Recent Google Update - Not So Clean

41 comments
Source Title:
Google's Bourbon Hangover
Story Text:

Funny thing happened on my way to check my Adsense stats tonight - another site was beating Google for Adsense. It was confirmed by 2 different people in other parts of the world, and I even screencap'd it (on my blog).

If this is what Google's Bourbon update has to offer, it makes me wonder how "clean" (as some people have claimed) the Bourbon SERPs are going to be.

Fluke? Bug? Quirk? Hard to guess - It is actually kind of exciting, because this means there's a big hole in their algo...

Comments

 

That site redirects to the Adsense log in page with a meta refresh

 

The AdSense main page URL has been hijacked. And that first result that shows has also aquired all the backlinks that actually belong to www.google.com/adsense/ And doing a URL search for that first listing actually shows the Google AdSense URL in the results.

I took screenshots of the various searches at http://www.jensense.com as I suspect it won't stay live for very long.

There is something oh so ironic about a Google program's page being hijacked in the Google results ;) This is probably the kind of thing that gives the spam team in the Googleplex nightmares.

the smoking gun: teaching by example

Seems like a good way to make the point that the redirect hijack absolutely does exist.

Perhaps that was the whole point of the exercise.

Note the PR

I'm seeing it live as well. Now this is really news worthy, and could perhaps be explained to some less tech savvy news guy - anyone with some solid real world news connections? :-)
Though they will most problably fix this as soon as it comes to their attention (hand tweaking I'm sure, not the real fix that is needed), have a look at the PR as well - in my toolbar, the no. 1 guy is a PR9 while https://www.google.com/adsense/ is a gray bar. LOL

Official AdSense site back to #1 now

and last nights number 1 is at 2

propagating

I'm seeing it in 3 datacenters now - it is definitely propagating.

http://66.102.7.104/
http://72.14.207.104/
http://64.233.187.104/

The Adsense home page was highjacked, and it is spreading across the datacenters - I keep seeing it in the .com results

Bad day for Google, good day for the victims of site highjacking.

 

Still seeing the non-original site at no. 1 from both a US based server and an Israel based one. Your mileage (and data centers) may vary...
Cornwall - when you see the official site as no. 1, is it the https://www.google.com/adsense/ page or some sub page?

 

I am still seeing the hijacking across all the datacenters as well.

google adsense = spammy site

Well, we all know that this only hits spammy sites and sites that have penalties, don't we? A Google representative told us so, not long ago:

A lot of sites that try to spam search engine indices get caught, and their PageRank goes lower and lower as their reputation suffers. We do a very good job of picking canonical urls for normal sites; sites with their PageRank going toward zero are more likely to have a different canonical url picked, though, and to a webmaster I understand that it can look like "hijacking" even though the base cause is usually your reputation declining. For a long time, it was hard to get anyone to report canonicalization problems, because the site that got "hijacked" would be free-cheap-texas-holdem-plus-viagra-and-payday-loa ns-as-well.com type sites.

link

Depends on query

Testing on "google adsense" as used by Jen in her blog screenshot, puts the official site #1.

Using the query "adsense" has it at #2

Screen shot for "google adsense" result here- but it is on google.co.uk. I get it the other way round on other data centres

Maybe they haven't decided yet if the official site is spam or not!

What are the chances this will be fixed?

Zero to none. They will do the cosmetic manual alterations for this one result then back to business as usual. Be nice if they reacted this quickly to ordinary joe shmoe getting hijacked. I just wish the media had picked up on it. It just shows there is no defense to this sort of thing - if G hasn't can't defend itself from its own flawed algo who can?

google adsense vs adsense

Do please notice cornwall that the Adsense home page is not in your serp - your #1 and #2 are the help and policies page.

The serp's been blagged.

#1 this end

9:30 GMT

Very funny ;-)

http://www.threadwatch.org/node/585#comment-1560

thats a pretty good example as far as i am concerned.

Having been hit by Bourbon myself..

..I find it nausiatingly ironic (rather than funny) that their AdSense main page has been hijacked.

