Hosts phishing sites, gets blocked by anti phishing mechanism. Works as expected from my point of view.
Get yourself on public suffix list or get better moderation. But of course just moaning about bad google is easier.
Hosts phishing sites, gets blocked by anti phishing mechanism. Works as expected from my point of view.
Get yourself on public suffix list or get better moderation. But of course just moaning about bad google is easier.
If youtube.com doesn't end up on the Safe Browsing blacklist because of phishing videos, but your own website can easily end up there, it's a pretty clear case of Google abusing their power.
YouTube doesn't allow you to put your credentials into text box and hit send. Google sites, on the other hand, does pose a disk, but they'll likely be treated the same as any other domain on the PSL.
In my experience, safe browsing does theoretically allow you to report scams and phishing in terms of user generated content, but it won't apply unless there's an actual interactive web page on the other end of the link.
There is the occasional false positive but many good sites that end up on that list are there because their WordPress plugin got hacked and somewhere on their site they are actually hosting malware.
I've contacted the owners of hacked websites hosting phishing and malware content several times, and most of the time I've been accused of being the actual hacker or I've been told that I'm lying. I've given up trying to be the good guy and report the websites to Google and Microsoft these days to protect the innocent.
Google's lack of transparency what exact URLs are hosting bad material does play a role there.
What is a phishing video?
YouTube hosts millions of videos telling people that they are the government/your bank and that you should move money/contact a scam center/buy cryptocurrency. Even worse is the fact you can pay to turn these videos into ads that will roll in front of other videos.
On the whole of YouTube, it's a tiny sliver of a percentage, but because YouTube has grown too large to moderate, it's still hosting these videos.
If Google applied the same rules they apply to the safe browsing list, they'd probably get YouTube flagged multiple times a week.
You are right, of course. I'm not sure if those of you who disagree with me think that Safe Browsing did its job (which it did!), that Safe Browsing is a good thing (which it maybe is, but which I slightly disagree with), or that it's ok that Google monitors everything everyone does.
The last point is actually the one I'm trying to make.
There should be a concept, sort of an inverse of tragedy of the commons, for the positive feedback loop of many users providing big data to a company that can use that data to benefit many users.
From spamblocking that builds heuristics fed by the spam people manually flag in GMail to Safe Browsing using attacks on users' Chrome as a signal to their voice recognition engine leapfrogging the industry standard a few years back because they trained it on the low-quality signal from GOOG411 calls, Google keeps building product by harvesting user data... And users keep signing up because the resulting product is good.
This puts a lot of power in their hands but I don't think it's default bad... If it becomes bad, users leave and Google starts to lose their quality signal, so they're heavily incentivized to provide features users want to retain them.
This does make it hard to compete with them. In the US at least, antitrust competition has generally been about user harm, not actually market harm. If a company has de-facto control but customers aren't getting screwed, that's fine because ultimately the customer matters (and nobody else is owed a shot at beeing a Google).
> There should be a concept....
There is. It is called ponzi, and its illegal, but in most cases its become indirect enough in the consequences without proper guard rails/accountability that its now allowed by most publicly traded business today (through clever deception).
Generally, it involves three phases:
1st: Front-loaded benefits in CapEx funding meeting customer/investor expectations regardless of cost.
2nd: Inflection point of momentum where CapEx falls off, a brief period where income meets costs.
3rd: Enshittification - momentum/acceleration reverses to the negative, failure of services as the system is continually hollowed out and cost exceeds income.
This is seen in the S-growth or S-adoption curves in business starting to become visible towards the late 1970s and progressively increasing exponentially thereafter in time.
Most companies jettison (sell/off or merge) or close down services before they hit the 3rd stage where the service objectively can be seen as unprofitable by associated investors. The ones that don't are state-funded apparatus.
This concept drives almost everything we see today in modern society and in the market there are parallels and indirect consequences fully described back in the 1950's by Mises with regards to money-printing regardless of its form (i.e. debt that is not reserve backed (Basel3), synthetic shares, paper warrants (Comex), Bonds (with reporting loophole hold to maturity), flier miles, credit card rewards, etc).
The structure and its flaws remain foundationally intractable. This is how you profit and grow bigger off destroying the market. Eventually consolidation leaves state apparatus in place of a market.
No market can compete with slave labor, which is what state-funded apparatus use indirectly through money-printing/currency debasement. Its not considered a tax, and its not given willingly. Its extracted labor.
Those that have lived through these times see the drastic reduction of options in available products that have naturally sieved to the point where shortages are now regularly occuring (for those with a discerning eye). There are a lot of moving factors, but the structure and their inevitable trends are well known structures, at least in certain circles.
In seriousness, the totality of Socio-economic collapse is more probable than a lot of other potential futures, as a result of this. Collapse has happened many times throughout history in relation to money-printing.
Always before, we were not in ecological overshoot for our population, let alone being in this state for 2 full generations. Catton/Malthus paint a grim picture of the outcomes but no one of action pays attention to these things. Its all largely drowned out by the noise of bots.
It's hard to get that point because you're conflating two different stories.
Folks around here are generally uneasy about tracking in general too, but remove big brother monitoring from Safe Browsing and this story could still be the same: whole domain blacklisted by Google, only due to manual reporting instead.
"Oh, but a human reviewer would've known `*.statichost.eu` isn't managed by us"—not in a lot of cases, not really.
Sure, and sorry for being so unclear. The point of my post was meant to be a) Google has this enormous cannon, is this "right"? And b) they will use it to kill anything bigger than a mosquito.
But you're right, complaining about big tech surveillance didn't help with making that point at all.
> But you're right, complaining about big tech surveillance didn't help with making that point at all.
I disagree. Everyone with a brain is thinking it. Its important to address what your audience may be thinking especially given the other factors in this which I've mentioned in other responses related to gross negligence.
Technical capability exists to narrowly define blacklists, and they chose a gross negligence route (baby with bathwater), without providing notice.
You are right, but then again, nobody flags facebook because of the scamming taking place in some facebook pages.
Generally because Facebook polices Facebook (imperfectly, but the effort is demonstrated) and the damage radius is limited to Facebook users mostly. As long as the easiest way to avoid damage from the Facebook domain is "Don't use Facebook," the larger Internet doesn't need a mechanism to police it.
If Facebook became a trap that frequently hosted malware to strangers, the rest of the net would begin to interpret it as damage and route around it.
"Might makes right" as they say.
There is no real way a normal person even can flag facebook.