[HN Gopher] Until further notice, think twice before using Googl...
___________________________________________________________________
Until further notice, think twice before using Google to download
software
Author : satya71
Score : 282 points
Date : 2023-02-03 13:51 UTC (9 hours ago)
(HTM) web link (arstechnica.com)
(TXT) w3m dump (arstechnica.com)
| chaostheory wrote:
| I can't replicate this. Maybe it's because I'm logged into Google
| when I search?
| xmodem wrote:
| Me neither, the examples called out in the article have likely
| all been culled by now. I do have to wonder why entering ad
| keywords for names of popular software doesn't immediately flag
| for review though.
| Terretta wrote:
| Because the most expensive (lucrative for Google) ads include
| competitors bidding on each other's names as keywords.
| JZerf wrote:
| You might have an ad blocker installed.
| NelsonMinar wrote:
| Back in the early 2000s I helped create policy and procedures at
| Google to stop this kind of thing. Google's early anti-malware
| policies, extended to ads, and internal procedures to make sure
| we effectively stopped malware ads. That was a long time ago
| though and it's sad and frustrating to read it's not working so
| well now.
|
| In particular the article points out several big red flags about
| how malware scanners are automatically finding the site and
| download are suspicious. It's a shame Google Ads isn't using that
| information.
|
| (As for DownloadStudio, they have a Wikipedia page that looks
| 100% innocuous. Searching for "DownloadStudio" has Google search
| offering an inline answer to "Is DownloadStudio safe" with a
| reference to the website for DownloadStudio saying "yes it's
| safe". In this case the inline result is actively harmful.
| https://i.imgur.com/37GzDKe.png)
| bcrl wrote:
| It's sad that Google finds it more important to take profits
| from ads linking to malware downloads than to protect users
| from harms. I guess the only way that's going to happen is if
| governments step up and make Google liable for harm caused by
| ads.
|
| I've seen it happen myself with my father. He gets served
| malware and phishing ads at the top of searches on his iPad for
| completely innocuous searches like "Apple Canada support",
| while I get completely different results in the same house from
| my own devices. There's no way to report these incidents
| either.
| Tepix wrote:
| Could it be that the device is already infected with malware-
| injecting things?
| bcrl wrote:
| No, I checked for that multiple times as I was around when
| that happened. It was an ad served up directly by Google
| that lead to a phishing website and phone numbers on it.
| His filter bubble is very different from mine, and it's
| clear that the peddlers of malware and scams use ad
| targeting to hit the elderly with ads that try to take
| advantage of them. This is a major downside of ad
| targeting: they're more effective for both good and bad
| purposes.
|
| Ads really should be less ephemeral than they are.
| Sometimes I see an ad I'm interested in but miss it before
| clicking a link at which point it's gone after hitting the
| back button. Similarly, if an ad is for a scam, there needs
| to be a way to go back, find it, and then flag it.
| IG_Semmelweiss wrote:
| You gave me a fantastic insight
|
| Ive been wondering why a loved one is constantly getting
| phishing emails.
|
| Ive been fighting a losing battle using email filters to
| contain the phishing fraud emails.
|
| Your post gave me the idea to clean up his browsing
| caches. Thank you
| asddubs wrote:
| those results and the wikipedia page seem to be for an
| unrelated tool also called downloadstudio
| pvg wrote:
| _the inline result is actively harmful._
|
| I don't understand how Google have got themselves to this spot
| even though it seems an 'obviously' very serious problem. Both
| the 'card' and 'inline' results suggest some sort of curation,
| a greater googly authoritativeness. They introduce a sort of
| hierarchy of trust - this result is more trustworthy than the
| potentially less trustworthy generic search result. Then it's
| all thrown away by these 'curated' results being bad or worse.
| It's hard to square this with the knowledge there are piles of
| smart people at Google whose expertise and responsibilities
| involve exactly that kind of stuff.
| htrp wrote:
| > It is difficult to get a man to understand something when his
| salary depends on his not understanding it.
|
| - Upton Sinclair
|
| Google doesn't exactly care about this because they still get
| paid for the click. The malware companies are willing to bid
| extremely high for that single click (since they end up pwning
| your computer).
| toss1 wrote:
| That'll work just fine until they trash their reputation with
| carp like this.
|
| Then, no one will use them, and they will have a hard time
| getting it back; they may still exist, but only as a husk of
| their former stature.
| acdha wrote:
| You're not wrong but the manager making that call will have
| retired rich by then.
| toss1 wrote:
| Yup, highly likely.
|
| But this is why someone in the executive or CxO suite must
| be on top of flagging potentially existential issues like
| this and getting on top of it -- instantly.
|
| If it were my company, I'd be temporarily pulling down all
| ads not from a known previously-vetted source (e.g., the
| major agencies of publicly listed US companies), setting up
| an emergency team to develop some recognition technology,
| then opening it back up again with very strong
| surveillance.
|
| But yeah, likely the execs there will just say 'it won't
| collapse that fast, and I'll be off on sunnier beaches
| then...
| DanCarvajal wrote:
| Was looking at a fake Audacity site just the other day. I
| couldn't believe it was the number one search result when I was
| researching progress on the project's UI redesign.
| sneak wrote:
| I block all advertising links via DNS at my router. The first
| full page of Google links that are all ads are just broken links
| for me.
| potbelly83 wrote:
| I think we're moving back towards a 90s version of the web again.
| No search, just a list of hand curated sites of people who's
| opinions we trust. The only thing is now these will be likes
| specs of gold drowning in a sea of shit.
| vehemenz wrote:
| It boggles my mind that neither macOS nor Windows has an
| official, comprehensive package manager. Sometimes the only way
| to get software is to download binaries from a Google search like
| it's 2003.
|
| On macOS, 90% of what you'd ever need is on Homebrew--this is
| more or less a solved problem--but it's still unofficial and
| Apple promotes their pointless App Store instead.
|
| In Windows land, the unofficial package managers are nowhere near
| comprehensive (understandable, I guess), but you'd think with
| Microsoft's approach toward WSL and GitHub, they would have an
| officially supported HomeBrew-like alternative.
| tech234a wrote:
| Windows has winget built in.
| vehemenz wrote:
| They allow anyone to submit to the repository with minimal
| vetting, and the package selection is inferior compared to
| Homebrew. Maybe we have different ideas about what "official"
| and "comprehensive" mean.
| izacus wrote:
| I'd love to hear what "official" means to you and why that
| definition has value for a package manager.
| vehemenz wrote:
| Prima facie, a one-stop, secure, official (paid Microsoft
| employees working on it) source for binary downloads
| seems like it has plenty of value for end users.
|
| I'd be interested in knowing why keeping the Windows
| Store around and having a secondary package list for
| winget that most people don't use is a better paradigm.
| consumer451 wrote:
| I had no idea this existed. Neato! C:\>winget
| search "hacker news" Name Id
| Version Source
| ------------------------------------------------ Hacker
| News Reader 9WZDNCRDKBC1 Unknown msstore Hacker News
| (YC) 9NBLGGH1RHHV Unknown msstore
|
| I have no idea on the provenance of these packages, so will
| not be installing until I understand this more, but thanks
| for sharing winget.
|
| "winget search torrent" listed some apps which I had never
| heard of before.
|
| Here is winget's submission requirements info:
|
| > Expectations for submissions:
|
| > The manifest complies with the schema requirements. All
| URLs in the manifest lead to safe websites.
|
| > The installer and application are virus free. The package
| may be identified as malware by mistake. If you believe it is
| a false positive you can submit the installer to the
| Microsoft Defender team for analysis.
|
| > The application installs and uninstalls correctly for both
| administrators and non-administrators.
|
| > The installer supports non-interactive modes.
|
| > All manifest entries are accurate and not misleading.
|
| >The installer comes directly from the publisher's website.
|
| https://learn.microsoft.com/en-us/windows/package-
| manager/pa...
| consumer451 wrote:
| Just wanted to add the most useful search I've found so
| far: C:\>winget search foss
| _huayra_ wrote:
| I've been using Scoop on Windows [0]. Chocolatey is probably
| the more "professional" answer, but Scoop doesn't require Admin
| privileges, which I could never quite figure out how to do with
| Chocolatey.
|
| [0] https://scoop.sh/
| haunter wrote:
| Windows does
|
| https://en.wikipedia.org/wiki/Windows_Package_Manager
|
| https://learn.microsoft.com/en-us/windows/package-manager/wi...
|
| And if not official then you can always use Chocolatey
| https://chocolatey.org/
| vehemenz wrote:
| How many packages are on Microsoft's official repository?
| Where can I see a list?
| haunter wrote:
| There are 2 sources.
|
| A community repo: https://github.com/microsoft/winget-
| pkgs/tree/master/manifes...