It would appear that someone has been too sucessful in what they have done. As claus says in that touchingly piquant quote from Googleguy (the quiet man of the web these days)

Quote:
We do a very good job of picking canonical urls for normal sites; sites with their PageRank going toward zero are more likely to have a different canonical url picked, though, and to a webmaster I understand that it can look like "hijacking" even though the base cause is usually your reputation declining.

It appears presumably to Google that their own site has "declining reputation"

Google declining reputation

I think we can all agree with that ;O)

This is a chance for them to get their act together for the common good, what better example do they need? Here's hoping they do ..

Security Issue - stealing passwords

Are you sure it redirects to the actual adsense site, can't the display url be faked?

Could this be an attempt to steal people's login details and hijack their account?

 

Quote:
Testing on "google adsense" as used by Jen in her blog screenshot, puts the official site #1.

Using the query "adsense" has it at #2

I still get the other site in #1 for both search terms.

Jen, probably academic whether #1 or #2..

..the main AdSense page has disappeared either way.

Question to me is how closely this is tied to 302s and/or Bourbon

In other words.

1. Is this a 302?
2. If it is, then would it have happened without Bourbon (blessed be he)
3. Or more likely, has the Bourbon algo change tipped the balance somehow against "authority" sites (probably converse pre-Bourbon authority sites protected by algo, perhaps by age).

Hence G$ press the button on algo change, presto "authority sites wiped out. Read the WMW thread if you have the stamina (OK always difficult to separate the whiners from the genuinely agggrieved) and realise a fair number of "authority" sites, in the index for some time, have been wiped.

G$ never did "solve" the 302 problem, just swept it under the carpet. Perhaps this is it re-emerging from the slime to haunt them.

Oh, sweet, sweet justice

I have been wanting to see someone have the kahungas to do this for a long time. The big G needed a wake up call. Sweeeeeet....

not 302 just meta: same, same, only different

302 and meta redirects are two ways to make a hijack. The serious hijackers combine both in one server response, but this is not one of them.

I'm sure it would have happened without Scotch, Bourbon, or Beer. As Google apparently did/does nothing it was/is only a matter of time.

----------------------------------
meta refresh - content 0 - URL = https://www.google.com/adsense/"

Meta refresh

claus,

Yes I saw that when I checked originally.

Thought accepted wisdom was that meta refresh got you penalised in the first place.

Seems a bit of a coincidence that it happened at same time as Bourbon though!

Hey, is this still alive?

You contact user support and use the keyword "canonicalpage" in your report.

GG debunked this whole thing at /. from what I recall.

/.

The thread where your man debunked this is this one at Slashdot

Gems include from GG (as far as I am aware G$ have never deneyed that this {is one of the many faces of} GG)

Quote:
I'll include more details of why you shouldn't listen to Threadwatch.org
Quote:
Here's the skinny on "302 hijacking" from my point of view, and why you pretty much only hear about it on search engine optimizer sites and webmaster forums. When you see two copies of a url or site (or you see redirects from one site to another), you have to choose a canonical url. There are lots of ways to make that choice, but it often boils down to wanting to choose the url with the most reputation. PageRank is a pretty good proxy for reputation, and incorporating PageRank into the decision for the canonical url helps to choose the right url.
Quote:
We do a very good job of picking canonical urls for normal sites; sites with their PageRank going toward zero are more likely to have a different canonical url picked, though, and to a webmaster I understand that it can look like "hijacking" even though the base cause is usually your reputation declining.
Quote:
As a side note, I'm getting a little tired of debunking the source of this story (NickW at threadwatch)

AdSense PR has gone to zero. Nah, don't read TW, get the real facts from the horses mouth. Wonder if GG (well this one anyway, is still debunking TW!

GG

TW best publicity machine

trapped by ip

G$ never did "solve" the 302 problem, just swept it under the carpet.

That carpet is starting to look like a bean bag chair.

Really, "picking a canonical uri" is easy, just figure out what page a real user with a real browser would land on after all the gyrations. warning: opinion not rendered by a phd.

The only problem with the above is it conflicts with their love affair with link based pagerank, which is their only claim to fame and protected ip.

