Google's search product has become a shadow of its former self. Every year it seems harder to find what I'm looking for. The top half of the first search result page is now (potentially malicious) ads, and what follows is likely SEO spam. I need to add "reddit" or "stackoverflow" to half my searches these days so I'm not served nearly useless results. It's a sad decline from 10+ years ago when I'd type a half-formed thought into the search box and I'd get the answer.
They pretty much lost the war against content farms already. I'm not sure the content indexing & crawling model they have is even adapted to the current web.
12 Years is a long time... fighting "the previous war" doctrine type results. Not to dismiss any non-public changes, but never the less, search results quality has suffered. Maybe search results isn't their funnel to relevant ads but rather they want to serve up ads while skipping the quality results step most people expect.
I think they did at the beginning, there's been a lot of algorithm changes before but once they realized they were losing, they just gave up.
The incentives are just not aligned anyways, Google Search gets its money from the ad links on the top, they don't really lose anything if the links below are half terrible...
They will never fight that war again. Just follow the money: google has all the reasons to tolerate SEOs, since these SEO linkfarms are filled to the brim with ads, conveniently sold by google!
I'd be surprised if anyone at google would understand that to be a problem, because "It is difficult to get a man to understand something, when his salary depends upon his not understanding it."
I was looking for info about an online acquaintance that I used to game with 20+ years ago. His handle is pretty unique but google would not return anything. Bing on the other hand had me finding all of his old post leading to his real name and now I am back in email contact. I get the feeling that google is just filtering out anything over a certain age and below a certain level of popularity.
Google heavily favours newness, I am sure of that. It used to be easy to find very old, but relevant results. The content still exists, but even with date filters it’s hard to find now.
It’s made supporting very old things (products, code, computers) extremely difficult.
And some small pages seem to have gone missing entirely – some "humorous" typos that I distinctly remember used to return a small handful of pages now return nothing on Google, even though the page(s) in question still exist(s) and is/are still indexed by Bing.
Watch them sneak in and steal search. Over the years, Google lost any sort of moral moat that put them above Microsoft. Does anybody think that Microsoft is more intrusive and user-aggressive than Google any more? It's six of one and a half dozen of the other, and if I use Linux or a Mac at home, Microsoft doesn't seem overly interested in me at all aside from trying to sell me Office. Google's probably trying to figure out a way to license my brainwaves.
> It's a sad decline from 10+ years ago when I'd type a half-formed thought into the search box and I'd get the answer.
Incidentally the first algorithm updates to 'combat spam' came around by then, starting with 'Penguin'. They were supposed to cut the spammy sites from search. All that they did ended up being removing small sites, blogs and ecommerce businesses from search results for the benefit of mega companies at the cost of search quality...
I had joined a few (like The Swift Programming Language), and would see questions like "I have this problem <Detailed description of the issue>, how can I solve it?"
Since (in at least one case) this was a problem I had easily solved, years before, I would provide a detailed, concise, answer, showing how to deal with it in a few lines of code.
My answer would get ignored.
Instead all these replies would show up, saying things like "I added the <XXX Library>, and it solved the problem!". These would get voted up, and the original poster would actually engage them.
After seeing a few of these, I realized that LI groups are dumpster fires, and quit them all.
As long as "site:" still works (limiting your search scope to a particular domain), then the SEO'ers can pound sand. Pretty much 100% of my google searches these days are scoped to a particular domain. This is because my search needs in 202x are very different than in 200x. Back then, I wanted to find the right web site for X. Today, I know the best web sites for X, and I always want to search for that exact X on that exact site.
I am no longer interested in discovering new web sites. The established ones are known to be good, and any new, unknown one is almost 99.9999% likely to be SEO spam. For example, I'm not interested in Dropshipper 45512's automatically generated web store where he gets a commission to ship you Alibaba goods, and that's really all you get in the long tail of shopping searches. Search engines need to pivot away from helping people find new web sites (since they are mostly crap) and instead help to curate the best content from existing known-good ones.
Yes, it sucks if your new site is legitimitely one of the 0.0001% that are human-made and awesome. Sorry, but I'm not going to find you through search. Don't worry, I'll find you through word of mouth if you are actually high quality.
have you considert duckduckgo with bangs? I use them daily e.g. `!so <query>` would search on stack overflow. U can use `!g` if you ever need google again.
YouTube search is even worse. They could do so much to filter the results. But they don't. They don't even give you a full page of results. The give you half a dozen and go "Meh. Search is hard. Here is some completely unrelated videos you might like."
They have the abitity to create transcripts of everything on there, across languages, with the capability to apply good-enough translations to other languages, its insane
I think this is intentional. Those videos for me (unrelated videos to my search) are usually recommended videos and it feels like they are placed there to get you to engage.
When I use search on NewPipe, I get _much_ better results, and those unrelated videos don't show up, presumably because those searches don't use a Google account. I get much better results when I search on NewPipe, and have found some great videos from the normal YouTube frontend search
Youtube makes money by getting people to watch ads. Users aren't the focus and haven't been the focus for years. Their design decisions cater to their customers, advertisers, and their algorithmic needs.
And not just that... if you search for anything that sounds a tiny bit political, all your favorite creators, even the ones you're subscribed to, get hidden from search results, and you're presented with mainstream media results (cnn, msnbc, guardian, huffpost...).
Large page sizes, short session times, and I’m sure a myriad other things help reddit earn that low ranking all by themselves. Serving up google ads doesn’t help with seo
This makes me laugh - I've found myself appending "reddit" to my search queries more and more frequently when looking for product or service reviews.
