Google Goofs On Firefox's Anti-Phishing List

Stephen writes "While phishing is a problem, giving one company the power to block any site that it wishes at the browser level never seemed like a good idea. Today Google blocked a host of legitimate web sites by listing mine.nu. mine.nu is available as a dynamic dns domain and anybody can claim a sub domain. All sub-domains are blocked regardless of whether phishing actually occurs on the sub-domain or not. Several Linux enthusiast sites are caught up in the net including Hostfile Ad Blocking and Berry Linux Bootable CD."

I hate that Google can do this

In my mind giving this power to Google is the most objectionable thing related to the company. I know somebody who has had his legitimate business ruined because Google mistakenly added his site to this list. Why? Because it was hosted on the same physical server as a truly objectionable web site.

People need to stop childishly sneering at Windows users and take their focus away from Microsoft. The terrible Goliath is clearly Google now. Even when it's not being evil it causes trouble just by being *clumsy*.

Re:Not google's fault

Um, no. The list is supplied by Google. When Firefox blocks a site, press the 'Why was this site blocked?' button to see Google's warning about it (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://mine.nu/ in this case).

Re:Get a real domain then.

[caluml]

Sorry dude. I block whole netblocks that I/we don't have any business with, and that fill up my logs with annoying connection attempts, and portscans, etc. I'll show you my method for blocking about 80% of probes, scans, password guessing bots, etc:

# wget -o /dev/null -O - http://www.iana.org/assignments/ipv4-address-space/ | grep whois.apnic.net | grep ALLOCATED | cut -d " " -f 1 | xargs
# need to add in .0.0.0 though
for asia in 58.0.0.0/8 59.0.0.0/8 60.0.0.0/8 61.0.0.0/8 112.0.0.0/8 113.0.0.0/8 114.0.0.0/8 115.0.0.0/8 116.0.0.0/8 117.0.0.0/8 118.0.0.0/8 119.0.0.0/8 120.0.0.0/8 121.0.0.0/8 122.0.0.0/8 123.0.0.0/8 124.0.0.0/8 125.0.0.0/8 126.0.0.0/8 202.0.0.0/8 203.0.0.0/8 210.0.0.0/8 211.0.0.0/8 218.0.0.0/8 219.0.0.0/8 220.0.0.0/8 221.0.0.0/8 222.0.0.0/8
do
$fw -A INPUT -s $asia -j DROP
done

I don't get why you are getting annoyed that I (and probably many others) do things like this?

Why was this blocked?

[LingNoi]

Safe Browsing
Diagnostic page for mine.nu/

What is the current listing status for mine.nu/?

        Site is listed as suspicious - visiting this web site may harm your computer.

        Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

What happened when Google visited this site?

        Of the 4329 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 09/21/2008, and suspicious content was never found on this site within the past 90 days.

        Malicious software includes 7523 scripting exploit(s), 2911 trojan(s). Successful infection resulted in an average of 0 new processes on the target machine.

Has this site acted as an intermediary resulting in further distribution of malware?

        Over the past 90 days, mine.nu/ appeared to function as an intermediary for the infection of 183 site(s) including culportal.info, mipt.ru, baikal-discovery.ru.

Has this site hosted malware?

        Yes, this site has hosted malicious software over the past 90 days. It infected 932 domain(s), including bernard-becker.com, mipt.ru, dhammasara.com.

How did this happen?

        In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

        * Return to the previous page.
        * If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.