|
| You can, and "highly encouraged" to pull request packages
|
| The other one is the MS App Store itself
| acdha wrote:
| What's the difference between the App Store and a package
| manager? Mostly it comes down to trust: I can give you Mac .pkg
| files all sorts of ways but what you really want is a way to
| know that I am who I claim to be.
|
| Package management has a boot-strapping problem for mainstream
| platforms: the same people telling the public that you should
| install Firefox using their ad bundle installer would instantly
| pivot to saying that you should install Firefox by adding their
| "store" to your system package repository list, and then SEO-
| ing their instructions as hard as they can.
|
| Homebrew works because the audience is heavily technical and
| they don't accept every app. Change either of those and quality
| would decline, and gaps in package coverage normalizes the
| behavior of installing things from outside of the store.
|
| The real solution is probably something regulatory requiring
| Microsoft and Apple to run a basic store at cost, possibly
| allowing premium add-on services, or perhaps having a way to
| setup other stores with proof of liability insurance and
| auditing. The basic tier could be something like having a
| verification process for developers and a robust way to yank
| abusive apps.
| Terretta wrote:
| > _real solution is probably something regulatory requiring
| Microsoft and Apple to run a basic store at cost_
|
| "At cost" for digital stores run well* appears to be between
| 12% and 18% depending how readily end users can unsubscribe
| or how easily they can end up interacting with a human for a
| support, since it costs more to be user friendly. Stores
| charging less, e.g. 8%, have processing billed separately,
| generally adds back up to 12% or more.
|
| Relative to that, keep in mind Apple's 30% in the first year
| drops to 15% in the second, and 85% of apps are
| hosted/delivered free.
|
| * "Well" as defined by end user, not by developer.
| acdha wrote:
| Yes, getting that balance right is tricky since there isn't
| a precise way to say how much additional features are worth
| to everyone. It could be low-cost if the service was just
| publisher ID verification and PKI, but then you'd see a lot
| of bottom feeders trying to stay just below the threshold
| where they'd get their signing key revoked.
|
| That might still be worthwhile if the idea was something
| like allowing your computer to have a policy saying it'll
| only run signed binaries but the default assumption is that
| most people should stick to the higher-margin more curated
| App Store since that would still make it more expensive to
| run malware / adware campaigns if you had to burn a
| business identity as each one was discovered.
| lazyeye wrote:
| There must be a browser addon that removes the ads from Google
| search results.
| jerry1979 wrote:
| Just to jump on the anti-google bandwagon, google news search has
| fell off a cliff over the past decade. Can anyone recommend a
| news search that allows me to filter by year or year range?
| heywherelogingo wrote:
| Think twice before using Google.
| tedivm wrote:
| The malvertisement thing has become real bad. The other day I had
| a problem so I used chrome, where I unfortunately hadn't
| installed an add blocker yet. I searched for my bank (I know, I
| should have put the URL in directly, but I was being lazy since
| it was a new chrome install and I didn't have the url in my
| history yet). I hit the first link, logged in (my password
| manager would have saved me here, but again it wasn't installed),
| and realized that it was a fake website.
|
| Fortunately I changed my password again before it was an issue-
| and then my bank locked my account when they saw the suspicious
| activity. So nothing bad really happened to me other than some
| inconvenience. However I'm still amazed that Google would let
| their search results get poisoned with these ads for phishing
| sites.
| sneak wrote:
| How did you log into the bank with valid credentials if it's on
| the wrong domain? My password manager won't fill it in on the
| wrong domain and I literally don't know my banking password.
| tedivm wrote:
| My bank's website (their real one) was having an issue with
| Firefox so I installed Chrome just to log into the bank.
| Since I normally don't use chrome I hadn't installed a
| password manager yet. I copy/pasted my password out of my
| password manager.
| jaclaz wrote:
| And you are young enough and tech-savvy enough to know about
| all these mechanisms, you made a mistake because you were in a
| hurry or distracted.
|
| Think of how many people (older and/or not technically
| proficient) fall in this same trap everyday.
|
| Since ads are paid for (and an invoice is made for the
| payment), google could well verify the id of the people placing
| the ad and the correspondence with the "real"
| organization/website.
|
| They send postcards with a code to verify addresses/titolarity
| for google business profiles:
|
| https://support.google.com/business/answer/4588357?hl=en
|
| and they don't double and triple check ads for banks and
| similar?
| pancrufty wrote:
| The "I'm behind 7 proxies" meme gained sentience by now.
|
| The "real" credit card was stolen in a similar practice from
| another user. The phone number was entered by my grandma. The
| address verification was submitted someone fooled in a
| previous stint.
|
| You can't block, detect nor prosecute these people. Google
| could only try to protect "PayPal" searches but for the rest
| of them it's going to be a feat. Let's not make it sound like
| a computer could just tell that _all of these are obvious
| scams._ To a computer there 's little difference between
| mybank.tld and mybankverified.tld. Domain age has plenty of
| false positives and negatives too.
| rom-antics wrote:
| This is why the appeal-to-ethics argument against adblocking
| holds no weight with me. Yes, maybe I stole $0.0001 from the
| publisher by not looking at an advert. But I also didn't have
| my bank password stolen and my files cryptolockered. It's a
| small price to pay for security.
| hgsgm wrote:
| I don't know about "stole" but the value of those ads is more
| like $100/yr/user
| TremendousJudge wrote:
| I know people who got robbed of more than that by scams
| that showed up on ads
| kmoser wrote:
| There is no reasonable appeal-to-ethics argument. When it
| comes to accepting code and/or data onto my computer, or more
| precisely my screen, I can and should have 100% control over
| what I accept. My computer, my choice.
| BizarreByte wrote:
| You shouldn't feel bad, advertisements online are user
| hostile and a security threat. It's not like a billboard that
| is at most annoying as you avert your gaze, despite what
| online ad supporters want you to believe.
|
| The ad companies could cleanup the business and actually
| enforce security/safety standards, but that would cost money
| and god forbid they lose some.
| yazzku wrote:
| Why isn't Google fined for distributing malware?
| eddhead wrote:
| Everyone should be using a package manager / store to get
| software, or from the official site.
|
| If they're not available, then get the vendor to publish them
| there. Winget / Choco / Scoop or even Windows Store. Same with
| whatever people use on Linux distros.
| miohtama wrote:
| One solution is ad transparency and have company verifies details
| in all advertisiments. Facebook already does this for political
| ads AFAIK.
| GavinAnderegg wrote:
| Google's search product has become a shadow of its former self.
| Every year it seems harder to find what I'm looking for. The top
| half of the first search result page is now (potentially
| malicious) ads, and what follows is likely SEO spam. I need to
| add "reddit" or "stackoverflow" to half my searches these days so
| I'm not served nearly useless results. It's a sad decline from
| 10+ years ago when I'd type a half-formed thought into the search
| box and I'd get the answer.
| dahdum wrote:
| > I need to add "reddit" or "stackoverflow" to half my searches
| these days
|
| It feels truly absurd how many queries I need to append
| "reddit" to get something useful. The web has changed but
| Google isn't keeping up.
| rdudek wrote:
| The problem is the spammers are already creating garbage
| content on Reddit as well. Fortunately, the moderators of the
| big subreddits will usually take care of it and remove the
| posts, but some of the smaller / niche ones still leave
| things up there.
| Akronymus wrote:
| IME the mods for the big subreddits are the worst, as they
| constantly power trip/enforce their opinions.
| MattDemers wrote:
| > The web has changed but Google isn't keeping up.
|
| I'd argue that Google incentivized the web to change in a way
| in order to better exploit/profit from Google, and that's led
| to a net negative experience for Google users (who then
| leave, causing problems for Google).
| roody15 wrote:
| Is it "Google hasn't kept up"... or perhaps it's by design. I
| wonder if google has more interest in showing users what it
| wants to show them vs what we end users may be looking for.
| At least for me I see this blatantly when using YouTube. It
| gives about 2-5 decent search results .. followed by a list
| not even remotely close to my search.
| Alupis wrote:
| This makes me laugh - I've found myself appending "reddit" to
| my search queries more and more frequently when looking for
| product or service reviews.
|
| The regular google results are filled with affiliate-link-
| driven ads disguised as product reviews. If you want to
| really know what people think about products, you have to go
| digging these days.
| Aerroon wrote:
| The silliest part to me is that the affiliate marketing
| reads like affiliate marketing. Reddit comments somehow
| seem more genuine, even though the former is trying to
| mimic the latter.
| Clent wrote:
| Affiliate marketing has been around long enough that it
| has become easily recognizable.
|
| For those attempting to game reddit, the trick may be in
| properly categorizing the accounts.
| ilostmyshoes wrote:
| I do the same and even then you need to be careful about
| the astroturfing on reddit
|
| corporatism is everywhere and infecting the web to enrich a
| few at the expense of everyone else
| [deleted]
| malfist wrote:
| Yeah, this suggestion still works okay. It used to work
| better, but now the advertisers have caught on. I give it
| another year or two before corporations have astroturffed
| the hell out of site:reddit.com searches and made them
| useless
| pixl97 wrote:
| >I've found myself appending "reddit" to my search queries
|
| So what you're saying is I should create dedicated
| subreddits about my products that only allow my multitude
| of bot accounts to post to it, but look like real
| conversations?