The regular google results are filled with affiliate-link-driven ads disguised as product reviews. If you want to really know what people think about products, you have to go digging these days.
Yeah, this suggestion still works okay. It used to work better, but now the advertisers have caught on. I give it another year or two before corporations have astroturffed the hell out of site:reddit.com searches and made them useless
>I've found myself appending "reddit" to my search queries
So what you're saying is I should create dedicated subreddits about my products that only allow my multitude of bot accounts to post to it, but look like real conversations?
Generally the good reddit threads are those on more generalized subreddits rather than product-specific ones, and though I read threads in the latter I take them with a big grain of salt. The generalized subreddits are much more likely to have enthusiasts pointing out pros and cons of competing products and calling out anything too effusively glowing, though of course it's not perfect.
The silliest part to me is that the affiliate marketing reads like affiliate marketing. Reddit comments somehow seem more genuine, even though the former is trying to mimic the latter.
surprisingly few topics haven't been discussed here. Often there's interesting technically-minded thinking, and for most (most!) topics it's less likely than a dedicated forum for any interested parties to be present. The latter really applies to any generalist forum or off-topic section of a forum where a sincere community has gathered. Until the dead-internet is achieved, at least.
Yeah, despite how little I comment on here, I use HN all the time for basically the same thing. I think the good moderation, smaller, tighter-knit community, and relatively high-quality of posts compared to Reddit has made it my first go-to when I am curious about something.
I'll usually `query bla Talos II bla bla site:ycombinator.com`, and if that doesn't give me what I want, I'll try the Algolia search [1]. And only then will I give up and try `site:reddit.com`, unless there is a more specific site I know to try first [2].
---
[1]: I'm sure most regulars here know it, but if you don't, it is super useful. I just wish it had more query operators to filter out stuff sometimes -- <https://hn.algolia.com>
[2]: I'd be interested in what others here do. Off the top of my head, these are the ones I'll usually use, maybe it'll be helpful to someone else:
• For questions about server hardware / networking equipment / weird second-hand HPC stuff, ServeTheHome has a surprising number of quality articles and lots of forum discussion -- `site:servethehome.com` or `site:forums.servethehome.com`
Level1Tech's Forum (site:forum.level1techs.com) can be decent as well for such topics and stuff like ZFS-related questions, but it tends to have a more 'inexperienced'/consumer userbase relative to STH (though usually more into it than, say, the LTT audience).
• If you don't mind Google Translate, Russia's more-or-less HN equivalent, Habr [3] often has pretty high-quality, in-depth articles on a variety of tech/programming topics. It differs from HN a bit in that companies themselves tend to write them and they are displayed inline on Habr itself rather than more of a Reddit-like link-aggregation system like on HN.
The style tends to be similar to stuff like the CloudFlare blog posts -- `site:habr.com` (word of warning: great content, but the comments can be quite mean at times - e.g., the blog post on Cosmopolitan was just filled with awful transphobic stuff).
• For anything video encoding-related, `site:doom9.org` is a great resource when Googling specific questions. And for finding out which country has the best quality release of a movie, outside of something like a torrent tracker, screencaps from <https://caps-a-holic.com> are great, and adding `site:forum.blu-ray.com` or `site:dvdcompare.net` to your queries can help a ton to find actual info about a disc.
Otherwise, certain Discord chats, like Beatrice-Raws, /r/av1's Discord, and the SeaDex Discord can have useful discussion.
• Anything Linux-related, the Gentoo Wiki is really good, and Arch too - adding `https://wiki.gentoo.org` to a query can help a lot, particularly for weird compiler flags and old/obscure hardware, or `site:wiki.archlinux.org`. For LTO and optimization bugs, the Gentoo LTO overlay project is also really useful, between the patches/notes and the issue tracker discussions [4]. AUR comments can also be helpful for issues with somewhat bleeding-edge builds.
• Arch's PKGBUILDs and Alpine's APKBUILDs are really easy to read, and I find actually getting to them/the sources for their patches is easier/quicker than most distros. If I'm running into trouble, I tend to check their stuff to avoid the useless Google searches.
• For anything drug/medication-related, the Psychonaut wiki [5] and Tripsit [6] tend to be better than stuff like Wikipedia in terms of "wtf did my doctor prescribe me, what will this do, and do I need to worry about taking it in combination with XYZ".
As a last resort, if neither has good info on some obscure thing I've been given, like when I was living in Russia, if you're willi...
I keep hearing about adding reddit to one's search queries, but what sort of things are y'all searching for where reddit's opinion is relevant?
Reddit is kind of like that effect that people say about popular journalism; for the things that you're an expert on, they always get it wrong, but for things you know nothing about, they have a way of sounding right. Reddit is very much like that for me; if I know nothing about something, I love the comments. If I know a lot about something, it's all too crazy to even read. (I stopped reading programming subreddits like 15 years ago. A lot of very mean wrong people hanging out there.)
> There’s a lot of useful stuff on Reddit but you do have to be careful as “upvoted” stuff is sometimes wrong and “downvoted” stuff is sometimes right.
Default subs and big subs are by far the worst about this. Comments in threads on r/technology for example frequently perpetuates easily verifiable falsehoods that would quickly get shot down in smaller communities.
