top | item 47152396

(no title)

jeroenhd | 4 days ago

This is 100% on Radix, not on Google. Google and Microsoft can (and probably should) have a registry of known-abusive websites. False positives are inevitable, so these should be taken with a grain of salt, but in most cases they're correct. Their lists are a lot more reliable than those from the "traditional" antivirus/anti-scam vendors that will list anything remotely strange to pump up their numbers.

The external people treating these lists as absolute truths and automatically taking domains down are the ones at fault here. Google didn't grab power, Radix gave it to them without asking.

discuss

AshamedCaptain|4 days ago

Exactly what we predicted would happen (someone would eventually put "too much faith" on this list) has literally happened, and your defense is still "well it's not Google's fault, it's a 3rd party's!". Obviously the point is not that Google was going to do it, but that others would , analogue to the process known as "self-censorship".

flaminHotSpeedo|4 days ago

Self censorship requires a threat or risk of detriment if the party doesn't self censor, right? Where is that here?

What Radix does has no impact on Google, and I don't see how Google would be incentivized to pressure Radix. So I don't see how to make the leap blaming Google for Radix's incompetence. Yes, Google should recognize the risk of this happening, but they'd have to balance that against the rewards (or at least what they consider rewards)

axus|4 days ago

I read your comment as agreeing with the article: "Never buy a .online domain".

And Google has the right to publish a list, there should be more lists not less. But Google was at fault for not correcting their blacklist. Until the article appeared on Hacker News, this was not 0% on Google. A small, correctable mistake, but they deserved a tiny bit of blame.

overfeed|4 days ago

> But Google was at fault for not correcting their blacklist.

If all it takes to be taken from the blacklist was to temporarily delete the NS record - the list would be useless against malware.

jeroenhd|3 days ago

Not just .online, also any other domain Radix hosts. At least not for anything important.

What stands out to me:

> Earlier this year, Namecheap was running a promo that let you choose one free .online or .site per account.

I wouldn't be surprised if most of Namecheap's customers who used the "register a domain for free" discount were indeed malicious. Without seeing the results of whatever analysis Google did to flag this website, it's hard to say whether Google is at fault here.

kelvinjps10|4 days ago

Wym mean external people aren't these lists integrated to the browsers? I'm sure if you try to open a website from this list your browser won't let you and I'll put a big warning sign

jeroenhd|3 days ago

You can check browser behaviour here: https://testsafebrowsing.appspot.com/

"See details"> "ignore the risk" works for me. Even Chrome lets you ignore the warning if you click the details button. That's not the problem, though; the problem is that the registrar decided that the browser warning ("something might be wrong") as proof of malice (took down the domain entirely).

lazide|4 days ago

What is to stop Google et. al. from also adding a lot of excess domains to pump up there numbers?

What is to stop everyone from doing this blacklisting?

jeroenhd|4 days ago

Google doesn't sell their list to you. They give it to you for free. Using their list costs them money. Pumping up numbers gains them nothing but the headache of PR issues when they get a false positive.

Spyware filters used to boast about how many domains they filter out because they wanted you to buy their filters instead of someone else's. By the time they hit a false positive, they've already sold a year's subscription to that customer.

The incentives are different.

phoric|4 days ago

Google wants you to use it. If it blacklists excess domains that hold legitimate sites, their product gets worse. If they blacklist illegitimate sites, their product gets better.

bonestamp2|4 days ago

Nobody sees Google's numbers except Google... in other words, the numbers are not a sales tool for Google like they are for anti-virus/blocking companies. So, there's no reason for Google to pump up their numbers, it would just be extra work to make their product worse which wouldn't make sense.

thesuitonym|4 days ago

Nothing, but they haven't done it so far, and they don't really have any incentive to do so.

It doesn't really matter that it's Google. It could have been Microsoft, or PAN, or McAfee or some fly-by-night vendor. The problem was Radix taking the list as iron-clad truth and disabling the domain without any notification or way to resolve the issue.