Slashdot Mirror

← Back to Stories (view on slashdot.org)

Poisoned Google Image Searches Becoming a Problem

Posted by Soulskill on from the quick-search-for-the-antidote dept.

Orome1 writes "If you are a regular user of Google's image search, you might have noticed that poisoned search results have practically become a common occurrence. Google has, of course, noticed this and does its best to mark the offending links as such, but they still have trouble when it comes to cleaning up its image search results."

10 of 262 comments (clear)

  1. Re:im glad im not the only one by WrongSizeGlass · · Score: 5, Funny

    To protect myself against these poisoned image search results I make sure I always use Lynx when I search for images.

  2. screenshots by cobbaut · · Score: 5, Informative

    Two weeks ago I put some screenshots of what it looks like on my blog:
    http://cobbaut.blogspot.com/

    --
    European Linux user, living in Antwerp
  3. Re:web 101: don't run unknown javascripts by blindseer · · Score: 5, Insightful

    It's 2011, there should not be anything a Javascript can do that is harmful to your computer.

    --
    I am armed because I am free. I am free because I am armed.
  4. Re:im glad im not the only one by Nimey · · Score: 5, Informative

    lynx + zgv was how I used to view images on the Web about ten years ago. It worked surprisingly well, back before AJAX or Flash were used for navigation.

    --
    Hail Eris, full of mischief...

    E pluribus sanguinem
  5. a couple add ons that help by d6 · · Score: 5, Insightful

    I surf with requestpolicy and noscript up. It is utterly amazing the number of websites that can't render a page without firing scripts or loading content from 6, 8, 10 or more different domains.
    If you haven't tried these, do it and be amazed at how many sites load without stylesheets, pictures etc. It's amazing how badly shit is implemented - zero thought about graceful degradation.

    no script
    requestpolicy

  6. Re:web 101: don't run unknown javascripts by Anonymous Coward · · Score: 5, Informative

    This is not going to happen. Many major websites, many of the highest traffic websites involve hundreds of JS scripts to make a single page function. Web 2.0 and all...

    Ironic, given that Google recently (this month) just changed its behavior to practically require Javashit.

    Old hotness: (1) Google "foo". (2) Click "Images" tab at top of screen for a GIS for "foo".

    New and busted: (1) Google "foo". (2) Click "Images" tab at top of screen for... "Your search - foo - did not match any documents." (3) curse, click "Images" tab again - to go to http://www.google.com/imghp?hl=en&tab=ii, and (4) have to type "foo" again in order to GIS "foo". (Or remember to start at images.google.com, which is an issue when you might not be sure which terms to use when searching for the image in the first place)

    Turn Javashit on, and clicking the tab works just fine... but whatever Google changed broke the non-Javashit version of GIS.

    Sorta like last month - maps.google.com is an AJAX app, so it's reasonable for it to require Javascript. But it used to work fine without cookies enabled. Now, it requires both Javascript and cookies. Interesting.

    Just tested/confirmed both of these on Firefox 3.6.16.

    What Facebook does overtly, Google does by benign neglect and failure to regression-test. What's next? Google services simply stop working for Firefox and require Chrome?

  7. Mac is vulnerable too by Teckla · · Score: 5, Informative

    My wife got bitten by this just today.

    She navigated to a web page from a Google search result, and Safari automatically downloaded some malware and executed it.

    I didn't believe my wife's story at first, so I tried it. Sure enough, automatic download and execution on Mac/Safari.

    What the fuck, Apple and Safari?

    The only question that remains is whether I'll be moving her to Firefox or Chrome...

  8. Re:web 101: don't run unknown javascripts by 93+Escort+Wagon · · Score: 5, Funny

    It's 2011, there should not be anything a Javascript can do that is harmful to your computer.

    It's 2011, where's my damn flying car?

    It's held up in pre-production until they can fix a persistent Javascript bug.

    --
    #DeleteChrome
  9. Re:im glad im not the only one by Rizimar · · Score: 5, Funny

    I pretty fluent in JPEG myself, though I read the files in a hex editor. You get used to it. I...I don't even see the code. All I see is blonde, brunette, red-head.

  10. Re:im glad im not the only one by Anonymous Coward · · Score: 5, Funny

    Dread Pirate Google: All right. Where is the trojan? The battle of wits has begun. It ends when you decide and we both click, and find out who is right... and who is hacked.

    Vizzini: But it's so simple. All I have to do is divine from what I know of you: are you the sort of man who would put the trojan into his own link or his enemy's? Now, a clever man would put the trojan into his own link, because he would know that only a great fool would click on what he was given. I am not a great fool, so I can clearly not choose the link in front of you. But you must have known I was not a great fool, you would have counted on it, so I can clearly not choose the link in front of me.

    Dread Pirate Google: You've made your decision then?

    Vizzini: Not remotely. Because Zeus comes from Eastern Europe, as everyone knows, and Eastern Europe is entirely peopled with criminals, and criminals are used to having people not trust them, as you are not trusted by me, so I can clearly not choose the link in front of you.

    Dread Pirate Google: Truly, you have a dizzying intellect.

    Vizzini: Wait till I get going! Where was I?

    Dread Pirate Google: Eastern Europe.

    Vizzini: Yes, Eastern Europe. And you must have suspected I would have known the trojan's origin, so I can clearly not choose the link in front of me.

    Dread Pirate Google: You're just stalling now.

    Vizzini: You'd like to think that, wouldn't you? You've beaten my firewall, which means you're exceptionally strong, so you could've put the trojan in your own link, trusting on your strength to save you, so I can clearly not choose the link in front of you. But, you've also bested my antivirus, which means you must have studied, and in studying you must have learned that root is hackable, so you would have put the trojan as far from yourself as possible, so I can clearly not choose the link in front of me.

    Dread Pirate Google: You're trying to phish me into giving away something. It won't work.

    Vizzini: It has worked! You've given everything away! I know where the trojan is!

    Dread Pirate Google: Then make your choice.

    Vizzini: I will, and I choose-- What in the world can that be?

    Dread Pirate Google: What? Where? I don't see anything.

    Vizzini:Well, I- I could have sworn I saw something. No matter.

    Dread Pirate Google: What's so funny?

    Vizzini: I'll tell you in a minute. First, let's click. Me on my link, and you on yours.

    (They both click.)

    Dread Pirate Google: You guessed wrong.

    Vizzini: You only think I guessed wrong! That's what's so funny! I switched links when your back was turned! Ha ha! You fool! You fell victim to one of the classic blunders! The most famous is never get involved in a land war in Asia, but only slightly less well-known is this: never go in against a Sicilian when pwnage is on the line!! Ha ha ha ha ha ha ha!! Ha ha ha ha ha ha ha!! Ha ha ha--NO CARRIER