Across the pond

Not much blogging in the last few days because I have been trying to deal with the warning put up by Google that my site might ‘damage your computer’. I called in Spy Doctor and he found, as I reported in a blog last week, that my computer was clean. I dashed off several emails to people who know about such things but I only received one reply, which was no help. I tried yet more searches on the internet, then gave up and read Technology Guardian. There on the front page was an interview with Professor Jonathan Zittrain, who is a ‘brainy 38-year-old professor of cyberlaw at both Oxford and Harvard universities’.

The interview was pegged to his new book, ‘The Future of the Internet and How to Stop It’, which has some challenging ideas which appealed to me. Maybe he was the sort of bloke who could help me in dealing with Goliath Google, who was opressing Daniels of the web like me. Before I emailed him I checked him out and found he was part of an organisation called StopBadware.org, which was supported by Google. Maybe he was on the side of my enemy.

But I was desparate, so I dashed off an email to him. I got a reply within the hour. Not from him, but from one of the StopBadware staff called Emily. She told me that I had indeed been infected by malicious software, and that Spy Doctor had not found it, because it was not on my computer, but in my web space. Not only that, in her long email, she gave me several links which helped me to understand the nature of the problem and how to deal with it.

To give you the short version. My problem arose from a bit of code inserted in my blog called iframe. The iframes, hosted on sites in Beijing, China, attack a visitor’s computer with the virus JS_PSYME.XP. With her help I was able to delete this, and other things which might be dangerous. But I was still concerned about getting the Google warning removed, which they said could take three weeks.

The first paragraph of her reply to my concerns plunged me into despair. Here it is:

The hackers running the site that the iframe leads to can change what malware is being distributed whenever they like, so as far as I know several different things have been distributed through this iframe (the hackers likely rent it out as a service to criminals who want to distribute viruses, keyloggers, whatever). So I don’t know what was on your site at any given point.

That really plunged me into gloom. Maybe I had infected all the family’s computers and those of all my readers.

So I decided to have my dinner.

After dinner, I googled myself before going to bed and discovered to my amazement that the Google warning had been removed. Wonder of wonders I was now officially clean. But before I could start blogging again, I had to download the latest version of WordPress, which I use for writing this blog. This took several hours, with the nail-biting risk that I would end up by not being able to blog at all. But I finally got it up and running.

Only to find that they have changed the format. And I cannot see any way of doing some key things to make my blog more readable, by indenting quotes and using bold and italics. And I cannot see how to put in links to my blog, so that readers go, with a click of the mouse, to useful sources I have found. So I can put in a plug for Zittrain’s book, but if you want to get it for £18 (£2 discount) you will have to type in yourshelf, www.guardian.co.uk/bookshop.

Which brings me back to Google. From what I know now, I am grateful to them for alerting me to the malacious software on my blog. But, though their email to me, did include the url for the specific post that contained the bug, which was as far back as 10 December 2007, I did not realise its significence.

Google, WordPress and the others in the game, are companies which have acquired enourmous power, through their techical expertise. And they are concerned, for economic reasons, to automate as much as possible.

But this does not take account of the needs of the citizen journalists, and millions of other computer users, who do not have the techical expertise to handle this overload of automated information.

There are two important points to be made about my experience.

The first is that if Google’s message should have had an additional explanatory sentence, telling me that the malacious software was contained in the December 10 post, but that it was in computer code, which I would have to uncover before I could deal with it.

The second is that all companies, not just computer companies, need to review their present reluctance to make human beings available to deal with customers. It is expensive, but the any company which bucks the current fashion, and provides real person to person help, is likely to gain by grabbing more customers. Because the cost in time and money to the customers who cannot easily get help is huge.

In my recent experience this help was provided by an associate of Harvard, which for educational reasons wants to keep close to customer needs. But Google should do more itself. As should the others.

The Chinese bug could have done incredible damage to me and my readers. I totally accept what I have been told by StopBadware. As to why those who put it in my webspace did not take advantage of it, I can only conjecture. Maybe they were trying to sell it someone else. And maybe they have so many such things to sell, that no-one was interested in hacking into a modest blog like mine.