| Quenty wrote:
| This is why a lot of younger people just search stuff on
| tiktok.
| pixl97 wrote:
| Not 100% sure how that solves the situation.
| kitsunesoba wrote:
| Generally the good reddit threads are those on more
| generalized subreddits rather than product-specific ones,
| and though I read threads in the latter I take them with
| a big grain of salt. The generalized subreddits are much
| more likely to have enthusiasts pointing out pros and
| cons of competing products and calling out anything too
| effusively glowing, though of course it's not perfect.
| AdmiralAsshat wrote:
| !r if you're using DuckDuckGo as your search provider.
| mgdlbp wrote:
| and site:news.ycombinator.com
|
| surprisingly few topics _haven 't_ been discussed here.
| Often there's interesting technically-minded thinking, and
| for most (most!) topics it's less likely than a dedicated
| forum for any interested parties to be present. The latter
| really applies to any generalist forum or off-topic section
| of a forum where a sincere community has gathered. Until
| the dead-internet is achieved, at least.
| OmarAssadi wrote:
| Yeah, despite how little I comment on here, I use HN all
| the time for basically the same thing. I think the good
| moderation, smaller, tighter-knit community, and
| relatively high-quality of posts compared to Reddit has
| made it my first go-to when I am curious about something.
|
| I'll usually `query bla Talos II bla bla
| site:ycombinator.com`, and if that doesn't give me what I
| want, I'll try the Algolia search [1]. And only then will
| I give up and try `site:reddit.com`, unless there is a
| more specific site I know to try first [2].
|
|
| ---
|
| [1]: I'm sure most regulars here know it, but if you
| don't, it is super useful. I just wish it had more query
| operators to filter out stuff sometimes --
| <https://hn.algolia.com>
|
|
| [2]: I'd be interested in what others here do. Off the
| top of my head, these are the ones I'll usually use,
| maybe it'll be helpful to someone else:
|
|
| * For questions about server hardware / networking
| equipment / weird second-hand HPC stuff, ServeTheHome has
| a surprising number of quality articles and lots of forum
| discussion -- `site:servethehome.com` or
| `site:forums.servethehome.com`
|
| Level1Tech's Forum (site:forum.level1techs.com) can be
| decent as well for such topics and stuff like ZFS-related
| questions, but it tends to have a more
| 'inexperienced'/consumer userbase relative to STH (though
| usually more into it than, say, the LTT audience).
|
|
| * If you don't mind Google Translate, Russia's more-or-
| less HN equivalent, Habr [3] often has pretty high-
| quality, in-depth articles on a variety of
| tech/programming topics. It differs from HN a bit in that
| companies themselves tend to write them and they are
| displayed inline on Habr itself rather than more of a
| Reddit-like link-aggregation system like on HN.
|
| The style tends to be similar to stuff like the
| CloudFlare blog posts -- `site:habr.com` (word of
| warning: great content, but the comments can be quite
| mean at times - e.g., the blog post on Cosmopolitan was
| just filled with awful transphobic stuff).
|
|
| * For anything video encoding-related, `site:doom9.org`
| is a great resource when Googling specific questions. And
| for finding out which country has the best quality
| release of a movie, outside of something like a torrent
| tracker, screencaps from <https://caps-a-holic.com> are
| great, and adding `site:forum.blu-ray.com` or
| `site:dvdcompare.net` to your queries can help a ton to
| find actual info about a disc.
|
| Otherwise, certain Discord chats, like Beatrice-Raws,
| /r/av1's Discord, and the SeaDex Discord can have useful
| discussion.
|
|
| * Anything Linux-related, the Gentoo Wiki is really good,
| and Arch too - adding `https://wiki.gentoo.org` to a
| query can help a lot, particularly for weird compiler
| flags and old/obscure hardware, or
| `site:wiki.archlinux.org`. For LTO and optimization bugs,
| the Gentoo LTO overlay project is also really useful,
| between the patches/notes and the issue tracker
| discussions [4]. AUR comments can also be helpful for
| issues with somewhat bleeding-edge builds.
|
|
| * Arch's PKGBUILDs and Alpine's APKBUILDs are really easy
| to read, and I find actually getting to them/the sources
| for their patches is easier/quicker than most distros. If
| I'm running into trouble, I tend to check their stuff to
| avoid the useless Google searches.
|
|
| * For anything drug/medication-related, the Psychonaut
| wiki [5] and Tripsit [6] tend to be better than stuff
| like Wikipedia in terms of "wtf did my doctor prescribe
| me, what will this do, and do I need to worry about
| taking it in combination with XYZ".
|
| As a last resort, if neither has good info on some
| obscure thing I've been given, like when I was living in
| Russia, if you're willing to Google Translate, I've found
| Russian Wikipedia to be really vast on all sorts of
| medications and chemicals, and also much more objective
| and skeptical about certain topics (e.g., there are tons
| of borderline placebo Soviet-era meds they'll give you
| there, and if you look them up on English wikipedia, you
| can tell some Nootropics-bro wrote half of it, whereas
| the Russian page will quickly tell you "actually, there's
| been basically no proof this does anything").
|
|
| * If I'm looking for a particular file that I can't seem
| to find normally on Google or torrent tracker, I've had
| success searching for Apache directory listings with some
| query abuse [7]. And if that fails, DHT indexers [8] like
| BTDig [9] can be helpful when you're in a situation where
| you know the filename, like a particular font that is no
| longer for sale, but seemingly can't find it on Google,
| Yandex, Archive.org, etc.
|
|
| * For finding new music / movies / anime, queries like
| "Films like Parasite" or "Best Korean movies" on Google
| tend to be useless due to all the SEO-spam WatchMojo-tier
| blogs, all featuring the same five films that barely
| relate to what you're looking for.
|
|
| The best way that I have found, personally, is to use the
| collages and comment sections on certain torrent
| trackers; as with HN, the communities tend to be tighter-
| knit and have higher quality discussion than you can find
| on Reddit.
|
|
| For general music, even if you don't intend on ever
| actually pirating anything, Redacted's ("RED") "collages"
| (think: ultra high-quality, user-curated lists of similar
| music) is unmatched. And they have relationship diagrams
| for each artist to show what other users tend to
| download. RED is a private tracker, but they allow anyone
| to sign up if they submit an application through IRC
| [10]. For East Asian music (j-pop, j-rock, k-pop, etc),
| Jpopsuki can be useful as well - almost the same system,
| but more targeted niche (and unfortunately, less
| curated/moderated).
|
| Otherwise, Last.fm's recommendations tend to be better
| than Spotify/YouTube for me, and the ability to see which
| other users have similar taste to you / have the same
| current favorite song can be really useful, since you can
| then click on their pages and inevitably find something
| you've never heard before that matches your taste.
|
|
| Anime, unfortunately, does not have the same level of
| pirate curation as movies or music, so I tend to rely a
| lot on AniDB's tags [11] and MyAnimeList's user-curated
| recommendations [12]. For Korean and Chinese TV,
| MyDramaList is similar and pretty decent [13].
|
|
| And for movies, another torrent tracker, PassThePopcorn
| ("PTP") has the same sort of collections/collages and
| system as RED, which can be great if you're looking for
| very specific types of films. And even better, you have
| to "pay" credits (non-purchasable points you receive for
| seeding) to even create a collection, which adds a
| surprisingly nice, artificial barrier to ensure that the
| only collections that exist are ones maintained by people
| who truly care about that particular sub-niche.
|
|
| Like HN, the comments often have more value than the
| content itself. And unlike RED, where comments are for a
| particular torrent (e.g., Fake Record Label's 1997
| Japanese-region CD of Fake Band's Self Title album), PTP
| comments are per torrent group (i.e., Fake Movie as a
| whole rather).
|
| This can be really nice because the comments often turn
| into reviews and discussion about particular editions of
| a film.
|
| As an example, I watched Wong Kar-wai's "Fallen Angels"
| much later than I should have (great movie, btw), but had
| I not read the comments, I'd probably have just
| downloaded the 4K Blu-ray, not realizing they re-
| colorgraded the film to have an entirely different style
| from the original, and changed the aspect ratio by
| cropping it from 16:9 to 2.39:1.
|
| Personally, regardless of what the director claims is his
| true vision, I am really glad I read those comments
| because what sticks out to me the most in Fallen Angels
| is the beautiful color work and the ridiculous decision
| to use a super-wide angle lens (possibly 9.8mmi adapted
| to 6.8mm?) [14] for most of the film, which gave it this
| immersive feel. However, like almost everyone else, I
| have a 16:9 TV, and so when you crop it to a cinema
| aspect ratio, something feels very, very wrong -- you
| lose that immersion and claustrophobia the lens created
| in the first place [15].
