Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Blocks Porn In Base, Patches Appliance

Posted by Zonk on from the tweaking-here-and-there dept.

An anonymous reader writes "The search giant has moved to fix a problem in Google Base which didn't properly block pornographic material in their search results. According to Google, the filter was broken for 'some period of time' but the company didn't elaborate. Nathan Weinberg could have been one of the first to report the incident on his blog, Inside Google, writing: 'Holy crap, there is a lot of porn at Google Base! Looks like, just like Google Images, Google Base could become a huge source of porn, and eventually a place where porn will be sold. I even noticed some movie reviews.'" They've also recently corrected a problem with their search appliance. geo_2677 wrote to mention a Securityfocus.com article discussing the rapid patching of the Google search boxes in response to a vulnerability.

9 of 122 comments (clear)

  1. "Rapid patching" gone horribly wrong by LostCluster · · Score: 4, Interesting

    Google may have quickly released the patch once they were notified like a good company should, but TFA reveals that the patching is far from complete:

    A small sample of 43 appliances taken this week showed that 23 remained vulnerable, 8 were patched, and the status of 12 could not be determined. If this sample is representative of all deployed Google Search Appliances, more than half may still be vulnerable.

    A patch that hasn't made it to half of the vulnerable devices? We've got a problem here. Google should have made it clear to the owners of the Search Appliance that there's a patch to install. (Fault the media while we're at it... this is the first /. mention of any patch for the Google Search Appliance.)

    You'd think Google would have built in an auto-updater, but clearly not with this low of a response rate.

    1. Re:"Rapid patching" gone horribly wrong by Threni · · Score: 4, Interesting

      > Fault the media while we're at it... this is the first /. mention of any patch for the Google
      > Search Appliance.)

      I'm Sorry? "The media" exists to make money, and I'm not sure if you're reading the business press lately but they've been doing just fine.

      If a company is relying upon another company then it's between those companies to sort out any practical problems. The media has correctly decided that the general public couldn't give a toss about whether there's a new version of software for some piece of kit or other.

      You obviously believe that the media exists to protect the public...

  2. [offtopic] What the ..... popover ads on Slashdot? by Idaho · · Score: 3, Interesting

    I'd swear there is no spyware on this machine, but I just got a popover advert when I opened this topic. It was right on top of the comments section. Strangely enough, it disappeared automatically after a few seconds (it had an area that looked like a close button which I did not click, shocked as I was to see something like this happening on slashdot. Obviously, you can never be sure what will actually happen when you click such a close button anyway...).

    I think it was some kind of DHTML thing - anyone else got this as well?

    --
    Every expression is true, for a given value of 'true'
  3. Rooting the Applicance by putko · · Score: 3, Interesting

    Google's selling of the box may open them up to problems they wouldn't otherwise have.

    E.g. supposedly the appliance is derived from their main codebase. So if you get a box and figure out some exploits, perhaps you've figured out how to exploit the thousands of machines that Google uses to crawl.

    It is a bit like Cisco fiasco recently: they give a smart guy a box, he can find some problems (and get in trouble at Black Hat) -- but if he finds flaws he can exploit thousands of boxes out there.

    On the other hand, if Cisco didn't give you your own box to poke and prod, you might never discover the flaws in the boxes out there in the universe (before getting caught) -- it would just take too long, esp. if the bug was timing dependent. Same for Google -- the selling of the appliance, for what little money it brings in, reveals info to bad guys. A risk-averse shop might forgo that income completely.

    --
    http://www.thebricktestament.com/the_law/when_to_s tone_your_children/dt21_18a.html
  4. Is there a site... by SharpFang · · Score: 4, Interesting

    ...that uses Google Images API with the SafeSearch in "reverse" mode, that is performs search twice, with SS on and off, and displays only images that would are filtered off by SS?

    --
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
    1. Re:Is there a site... by Von+Helmet · · Score: 2, Interesting

      This search page will search for unsafe pages using that method, though I have yet to find^H^H^H^H hear of one that will do the same for images.

  5. Re:[offtopic] What the ..... popover ads on Slashd by clifyt · · Score: 4, Interesting

    I get the same...and I'm on a Mac using firefox -- so I highly doubt if its adware.

    I saw this first last week asking me to take an OSTG survey at work -- and I thought I had my pop-up blocker off. Nope. And my flash block was off as well -- so it couldn't be that hole either. I wasn't too upset because I thought it was specifically for /. and its parent company...and then a few days later, the same thing with a non OSTG advertisement.

    Slashdot it going downhill and thats sad (then again, I know people on my site are complaining that I've had to monotize it to keep it running...but popups / popunders and annoying DHTML are something no reputable site should ever use). If this is the future of this site, Digg and others will get my reading (and I'll make certain to never buy another overpriced gizmo or tshirt from Thinkgeek).

  6. Re:[offtopic] What the ..... popover ads on Slashd by chez69 · · Score: 5, Interesting

    use adblock or squid to block the following items:

    *images.slashdot.org/*.js
    *images-aud.slashdot.org*
    *an.tacoda.net*
    *falkag*

    lots of funcky js gets loaded by slash by default. I block all this shit and slashdot loads twice as fast.

    --
    PHP is the solution of choice for relaying mysql errors to web users.
  7. Re:And where is the problem with porn? by Anonymous Coward · · Score: 1, Interesting
    So you let a companys stance on OSS dictate to you whether that company is good or bad? That is the kind of shallowness that the geek community seems to display all to often. "They use Python a lot so they must be cool!"

    To further confuse the issue. Here is the list of the major charitable contributions made by Microsoft (or is it Micro$oft, hurrr!!) as of 2000.


    • $1 billion over 20 years to establish the Gates Millennium Scholarship
      Program, which will support promising minority students through college
      and some kinds of graduate school.

    • $750 million over five years to the Global Alliance for Vaccines
      and Immunization, which includes the World Health Organization, the Rockefeller
      Foundation, Unicef, pharmaceutical companies and the World Bank.

    • $350 million over three years to teachers, administrators, school
      districts and schools to improve Americas K-12 education, starting in
      Washington State.

    • $200 million to the Gates Library Program, which is wiring public
      libraries in Americas poorest communities in an effort to close the digital
      divide.

    • $100 million to the Gates Childrens Vaccine Program, which will
      accelerate delivery of lifesaving vaccines to children in the poorest countries
      of the world.

    • $50 million to the Maternal Mortality Reduction Program, run by the
      Columbia University School of Public Health.

    • $50 million to the Malaria Vaccine Initiative, to conduct research
      on promising candidates for a malaria vaccine.

    • $50 million to an international group called the Alliance for the
      Prevention of Cervical Cancer.

    • $50 million to a fund for global polio eradication, led by the World
      Health Organization, Unicef, Rotary International and the U.N. Foundation.

    • $40 million to the International Vaccine Institute, a research program
      based in Seoul, South Korea.

    • $28 million to Unicef for the elimination of maternal and neonatal
      tetanus.

    • $25 million to the Sequella Global Tuberculosis Foundation.

    • $25 million to the International AIDS Vaccine Initiative, which is
      creating coalitions of research scientists, pharmaceutical companies and
      governments in developing countries to look for a safe, effective, widely
      accessible vaccine against AIDS.


    How much have the millionares at google given to charity? Yet Microsoft is still this horrible company because they don't support OSS and google are the saviours of the world because some of their dev's use Python. I am not saying Microsoft is good. I am just saying that supporting or not supporting OSS is not the only thing that you should be looking at.