...and I'm on a Mac using firefox -- so I highly doubt if its adware.
/. and its parent company...and then a few days later, the same thing with a non OSTG advertisement.
I saw this first last week asking me to take an OSTG survey at work -- and I thought I had my pop-up blocker off. Nope. And my flash block was off as well -- so it couldn't be that hole either. I wasn't too upset because I thought it was specifically for
Slashdot it going downhill and thats sad (then again, I know people on my site are complaining that I've had to monotize it to keep it running...but popups / popunders and annoying DHTML are something no reputable site should ever use). If this is the future of this site, Digg and others will get my reading (and I'll make certain to never buy another overpriced gizmo or tshirt from Thinkgeek).
My computer at home is kind of slow, as well as my internet connection. If I scroll while the page is loading, I can almost always make ads appear in the middle of the comments, although not on top of the stuff, usually in line with the text. It looks a little weird, Not sure if its a slashdot bug or a firefox bug.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
I think it is because Slashdot is (finally) compliant with a recent version of HTML / CSS / etc. The new version renders in a different fashion. On the main page, the sidebars load last, the centre gets squished suddenly at the end.
On comment pages, the comments are last to load, and the sidebar ad is centred until the width of the comments are established (or something) and then it all looks right.
Sure. You are free to use a different company. Using a different government is not always possible.
Number of requests to Google Base vastly dropped.
May Peace Prevail On Earth
Researchers find that a huge well designed freely accessible online database is used to store pr0n.
In other news, scientists announce that snow is cold, and that bears defecate in the wooded environments.
Google-Base is now the Wikipedia of porn.
Got the same thing twice today... If that shit persists into, say, next week, I think I should make heise.de my new "Home"...
use adblock or squid to block the following items:
*images.slashdot.org/*.js
*images-aud.slashdot.org*
*an.tacoda.net*
*falkag*
lots of funcky js gets loaded by slash by default. I block all this shit and slashdot loads twice as fast.
PHP is the solution of choice for relaying mysql errors to web users.
Google Blocks Porn ... so much for for Do no evil.
[alk]
*Zips up* Holy crap! There is a lot of porn in Google base!
I like suggestions, but I don't like contributing towards them.
This is corporate entity who isnt a monopoly, so it well within their rights to do this.
Once you talk about government censoring free speech ( its debateable if porn falls under that category in the first place ) then we an issue to discuss.
However, even with your example, China is an sovereign country. It has a right to declare a type of questionable speech illegal if they wish, as long as it doesnt deprive people of basic human rights in the process.
---- Booth was a patriot ----
I saw this first last week asking me to take an OSTG survey at work -- and I thought I had my pop-up blocker off. Nope. And my flash block was off as well -- so it couldn't be that hole either. I wasn't too upset because I thought it was specifically for /. and its parent company...and then a few days later, the same thing with a non OSTG advertisement.
/. is absolutely unacceptable to me. And frankly, I highly doubt I'm the only one who is really annoyed by this.
So it's not just me. Argh!!! Well, message to the editors: one 100% foolproof way to make sure that I will *never* take some OSTG survey, is to shove it in my face like that. I know that such things slip by sometimes (the advertiser puts it in without asking the website admins first), so I'd highly recommend you turn it off ASAP because such behaviour on a site like
Yes I know I could get a subscription, and I also am fully aware that it is in your right to do this. Afterall running this site is not exactly free. Still, chasing away potential customers by annoying the hell out of them doesn't seem like such a good way of doing bussiness to me. It's one of the reasons I barely watch TV anymore. Also, Sony can definitely forget about seeing any bussiness for me since their incredible r00tk1t fiasco - same reason basically, don't annoy your (potential) customers.
Every expression is true, for a given value of 'true'
Damn. I was wondering how to penetrate my T|X. Oh well :(
With new programming comes new bugs. It takes a long time to completely eradicate bugs.
Point it out AFTER it's fixed. Thanks, guys! :-P
picpix image polls. create - share - vote. fun!
Maybe he is a burn victim or a double amputee who has trouble finding women because of his condition? Ever think of that? Huh!? You insensitive jerk!
It is trivial to get past the Great Firewall. A Google search for 'free web proxy' is all it takes; there are working ones on the first page of results.