|
|
| * For anime watchers, you'll often notice that the
| official subtitles for certain, difficult-to-translate
| series, like Bakemonogatari end up feeling really robotic
| or simply don't make much sense in certain scenes.
|
| However, while fansubs can be significantly better
| sometimes, there are always a dozen different groups, and
| often neither Google nor Reddit will have any information
| on whose subs are actually worth downloading.
|
| For that, I tend to use SeaDex [16] or "A Certain
| Fansubber's Index" [17] -- these are spreadsheets with
| the current 'best' releases of most anime.
|
|
| [3]: this is the English version, which has much fewer
| articles, but it might help to get a general idea -
| <https://habr.com/en/all/> (also, note the company-
| specific and topic-specific filters)
|
| [4]: <https://github.com/gentoo-mirror/lto-overlay>
|
| [5]: <https://psychonautwiki.org/wiki/Adderall>
|
| [6]: <https://combo.tripsit.me>
|
| [7]: <https://www.reddit.com/r/opendirectories/comments/9
| 33pzm/all...>
|
| [8]:
| <https://wiki.archiveteam.org/index.php/BitTorrent_DHT>
|
| [9]: <https://btdig.com>
|
| [10]: <https://interviewfor.red/en/starting.html>
|
| [11]: <https://anidb.net/anime/7243#tab_main_4_1>
|
| [12]: <https://myanimelist.net/anime/7785/Yojouhan_Shinwa
| _Taikei/us...>
|
| [13]: <https://mydramalist.com/shows/top>
|
| [14]: really cool video that tries to identify (probably
| successfully) the mysterious, seemingly non-existent lens
| the director claimed to have used -
| <https://www.youtube.com/watch?v=A2dq_7wu0Dw>
|
| [15]: good comparisons of the WKW remasters -
| <https://youtu.be/OrvGqEdomLo?t=435>
|
| [16]: <https://releases.moe>
|
| [17]: <https://index.fansubcar.tel>
|
|
| (edit: sorry for the wall of text -- the U.S. Adderall
| shortage had left me unmedicated for the past two weeks,
| so I guess you can tell finally getting a refill has hit
| me like a truck!)
| red-iron-pine wrote:
| More is better than less, generally speaking.
|
| As you mentioned a smaller, tighter community that
| delivers. This is what deliver looks like.
|
| Maybe add a "tl;dr" section
| Phrenzy wrote:
| YouTube search is even worse. They could do so much to filter
| the results. But they don't. They don't even give you a full
| page of results. The give you half a dozen and go "Meh.
| Search is hard. Here is some completely unrelated videos you
| might like."
| cobertos wrote:
| I think this is intentional. Those videos for me (unrelated
| videos to my search) are usually recommended videos and it
| feels like they are placed there to get you to engage.
|
| When I use search on NewPipe, I get _much_ better results,
| and those unrelated videos don't show up, presumably
| because those searches don't use a Google account. I get
| much better results when I search on NewPipe, and have
| found some great videos from the normal YouTube frontend
| search
| beezlebroxxxxxx wrote:
| Youtube makes money by getting people to watch ads. Users
| aren't the focus and haven't been the focus for years.
| Their design decisions cater to their customers,
| advertisers, and _their_ algorithmic needs.
| rnmkr wrote:
| [dead]
| imbnwa wrote:
| They have the abitity to create _transcripts_ of everything
| on there, across languages, with the capability to apply
| good-enough translations to other languages, its insane
| ajsnigrutin wrote:
| And not just that... if you search for anything that sounds
| a tiny bit political, all your favorite creators, even the
| ones you're subscribed to, get hidden from search results,
| and you're presented with mainstream media results (cnn,
| msnbc, guardian, huffpost...).
| Xelbair wrote:
| to properly search youtube, you have to use google with
| "site:youtube.com"....
| csdvrx wrote:
| But how long until youtube comments and reddit posts are
| filled with plausible content made by SEO spammers using
| ChatGPT?
| capableweb wrote:
| Since the API was released, guaranteed. No place is safe.
| 2devnull wrote:
| I'm not sure I understand the assumption that Reddit can
| serve up better/safer info than google. It's pretty trivial
| to post misinformation, malicious advice and so forth on
| Reddit. And how many times do I pull up stackoverflow with a
| question with one answer and few if any votes. Often the
| single answer is unreliable, and if trusted blindly I could
| see that being a serious risk. You know, the answer is "just
| run: sudo dd if=/dev/zero of=/dev/sda" or the classic "rm -rf
| c:"
| jrockway wrote:
| I keep hearing about adding reddit to one's search queries,
| but what sort of things are y'all searching for where
| reddit's opinion is relevant?
|
| Reddit is kind of like that effect that people say about
| popular journalism; for the things that you're an expert on,
| they always get it wrong, but for things you know nothing
| about, they have a way of sounding right. Reddit is very much
| like that for me; if I know nothing about something, I love
| the comments. If I know a lot about something, it's all too
| crazy to even read. (I stopped reading programming subreddits
| like 15 years ago. A lot of very mean wrong people hanging
| out there.)
| gymbeaux wrote:
| There's a lot of useful stuff on Reddit but you do have to
| be careful as "upvoted" stuff is sometimes wrong and
| "downvoted" stuff is sometimes right.
|
| My bigger issue with it is that volunteer-mods are often
| power-hungry and ban people who they disagree with or who
| hurt their feelings.
|
| Reddit is a social experiment, and the result is humans are
| still trash to each other when they're anonymous.
| bdw5204 wrote:
| I have a suspicion that the "volunteer-mods" on the big
| Reddits, like the Wikipedia admins, are infiltrated by
| people paid by interested parties to represent their
| interests on those popular web sites. In the case of
| Wikipedia, I recall a story about how one of their admins
| was a woman in Canada who was a former British
| intelligence agent with whatever the British equivalent
| of the CIA is called. If governments and NGOs can
| infiltrate Wikipedia to do things that are specifically
| against its rules, they can infiltrate Reddit and
| probably have.
|
| Most people are too busy to have the time to be an online
| moderator and those who have the time typically don't
| have the political skills to get appointed as a moderator
| of a large online community. That's why the best way to
| hire a good mod for your online community is to make it a
| paid position and to randomly monitor them for evidence
| of bias and/or abuse of power.
| kitsunesoba wrote:
| > There's a lot of useful stuff on Reddit but you do have
| to be careful as "upvoted" stuff is sometimes wrong and
| "downvoted" stuff is sometimes right.
|
| Default subs and big subs are by far the worst about
| this. Comments in threads on r/technology for example
| frequently perpetuates easily verifiable falsehoods that
| would quickly get shot down in smaller communities.
| 1123581321 wrote:
| The reddit searches are to find people's real-world
| experiences with something, not to find abstract, self-
| proclaimed expertise.
|
| These searches often lead to niche communities that have
| built up expertise over time in their wiki or FAQ, though.
| Alupis wrote:
| > but what sort of things are y'all searching for where
| reddit's opinion is relevant
|
| If you want real, unvarnished reviews and opinions of
| products, you need to get it from real people that have
| owned the product for more than 1 day before leaving the
| review.
|
| I recently needed to purchase a new winter coat. Surfing
| many reddit threads across a dozen or so subs actually
| convinced me to not purchase the coat I had in mind. It
| looked nice and all, but real users that had owned it for a
| while had disappointing things to say about the zippers
| failing prematurely.
|
| That's not something you would find in Amazon reviews,
| which are mostly people who recently purchased the item and
| have not owned it long enough to experience failures.
| mrguyorama wrote:
| Why do you assume the posts on reddit are at all organic?
| Big brands 100% astroturf on reddit.
| Alupis wrote:
| If you read the conversation threads, you can pretty
| easily pick out astroturfing.
|
| Plus, do your own research of course. I don't exclusively
| use reddit for this sort of research... if I'm looking
| for outdoor gear I will browse outdoor gear forums for
| people's thoughts. Cycling, same thing... etc. You look
| for a consensus to be formed before making your own
| opinion.
|
| My point was default google search results are now
| unreliable because they are almost always affiliate
| links.
| thfuran wrote:
| >If you read the conversation threads, you can pretty
| easily pick out astroturfing.
|
| How do you know that?
| Alupis wrote:
| We're humans, not computers. We don't have the same
| problem of discerning intent like AI would.
|
| It's pretty obvious when someone is communicating nothing
| but positive things about a product, or nothing but
| negative things about another competing product.
| Sometimes it's more subtle... but seriously, if you read
| enough comments you will locate the ones that are
| obviously shilling or astroturfing. They won't talk about
| many topics (or no other topic) except the item or
| company they're promoting.
|
| It's really hard to make a bot or corporate account
| appear, sound and feel like a genuine human writing about
| their experiences. Particularly on a platform like reddit
| where people speak rather freely about products and
| ruthlessly call out astroturfing accounts.
