Ask HN: Did anyone use ruinmysearchhistory and get Google account suspended today?
Today my google account was suspended for ToS violation. I think it might have something to do with the "ruin my search history" viral thing yesterday.
Did anyone else who participated in that have their account suspended today?
(Talking about this -- do not open link if you do not want to literally ruin your search history: ruinmysearchhistory.com) I find the serious conversations that came from this funny, seemingly silly project very interesting. 1- The chilling effect of people being scared to click on a link that may do searches their government cares about 2- The idea that if many people used a browser add in like this, it would make surveillance of search history much more difficult 3- Google accounts getting banned All from one silly site. Could it simply be the speed with which the queries are made, making a bot-blocker suspect a bot? Edit: apologies, meant to reply to OP, not here. To parent, I already upvote your comment - it's pretty cool, but also scary that we now have conversations about whether we're being surveiled by our government (in the US) as a casual normality. The only difference that appears to remain is that we openly talk about our government surveiling us. I worry they'll attempt put a stop to that too eventually. (Tedious disclaimer: my opinion only, not speaking for anybody else. I'm an SRE at Google.) One might describe it as a social botnet: somebody convinced a bunch of people to execute some code on their computer that sent automated search queries. https://support.google.com/webmasters/answer/66357?hl=en "Google's Terms of Service do not allow the sending of automated queries of any sort to our system without express permission in advance from Google." Intentionally using a tool to send automated search queries is pretty clearly prohibited. This whole incident has convinced me to actually use a tool like this, so I'm going to write one and distribute the extension code for free. I promise you won't be able to detect it, so good luck. I think anyone who wants the ability to obscure their search footprint should have it. And if you think otherwise, I'm doubly convinced it's necessary. TrackMeBot turns 10 years old this summer: http://cs.nyu.edu/trackmenot/ What about if they were not performing the searches intentionally? What prevents someone paying to serve an advert that does exactly the same thing? Does that mean any malicious website can shut down any web user's Google account? >1- The chilling effect of people being scared to click on a link that may do searches their government cares about I'm curious: does anyone know whether Google searches are truly monitored, and how, if it's HTTPS? I showed ruinmysearchhistory.com to a Pakistani Muslim friend, not having clicked it myself, and he thought it was funny until the ISIS application parts started coming up, when he consequently freaked out, as you might imagine. But this got me wondering -- it seems to be widely accepted that googling things like "how to make a bomb," "bomb materials," "where to buy guns," etc will get you put on a government watchlist. It's never been clear to me whether this is superstition or if there's truth to it. Google is fully HTTPS-- how could your searches be monitored unless google was handing them over to the government? > It's never been clear to me whether this is superstition or if there's truth to it. Google is fully HTTPS-- how could your searches be monitored unless google was handing them over to the government? They could be monitored if the government had surreptitiously gained access to Google servers or internal data transfers by compromising infrastructure such as Google's datacenter-to-datacenter links. I use that example because I recall a leak (IIRC, either as part of or contemporaneous to early rounds of the Snowden leaks) that the NSA had done exactly that with unencrypted inter-data-center links of Google and other entities with multiple datacenters, and reports shortly after that that Google and several others had taken action to secure and encrypt those links afterwards. The name of that program was MUSCULAR: https://en.wikipedia.org/wiki/MUSCULAR_%28surveillance_progr... That was the famous slide that showed where Google took off SSL with a little smiley face--which reportedly caused Google engineers to "explode with profanity." The NSA actually did not do the actual hacking. The British GCHQ did, with technical assistance from the NSA. Thus the NSA could pretend that since the GCHQ collected all the information, it was foreign-sourced and therefore not subject to FISA court jurisdiction. That should make anyone explode with profanity I often wonder if I'm going to get arrested searching for the best way to kill a hung child process. Or outed as gay for Googling linux manual pages. "Honey, why do searches for 'man date' and 'man find' appear in your your internet history?" - My future wife. Yours seem pretty innocent... Mine are a bit more insidious; man touch, man bash, man kill... man unzip, man strip, man touch, man finger, man mount, man fsck "man magic" is my favorite. K&R et al are dirty, dirty men. …still not as bad as O_CREAT though. Or searching "man cp" instead of typing it in the terminal... It took me a long time to figure out what might be wrong with that. Wow! Sets up a pitchfork In the US, the query "where to buy guns" seems perfectly legitimate. Not if you also query "How to kill someone hypothetically" shortly before/after. Reputable gun shops offer ammunition whose primary selling point is its ability to kill humans. I mention this as a relevant aside: in the US, it is (very possibly) even legitimate to search something like "ammunition best suited to kill someone". And endless arguments about what caliber and kind of round has the best stopping power come up every day on gun forums. It's their vim vs. emacs. Yep, but I do believe this script does some searches for info on terrorists, and that would be problematic with the search you describe. What if you're writing a murder mystery novel? or a filesystem... I guess this refers to Reiser? When I