I have a suspicion that the "volunteer-mods" on the big Reddits, like the Wikipedia admins, are infiltrated by people paid by interested parties to represent their interests on those popular web sites. In the case of Wikipedia, I recall a story about how one of their admins was a woman in Canada who was a former British intelligence agent with whatever the British equivalent of the CIA is called. If governments and NGOs can infiltrate Wikipedia to do things that are specifically against its rules, they can infiltrate Reddit and probably have.
Most people are too busy to have the time to be an online moderator and those who have the time typically don't have the political skills to get appointed as a moderator of a large online community. That's why the best way to hire a good mod for your online community is to make it a paid position and to randomly monitor them for evidence of bias and/or abuse of power.
> but what sort of things are y'all searching for where reddit's opinion is relevant
If you want real, unvarnished reviews and opinions of products, you need to get it from real people that have owned the product for more than 1 day before leaving the review.
I recently needed to purchase a new winter coat. Surfing many reddit threads across a dozen or so subs actually convinced me to not purchase the coat I had in mind. It looked nice and all, but real users that had owned it for a while had disappointing things to say about the zippers failing prematurely.
That's not something you would find in Amazon reviews, which are mostly people who recently purchased the item and have not owned it long enough to experience failures.
If you read the conversation threads, you can pretty easily pick out astroturfing.
Plus, do your own research of course. I don't exclusively use reddit for this sort of research... if I'm looking for outdoor gear I will browse outdoor gear forums for people's thoughts. Cycling, same thing... etc. You look for a consensus to be formed before making your own opinion.
My point was default google search results are now unreliable because they are almost always affiliate links.
We're humans, not computers. We don't have the same problem of discerning intent like AI would.
It's pretty obvious when someone is communicating nothing but positive things about a product, or nothing but negative things about another competing product. Sometimes it's more subtle... but seriously, if you read enough comments you will locate the ones that are obviously shilling or astroturfing. They won't talk about many topics (or no other topic) except the item or company they're promoting.
It's really hard to make a bot or corporate account appear, sound and feel like a genuine human writing about their experiences. Particularly on a platform like reddit where people speak rather freely about products and ruthlessly call out astroturfing accounts.
With all that said - perhaps some people have better BS detectors than others. I like to think mine is rather accurate most of the time.
>We don't have the same problem of discerning intent like AI would.
The same problems? No. But humans pretty notoriously don't always communicate effectively.
>It's pretty obvious when someone is communicating nothing but positive things about a product, or nothing but negative things about another competing product. Sometimes it's more subtle... but seriously, if you read enough comments you will locate the ones that are obviously shilling or astroturfing.
Yeah, you'll notice the ones that are obvious, but that doesn't really tell you much about your overall accuracy, since you don't know how many non-obvious ones you're missing.
Yeah, reddit is a lot better for gauging what owning a product is like long-term. Don't blindly trust naturally, but it can be a decent data source in what would otherwise be a total vacuum.
I agree in the broad that much (most) of reddit is awful, wrong, and not worth viewing. (I wonder how you feel about HN over the years. To me HN got as bad as parts of reddit were at some point, however reddit has gotten worse too so there's still a quality gap.) Still, it can be occasionally useful to filter it as a site for queries, like with HN. (It's fun to see if a company I've thought about working for has been talked about on HN at all.) Recently I found some useful travel posts on reddit, like how to best get to a destination with some tradeoffs highlighted for time sensitivity and helpful links for everything, and as an augment of location reviews, some offering quite a bit more context than the one or two paragraphs I usually see on google maps. Though to be fair, a sample of short reviews is usually good enough. Another use of reddit remains finding other people who want to talk about relatively niche things, but these days it's more common that it's just one way that leads you to a discord server whose contents are sadly invisible to search engines.
I actually like Reddit and HN in general. On Reddit, I like the comment threads where they trash politicians with escalating levels of absurdity, and the creative writing exercises disguised as AITA and TIFU.
As for HN, I think it's fine. It really hasn't gotten worse over the years (people were saying that in 2010 too). Moderation here is excellent, and people mostly behave themselves. But, you do have to stay away from certain subject areas. If you see "it's a lab leak for sure!!!" with 2000 comments, I recommend bypassing that. Lot of people very mad at each other. Anything technical, though, lots of good discussions, even on popular topics, and I often learn something. The intersection of technical and social is mixed, but generally you don't feel terrible after reading them.
HN does feel like it skews younger than it used to. Probably because I am now older than when I first started using the site. I read a lot of things where I think "you'll figure it out in a few years" more and more, but know that you can only explain so much. Lessons have to be learned firsthand, HN's average reader has many good life lessons to learn. So do I, of course!
The problem is the spammers are already creating garbage content on Reddit as well. Fortunately, the moderators of the big subreddits will usually take care of it and remove the posts, but some of the smaller / niche ones still leave things up there.
> The web has changed but Google isn't keeping up.
I'd argue that Google incentivized the web to change in a way in order to better exploit/profit from Google, and that's led to a net negative experience for Google users (who then leave, causing problems for Google).
Is it "Google hasn't kept up"… or perhaps it’s by design. I wonder if google has more interest in showing users what it wants to show them vs what we end users may be looking for. At least for me I see this blatantly when using YouTube. It gives about 2-5 decent search results .. followed by a list not even remotely close to my search.