|
| With all that said - perhaps some people have better BS
| detectors than others. I like to think mine is rather
| accurate most of the time.
| thfuran wrote:
| >We don't have the same problem of discerning intent like
| AI would.
|
| The same problems? No. But humans pretty notoriously
| don't always communicate effectively.
|
| >It's pretty obvious when someone is communicating
| nothing but positive things about a product, or nothing
| but negative things about another competing product.
| Sometimes it's more subtle... but seriously, if you read
| enough comments you will locate the ones that are
| obviously shilling or astroturfing.
|
| Yeah, you'll notice the ones that are obvious, but that
| doesn't really tell you much about your overall accuracy,
| since you don't know how many non-obvious ones you're
| missing.
| Alupis wrote:
| I don't know what you're driving at. Is it perfect? Of
| course not... what alternative do you suggest?
| kitsunesoba wrote:
| Yeah, reddit is a lot better for gauging what owning a
| product is like long-term. Don't blindly trust naturally,
| but it can be a decent data source in what would
| otherwise be a total vacuum.
| Jach wrote:
| I agree in the broad that much (most) of reddit is awful,
| wrong, and not worth viewing. (I wonder how you feel about
| HN over the years. To me HN got as bad as parts of reddit
| were at some point, however reddit has gotten worse too so
| there's still a quality gap.) Still, it can be occasionally
| useful to filter it as a site for queries, like with HN.
| (It's fun to see if a company I've thought about working
| for has been talked about on HN at all.) Recently I found
| some useful travel posts on reddit, like how to best get to
| a destination with some tradeoffs highlighted for time
| sensitivity and helpful links for everything, and as an
| augment of location reviews, some offering quite a bit more
| context than the one or two paragraphs I usually see on
| google maps. Though to be fair, a sample of short reviews
| is usually good enough. Another use of reddit remains
| finding other people who want to talk about relatively
| niche things, but these days it's more common that it's
| just one way that leads you to a discord server whose
| contents are sadly invisible to search engines.
| jrockway wrote:
| I actually like Reddit and HN in general. On Reddit, I
| like the comment threads where they trash politicians
| with escalating levels of absurdity, and the creative
| writing exercises disguised as AITA and TIFU.
|
| As for HN, I think it's fine. It really hasn't gotten
| worse over the years (people were saying that in 2010
| too). Moderation here is excellent, and people mostly
| behave themselves. But, you do have to stay away from
| certain subject areas. If you see "it's a lab leak for
| sure!!!" with 2000 comments, I recommend bypassing that.
| Lot of people very mad at each other. Anything technical,
| though, lots of good discussions, even on popular topics,
| and I often learn something. The intersection of
| technical and social is mixed, but generally you don't
| feel terrible after reading them.
|
| HN does feel like it skews younger than it used to.
| Probably because I am now older than when I first started
| using the site. I read a lot of things where I think
| "you'll figure it out in a few years" more and more, but
| know that you can only explain so much. Lessons have to
| be learned firsthand, HN's average reader has many good
| life lessons to learn. So do I, of course!
| i_am_proteus wrote:
| Of course, SEO blog spammers are learning to add these terms
| to their sites.
| lotsofpulp wrote:
| The problem is they spam the actual forums themselves.
|
| I assume all those posts such as "what did buy (for less
| than $x) that you find most useful" are spammers so they
| can reply with their own products.
|
| And I am sure they are making posts asking for
| product/restaurant/etc recommendations and then replying to
| themselves.
| ChrisMarshallNY wrote:
| I remember encountering this in LinkedIn groups.
|
| I had joined a few (like The Swift Programming Language),
| and would see questions like "I have this problem _<
| Detailed description of the issue>_, how can I solve it?"
|
| Since (in at least one case) this was a problem I had
| easily solved, years before, I would provide a detailed,
| concise, answer, showing how to deal with it in a few
| lines of code.
|
| My answer would get ignored.
|
| Instead all these replies would show up, saying things
| like "I added the _< XXX Library>_, and it solved the
| problem!". These would get voted up, and the original
| poster would actually engage them.
|
| After seeing a few of these, I realized that LI groups
| are dumpster fires, and quit them all.
| ryandrake wrote:
| As long as "site:" still works (limiting your search scope
| to a particular domain), then the SEO'ers can pound sand.
| Pretty much 100% of my google searches these days are
| scoped to a particular domain. This is because my search
| needs in 202x are very different than in 200x. Back then, I
| wanted to find the right web site for X. Today, I know the
| best web sites for X, and I always want to search for that
| exact X on that exact site.
|
| I am no longer interested in discovering new web sites. The
| established ones are known to be good, and any new, unknown
| one is almost 99.9999% likely to be SEO spam. For example,
| I'm not interested in Dropshipper 45512's automatically
| generated web store where he gets a commission to ship you
| Alibaba goods, and that's really all you get in the long
| tail of shopping searches. Search engines need to pivot
| away from helping people find new web sites (since they are
| mostly crap) and instead help to curate the best content
| from existing known-good ones.
|
| Yes, it sucks if your new site is legitimitely one of the
| 0.0001% that are human-made and awesome. Sorry, but I'm not
| going to find you through search. Don't worry, I'll find
| you through word of mouth if you are actually high quality.
| yellowsir wrote:
| have you considert duckduckgo with bangs? I use them
| daily e.g. `!so <query>` would search on stack overflow.
| U can use `!g` if you ever need google again.
| cma wrote:
| Why do they rank reddit so low be default? Does reddit not
| run stuff from their ad networks?
| Rumudiez wrote:
| Large page sizes, short session times, and I'm sure a
| myriad other things help reddit earn that low ranking all
| by themselves. Serving up google ads doesn't help with seo
| mmcgaha wrote:
| I was looking for info about an online acquaintance that I used
| to game with 20+ years ago. His handle is pretty unique but
| google would not return anything. Bing on the other hand had me
| finding all of his old post leading to his real name and now I
| am back in email contact. I get the feeling that google is just
| filtering out anything over a certain age and below a certain
| level of popularity.
| BizarreByte wrote:
| Google heavily favours newness, I am sure of that. It used to
| be easy to find very old, but relevant results. The content
| still exists, but even with date filters it's hard to find
| now.
|
| It's made supporting very old things (products, code,
| computers) extremely difficult.
| Foobar8568 wrote:
| Unfortunately reddit is spammed with promoters
| SamBam wrote:
| I think this is truer and truer.
|
| Part of the issue is our built-in bias towards thinking of
| other Reddit users (and HN and whoever) as people just like
| ourselves. That means we give undue weight to their
| recommendations.
|
| I definitely find myself being more swayed by a single user's
| recommendation with maybe a few dozen upvotes, over SEO-gamed
| websites and Amazon reviews. But in reality, that's a
| ludicrous assumption, since advertisers knows it too, and it
| only takes 5-10 fake accounts to create that kind of pretend
| consensus.
|
| In many ways, Reddit is far easier to spam.
| piva00 wrote:
| Still much easier to parse through reddit's comments and try
| to identify astroturfing than going through Google's results
| figuring out what's not SEO-spam or sponsored reviews...
|
| It takes me much less effort to do the former than the
| latter.
| itchyouch wrote:
| For products, I'll find suggestions from reddit, signal it
| with the conversational quality, then corroborate it
| against other places that reviews may exists like forums,
| youtube, facebook, instagram, etc.
|
| Usually, a great product will have enough activity
| surrounding it that it's difficult to fake with bots.
| Especially, Instagram profiles with <1000 followers + non-
| seo-optimized stories/posts raving about something signals
| that the the <joy-from-product> is organic rather than
| manufactured.
|
| I think the strongest signal for legitimate IG accounts is
| the ephemeral nature of the 24-hour IG stories. I suppose
| someone enterprising could auto-build hundreds of personas
| that post stories daily, but a random profile with stories
| posting activism, their morning latte art, a selfie with
| some friends seems doesn't fit in the ROI of a scalable
| marketing strategy across a ton of accounts. Maybe I could
| be wrong?
| MrFoof wrote:
| Which, hilariously, is what got people to use Google in the
| first place.
|
| What made Google take off was not only was it fast, but you
| also got what you were looking for in the first page of results
| -- if not the top of the first page.
|
| No more carefully crafting queries to try to filter out the
| chaff. What you wanted, fast, and easy enough that someone not
| versed in how to carefully structure queries could be
| immediately successful.
|
| - -
|
| If some search engine or other tool can get us back to that
| point, that's not only what will eat Google's lunch, but devour
| it - and quickly.
| klyrs wrote:
| > I need to add "reddit" or "stackoverflow" to half my
| searches...
|
| The perversity is that site-local searching used to be better
| when it existed, but people (users and web devs both) came to
| rely on google. It's a sorry state that google remains the
| primary interface to sites that should know their data better
| them google...