was at Google Mountain View in 2009, they had a TV scrolling through current search terms.. Some of them were hilarious... (Tedious disclaimer: my opinion only, not speaking for anybody else. I'm an SRE at Google.) It's just displaying this: https://www.google.com/trends/hottrends/visualize?nrow=5&nco... Oh nice... but it wasn't that in 2009.. and there were some potentially embarrassing search terms display, scrolling past.. but sure, it was probably filtered at some point. It used to be a slightly different app on a different link, but that's gone now; this one is the replacement (and what the reception displays now use). Kind of curious about the pornographic search terms : innocuous search terms ratio now... Most Third World governments control ISPs and DNS queries can be easily monitored but whether those are implicative or not depends on where the content embedded in the search results is hosted/served from. Also, even if Google is fully HTTPS, if a query returns images hosted on unsecured websites, those urls will be plainly visible and hence implicative. Edit: The embedded thumbnails are actually encrypted as pointed by the comment below. I was curious and just checked -- until you click on an image in google's search results to see it fullsize in the semi-lightbox, you're actually getting the "thumbnail" sent from google as a b64 encoded string Well, that's good news. thank you for checking, I stand corrected. I suspect it might just be represented that way in the browser, and that it's not sent that way. Interesting thought, but wouldn't it kinda have to be done that way? Otherwise you'd see missing images on image SERPs, and you'd see the delay of thumbnails loading due to slower source servers. Browsers doing url prefetching for top results would also leak some information? So now we consider US to be Third World country? :) wondered about the same thing Well, Google does have a team that monitors the dark side of what passes through it. This article is from 2012, so I'm sure their capability has stepped up significantly since then. https://www.buzzfeed.com/reyhan/tech-confessional-the-google... Google retains your full search history, by default, and lets you read all of it. (Google also scans it for ads.) Google most likely also have your real name, address and/or phone number. Do they hand it over to law enforcement/NSA/oppressive regimes? Maybe. Well, they do if you let them. For Mirimir, they have no clue. Just a bunch of blind alleys. I think Google has some monitoring for images of child sexual abuse and terms used to find those images. I'm not sure what they do if you search for those terms or if they just return blank pages. https://www.theguardian.com/technology/2013/nov/18/uk-us-dar... Well, what did it do when you tried? I have assumed that searching things like "How to make a bomb" will bring you on government radar. How government does it does not matter. I will not be surprised if the government has malware infected your computer to occasionally steal your browser history. Google is not fully https - its the road customer<-> google that is fully https - internal traffic is not encrypted. And internal traffic goes worldwide for google. Google's internal traffic is (supposedly¹) encrypted as of 2013. ¹ I have no reason to doubt this is true, but AFAIK the only evidence is that Google said it would be, in response to NSA/GHCQ's MUSCULAR program. I don't know if it still works, but Google used to support network providers force non-ssl searches using DNS poisoning. BT's WiFi offering used to do this, which is one of the reasons I stopped using it. The kind of stuff you can afford to do only when you're a US citizen and thus not a potential victim of some arbitrary US custom officer deciding you can't come in anymore and have no appeal. What I'm saying is, if you're not a US citizen, don't participate in those kinds of actions. The problems these campaigns highlight are real, but being foreigners, we have no legal recourses in the US in many areas, and can end up seriously fucking up our lives. Also it'd be nice if US folks sharing those links and encouraging actions of the kind could be considerate of non-US people who don't necessarily have the leisure of getting on all kinds of list. Well this is a weirdly US-centric view.. You seem to assume that all people not living in the US are actually just waiting to emigrate their. I'm quite happy in Spain, thanks! It's not about emigrating there, it's about merely being able to go. And in tech, being unable to enter the US is a hurdle. I actually have a trip planned to the US soon and I wouldn't dare clicking on that link, just because of that... It amazes me that that we have reached this point. As I am currently in a North African country I freaked out when the ISIS shit started popping so I immediately deleted my google history and nothing happened now. I still don't get why something so malicious was upvoted so much. I believe the original intent of that site was to get you on the NSA watch list Was to overwhelm the NSA watch list with software engineers. I'm reminded of a Usenet campaign in the mid-late 90s, adding hot terms to sigs. Software engineers are already on the NSA exploit-their-hardware-so-we-can-insert-backdoors list. Sad but true :( But not, at least, on no-fly lists. I always use a VPN so I am not worried about my IP address getting listed somewhere but I only hope Google does delete my search history... Yeah I'm on that list now. Many VPNs do actually leak your IP address. Beyond that, your VPN traffic could be associated with your billing information for said VPN. Also by coresponding the traffic to the VPN and coming out of the VPN. Or if you have any personal information associated with your Google account or have ever accessed it with an IP associated with you. Look out the window. They're in the ice cream truck. "your VPN traffic could be associated with your billing information for said VPN" - that's why I asked a friend from a completely different country to sign up for me (we are good friends with high technical prowess and he knows what he's up to). Does he have high tolerance to torture