Regarding the sample boxes they couldn't determine the status for, they may be firewalled by companies who don't want to risk unforseen vulnerabilities. Regarding the ones that are accessible but not patched, is it possible the owners are also blocking updates? If you have a dedicated search appliance in a situation where you can't really afford it going down for an unknown period of time, would you risk patching until you'd heard from others that the patch didn't introduce any new instabilities? Especially since it's a black (or blue) box, so a hard crash might mean having to send it back?
Win2000 and WinXP have autoupdaters, also. Many of them are not completely patched, either. The users have either never enabled, or disabled, that feature. The administrative interface on Google appliances could allow that level of control, also.
From TFA:
"Todd Ripley, a real estate investor in Asheville, North Carolina, noticed the problem on Tuesday morning after he uploaded photos of his 2-year-old daughter Jasmine onto his Google Base page. He planned to direct his family to the page but decided against it after a search for "Jasmine" turned up some unsavoury results despite the use of the SafeSearch filter."
If he'd just named his daughter Phyllis, or Martha, or Gertrude...
And why did he need to search for "Jasmine" to tell his family where to find photos? Couldn't he just use a URL? And did he think that there was any chance that a search for "Jasmine" would actually find his daughter's photos from the mounds of other info out there???
Or do the old-fashioned way, and toss them in your hosts file, and map to 0.0.0.0 - a "valid" ip that errors out instantly. I have several thousand lines in my hosts file that blocks various ad sites and whatnot. Just google for "hosts file" or something like that, and there are many prefab hosts files to download or copy and paste into your own.
Google may have quickly released the patch once they were notified like a good company should, but TFA reveals that the patching is far from complete:
Yep, the search still needs more fixing a search for the word webcam on all three filtering settings returns the exact same number of results. Unless Google specifically removed all pr0n links from the Base site (which I would still doubt), they do indeed have more patching to do.
You are free to use a different company
The problem is that google has such a monopoly that they can dictate what websites succeed and which fail. That is to much power for a single corporation as far as I'm concerned. Just go to http://www.google-watch.org/ and read some of the stuff there. It would be just as meaningless.
Geeks seem to be all to eager to suck googles dick. Google executives appear on the cover of magazines wearing Armani suits with Converse shoes and naive geeks are all "OMG! Those guys are so hip and cool!" Then google says "Our only philosophy is do no evil" and everyone is all "OMG! Those guys are so hip and cool!" Bill Gates could show up in a suit and sneakers and say "do no evil" and it would mean just as much as when google does it.
Google just gets bigger and more powerful. One day their leadership will change and the new execs might have a different direction for the company that really ends up fucking us all over. But we are just putting them in a position that will allow them to do that because geeks are so easily swayed by stupid shallow bullshit. Google is there to make money it is as simple as that. If you believe otherwise you need to grow up and look around you.
Seems that more and more security researchers are turning their attention to Google these days. There has been a spate of recent bugs published to the usual mailing lists in past weeks.
/. recently
Title: Google Talk Denial of Service - BenjiBug
Google Talk's automatic update mechanism (which can't be turned off) checks to see if the downloaded file matches a signature, but it doesn't check the size of the file. So it can be forced to compute a hash of a 1 gig file, crashing the machine.
Killer Empty Sender Message
echo kill | nail -s Kill -r "" victim (at) gmail (dot) com [email concealed]
crashes Google Talk
Google Talk cleartext proxy credentials vulnerability
Google Talk stores the GMail login details securely, but not the proxy authentication credentials
Not to mention the GMail bug discussed on
Ah, the perpetual beta..
"Yes I know I could get a subscription, and I also am fully aware that it is in your right to do this. Afterall running this site is not exactly free. Still, chasing away potential customers by annoying the hell out of them doesn't seem like such a good way of doing bussiness to me."
Of course. The preferred business method is the "Street performer with cancer" business model. That would be were the audiance gets free entertainment, occasionally throws some coins that don't cover mounting costs, and ridicules the performer when they hear the performers tale of woe.