I’m not sure I understand the assumption that Reddit can serve up better/safer info than google. It’s pretty trivial to post misinformation, malicious advice and so forth on Reddit. And how many times do I pull up stackoverflow with a question with one answer and few if any votes. Often the single answer is unreliable, and if trusted blindly I could see that being a serious risk. You know, the answer is “just run: sudo dd if=/dev/zero of=/dev/sda” or the classic “rm -rf c:”
Sadly there’s disproportionate value. Your attention is only worth a few cents, the criminals' (SEOers, scammer ps etc) cost is miniscule per user, but the cost to each user of the misinformation and wasted time is larger.
Like breaking a shop window to steal something small and easily transported/resold.
I think this is why there is value in moderated spaces like reddit [complex feelings here], the moderators and team/tribe mentality ensure that there is informational value to at least that group [more complex feelings here].
Oh my GOD. The 60 FPS 4K memescaling shouldn't drive me as insane as it does, but jesus christ, the amount of times I have wanted to show someone some opening, gone on YouTube, and literally everything is some tweened upscale.
I usually give up and end up having to go and StackOverflow the ffmpeg filters I'll never remember for burning in subs just to clip it myself -- `ffmpeg -i episode.mkv -vf "subtitles='episode.mkv':si=0" -c:v libx264 -preset slow -crf 18 -c:a aac_at -b:a 320k -ss start_duration -t opening_duration output.mp4` [1].
I think it bothers me even more given anime is rarely even natively fully 1080P 29.97/30 FPS, let alone 4K 60.
I try my best to live and let live, but it's my biggest pet peeve. It drives me nuts that basically all TV manufacturers do this too now by default -- everything I've purchased over the past ~10-12 years or so comes preset with """"smooth""" motion and a billion other video "correction" modes enabled, despite it just artifacting or making everything look straight up worse [2].
I'm genuinely really curious, does anyone here on HN use and enjoy those modes? Maybe there is something I'm missing.
Or maybe I'm just hyper-sensitive to that kind of thing. It made me laugh when I moved back to the US after school in Russia; family had gotten a new TV and within like seconds of being home and trying to watch a movie together, I'm immediately sitting there fiddling with the sittings, meanwhile no one else apparently even noticed the frame interpolation was on in the first place.
Anyway, sorry for the rant ;-)
[1]: OK, this time it was from memory, so it might not quite be right. But maybe I've finally memorized the correct incantation?
Not sure if you've read about Kagi on here, but one of its features is that you can weight/pin/hide certain sites in results. It works well for programming (although default search is well tuned for programming). There is also a feature called lenses which is a more fine tuned way of doing it. I think there's one for programming, one for shopping. I haven't personally used lenses though.
Not software dev specific, but I also use Peter Lowe's ads and trackers blocklist (https://pgl.yoyo.org/adservers/serverlist.php). Note that this one can be a bit aggressive (blocks url shorteners and clickthroughs on google ads even if they are the correct place you want to visit because, well, tracking), but it is well maintained and generally a fantastic addition to the default ublock origin lists imo
Altavista was better. It would certainly return more than the 5 SEO stained results pages that current search engines are repeating over and over again, pretending that they're bigger than they are.
Google was better, too. This is because someone decided it was better to sell ads than give people the most relevant results. It’s not like it’s an unsolved problem in computer science to block persistent spam / scraper / cloaking domains — someone at Google told the people who used to do that to stop.
Still much easier to parse through reddit's comments and try to identify astroturfing than going through Google's results figuring out what's not SEO-spam or sponsored reviews...
It takes me much less effort to do the former than the latter.
For products, I'll find suggestions from reddit, signal it with the conversational quality, then corroborate it against other places that reviews may exists like forums, youtube, facebook, instagram, etc.
Usually, a great product will have enough activity surrounding it that it's difficult to fake with bots. Especially, Instagram profiles with <1000 followers + non-seo-optimized stories/posts raving about something signals that the the <joy-from-product> is organic rather than manufactured.
I think the strongest signal for legitimate IG accounts is the ephemeral nature of the 24-hour IG stories. I suppose someone enterprising could auto-build hundreds of personas that post stories daily, but a random profile with stories posting activism, their morning latte art, a selfie with some friends seems doesn't fit in the ROI of a scalable marketing strategy across a ton of accounts. Maybe I could be wrong?
Part of the issue is our built-in bias towards thinking of other Reddit users (and HN and whoever) as people just like ourselves. That means we give undue weight to their recommendations.
I definitely find myself being more swayed by a single user's recommendation with maybe a few dozen upvotes, over SEO-gamed websites and Amazon reviews. But in reality, that's a ludicrous assumption, since advertisers knows it too, and it only takes 5-10 fake accounts to create that kind of pretend consensus.
I used DDG which was slightly better; but for a couple of months, I've switched to kagi, and it's been a revelation. It's much better than both, it's google from 15 years ago. Drawback is that unlimited searches needs a subscription (10$/months). But I personally think it worth for the time and focus gains.
Have you done a side by side against Neeva? I've been on Neeva for long enough that it's not worth testing against competitors; it's very good, but I'm always interested in how well others compare.
I haven’t but I will a try!
In the last years the only that I found equivalent was cliqz, that unfortunately closed 2 or 3 years ago and which I still regret.
Which, hilariously, is what got people to use Google in the first place.
What made Google take off was not only was it fast, but you also got what you were looking for in the first page of results — if not the top of the first page.
No more carefully crafting queries to try to filter out the chaff. What you wanted, fast, and easy enough that someone not versed in how to carefully structure queries could be immediately successful.
- -
If some search engine or other tool can get us back to that point, that’s not only what will eat Google’s lunch, but devour it - and quickly.
