Hacker News new | ask | show | jobs
by rbarooah 4914 days ago
I doubt you'd consider it a "minor shortlived inconvenience" if Google informed millions of people that your business was a known distributor of malware.

Google can perfectly well block the malware without making such an accusatory statement. It's not a tradeoff, so I don't really know why you are defending them.
1 comments
analog 4913 days ago
What would you'd reckon the accuracy of the algorithms are? I'd have thought the numbers probably justify the language.

Security is a tradeoff, if you do business on the web, deal with it.

link
rbarooah 4913 days ago
Clearly you haven't thought this through.

Security is sometimes a trade-off but in this case there is no trade-off involved. Google can just as easily block the malware without the potentially defamatory language.

The accuracy of the algorithm is utterly irrelevant.

link
analog 4912 days ago
Rubbish. The trade-off in this case is that a more mealy-mouthed warning would lead to more people clicking through.
link
rbarooah 4912 days ago
Nobody except you is suggesting a mealy-mouthed warning - that's a straw-man.

An accurate and informative statement like:

"Google's Scans detected malware <X>, which is known to do harm <Y> within the past <N> hours at <Z> percent of the pages operated by <COMPANY>. Google recommends that you do not click on this link until this warning is lifted. [Site owners click here for detailed information]"

...would be just as effective.

Scare tactics, especially those that might be laying blame incorrectly, simply breed ignorance, and ignorance is the enemy of security.

link
analog 4912 days ago
it might be better if the message said something like "The site appears to be infected with malware.This warning will be remain in place until the malware has been removed."

That's what you suggested, seems pretty mealy-mouthed to me.

link
rbarooah 4912 days ago
Presumably you don't judge my second suggestion 'mealy mouthed' otherwise you'd have quoted that instead.

So even by your judgement of what is 'mealy mouthed', an effective and accurate warning is clearly possible. You might not have liked the wording of my first suggestion but that doesn't change the argument.

There is no valid trade-off that requires Google to use accusatory wording in order to protect people from malware. It would clearly be an improvement if their messages were more accurate.

link