| pessimizer wrote:
| Altavista was better. It would certainly return more than the 5
| SEO stained results pages that current search engines are
| repeating over and over again, pretending that they're bigger
| than they are.
| acdha wrote:
| Google was better, too. This is because someone decided it
| was better to sell ads than give people the most relevant
| results. It's not like it's an unsolved problem in computer
| science to block persistent spam / scraper / cloaking domains
| -- someone at Google told the people who used to do that to
| stop.
| egberts1 wrote:
| Too bad that Yahoo! absorbed Altavista then made that site
| defunct since 2013.
| Loughla wrote:
| Every google search has to have either "+reddit" or
| "+stackoverflow" depending on what I'm trying to accomplish.
|
| And EVERY search for products needs to say "-pinterest".
| voytec wrote:
| Another example: music videos may require "-reaction
| -reacting". But it's the same or worse with DuckDuckGo.
| csours wrote:
| The information landscape is hostile, your attention is
| valuable, so there is motivation to hijack it.
| gumby wrote:
| Sadly there's disproportionate value. Your attention is
| only worth a few cents, the criminals' (SEOers, scammer
| ps etc) cost is miniscule per user, but the cost to each
| user of the misinformation and wasted time is larger.
|
| Like breaking a shop window to steal something small and
| easily transported/resold.
| csours wrote:
| I think this is why there is value in moderated spaces
| like reddit [complex feelings here], the moderators and
| team/tribe mentality ensure that there is informational
| value to at least that group [more complex feelings
| here].
| Akronymus wrote:
| For music, also adding -extended feels necessary. Along
| with -60fps for anything anime related.
| OmarAssadi wrote:
| Oh my GOD. The 60 FPS 4K memescaling shouldn't drive me
| as insane as it does, but jesus christ, the amount of
| times I have wanted to show someone some opening, gone on
| YouTube, and literally _everything_ is some tweened
| upscale.
|
| I usually give up and end up having to go and
| StackOverflow the ffmpeg filters I'll never remember for
| burning in subs just to clip it myself -- `ffmpeg -i
| episode.mkv -vf "subtitles='episode.mkv':si=0" -c:v
| libx264 -preset slow -crf 18 -c:a aac_at -b:a 320k -ss
| start_duration -t opening_duration output.mp4` [1].
|
| I think it bothers me even more given anime is rarely
| even natively fully 1080P 29.97/30 FPS, let alone 4K 60.
|
| I try my best to live and let live, but it's my biggest
| pet peeve. It drives me nuts that basically all TV
| manufacturers do this too now by default -- everything
| I've purchased over the past ~10-12 years or so comes
| preset with """"smooth""" motion and a billion other
| video "correction" modes enabled, despite it just
| artifacting or making everything look straight up worse
| [2].
|
| I'm genuinely really curious, does anyone here on HN use
| and enjoy those modes? Maybe there is something I'm
| missing.
|
| Or maybe I'm just hyper-sensitive to that kind of thing.
| It made me laugh when I moved back to the US after school
| in Russia; family had gotten a new TV and within like
| seconds of being home and trying to watch a movie
| together, I'm immediately sitting there fiddling with the
| sittings, meanwhile no one else apparently even noticed
| the frame interpolation was on in the first place.
|
| Anyway, sorry for the rant ;-)
|
|
| [1]: OK, this time it was from memory, so it might not
| quite be right. But maybe I've finally memorized the
| correct incantation?
|
| [2]: good video on the topic -
| <https://www.youtube.com/watch?v=m1nUCyC8hGA>
| Akronymus wrote:
| Another nice video on the topic:
| https://youtu.be/_KRb_qV9P4g
| SysWiz wrote:
| I saw a Chrome extension that removes Pinterest results
| called Unpinterested.
| prh8 wrote:
| Not sure if you've read about Kagi on here, but one of its
| features is that you can weight/pin/hide certain sites in
| results. It works well for programming (although default
| search is well tuned for programming). There is also a
| feature called lenses which is a more fine tuned way of doing
| it. I think there's one for programming, one for shopping. I
| haven't personally used lenses though.
| [deleted]
| [deleted]
| whoisthisguy wrote:
| Kagi is the way to go. Search results are more useful, and I'm
| rarely faced with spam sites.
| realusername wrote:
| They pretty much lost the war against content farms already.
| I'm not sure the content indexing & crawling model they have is
| even adapted to the current web.
| beefield wrote:
| What makes you think they ever waged a war? I never saw any
| indication.
| patja wrote:
| Matt Cutts made it seem like they were serious about it. On
| reflection, his departure seems like a turning point,
| albeit perhaps coincidental.
| realusername wrote:
| I think they did at the beginning, there's been a lot of
| algorithm changes before but once they realized they were
| losing, they just gave up.
|
| The incentives are just not aligned anyways, Google Search
| gets its money from the ad links on the top, they don't
| really lose anything if the links below are half
| terrible...
| CalRobert wrote:
| Well, there were algorithm changes like Panda 12 years
| ago...
| mc32 wrote:
| 12 Years is a long time... fighting "the previous war"
| doctrine type results. Not to dismiss any non-public
| changes, but never the less, search results quality has
| suffered. Maybe search results isn't their funnel to
| relevant ads but rather they want to serve up ads while
| skipping the quality results step most people expect.
| csdvrx wrote:
| They will never fight that war again. Just follow the money:
| google has all the reasons to tolerate SEOs, since these SEO
| linkfarms are filled to the brim with ads, conveniently sold
| by google!
|
| I'd be surprised if anyone at google would understand that to
| be a problem, because "It is difficult to get a man to
| understand something, when his salary depends upon his not
| understanding it."
| mouzogu wrote:
| at this point Google is more of a brochure than a search engine
|
| "here are some ads that match your search query"
| iggldiggl wrote:
| And some small pages seem to have gone missing entirely - some
| "humorous" typos that I distinctly remember used to return a
| small handful of pages now return nothing on Google, even
| though the page(s) in question still exist(s) and is/are still
| indexed by Bing.
| solarkraft wrote:
| Bing used to be a joke, but nowadays they actually do a
| decent job for cases in which Google fails.
| pessimizer wrote:
| Watch them sneak in and steal search. Over the years,
| Google lost any sort of moral moat that put them above
| Microsoft. Does anybody think that Microsoft is more
| intrusive and user-aggressive than Google any more? It's
| six of one and a half dozen of the other, and if I use
| Linux or a Mac at home, Microsoft doesn't seem overly
| interested in me at all aside from trying to sell me
| Office. Google's probably trying to figure out a way to
| license my brainwaves.
| dvngnt_ wrote:
| yeah. windows is crazy with ads embedded in the OS. they
| even install tiktok by default
| unity1001 wrote:
| > It's a sad decline from 10+ years ago when I'd type a half-
| formed thought into the search box and I'd get the answer.
|
| Incidentally the first algorithm updates to 'combat spam' came
| around by then, starting with 'Penguin'. They were supposed to
| cut the spammy sites from search. All that they did ended up
| being removing small sites, blogs and ecommerce businesses from
| search results for the benefit of mega companies at the cost of
| search quality...
| eino wrote:
| I used DDG which was slightly better; but for a couple of
| months, I've switched to kagi, and it's been a revelation. It's
| much better than both, it's google from 15 years ago. Drawback
| is that unlimited searches needs a subscription (10$/months).
| But I personally think it worth for the time and focus gains.
| neodymiumphish wrote:
| Have you done a side by side against Neeva? I've been on
| Neeva for long enough that it's not worth testing against
| competitors; it's very good, but I'm always interested in how
| well others compare.
| eino wrote:
| I haven't but I will a try! In the last years the only that
| I found equivalent was cliqz, that unfortunately closed 2
| or 3 years ago and which I still regret.
| grishka wrote:
| It's gotten so bad that there's now an ad blocker filter list
| that removes the StackOverflow clones from search results.
| flangola7 wrote:
| Do you have a handy link?
| BizarreByte wrote:
| I'd love a list of URLs for low quality stuff like
| GeeksforGeeks so I can block them all.
| Smilliam wrote:
| I'm not OP, but for those of you who saw this comment and
| were hoping for a link, the one that I use is
| https://github.com/quenhus/uBlock-Origin-dev-filter
| ben174 wrote:
| Any other external filter lists that are useful?
| Smilliam wrote:
| Not software dev specific, but I also use Peter Lowe's
| ads and trackers blocklist
| (https://pgl.yoyo.org/adservers/serverlist.php). Note
| that this one can be a bit aggressive (blocks url
| shorteners and clickthroughs on google ads even if they
| are the correct place you want to visit because, well,
| tracking), but it is well maintained and generally a
| fantastic addition to the default ublock origin lists imo
| arthurofcharn wrote:
| Google was once considered trustworthy. It never was, but we
| thought it trustworthy. Where can you find a trustworthy source
| for software? Depends on your platform. Linux: Your package
| manager. In my case, apt. Mac: Apple has an app store of its own.