> I need to add "reddit" or "stackoverflow" to half my searches...
The perversity is that site-local searching used to be better when it existed, but people (users and web devs both) came to rely on google. It's a sorry state that google remains the primary interface to sites that should know their data better them google...
Personalization could be a reason of getting bad results. I'm always using https://google.com/ncr in private mode and I don't think I've noticed any degradation in search quality so far.
I’m reminded of the time I opened nytimes.com and the ad Google served started a download for a .exe file. It wasn’t well targeted to my Mac but if you do that to a million people the number who’ll think it’s a trustworthy site and run it will be greater than zero.
Took me a while to understand what "using Google to download software" means. Was there a hidden functionality I wasn't aware of? Turns out, what they mean is "don't use Google to search for software you wish to download".
Yeah, I love Ars, but Dan is definitely their weakest writer. The article is about scammers buying ad space on google to rank their malware above the legitimate google search results. Installing an ad blocker is a great solution.
The search results are not the problem. The ads are. Ads are placed above search results, so users are more likely to be mislead by them. Installing an ad blocker removes the misleading ads, leaving only the legitimate search results.
Not entirely, unfortunately, at least on my experience.
Putting the keyword "download" after the name of software, ebooks, or music will lead into weird websites that distribute malware, and they rank very high.
I just tried searching for an old Game Programming book I happen to have. There's two piracy sites, then one site with a "Download" button that gives me a DMG with an executable. Those are above Archive.org, the official github repo of the book and the official website.
For music download, I searched some Bowie. There's Amazon... plus a few pages of of weird websites that I have no idea what they are, but look like "paid piracy", they either ask for credit card or give me a DMG which supposedly has a downloader.
For software I searched the one I made by the company I work at. There's stuff like Filehorse, Softonic (I don't even know if they're legit), then there's a few which look like those aggregators but end up giving you malware when downloading.
That's with ads blocked, and subscription to several lists.
In the end IMO this is terrible for small businesses, people will end up distrusting anything that's not Amazon or anything that they try to search organically, or they'll get malware.
piracy is a known vector for distributing malware.
this is more for general searches or software with no paid option.
google should deindex scam sites, but this is easier said than done. however they should NEVER have paid ads for malware as they're directly profiting from malware
Google is an ad platform the ads are the problems.
Installing an ad blocker does not solve the problem. At best it hides the problem.
The issue here is you're looking at this as a 'you' problem and not an 'everyone' problem. If you block ads that's not a problem. When everyone does it Google will change how the page renders in such a manner that your adblocker is worthless. And then you're back to it being a you problem. You cannot disentangle the search and the ads any more than you can disentangle being human and needing oxygen to survive.
It's pretty effective too, I often ask colleagues to download this or that app and just giving its name, but they keep falling for Google Ads. Now I send them an URL instead.
If I didn't know any better, I would think about suing Google for boosting malware spread x)
As an aside, I'm always suspicious of free utilities being downloadable from well-designed hosting websites, such as www.fosshub.com. I'm less suspicious downloading it from a very basic, almost plain text web page, for whatever reason.
This is funny, I was confused in a different way, as I typically check the URLs to make sure I'm not getting scammed, and I have not noticed an influx whatsoever.
Then I read this and realized I have not seen those google search ads in years unless I'm setting up a new machine. I always found the 8 ads before results to be absolutely evil and now its causing real damage.
It describes perfectly what users use Google for. Look at your non-IT colleagues over the shoulder while asking them "hey, can you log in to Netflix?"... 60% chance, 90% for older folks, they'll type "Netflix" into the browser bar and click on the first link because they don't realize "Netflix" is not a domain name. Or ask them to "download VLC" - they'll type "download vlc" into the bar and click on the first link, which is what led to a ton of malware in the past [1] (at the moment, at least for me, the top result is clear though).
I started running a pretty popular forum back in the late 90s and I was shocked when I noticed this behavior. The name of the forum itself was shorter than typing "google" yet most sessions started with someone typing the name of the forum into google and following the first link.
I agree, though probably for a different reason. The reality is that one always had to be careful when following download links from any search engine. The reasons may have changed with time and the amount of risk may ebb and flow, but it was always best to verify the source of the download in order to reduce the likelihood of an unwanted payload. Headlines that imply this is new or unique to a particular search engine are dishonest.
The malvertisement thing has become real bad. The other day I had a problem so I used chrome, where I unfortunately hadn't installed an add blocker yet. I searched for my bank (I know, I should have put the URL in directly, but I was being lazy since it was a new chrome install and I didn't have the url in my history yet). I hit the first link, logged in (my password manager would have saved me here, but again it wasn't installed), and realized that it was a fake website.
Fortunately I changed my password again before it was an issue- and then my bank locked my account when they saw the suspicious activity. So nothing bad really happened to me other than some inconvenience. However I'm still amazed that Google would let their search results get poisoned with these ads for phishing sites.
This is why the appeal-to-ethics argument against adblocking holds no weight with me. Yes, maybe I stole $0.0001 from the publisher by not looking at an advert. But I also didn't have my bank password stolen and my files cryptolockered. It's a small price to pay for security.
You shouldn’t feel bad, advertisements online are user hostile and a security threat. It’s not like a billboard that is at most annoying as you avert your gaze, despite what online ad supporters want you to believe.
The ad companies could cleanup the business and actually enforce security/safety standards, but that would cost money and god forbid they lose some.
