search engine attack on GWB

Bill Stewart bill.stewart at pobox.com
Fri Jan 26 21:03:48 PST 2001


At 01:20 PM 1/26/01 -1000, Reese wrote:
>Formatting fixed
>
>At 01:44 PM 1/26/01 -0500, Blank Frank wrote:
> >If you type "dumb motherfucker" (unquoted) in Google, the first hit is
> >http://www.georgewbushstore.com/
> >
> >which is not a parody site and includes this:
> >
> > (Note: If you have arrived at this site through
> > inappropriate references via a search engine, please
> > be assured that we did not utilize this language in our
> > site, our HTML,  nor in our internet promotion of
> > this site. What happened was the result of a malicious
> > act and we are pursuing remedies through the efforts
> > of our staff and attorneys.)
> >
> >Anyone have any idea how that was done?

I'll leave discussion of whether the term is actually
inappropriate for GWB to those who are better informed ;-)

Google's search engines do weight their responses based on
how many web pages link to a given page - there's probably
some minor trick involved in getting the keywords into a 
page that doesn't use it (or at least perceived by Google to be.)

But it's not that hard to develop an HTTP server that will
serve up large numbers of "different" web pages that all reference
the page you're trying to push - the server can go pretty fast
when it doesn't need to read an actual file or search directories, 
just output a bunch of cached strings in some slightly random order that
keeps google happy.   Depending on google's search algorithms,
there may be optimal mixtures of different domain names,
IP addresses, and file names to encourage google's spiders to
come back as fast as possible, and it's highly probable that
somebody's been experimenting with that precisely to
promote their commercial site.  It helps to have high bandwidth,
and it may help to piggyback on an existing web server just to
include pointers to the fake-site-pool to increase the number of
real links coming in from the outside world.

Is google already trying to track hacks like this?  Probably :-)

				Thanks! 
					Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639





More information about the cypherpunks-legacy mailing list