Sunday, October 24, 2010

Someone call security: How [frockwriter] got blacklisted by Google

Welcome to the blog that you have when you're not having a blog [NB This post was published simultaneously on frockwriter's Posterous, to circumvent security issues]. Just a quick headsup about the security ballsup that has gone down today on the frockwriter main blog. As anyone other than RSS and email subscribers may have noticed, since approximately 1144 AEST today, visitors to the site have been greeted by a great big red alert sign with the noticification: “Reported Attack Page! This web page at has been reported as an attack page and has been blocked based on your security preferences”. Together with a nifty little security guard icon holding a stop sign. Having been Google spoofed in April, I immediately assumed that a one-on-one hack job was not beyond the realm of possibilities. On closer inspection, however, it emerged that the issue was affecting several other Australian sites: Pages Digital and at least three other sites, the city-centric digi hipster guides, Two Thousand, Three Thousand and Five Thousand. What’s the common link? UPDATED: NOW OBVIOUSLY BACK ON THE AIR. SEE EXPLANATION AT THE END OF POST. 

PagesDigital is frockwriter’s advertising partner and while there is currently no campaign on frockwriter, PagesDigital created and managed the little flash animation that linked through to our recent New Zealand Fashion Week coverage. It in turn was connected to Pages Digital's OpenX-powered ad server. 

OpenX claims to be the world’s leading independent provider of digital advertising technology, serving 350 billion ads per month across 150,000 websites in 10 countries.

According to Pages Digital, an OpenX security issue has been identified and an update was released today and installed.
Having utilised Google’s Webmasters Diagnostics service, I can report that no malware is currently detected on frockwriter. To be on the absolute safe side, I removed the flash animation.

However the fact of the matter is that none of this is going to assist anyone immediately remove themselves from Google’s blacklist, as the site review request process can, according to Google, take WEEKS.

Obviously RSS and email subscribers won’t know what’s going on because they’re simply accessing a feed. And of course while subscribers are fantastic, they don’t contribute to daily traffic which, in frockwriter’s case, has really tanked today. I have been referred to Australian agency Feel Creative which reportedly set Pages Digital up with OpenX (and possibly the Two Thousand crew as well). So far noone at Feel Creative has felt very communicative and gotten back to me. So will keep you posted.

One of the questions I’d like to ask Feel Creative is: was there a new OpenX security update launched after the one that was released on September 14? Because that appears to be the last time that OpenX in fact issued a security update. Or did someone simply forget to tell the Australian publishers?


UPDATE 2130: Yes indeedy, someone did forget to tell the Australians - and thousands of other publishers that were affected overnight according to Feel Creative's Chris Hang, who just got back to me. Hang reports that only today did Feel Creative head to the OpenX site to track down the security update [OpenX 2.8.7] that was released on September 14. Why didn't Feel Creative have the new security patch prior to today? Hang didn't have an answer for that. But he did say that it would be the last time his company uses OpenX. "This is a dealbreaker" he told me.

In what appears to be a miraculously fast turnaround from Google [and many thanks to the efforts of Feel Creative] at time of writing the security warnings had been removed from both Frockwriter and Pages Digital. They still affect Two Thousand, Three Thousand and Five Thousand [UPDATE 25/10 - the three latter sites are now back on the air as well]. 



Blog Archive