There is no reasonable appeal-to-ethics argument. When it comes to accepting code and/or data onto my computer, or more precisely my screen, I can and should have 100% control over what I accept. My computer, my choice.
The other appeal-to-ethics argument is that major advertising networks should not (ever) do business with malware companies, scammers, and bad actors. Their ethical responsibility of doing their business, which they profit from, is at the very least some form of due diligence on who they form business relationships with.
That doesn’t help. My mom downloaded malware when she was searching for a printer driver. It was organic search and not an ad.
It’s about time for her to upgrade anyway. I’m going to encourage her to get a new $599 Mac Mini. Yes I know there is nothing inherently more secure about the Mac than your typical Windows computer besides perhaps code signing. But isn’t targeted as heavily.
And you are young enough and tech-savvy enough to know about all these mechanisms, you made a mistake because you were in a hurry or distracted.
Think of how many people (older and/or not technically proficient) fall in this same trap everyday.
Since ads are paid for (and an invoice is made for the payment), google could well verify the id of the people placing the ad and the correspondence with the "real" organization/website.
They send postcards with a code to verify addresses/titolarity for google business profiles:
The "I'm behind 7 proxies" meme gained sentience by now.
The "real" credit card was stolen in a similar practice from another user. The phone number was entered by my grandma. The address verification was submitted someone fooled in a previous stint.
You can't block, detect nor prosecute these people. Google could only try to protect "PayPal" searches but for the rest of them it's going to be a feat. Let's not make it sound like a computer could just tell that all of these are obvious scams. To a computer there's little difference between mybank.tld and mybankverified.tld. Domain age has plenty of false positives and negatives too.
How did you log into the bank with valid credentials if it's on the wrong domain? My password manager won't fill it in on the wrong domain and I literally don't know my banking password.
My bank's website (their real one) was having an issue with Firefox so I installed Chrome just to log into the bank. Since I normally don't use chrome I hadn't installed a password manager yet. I copy/pasted my password out of my password manager.
It is also advised not to search for customer care numbers of prominent services on Google. Most results will have fake numbers listed that may lead to social engineering of the caller.
Well, fortunately, I never click the "Ad" sponsored links and most of the time I don't see them anyways (uBlock). That doesn't help the other 90% of users online though.
Like many here, I have a sysadmin side gig for my aging dad: uBlock is essentially required as anti-virus software.
While it's great that google figured out how to monetize search by inserting ads, it was a lot more ethical back when their major demographic was geeks who could tell the difference between an ad link and a genuine result. Now? Not so much.
> it was a lot more ethical back when their major demographic was geeks who could tell the difference between an ad link and a genuine result
I think the ads used to be more distinct as well, with a different background color even, if I remember correctly. I guess it's a fine line to walk between "It should be obvious what is advertisement" vs "Users should be confused enough to sometimes click the advertisement", and Google chose to go for the latter in order to raise click rates.
Ads were not only a different color, they were also limited to the margins of the page and did not appear in the list of search results.
As a matter of fact, when Google was the scrappy new underdog, they used to make fun of the legacy search engines for the practice of mixing ads into the list of search results.
Except when they do the thing where the real search results appear first, but then the ad pops in a split second later under your mouse right before you click.
Google shifts the content themselves as well sometimes, leading to misclicks. Try searching for "google chrome", click the link to "apps.apple.com", go backwards and try to quickly press the link below what you clicked on before, Google will scroll down a little "People also searched for" box that will surely be exactly where you wanted to click.
This has frustrated me so many times, although its not really related to ads.
Me neither, the examples called out in the article have likely all been culled by now. I do have to wonder why entering ad keywords for names of popular software doesn't immediately flag for review though.
> It is difficult to get a man to understand something when his salary depends on his not understanding it.
- Upton Sinclair
Google doesn't exactly care about this because they still get paid for the click. The malware companies are willing to bid extremely high for that single click (since they end up pwning your computer).
But this is why someone in the executive or CxO suite must be on top of flagging potentially existential issues like this and getting on top of it — instantly.
If it were my company, I'd be temporarily pulling down all ads not from a known previously-vetted source (e.g., the major agencies of publicly listed US companies), setting up an emergency team to develop some recognition technology, then opening it back up again with very strong surveillance.
But yeah, likely the execs there will just say 'it won't collapse that fast, and I'll be off on sunnier beaches then...
It boggles my mind that neither macOS nor Windows has an official, comprehensive package manager. Sometimes the only way to get software is to download binaries from a Google search like it's 2003.
On macOS, 90% of what you'd ever need is on Homebrew—this is more or less a solved problem—but it's still unofficial and Apple promotes their pointless App Store instead.
In Windows land, the unofficial package managers are nowhere near comprehensive (understandable, I guess), but you'd think with Microsoft's approach toward WSL and GitHub, they would have an officially supported HomeBrew-like alternative.
They allow anyone to submit to the repository with minimal vetting, and the package selection is inferior compared to Homebrew. Maybe we have different ideas about what "official" and "comprehensive" mean.
Prima facie, a one-stop, secure, official (paid Microsoft employees working on it) source for binary downloads seems like it has plenty of value for end users.
I'd be interested in knowing why keeping the Windows Store around and having a secondary package list for winget that most people don't use is a better paradigm.
C:\>winget search "hacker news"
Name Id Version Source
------------------------------------------------
Hacker News Reader 9WZDNCRDKBC1 Unknown msstore
Hacker News (YC) 9NBLGGH1RHHV Unknown msstore
I have no idea on the provenance of these packages, so will not be installing until I understand this more, but thanks for sharing winget.