| Use that, or one of the BSD package management systems ported
| over. Ios: Apple app store is decently curated. Android: Google's
| app store is terribly curated. Give up now. Windows: Nobody uses
| whatever app store or package management system that microsoft
| developed. A third party developed a useful package management
| system. It is called Steam. Other platforms: see replies below.
| flenserboy wrote:
| And governments are doing their best to break the app stores,
| destroying even the basic safely mechanisms such stores can
| offer. This should be taken as instructive, but is ignored by
| most.
| izacus wrote:
| What a strange argument - with this they're actually opening
| the market to stores that will ensure secure products like
| F-Droid with their guarantee for opensource. If anything, the
| current situation where BOTH Apple and Google store are
| ridden with malware and poor software doesn't work.
|
| We didn't fix SourceForge problems by allowing a megacorp to
| kill all competition and enshrine that cesspool, but by
| creating new sources of software.
| pixl97 wrote:
| Apple does not have to break the safety mechanisms in their
| store...
|
| They just have to allow other stores.
| charcircuit wrote:
| Linux package managers are not trustworthy. That is another
| case where everyone pretends that it is. Usually packages are
| created and updated by random people and can be pseudonymous.
| arthurofcharn wrote:
| Oh crud, you are right. Any idea how to fix this? Perhaps a
| more curated (and more manageable) list? That would seem to
| be in conflict with our bazaar model.
| [deleted]
| Sakos wrote:
| AUR is one of those "at your own risk" repos where I always
| check the pkgbuild and comments of a package first before
| installing something new. I don't know why I should
| hesitate to trust the default repos though since they're
| curated by the same people making the distro I use. Either
| I trust them or I use another distro.
| izacus wrote:
| The package managers right now ARE that curated list and
| distributions like Debian have proven themselves to be
| trustworthy.
|
| Of course, you can always find something wrong with every
| approach, but the truth that everyone needs to face here is
| that you need to trust SOMEONE to distribute good software
| to you.
| aquova wrote:
| Yes, but these are the same people who are managing every
| single program on your system. At some point you either have
| to compile every single item from source yourself, or accept
| the fact that you will need to place a certain level of trust
| into the vetting system your distribution has established.
| doodlesdev wrote:
| That really depends on the repos you are using, that's why
| distros are so important. If using repos from Debian, Ubuntu
| or Fedora (including RPM Fusion) you are 1000x safer than
| anyone using winget or google to try and download software
| from random sources.
| angelbar wrote:
| For windows you could start with Chocolatey and check filehippo
| amcoy37 wrote:
| Also consider the now built-in package manager: Winget
| yjftsjthsd-h wrote:
| > Android: Google's app store is terribly curated. Give up now.
|
| Google's store might be a lost cause, but ironically the fact
| that the platform isn't a walled garden can be used to our
| advantage here: Use F-droid.
| sdiq wrote:
| Winget is a new thing in Windows one could use though sometimes
| it has issues.
| justinclift wrote:
| On windows, Chocolatey (chocolatey.org) also seems to have a
| decent reputation.
|
| As does PortableApps (portableapps.com).
| izacus wrote:
| scoop is IMO a bit better on Windows (mostly because it
| focuses on portable software), but Chocolatey is a good
| fallback.
| johnklos wrote:
| This article is too kind. We're supposed to believe that all the
| brilliant minds at Google can't keep ahead of scammers? Sorry,
| but I don't believe that.
|
| On the other hand, I do give Google credit for knowing when they
| can make more money by allowing a problem to exist than by fixing
| it.
|
| Google got everyone hooked by being decent, by giving good search
| results, by giving people decent and free-ish email accounts, et
| cetera. Now it's all going to shit, because they've got everyone
| hooked so their free(ish) offerings don't need to be good any
| more.
|
| My guess is that search sucks because they can extract more money
| from advertisers who want to buy their way out from under
| scammers.
|
| Email sucks because they want people to have to pay to get any
| answers when things are problematic, and we no that no normal
| human being can correspond with any human that works for Google
| without giving them money. A majority of the phishing spam I
| receive now come directly from Google's shitty mail services.
|
| Perhaps Google wants software providers to "buy" their way in to
| a higher position than scammers. Or perhaps Google wants software
| environments to seem to suck to make the Android marketplace
| better by comparison. I can't imagine any other reasons why
| Google would play dumb and allow this kind of gaming of their
| search results.
| fsociety wrote:
| In reality this is probably due to orgs not working with each
| other or inefficiencies (aka negligence).. but yes their threat
| intel systems can most definitely detect these kind of ads.
| yurikoif wrote:
| Isn't this the norm for search engines? Guess you privileged
| westerners don't know about Google's alternative *in china*
| Baidu. Regular users just try to avoid every download link
| directly from it.
| kmfrk wrote:
| We're going to end up in a weird situation where we just download
| all this stuff through storefronts like Steam instead of open
| websites on Google, if they keep this up.
|
| Doesn't help that Windows' own app store is a huge mess on
| Windows 10 - and presumably 11.
| horsawlarway wrote:
| Honestly - just stop using Google search (and while I remain
| flabberghasted I'm saying this - Edge is a better chromium
| browser than Chrome.). Or better yet, any Google product. The
| company is diving off a cliff.
|
| For reference... A private Jellyfin server I use for hosting
| videos of my kid for his grandparents, and some music I legally
| own is consistently flagged as phishing (along with basically
| anyone else hosting them publicly based on this thread:
| https://github.com/jellyfin/jellyfin-web/issues/4076)
|
| Google has "automated" itself into the garbage.
| Havoc wrote:
| Confused why google isn't all over this double stat?
|
| If their advert area develops a reputation for being bad &
| untrustworthy then their business model breaks on a pretty
| fundamental level.
| radiojasper wrote:
| - Install Firefox. To hell with Chrome as it's just a tracking
| device wrapped in a web browser.
|
| - Install a proper ad blocker. To hell with advertisments in
| search engines.
|
| - Swap Google for DuckDuckGo.
| waselighis wrote:
| All the more reason to use an adblocker. Online ads are the most
| common way that malware gets injected into otherwise trustworthy
| websites.
| RajT88 wrote:
| Yeah! I recall discovering recently my father had a coin miner
| malware on his laptop, which had been acting slow for a while
| (a year).
|
| Upon discovery, my mother gave him some hard side-eye. But I
| explained the whole malvertising thing, and that seemed to
| placate her.
|
| Don't get me wrong; he probably was looking at naughty
| pictures. But I actually think he's more likely to have gotten
| that from a legit site.
| acdha wrote:
| I'm reminded of the time I opened nytimes.com and the ad
| Google served started a download for a .exe file. It wasn't
| well targeted to my Mac but if you do that to a million
| people the number who'll think it's a trustworthy site and
| run it will be greater than zero.
| BLKNSLVR wrote:
| Google's advertising has actually helped other search engines be
| safer and more useful. Google search acts as a magnet for all the
| crap you don't want when searching.
|
| Brave search, DDG, Searx, etc are all cleaner and therefore more
| useful.
| azangru wrote:
| Took me a while to understand what "using Google to download
| software" means. Was there a hidden functionality I wasn't aware
| of? Turns out, what they mean is "don't use Google to search for
| software you wish to download".
| coldpie wrote:
| Yeah, I love Ars, but Dan is definitely their weakest writer.
| The article is about scammers buying ad space on google to rank
| their malware above the legitimate google search results.
| Installing an ad blocker is a great solution.
| macintux wrote:
| Typical ad blockers surely don't filter out Google search
| results.
| coldpie wrote:
| The search results are not the problem. The ads are. Ads
| are placed above search results, so users are more likely
| to be mislead by them. Installing an ad blocker removes the
| misleading ads, leaving only the legitimate search results.
| whstl wrote:
| Not entirely, unfortunately, at least on my experience.
|
| Putting the keyword "download" after the name of
| software, ebooks, or music will lead into weird websites
| that distribute malware, and they rank very high.
|
| I just tried searching for an old Game Programming book I
| happen to have. There's two piracy sites, then one site
| with a "Download" button that gives me a DMG with an
| executable. Those are above Archive.org, the official
| github repo of the book and the official website.
|
| For music download, I searched some Bowie. There's
| Amazon... plus a few pages of of weird websites that I
| have no idea what they are, but look like "paid piracy",
| they either ask for credit card or give me a DMG which
| supposedly has a downloader.
|
| For software I searched the one I made by the company I
| work at. There's stuff like Filehorse, Softonic (I don't
| even know if they're legit), then there's a few which
| look like those aggregators but end up giving you malware
| when downloading.
|
| That's with ads blocked, and subscription to several
| lists.
|
| In the end IMO this is terrible for small businesses,
| people will end up distrusting anything that's not Amazon
| or anything that they try to search organically, or
| they'll get malware.
