Few honest questions:<p>1. If Google detects something as malware, i.e. google software knows that it can be dangerous to users, then why it cannot prevent itself from acting as intermediary? Also, why it does not stop hosting malware?<p>2. >>> Malicious software is hosted on 279 domain(s), including 24corp-shop.com/, abu-farhan.com/, soaksoak.ru/.<p>These web domains do not belong to Google. It seems google is downloading several pages onto its server for various purposes. Is it legal in all countries?<p>From the architecture point of view, is it difficult to sandbox/protect user facing google.com search engine from the above websites all the time so that if malware is there, do not let it effect search engine or other major parts. Users are not security-literate.<p>3. What should I do as user? Just ignore this assuming that this is for webmasters and not for ordinary users?<p>Honestly, for me personally, malware on google is unimaginable, since we consider it as gold standard on the web.
And for DuckDuckGo, <a href="http://www.google.com/safebrowsing/diagnostic?site=duckduckgo.com" rel="nofollow">http://www.google.com/safebrowsing/diagnostic?site=duckduckg...</a>
Would some kind soul please describe to me what this does, my corporate eager beaver network admins seem to consider this some kind of problem site and it's URL is blocked by our gateway proxy.
AS36040 (YOUTUBE), AS43515 (YOUTUBE), AS15169 (GOOGLE), AS54113 (FASTLY), AS36459 (GITHUB), AS16509 (AMAZON-02),
AS14618 (AMAZON-AES), AS16509 (AMAZON-02), AS38895 (AMAZON-AS-AP) and so on.<p>Could someone tell me more about those network codes ?<p>Where do they come from ? Specifics to Google or following some standard ?
The diagnostic page doesn't appear to always be strictly accurate. For instance, it says "Google has not visited this site within the past 90 days." for many of my sites which it has crawled daily for years.
<a href="http://www.google.com/safebrowsing/diagnostic?site=www.sourceforge.net" rel="nofollow">http://www.google.com/safebrowsing/diagnostic?site=www.sourc...</a><p>"Of the 10 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent."<p>What about bundleware fail?<p><a href="http://httpshaming.tumblr.com/post/95068402386/filezilla-sourceforge-installer-insecure" rel="nofollow">http://httpshaming.tumblr.com/post/95068402386/filezilla-sou...</a>
On the one hand, I feel smugly better about using another browser[1]. But how could I feel this without google (i.e. google.com/safebrowsing/diagnostic) to provide the ammunition? I'm so confused now.<p>[1] <a href="http://www.google.com/safebrowsing/diagnostic?site=duckduckgo.com" rel="nofollow">http://www.google.com/safebrowsing/diagnostic?site=duckduckg...</a>
The comparison with Bing is interesting:<p><a href="http://www.google.com/safebrowsing/diagnostic?site=bing.com" rel="nofollow">http://www.google.com/safebrowsing/diagnostic?site=bing.com</a><p>"This site was hosted on 25 networks" vs. 3, 1 virus vs. 503.
Is it the ads? Most malware is distributed through ads. I don't think there's a risk in AdWords text based ads, but the display ads frequently include malicious software. That and download.com. I'm glad I use the ad blocker.
GitHub's is also <i>not</i> clean: <a href="https://www.google.com/safebrowsing/diagnostic?site=github.com" rel="nofollow">https://www.google.com/safebrowsing/diagnostic?site=github.c...</a>