Their whole ipo was based on this ip. So now what?

added:

Hmmm, just bounced back from another WM message board where this same thing is headlined on the front page. It seems over there you have to be a supporter to see the thread. The unwashed masses are not to be privy to the thoughts of the insiders. Ho-hum, I can read about it here. Nothing new anyways. Just the best url of all to get hijacked.

Threads on the highjack

Search engine watch
Webmaster World (supporters only)
Webmaster World - free

The supporter's thread has the most lively discussion, in my opinion.

Hey, I didn't intend to hijack Google...

Kevin Bidwell owner of All-In-One-Business.com here...

My simple page has gotten quite a stir going on the forums:

I'm either a genius who finally had the balls to go after
Big G

Or I am hijacker trying to steal Google's page rank for
my own evil ends

Or I am going to create a mirror page to phish for people's
info

The reality makes me sound much less clever...

I write articles, lots of articles, and when I point to a
resource in an article I use a meta refresh so that if the
URL ever changes all I need to do is make one change on my
site.

Here's the scary part, though...

If I can "hijack" Google's page without really trying, what
happens when people are actively TRYING to do something evil?

Appliance of Science

The combined weight of 50 PhDs, or a rocket from the executive floor, seem to have resulted in what I assume is a hand sort of this problem.

Kevin's site has disappeared from the front page serps, and the main AdSense page has returned to the head of the queue

Begs the question as to what they are doing about the poor bloody infantry caught up in this problem - probably nothing if you don't have a mate on the executive floor at the plex!

Not here

For "google adsense" sans quotes, and "adsense", all-in-one is still #1 here. Handjob might take awhile to propagate.

Seems fairly widespread

I get it on my .com, .co.uk and a couple of random data centres.

Screen shot

Now I'm Seeing It

Everywhere. Sooo, time to see if jacking with that method still works, or if we've been given a handjob. Jacking, handjobs... Nick, you might be getting some unwanted traffic. :)

 

Man, you should SEE some of the referal strings here! hehe...

Gone

Looks to be gone now from many data centers

Look at the old 4 & 5 results - now 3 & 4..

Sure - the meta refresh result at #1 is gone - but the lockergnome 302 (which was the #4 & #5 in all the screenshots) is still there... now its moved up look at results 3 and 4... its a 302 to the Adsense demo page...

 

I think the Lockergnome ones are there because Chris links to those using the keywords "Google AdSense" from all of his sites, and many of them have pretty high PR. They aren't hijacking the actual site.

 

Hi Jenstar. Have a look at the header for the indexed page. HTTP/1.1 302 Found

Where did it come from? Have a look - Google has indexed the jump link from his windows page banner. I have no doubt that its totally innocent.

But it is a URL with a 302 which has been indexed due to Google Adsense page content.

The issue is that the 302 source URL is indexed....

302 logic

The combined weight of 50 PhDs, or a rocket from the executive floor

Wait ..., does that make the executive a rocket scientist?

ok, back to the serious programming now ...

lockergnome

yes Google still attributes the content of a page to the source URL of a 302 (in stead of the target URL).

As per the (too strict interpretation* of the) RFC, and as in "the cause of all the problems". Google has not improved one bit here.

---
*) If they chose to attribute the target URL to the content in stead in order to avoid these obvious problems, then they would still be acting according to the RFC. Even though they would do exactly the opposite.

 

That's google's spam, and 302 strategy in a nutshell: Patch the publicly embarrassing bits, and let the rest go to hell while we release yet another stupid beta...

Lockergnome

Have to agree with claus and Chris_D, its a classic 302 getting high serps.

Quote:
Google still attributes the content of a page to the source URL of a 302 (in stead of the target URL).

and as for

Quote:
Patch the publicly embarrassing bits, and let the rest go to hell

I think that's where I am right now!

rfc interpretation

To repeat myself from a year ago, in summary form:

It might be necessary to interpret rfc2616 to obtain or follow the chain of pages, but it is disingenuous to claim that the rfc has any place in the presentation of results.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.