| pixl97 wrote:
| Google is an ad platform the ads are the problems.
|
| Installing an ad blocker does not solve the problem. At
| best it hides the problem.
|
| The issue here is you're looking at this as a 'you'
| problem and not an 'everyone' problem. If you block ads
| that's not a problem. When everyone does it Google will
| change how the page renders in such a manner that your
| adblocker is worthless. And then you're back to it being
| a you problem. You cannot disentangle the search and the
| ads any more than you can disentangle being human and
| needing oxygen to survive.
| antihero wrote:
| Every example in this article is using ads not gaming SEO
| mikae1 wrote:
| _> Took me a while to understand what "using Google to
| download software" means_
|
| Classic clickbait tactics. That was intentional, it made you
| click the link.
| II2II wrote:
| I agree, though probably for a different reason. The reality
| is that one _always_ had to be careful when following
| download links from _any_ search engine. The reasons may have
| changed with time and the amount of risk may ebb and flow,
| but it was always best to verify the source of the download
| in order to reduce the likelihood of an unwanted payload.
| Headlines that imply this is new or unique to a particular
| search engine are dishonest.
| recursive wrote:
| I'm confused about the confusion. This is probably one of the
| most common ways people obtain software.
| teach wrote:
| I've been Linux-only on the desktop since 2003. I was also
| confused about the post. People have different experiences!
| jaclaz wrote:
| >Turns out, what they mean is "don't use Google to search for
| software you wish to download".
|
| I think the reality is more like "when you search for software
| on Google do not use links _in the ads_ that you get at top of
| the results ".
|
| Though of course there may well be "normal" results leading to
| shady sites, the issue talked about is related to advertisement
| results.
| deburo wrote:
| It's pretty effective too, I often ask colleagues to download
| this or that app and just giving its name, but they keep
| falling for Google Ads. Now I send them an URL instead.
|
| If I didn't know any better, I would think about suing Google
| for boosting malware spread x)
|
| As an aside, I'm always suspicious of free utilities being
| downloadable from well-designed hosting websites, such as
| www.fosshub.com. I'm less suspicious downloading it from a
| very basic, almost plain text web page, for whatever reason.
| MSFT_Edging wrote:
| This is funny, I was confused in a different way, as I
| typically check the URLs to make sure I'm not getting
| scammed, and I have not noticed an influx whatsoever.
|
| Then I read this and realized I have not seen those google
| search ads in years unless I'm setting up a new machine. I
| always found the 8 ads before results to be absolutely evil
| and now its causing real damage.
| detaro wrote:
| or shorter: "use an adblocker"
| mschuster91 wrote:
| It describes _perfectly_ what users use Google for. Look at
| your non-IT colleagues over the shoulder while asking them
| "hey, can you log in to Netflix?"... 60% chance, 90% for older
| folks, they'll type "Netflix" into the browser bar and click on
| the first link because they don't realize "Netflix" is not a
| domain name. Or ask them to "download VLC" - they'll type
| "download vlc" into the bar and click on the first link, which
| is what led to _a ton_ of malware in the past [1] (at the
| moment, at least for me, the top result is clear though).
|
| [1] https://www.chip.de/news/Vorsicht-bei-Windows-11-und-VLC-
| Fak...
| bink wrote:
| I started running a pretty popular forum back in the late 90s
| and I was shocked when I noticed this behavior. The name of
| the forum itself was shorter than typing "google" yet most
| sessions started with someone typing the name of the forum
| into google and following the first link.
| ipython wrote:
| Every time I read these articles I am so happy that the sponsored
| links are blocked by Pi-hole. Makes my family furious because it
| also disables all the shopping links as well, but well worth it
| imo.
| zamalek wrote:
| It seems as though using an adblocker has become more important
| in terms of security posture than having an antivirus running, or
| keeping your system up to date.
| beckler wrote:
| Google owns VirusTotal... so why doesn't search get fed info from
| VirusTotal?
| sys32768 wrote:
| I wonder how the morale is on the Google search team these days.
|
| Maybe they can make a paid search that eliminates all affiliate
| sites in the results.
| kazinator wrote:
| Contrarian viewpoint:
|
| When in the history of the web could you blindly download
| something from a page found by a search engine and install it?
|
| When has any search index ever conferred that level of trust to a
| result?
|
| I don't remember any year when you couldn't use a major search
| engine to find many an asshole site promising that the sought-
| after content is available if you first download and run their
| malware .exe file.
|
| "I found this page via Google, therefore its downloads are
| trustworthy" isn't a thing, hasn't ever, and likely isn't going
| to be any time soon (and implementing it would have downsides).
| mastax wrote:
| I once saw a google search ad result for a malware version of GNU
| Cash. It was extremely easy to miss. The website was identical
| except the Windows download was replaced with malware instead of
| linking to Sourceforge. The malware installer was signed with a
| key from a random Taiwanese electronics company (likely stolen).
| I emailed DigiCert and got the cert revoked. None of the scanners
| on VirusTotal flagged the installer. A GNU Cash malware wouldn't
| need to do any typical malware behavior (crypto mining,
| ransomware) because they could just send off your bank account
| credentials. Within half an hour of uploading to VirusTotal the
| website was replaced with a placeholder blog.
| godzillabrennus wrote:
| I feel lost reading articles like this. Then I realize people
| still use Google search. I switched six years ago to Duck.com and
| I'm never looking back.
| jvolkman wrote:
| You forgot that people use the search engine with >90% market
| share?
| bbu wrote:
| not so surprising when read about what a dump google ads has
| become: https://www.propublica.org/article/google-display-ads-
| piracy...
| deafpolygon wrote:
| Well, fortunately, I never click the "Ad" sponsored links and
| most of the time I don't see them anyways (uBlock). That doesn't
| help the other 90% of users online though.
| jpmattia wrote:
| Like many here, I have a sysadmin side gig for my aging dad:
| uBlock is essentially required as anti-virus software.
|
| While it's great that google figured out how to monetize search
| by inserting ads, it was a lot more ethical back when their
| major demographic was geeks who could tell the difference
| between an ad link and a genuine result. Now? Not so much.
| capableweb wrote:
| > it was a lot more ethical back when their major demographic
| was geeks who could tell the difference between an ad link
| and a genuine result
|
| I think the ads used to be more distinct as well, with a
| different background color even, if I remember correctly. I
| guess it's a fine line to walk between "It should be obvious
| what is advertisement" vs "Users should be confused enough to
| sometimes click the advertisement", and Google chose to go
| for the latter in order to raise click rates.
| GeekyBear wrote:
| Ads were not only a different color, they were also limited
| to the margins of the page and did not appear in the list
| of search results.
|
| As a matter of fact, when Google was the scrappy new
| underdog, they used to make fun of the legacy search
| engines for the practice of mixing ads into the list of
| search results.
| marcosdumay wrote:
| The ads used to be on the right bar, and selected by their
| site's relevance to your search.
|
| They were incredibly useful.
| rcthompson wrote:
| Except when they do the thing where the real search results
| appear first, but then the ad pops in a split second later
| under your mouse right before you click.
| coldpie wrote:
| Please install an ad blocker.
| capableweb wrote:
| Google shifts the content themselves as well sometimes,
| leading to misclicks. Try searching for "google chrome",
| click the link to "apps.apple.com", go backwards and try to
| quickly press the link below what you clicked on before,
| Google will scroll down a little "People also searched for"
| box that will surely be exactly where you wanted to click.
|
| This has frustrated me so many times, although its not
| really related to ads.
| xbar wrote:
| Malware has been accompanied by lots more porn in Google search
| results in the past quarter.
|
| I switched to Duck Duck Go some time ago, but I hadn't required
| it for extended family. Now I do.
| bleuuuu wrote:
| pihole
| jeffbee wrote:
| The actual lesson here appears to be don't use Microsoft Windows.
| JonChesterfield wrote:
| I'm seeing a consensus on do use Microsoft bing which just
| can't be right
| jeffbee wrote:
| Under the same banner of just staying away from popular
| malware targets, it would be consistent to choose bing or DDG
| while searching from your web browser running on
| OpenBSD/riscv64. Just confuse the hell out of the bad guys.
|
| But, the big flaw in the article is the author fails to
| suggest a better alternative. DDG raises 2 malware sites in
| the top 10 organic (I assume) results for "tor download".
| You're not safe from this stuff anywhere.
| BizarreByte wrote:
| > it would be consistent to choose bing or DDG while
| searching from your web browser running on OpenBSD/riscv64.
| Just confuse the hell out of the bad guys.
|
| As a bit of a joke I used one of those browser fingerprint
| tools running on a browser under OpenBSD/macppc. The entire
| setup was completely unique, they had never encountered
| another user that matched. It would confuse the bad guys,
| but it's very easy to track.
___________________________________________________________________
(page generated 2023-02-03 23:01 UTC)