| 5:09 pm on Sep 19, 2008 (gmt 0)|
Some .edu domains also get hit with parasite hosting rather hard. That's been going on for a while, and I certainly hope Google can get a good handle on it.
| 5:15 pm on Sep 19, 2008 (gmt 0)|
Those .EDU sites are prime targets for black hat SEO hackers.
| 6:44 pm on Sep 19, 2008 (gmt 0)|
I never understand this. Why is Google bound to only visit a site with Googlebot? Surely sending Googlebot out and then having an automated Firefox/IE browser open each found link to see if it gets different information and what type (such as redirects) would be simple to set up and run ... then again, maybe that's why I don't work for Google - I just don't understand the complexity of their problems ...
| 6:54 pm on Sep 19, 2008 (gmt 0)|
|I just don't understand the complexity of their problems |
It's complex - the bad guys who create those doorpages are pretty clever at detecting bots and showing them one content but they will redirect or show different content to real visitors. Google eventually gets them but it takes time, usually it happens soon after those doorway pages get ranked well and traffic starts flowing - I think in this case Google pays closer attention to those pages that rank well.
| 2:17 am on Sep 20, 2008 (gmt 0)|
Could it be a 302 hijacking? From what I understand, those are starting to pop back up...
| 12:31 pm on Sep 20, 2008 (gmt 0)|
When the (host) page doesn't get banned from Google
don't want to detail the method here, but it's relatively easy to do from the outside w/o the webmaster noticing a thing
... as for SEO, this kind of redirect won't get picked up by Google at all
Target page won't get anything from this apart of the ( random and/or panicked ) traffic, and the site that got infected won't be blacklisted either.
Meaning the 'host' page stays in the index and the target page might as well be banned for years, it'll still get traffic - effectively from Google.
don't allow visitors/users to add any kind of code to your pages. ever. replace strings that are suspicious
| 2:50 pm on Sep 20, 2008 (gmt 0)|
|I never understand this. Why is Google bound to only visit a site with Googlebot? |
Google definitely does visit sites with non-googlebot means, too. You're right that they need to do this for quality control - maybe they need to do more of it, eh?
| 4:23 pm on Sep 20, 2008 (gmt 0)|
|Google eventually gets them but it takes time... |
Yeah, not everything gets nuked out of the gate. Also a very good reason not to succumb to the "I'll do it because I see other sites doing it" mentality.
| 4:31 pm on Sep 20, 2008 (gmt 0)|
|Yeah, not everything gets nuked out of the gate |
That's because computational cost of applying extra analysis is too high - this can include human review element too, so scalability is poor.
I think they don't want to nuke all straight away to create element of uncertainty - this makes it harder to reverse engineer the algorithm, detect IPs from which non-Googlebots double check data etc.
Also I think it is likely that if SERPs are not very good, then AdWords click will follow, or one of MFA pages will generate extra cash. There is almost certainly pretty good correlation between drop in quality in SERPs and increase in revenues.
| 5:28 pm on Sep 20, 2008 (gmt 0)|
|There is almost certainly pretty good correlation between drop in quality in SERPs and increase in revenues. |
There is likely also to be a pretty good correlation between poor SERPs quality and loss of users to other search engines. I don't think that Google would consider walking this kind of tightrope.
| 5:49 pm on Sep 20, 2008 (gmt 0)|
|There is likely also to be a pretty good correlation between poor SERPs quality and loss of users to other search engines |
Sure. So it's a game of numbers to avoid losing too many people while increasing revenues. While Google might not do it intentionally they certainly not applyng same level of scrutiny to all pages - it sure uses extra processing capacity, but who has got more processing capacity then Google?
| 6:04 pm on Sep 20, 2008 (gmt 0)|
LM - Just to get this back on topic, at issue here is whether Google can detect the kind of exploits that are being discussed in a scalable and economic fashion. Let's keep further discussion about motivation out of it.
| 6:11 pm on Sep 20, 2008 (gmt 0)|
|whether Google can detect the kind of exploits that are being discussed in a scalable and economic fashion. |
That does not appear to be the case as the OP's example suggests.
| 7:35 pm on Sep 20, 2008 (gmt 0)|
I've seen .gov listings hold a number one position for keyword phrases. Click on the Google SERP link and be whisked off to a .edu TLD with AdSense on it. I don't understand how this stuff cannot be detected. But then, one look at Google properties and you can see it is widespread. Very few people are impervious to the exploits out there. When you see .gov sites getting hacked, you know it is out of control. :)
Some of those .edu's may not be around much longer. I believe EDUCAUSE will do its best to make sure of that. That whole Grandfather clause has caused the .edu space grief and will continue to do so until that hole is closed completely. EDUCAUSE, remove the Grandfather Clause and take those domains back. Please? :)
| 11:33 pm on Sep 20, 2008 (gmt 0)|
Hacked edus was a horrible problem in 2006 but now they are pretty good at removing this junk, though obviously not perfect.