Of course from the standpoint of an audiance, short-term this is much better than the "reciprocal exchange" model that someone patented centuries ago. You know the one were a web-site offers content that one wants and the audiance gives them money. Unfortunately if one doesn't like the terms (like offering money, watching ads, etc), then the "marketing made me..." impulse kicks in and one resorts to technical means like "bugmenot", or P2P to get it on "street performer with cancer" terms.
It's you insensitive clod , you insensitive clod!
...literally.
http://www.flickr.com/photos/44985665@N00/66506810 /
The search giant has moved to fix a problem in Google Base which didn't properly block pornographic material in their search results."
A Google spokesperson also issued the statement,
"All your porn are belong to us"
Thats a shame. Where are the kids supposed to learn about these things?
Bill Gates could show up in a suit and sneakers and say "do no evil" and it would mean just as much as when google does it
Maybe because, unlike MS, google actually doesn't try to screw OSS over.
Show this to your friends and family that don't know what a real hacker is
Please use a propper goatse mirror when trolling Slashdot. The next time I talk to someone from the GNAA, I'll have to tell them that your guys are losing your touch. :(
The porn sites should be fortunate enough that they can be found through regular Google Search. If anything, Google needs to crack down on the bogus porn and spam sites that add keywords to their meta tags and webpages to sneek in search results. These doctored results are starting to effect the performance and accuracy of the Google Search.
The Rapture is NOT an exit strategy.
To further confuse the issue. Here is the list of the major charitable contributions made by Microsoft (or is it Micro$oft, hurrr!!) as of 2000.
$1 billion over 20 years to establish the Gates Millennium Scholarship
Program, which will support promising minority students through college
and some kinds of graduate school.
$750 million over five years to the Global Alliance for Vaccines
and Immunization, which includes the World Health Organization, the Rockefeller
Foundation, Unicef, pharmaceutical companies and the World Bank.
$350 million over three years to teachers, administrators, school
districts and schools to improve Americas K-12 education, starting in
Washington State.
$200 million to the Gates Library Program, which is wiring public
libraries in Americas poorest communities in an effort to close the digital
divide.
$100 million to the Gates Childrens Vaccine Program, which will
accelerate delivery of lifesaving vaccines to children in the poorest countries
of the world.
$50 million to the Maternal Mortality Reduction Program, run by the
Columbia University School of Public Health.
$50 million to the Malaria Vaccine Initiative, to conduct research
on promising candidates for a malaria vaccine.
$50 million to an international group called the Alliance for the
Prevention of Cervical Cancer.
$50 million to a fund for global polio eradication, led by the World
Health Organization, Unicef, Rotary International and the U.N. Foundation.
$40 million to the International Vaccine Institute, a research program
based in Seoul, South Korea.
$28 million to Unicef for the elimination of maternal and neonatal
tetanus.
$25 million to the Sequella Global Tuberculosis Foundation.
$25 million to the International AIDS Vaccine Initiative, which is
creating coalitions of research scientists, pharmaceutical companies and
governments in developing countries to look for a safe, effective, widely
accessible vaccine against AIDS.
How much have the millionares at google given to charity? Yet Microsoft is still this horrible company because they don't support OSS and google are the saviours of the world because some of their dev's use Python. I am not saying Microsoft is good. I am just saying that supporting or not supporting OSS is not the only thing that you should be looking at.
using adblock and squid let you use regex expressions. some sites serve ads from the same servers as the content.
PHP is the solution of choice for relaying mysql errors to web users.
Why the hell are you blocking my site ParsifalKagoshima.com?
Ever tried that from behind the Great Firewall?
Using HTML in email is like putting sound effects on your phone calls. Just say <strong>no</strong>.
I didn't say it was perfect =-)
PHP is the solution of choice for relaying mysql errors to web users.
I thought Base's set of rules indicated that one cannot post only ILLEGAL or non-consexual pr0n as I have mentioned here.
Holy crap, there is a lot of porn at Google Base! Looks like, just like Google Images, Google Base could become a huge source of porn, and eventually a place where porn will be sold.
What? no link?
"black (or blue) box, so a hard crash might mean having to send it back?"
That depends on the design.*
One can have either a roll-back, or switch-over to a known configuration.
Two one can have a remote-login from Google HQ to fix whatever's needed.
