The Email Battles website is claiming that Google and MSN have been blocking searches designed to root out vulnerable PHPBB servers. The website says that, occasionally, query strings commonly used by “script kiddies” are blocked, to prevent them from finding servers that are open to attack.
I can’t confirm this through my own searches, so I was hoping someone could help me out by pointing out a working example. If you are worried about publishing the exploit query string, leave a comment with at least two links and it’ll stay in moderation, with instructions for me to delete the string.
So, what are the implications of this? Well, if Google is blocking these searches, it is doing so as a public service, basically declaring that searches that serve no purpose except to do harm are off limits. I like the intention, but I’m not so sure I like the action or the precedent.
What if, in the future, Google decides to block all commonly used searches that can be used to harm others. For example, what if Google decides to block “i am 9..12 years old”, a query that can be used by pedophiles to find children of a certain age range? What if Google decided to block searches for gun trade shows, or steroids, or porn?
I realize the PHPBB search serves zero purpose beyond harm, since it is a code string found in unsecure servers, but it could represent a path many do not want Google to traverse. Even as Google fights the Department of Justice for our privacy rights, it is important to remember that we have the right to search for the wrong things.
TechDirt points out more potential “evilness” in Google’s actions, since the error message that users see when attempting one of these blocked searches implies that their computer has been infected with a virus or spyware or worse. In TechDirt’s words: “it’s questionable as to why they feel the need to erroneously tell perfectly innocent people that they have a virus.”