or are you kind enough to let him give out your name as soon as someone scary asks? :) In other words, I don't think your solution is very good. It might delay things a few minutes or hours at best. Thats why hypothetically it's best to use one accepting a bitcoin payment and then fill in the other details from a fake name generator. The name of the site is pretty clear. It is, but seeing it on HN made me think it was "ruin" along the lines of "throw off Google interest-based ads" not "get you on a list". I didn't follow the original link, but maybe the point was to get lots of people on a list to show how silly lists are? Maybe, but it depends on whether the location of the query is taken into account. In that case, the majority of the people who clicked through (which is based in the USA/Europe) won't get picked up as opposed to the small percentage of people located in the MENA area. I had to read until here in this very thread to get that There is a small difference between ruining ones search history and being brought to the attention of whatever authority is watching[1]. It does seem like a https://xkcd.com/576/ situation applied to search. 1) I would bet our web filter would be sending me some reports what part of "ruin" don't you understand ? Ruining your search history not your livelihood. "ruin" is completely vague, and you had no idea what it meant until you found out what it ended up meaning. Funny would be googling fetish porn, not funny would be banning you from international travel. I didn't click on it since I don't want a site to do anything whatsoever to me ever. But it wasn't evident at all to me that it was a site that would do what it apparently did. It seems like having a link like that on a major, moderated website like hn is a serious problem and failing. Not really... I actually rather expected it to be an article like just about anything else here. It was not labeled "Show HN" or anything, and apparently only required opening the link (I did not open it myself). Edit: I guess I was misinformed about this last - micaeked says that you have to click a button on the page. You do have to click a button after opening the url. I opened the URL, but saw no button. And tcpdump showed nothing going to Google. So one of the add-ons I use must have blocked it. Yes it is reckless endangerment Wow, really sorry to hear that happened! I would be in a panic if that happened to me. I feel like that site could have been used for good, to maybe scramble user profiles. As another user commented here, the terrorist search terms seem like a really unnecessarily extreme joke. Do you think you were suspended because of the high volume of automated searches or would it have something to do with the actual content? I ran it using private Safari mode (akin to Incognito in Chrome). There were naturally no consequences to my Google Account, nor my IP Address. Private mode doesn't run a VPN, right? So your IP address is still associated with the searches. Exactly, surely they are cross referencing your browser making requests with your IP one second, your "anonymous" mode the next then another sync with gmail from your gmail page. And I'd bet that is far less sophisticated than it gets. > I ran it using private Safari mode ... There were naturally no consequences to my ... IP Address. I ran it, no google ban I ran it at work. Please don't do that :) Relevant Username! Didn't IT want you to explain what happened? Yeah me too. Same, ran twice, no ban. Wow! It really saddens me that our world has gotten to a point where people are scarred, justifiably, for the consequences of clicking on a website link. That was a terrible one. I wish I hadn't clicked it. Same here. WTF did I do?! I haven't clicked it as my usual Chrome user because I find my search history useful for recalling results. I did open it in an incognito window and saw what it does. It doesn't look like a big deal. It's probably the web-era version of sticking red-alert keywords in your Usenet signatures back in the 80's and 90's. ran twice, at work, signed into my google account. no ban. So has it been restored yet? You'd think that someone reading this topic could get that cleared up pretty quickly. Poked through the JS to find the list of search terms since I didn't want to ruin my search history, silly list. The last one was a funny easter egg "OH COME ON DONT JUST COPY AND PASTE THE LIST FROM THE ARRAY YOU CHEEKY SCAMP" https://news.ycombinator.com/item?id=11880008
has no effect with iPhone 6 9.3 version I'm curious, what if something like this was distributed as malware or viral links (the new rick and roll), would it get a lot of people banned? Would it work as a global privacy tool? I went to that site and my Google account was not suspended. Sidenote since this is getting so much attention: How does the website control the URL of an external tab? Is this effectively tabnabbing? Oh, oh,. So some troll will now add an invisible iframe to ruinmysearchhistory.com on some other popular site just for the lulz I doubt it? The site still requires you to click a button (which would be inside the iframe) before it will search for you. Also, are iframes able to use `window.open`? I ran it yesterday and I open my Google account today. It's not suspended. It probably I ran it without signing in Google. Me too. But, I have my DNS obscured using Express VPN. I just ruined my search history so let's see if I get my account suspended. Fascinating... Well, apparently, excessive use of the Google with nonsensical queries should be a violation of any sane ToS agreement. Ran it, wasn't too impress with the 'choices of words' being used for the Google searches, so I stopped it. here's to hoping mine doesnt get banned. i've been planning on switching off of google products soon, towards fastmail, but haven't gotten the right domain name yet. Recently (maybe the past ~6mo or so) I've noticed that when I start pasting logs/errors/tcpdump into Google, it is now especially suspicious that I'm making automated queries and makes my IP solve a captcha. I doubt my lack of a Google login and random UA spoofing does anything to help this, though.