The only reason to send something back is if the hardware is physically broken.
*Remember these basically are custom computers. Not DELL generic, stick any handy OS on, cross your fingers and pray, computers you put together from left-over parts.
He was posting pictures of his kid when he came across this pr0n...at least, that's what he told his wife when she walked in the room...
they only took it off the safesearch results I have no problem with that still some evades safesearch but hey, you filter it all.
Renunciation of U.S. Citizenship by Persons Claiming a Right of Residence in the U.S.
i p_777.html
http://travel.state.gov/law/citizenship/citizensh
Anything is possible, just not always probable.
[Fuck Beta]
o0t!
Google owns its servers - it's called the "right to property." It can block porn from them if it wants to. When the GOVERNMENT censors, it tells OTHER people what to do with their own property. In one case, property rights are respected; in the other case, they're violated.
That's the difference.
"God deliver us from our friends, we can handle the enemy." -Patton
Personally, I'd rather just get lucky.
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
Google Base, that is ;-)
Yep, that's the old-fashioned way. It works, but not as easy or fast as adblock. One right click, two keystrokes and then "OK" is all it takes to clean noisy websites. Especially if banner ads or other annoying stuff are served from the same IP adress as the real content. Websites that feature ugly animated GIFs, frames, blinking flash and whatever embeds are stopped cold. Might be called the three-clicks-out policy.
Free porn websites are a breeze with this, to be honest. Collect all destination hostnames from a popular TGP and block every URL with these hostnames ending in *.gif, *.js and *.swf and enjoy faster load times, less clutter, no stupid framings and no blinkenlights. Everything containing your most hated niche keywoard and ending in *.jpg blocked is also a great plus while seeking some solo amusement. Use "Linky" to open up the entire TGP in tabs at once and Adblock to filter out banner crap and unwanted niches is a good measure when availiable bandwidth is not the top priority. No more t-girls, studs, scat and MILFs or whatever may NOT float your boat.
So: Adblock is a superior approach when it comes to blocking unwanted HTTP content. Pre-emptively freezing unwanted download and spyware sources, the RealMedia main server maybe or whatever server IP your favorite phone-home shareware shouldn't find is best placed in the hostfile.
my school blocked google images for this reason, and its a very useful resource, is there a way to only be able to use it on strict filtering mode? (even then you can sometimes find stuff :( )
Anyone who is capable of getting themselves made President should on no account be allowed to do the job. - HHGTTG
Man, at times like this I wish there was an "+1 Awesome" moderation option ;).
"May the days be aimless. Let the seasons drift. Do not advance the action according to a plan."
Ahgh! Someone set us up the pr0n!
http://base.google.com/base/search?q=xxx&searchBas e=Search+Base&hl=en
I browse Slashdot with Javascript turned off since there's no need to turn it on here. Nice, old-fashioned passive/static "content" (I hate that word) only please.
Oh and BTW, thank you, http://www.noscript.net/
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
The phrase is "Do no evil". Not "do some good" or even "do more good than evil".
Look at it agin. "Do no evil". It doesn't say anything about doing good, so charities are irrelevant. It's only about evil. The other important word is "no" in this case meaning "zero". Not "less". Qualifying for that is too late for Microsoft, no matter how much good they do, the evil they have already done will never become undone (not until the invention of a time machine anyway).
Microsoft has done evil against OSS. They have done evil against their own customers (bundling IE, bundling Mediaplayer, Clippy). They have done evil against people who didn't want to be their customers (per CPU licensing, aka. Microsoft tax).
I am the grandparent poster, and the answer is yes. I've been living in Beijing for about 18 months now, and I've found that internet censorship here is extremely over-estimated by people outside China. As well as the aforementioned proxies, the majority of foreign news sites are still available (it's only the highest profile ones like the BBC that are blocked; even The Times is still allowed).
The situation is a little different for Chinese-language sites, but it's still pretty easy to find independent news sources. People say it's harder if you're looking for sites about Taiwan independence or the FLG cult, but even those aren't too hard to find if you look in the right places (or use a proxy as I said in my previous post).
And no, I'm not in some posh hotel or special accomodation for foreigners; I'm using a normal residential connection in an apartment block where I'm the only non-Chinese.