Google Bugs and Newbie Traps Google的错误和新手陷阱

On 27th September 2007, this site told of the re/ocurrence of search-engine hacking by spammers [see对2007年9月27日，这个网站告诉的重组/ ocurrence搜索引擎黑客由垃圾邮件发送者[见 Hackers Shanghai Google, Warning黑客上海的Google ，警告 ]. ] 。 Although this nefarious activity was known to the more savvy members of the Internet community, it had remained relatively unpublicized and apparently not deemed to be a major threat.虽然这邪恶的活动，被称为向更精明的成员互联网社区，它仍然相对未经公示的，而且显然不被认为是一个重大威胁。 However, on that particular Sunday over half of the first page of an innocuous search was occupied by bogus and harmful links.但是，关于这一特定星期日超过半数的第一页1无伤大雅的搜索占领了虚假和有害的联系。

Clicking on one of the links had the result, for one user, of a startup program being replaced so that the control was in the hands of the hacker-spammer.按一下其中一个链接，有结果，为一个用户，一个启动程序被取代，使该控制在手中，黑客-垃圾邮件发送者。 This was on a MacBook Pro laptop, for which there is much pro-Mac publicity about immunity from attack!这是对一的MacBook Pro笔记本电脑，其中有很多亲的Mac宣传有关免受攻击！ Now it must be said that the user had not utilized some of the available safeguards, having misplaced faith in the saying that “this is a Unix based system and it is hard to attack”.现在，它必须指出，用户并没有利用一些现有的保障措施，有错误的信念，在他说： “这是一个基于UNIX的系统，这是难攻” 。 Furthermore, the user had, in effect, opened the door to the attacker by clicking on the bogus link.此外，用户，实际上，打开了大门，攻击者通过点击虚假的链接。

The report here went on to describe how the bogus links could be identified by the fact that they appeared to have .cn in the URL.该报告在这里接着就描述了如何假链接，可确定的事实，即他们似乎有网在网址中。 Since then, although Google responded swiftly, files with .txt have appeared and apparently even been cached by the search engine.自那时以来，虽然Google的回应迅速，档案为。 txt出现了，显然，即使被缓存由搜索引擎。 Furthermore, one user entered his distinctive surname, and one of the ‘finds’ on the first page of search results was a spoofed page of The Guardian newspaper with a report about his cousin.此外，一个用户进入他的独特的姓，和其中的'认定'对搜索结果的第一页是一个欺骗性的网页卫报了一份报告，对他的堂弟。 Needless to say, this wise user did not click on the link!不用说，这明智的用户没有点击该链接！

Usually, the spoofed websites are relatively easy to spot in that they contain lists of words, although from the above it can be seen that this is not always the case.通常情况下，欺骗性的网站，比较容易在现货它们包含名单，换言之，虽然从以上可以看出，这是情况并非总是如此。 Generally the summary is in poor English at least.一般简易程序是在穷人的英语至少。 They are still, for the most part, sporting the “.cn”, and rarely cached.他们仍然是，对于大多数的一部分，体育“网” ，很少缓存。 They also have very odd-looking URLs, even if not “.cn”.他们也有非常多的前瞻性的网址，即使不在“网” 。 Although Google has been singled out so far, any search engine is at risk, and similar bogus links were also seen on Altavista at about the same time.虽然Google已挑出直至目前为止，任何搜索引擎都处于危险之中，类似的虚假的联系也被认为是对altavista在大约同一时间。 Moreover, the attacks are ongoing.此外，攻击仍在进行中。 A Google search on 17th October 2007 for a well-known cosmetics company and UK town yielded a bogus link in the first page of results. Google搜寻2007年10月17日，为一家著名的化妆品公司和英国的城市产生了虚假的链接结果的第一页。

Google is a vast and valuable resource for information. Google是一个庞大的和最宝贵的资源以供参考。 However, reaction in the Internet community to this current threat seems strangely muted.不过，反应在互联网上社会对这一目前的威胁似乎是奇怪的静音。 One user-response seen was almost arrogant, in that ’sensible users don’t click on odd links’.一个用户可看到的反应几乎是自大，在这'明智的用户不要点击链接多' 。 However, the naive and the curious are not necessarily senseless or silly, just uninformed or inexperienced.然而，天真和好奇，不一定是毫无意义的或愚蠢的，只是无知或缺乏经验。 They deserve better.他们应得更好。

– Thanks go to Dr Jenny Oliver for this invaluable contribution in the subject of search engine hacking. -感谢议员珍妮奥利弗为这宝贵的贡献，在主题搜索引擎的黑客。 If you would like to contribute to the site as a guest blogger please get in touch, I’d like to make this a regular feature if there is sufficient interest.如果您想作出贡献，该网站作为一个客户的Blogger请取得联系的，我想使这是一个经常性特征，如果有足够的兴趣。