"winget search torrent" listed some apps which I had never heard of before.
Here is winget's submission requirements info:
> Expectations for submissions:
> The manifest complies with the schema requirements.
All URLs in the manifest lead to safe websites.
> The installer and application are virus free. The package may be identified as malware by mistake. If you believe it is a false positive you can submit the installer to the Microsoft Defender team for analysis.
> The application installs and uninstalls correctly for both administrators and non-administrators.
> The installer supports non-interactive modes.
> All manifest entries are accurate and not misleading.
>The installer comes directly from the publisher's website.
I've been using Scoop on Windows [0]. Chocolatey is probably the more "professional" answer, but Scoop doesn't require Admin privileges, which I could never quite figure out how to do with Chocolatey.
What’s the difference between the App Store and a package manager? Mostly it comes down to trust: I can give you Mac .pkg files all sorts of ways but what you really want is a way to know that I am who I claim to be.
Package management has a boot-strapping problem for mainstream platforms: the same people telling the public that you should install Firefox using their ad bundle installer would instantly pivot to saying that you should install Firefox by adding their “store” to your system package repository list, and then SEO-ing their instructions as hard as they can.
Homebrew works because the audience is heavily technical and they don’t accept every app. Change either of those and quality would decline, and gaps in package coverage normalizes the behavior of installing things from outside of the store.
The real solution is probably something regulatory requiring Microsoft and Apple to run a basic store at cost, possibly allowing premium add-on services, or perhaps having a way to setup other stores with proof of liability insurance and auditing. The basic tier could be something like having a verification process for developers and a robust way to yank abusive apps.
> real solution is probably something regulatory requiring Microsoft and Apple to run a basic store at cost
"At cost" for digital stores run well* appears to be between 12% and 18% depending how readily end users can unsubscribe or how easily they can end up interacting with a human for a support, since it costs more to be user friendly. Stores charging less, e.g. 8%, have processing billed separately, generally adds back up to 12% or more.
Relative to that, keep in mind Apple's 30% in the first year drops to 15% in the second, and 85% of apps are hosted/delivered free.
* "Well" as defined by end user, not by developer.
Yes, getting that balance right is tricky since there isn't a precise way to say how much additional features are worth to everyone. It could be low-cost if the service was just publisher ID verification and PKI, but then you'd see a lot of bottom feeders trying to stay just below the threshold where they'd get their signing key revoked.
That might still be worthwhile if the idea was something like allowing your computer to have a policy saying it'll only run signed binaries but the default assumption is that most people should stick to the higher-margin more curated App Store since that would still make it more expensive to run malware / adware campaigns if you had to burn a business identity as each one was discovered.
Google was once considered trustworthy. It never was, but we thought it trustworthy. Where can you find a trustworthy source for software? Depends on your platform.
Linux: Your package manager. In my case, apt.
Mac: Apple has an app store of its own. Use that, or one of the BSD package management systems ported over.
Ios: Apple app store is decently curated.
Android: Google's app store is terribly curated. Give up now.
Windows: Nobody uses whatever app store or package management system that microsoft developed. A third party developed a useful package management system. It is called Steam.
Other platforms: see replies below.
Linux package managers are not trustworthy. That is another case where everyone pretends that it is. Usually packages are created and updated by random people and can be pseudonymous.
Oh crud, you are right. Any idea how to fix this? Perhaps a more curated (and more manageable) list? That would seem to be in conflict with our bazaar model.
The package managers right now ARE that curated list and distributions like Debian have proven themselves to be trustworthy.
Of course, you can always find something wrong with every approach, but the truth that everyone needs to face here is that you need to trust SOMEONE to distribute good software to you.
AUR is one of those "at your own risk" repos where I always check the pkgbuild and comments of a package first before installing something new. I don't know why I should hesitate to trust the default repos though since they're curated by the same people making the distro I use. Either I trust them or I use another distro.
Yes, but these are the same people who are managing every single program on your system. At some point you either have to compile every single item from source yourself, or accept the fact that you will need to place a certain level of trust into the vetting system your distribution has established.
That really depends on the repos you are using, that's why distros are so important. If using repos from Debian, Ubuntu or Fedora (including RPM Fusion) you are 1000x safer than anyone using winget or google to try and download software from random sources.
And governments are doing their best to break the app stores, destroying even the basic safely mechanisms such stores can offer. This should be taken as instructive, but is ignored by most.
What a strange argument - with this they're actually opening the market to stores that will ensure secure products like F-Droid with their guarantee for opensource. If anything, the current situation where BOTH Apple and Google store are ridden with malware and poor software doesn't work.
We didn't fix SourceForge problems by allowing a megacorp to kill all competition and enshrine that cesspool, but by creating new sources of software.
I feel lost reading articles like this. Then I realize people still use Google search. I switched six years ago to Duck.com and I’m never looking back.
Was looking at a fake Audacity site just the other day. I couldn't believe it was the number one search result when I was researching progress on the project's UI redesign.
Under the same banner of just staying away from popular malware targets, it would be consistent to choose bing or DDG while searching from your web browser running on OpenBSD/riscv64. Just confuse the hell out of the bad guys.
But, the big flaw in the article is the author fails to suggest a better alternative. DDG raises 2 malware sites in the top 10 organic (I assume) results for "tor download". You're not safe from this stuff anywhere.
