UPDATE! 3-25 120pm PT: Here’s a recent tweet from Kenton. As you can tell he’s confident that the issue has been resolved. However, it can take Google up to a day to remove warnings. But just so you know, we’re secure.

Also, today’s Tammy Radio podcast has posted and if you take it via iTunes it will flow automatically into that system. TAM RuBegonia has been kind enough to host today’s podcast for everyone else considering the shenanigans on the site. This means also the podcast will be public and a nice sneak peak for everyone. Please visit RuBegonia’s site for today’s podcast.
********
Okay everyone, I have an update for you on the Google alert today.

First, Kenton has found nothing reflective of the warning that Google has issued. He has spent all day searching and investigating and has found nothing. As a result, we are going to go through Google’s process and ask for their review and a removal of their warning pages.

In the process of his investigation of the Google issue, Kenton did find something unrelated–a possible hacking back in January when we were all dealing with the Tucson shootings. Even though the site has not been defaced nor has there been any other indication of action on that possible hacking, he suggests we proceed with an abundance of caution and asks everyone registered to change your passwords just in case. Tammy Blog stores no credit card data or other financial data on this site, but please do change your password at Paypal as well just for the extra security. It’s smart to do this every now and then anyway, and with how crazy things have been with the site these past few days, it’s simply a good idea.

Considering many use the same password across websites, change it on other sites you may use as well if it is your common password. It’s always a good idea to use different passwords on various sites. I know it can be a pain, but just keep a note at home and you’ll add a layer of security.

I’m sorry about this, it is one of the risks in the cyberworld. As we proceed with the launch of the new design site, I’ll be talking with Kenton and Rachael about special ways we can protect Tammy Blog, especially as we get bigger and as the political season continues to unfold.

As someone we know has noted, we are not retreating, we are reloading (and changing our passwords 😉 !

This section is for comments from tammybruce.com's community of registered readers. Please don't assume that Tammy agrees with or endorses any particular comment just because she lets it stand.
15 Comments | Leave a comment
  1. ShArKy666 says:

    tammy…what the heck right does google have to warn anyone about anything? who died and made them the cyber police? considering obastard “met” with them, i’m very suspicious of all this crap

    • sandyl says:

      Me too, Sharky, That was my first thought. I’m glad I’m not the only conspiracy “nut” here. 🙂

      • ShArKy666 says:

        hey sandy! 🙂 well it’s really NOT a conspiracy…i mean obastard DID meet with them, and does anyone seriously think he promoted internet freedom? of course not..i fully suspect he met with them to either give them govt money in exchange for more control or getting more info from them…he’s a total scum and i don’t trust him for one second, or anyone who gets in bed with that freak..i’m serious about this.

  2. FreedomsWings says:

    Locked and loaded! Thanks for keeping us updated Tammy! I’m jealous, wish I was popular enough to be hacked (not really :))!

  3. dennisl59 says:

    While we’re on the subject of ‘Security’, here are the privacy policies of your favorite sites:

    http://www.google.com/intl/en/privacy/privacy-policy.html
    http://twitter.com/privacy
    http://www.facebook.com/policy.php

    Read the terms and conditions of use, carefully. If you agree(opt in) then you’ve given them permission to collect your info, and install ‘cookies’ on your system. Think ‘someone is watching’ you as you browse, search the Interwebtubes and come to this site?

    Heads up. It’s not a friendly playground.

  4. bluegrassriver says:

    Sue the bastards.

  5. pochitatwo says:

    tammy, nissing update on third hour from last night. with intertube problems never sure what is going on, problem mine or yours.
    maybe a note on site if delay in posting third hour
    thanks

  6. otlset says:

    Hope this turns out to be nothing more than a TAMpest in a teapot.

  7. morecowbell says:

    Will this change affect the number of weekly head explosions?

  8. aggedor says:

    Not seeing the link to the alternate TAM Chat for today on facebook (what *I* call, ‘tweetface’). If someone could post it before end of show today that’d be a groove.

  9. ShArKy666 says:

    the fact that GOOGLE is putting warnings on websites is frankly OUTRAGEOUS!!..i mean who gave them authority to do ANY of this crap???????????????????????????? hmmmm…lemme think….OBASTARD maybe?

    • aggedor says:

      And this is the same google who promised they’d never turn, ‘evil.’ Hmmmmm. Wait a tick…Google breaks its promises…Obama breaks *his* promises…MADE for each other!

  10. geezer says:

    I believe Google did this community a service, as painful as it seemed it was only a day and and a half. We are all better off since the awesome Kenton combed through the site, and discovered and routed out some internet cooties that had crept into the site wordpress system.

    If this episode hadn’t been sandwiched in between two hosting provider failures it might not have seemed so bad. Way more bad on the hosting provider for service outages and down time than on Google for raising alerts that made a positive difference during the disruptions in service this week.

    So what did Google do (skip to bottom if you don’t care to know any details)… we all know that search engines build their indexes by spidering the web all the time. When the google robots visit a site, they not only index the data, but they watch out for suspicious behavior that might mean the site is trying to mess with the googlebot. When they see something that looks dangerous, the robots make an update in a Google database.

    They always come back later and if the problem is no longer there, they make another update in the Google database to clear the alert flag for that page. Since any site that tries to attack the googlebot would probably also try to attack a browser, then as a public service Google publishes this database for anyone who wants to use it. That’s Google’s role in this saga.

    Some browsers (e.g. Chrome and Firefox) check this database as we browse the interwebs, and if there is a flag in the database about a page we are about to visit, they pop up the alert many of us saw. Some other browsers (e.g. Internet Explorer) don’t check the Google database (but IE is purported to check a similar database managed by Microsoft). It seems the MS database didn’t post a red flag so people using IE did not see the alert messages while people using Firefox and Chrome did see the alerts. And we also know now that it is possible to turn off this security check in the browser, but it’s probably a good idea to keep it turned on — here’s why…

    If you clicked on the info links in the alert messages you would have seen what Google reported: when the googlebot visited these pages, something that was served with the page content secretly kicked off two new processes on the bot machine and attempted eight specific exploits. The bad stuff didn’t originate on the TAM web site, but was likely pulled in thru a link or plug-in (or the wordpress exploit Kenton discovered hidden in the site since January).

    Wherever it came from, the end result was when the googlebot visited the page potentially malicious things were served to it. The alert report even pointed to a clandestine domain where the stuff likely originated that is known to serve malware. The report also indicated that not every page attempted the exploits, but some percentage of the time when it pulled up TAM pages, bad stuff tried to happen to the googlebot. So it flagged those pages in the database. And again when our browsers polled the database they found the red flags and posted the alerts.

    Once the site was cleaned up and the googlebot had a chance to come back and verify the cooties were gone, the google database was updated and our browsers stopped showing the alert. Now, I believe this was how it ended based on Kenton’s final tweet, but an earlier post said Tammy’s team were working to convince Google there was no malware. At any rate it was a good catch by Google that ultimately improved the TAM web site before the malicious code Kenton found went active on the TAMs and did us harm (at least we think so, but as Tammy warned prudence demands we all at least change our passwords in case it did do something before it was discovered).

    Three Cheers to Tammy, Kenton, and the team for taking quick, effective, decisive action. [insert appropriate political analogy about quick/effective/decisive action or lack thereof in dealing with current world events for a rousing end of this story :)]

You must be logged in to post a comment.