> it would be consistent to choose bing or DDG while searching from your web browser running on OpenBSD/riscv64. Just confuse the hell out of the bad guys.
As a bit of a joke I used one of those browser fingerprint tools running on a browser under OpenBSD/macppc. The entire setup was completely unique, they had never encountered another user that matched. It would confuse the bad guys, but it’s very easy to track.
It seems as though using an adblocker has become more important in terms of security posture than having an antivirus running, or keeping your system up to date.
We're going to end up in a weird situation where we just download all this stuff through storefronts like Steam instead of open websites on Google, if they keep this up.
Doesn't help that Windows' own app store is a huge mess on Windows 10 - and presumably 11.
Every time I read these articles I am so happy that the sponsored links are blocked by Pi-hole. Makes my family furious because it also disables all the shopping links as well, but well worth it imo.
Back in the early 2000s I helped create policy and procedures at Google to stop this kind of thing. Google's early anti-malware policies, extended to ads, and internal procedures to make sure we effectively stopped malware ads. That was a long time ago though and it's sad and frustrating to read it's not working so well now.
In particular the article points out several big red flags about how malware scanners are automatically finding the site and download are suspicious. It's a shame Google Ads isn't using that information.
(As for DownloadStudio, they have a Wikipedia page that looks 100% innocuous. Searching for "DownloadStudio" has Google search offering an inline answer to "Is DownloadStudio safe" with a reference to the website for DownloadStudio saying "yes it's safe". In this case the inline result is actively harmful. https://i.imgur.com/37GzDKe.png)
It's sad that Google finds it more important to take profits from ads linking to malware downloads than to protect users from harms. I guess the only way that's going to happen is if governments step up and make Google liable for harm caused by ads.
I've seen it happen myself with my father. He gets served malware and phishing ads at the top of searches on his iPad for completely innocuous searches like "Apple Canada support", while I get completely different results in the same house from my own devices. There's no way to report these incidents either.
No, I checked for that multiple times as I was around when that happened. It was an ad served up directly by Google that lead to a phishing website and phone numbers on it. His filter bubble is very different from mine, and it's clear that the peddlers of malware and scams use ad targeting to hit the elderly with ads that try to take advantage of them. This is a major downside of ad targeting: they're more effective for both good and bad purposes.
Ads really should be less ephemeral than they are. Sometimes I see an ad I'm interested in but miss it before clicking a link at which point it's gone after hitting the back button. Similarly, if an ad is for a scam, there needs to be a way to go back, find it, and then flag it.
Just login to your own Google account on their device. =-) That'll result in some pretty dramatic changes in the content they see (and probably you too as things get blended over time).
I increasingly believe that there are no legitimate uses of micro-targeted ads and only harmful ones. The only real distinction is whether or not it is harmful to the target (user), the advertiser (failed impressions), and/or the advertisement network (Google allowing malware companies to spend pennies on the dollar to sell bad software malware launchers in turn makes Google look bad).
Micro-targeting may go down as a multi-billion dollar industry-wide mistake by the time this plays out past logical extremes like this "most software download ads are now malware launchers and Google can't seem to or doesn't want to fix it".
I agree on that point. I believe that micro-targeting of ads is how harmful content (outright scams as well as conspiracy theories and other misinformation) is able to get promoted in ways that allow it to proliferate which was not possible in the past. My theory is that back when TV stations and newspapers were locally owned, editorial staff filtered out the extreme and harmful content as a means to protect their own reputation. Being trustworthy was important if the owner was an active member in the community. If you wanted to promote conspiracy theories, the reasonable people who saw those ads would complain about them and go to the editors and owners of the content delivery platforms to get those ads pulled. The whole system was self regulating in a way that online platforms have made impossible.
As ownership of content platforms is disconnected from local communities, it becomes more profitable to engage in exploitative behaviour that would not be acceptable on a local scale. Computers simply don't care if you trust them or not, and we the programmers have yet to make that an important factor in how platforms decide which content is promoted to end users.
I have no idea how to improve this situation outside of legislation by our governments.
>As ownership of content platforms is disconnected from local communities, it becomes more profitable to engage in exploitative behaviour that would not be acceptable on a local scale. Computers simply don't care if you trust them or not, and we the programmers have yet to make that an important factor in how platforms decide which content is promoted to end users.
I believe this is by design, at some level. The programmers don't make that an important factor, because the ones who actually make the decisions don't make that an important factor.
You're right, the ones I was seeing are for a product by Conceiva that may be legitimate. downloadstudio.net is something else, so maybe we have trademark infringement on top of all the other Google Ads abuses.
I don't understand how Google have got themselves to this spot even though it seems an 'obviously' very serious problem. Both the 'card' and 'inline' results suggest some sort of curation, a greater googly authoritativeness. They introduce a sort of hierarchy of trust - this result is more trustworthy than the potentially less trustworthy generic search result. Then it's all thrown away by these 'curated' results being bad or worse. It's hard to square this with the knowledge there are piles of smart people at Google whose expertise and responsibilities involve exactly that kind of stuff.
Honestly - just stop using Google search (and while I remain flabberghasted I'm saying this - Edge is a better chromium browser than Chrome.). Or better yet, any Google product. The company is diving off a cliff.
For reference... A private Jellyfin server I use for hosting videos of my kid for his grandparents, and some music I legally own is consistently flagged as phishing (along with basically anyone else hosting them publicly based on this thread: https://github.com/jellyfin/jellyfin-web/issues/4076)
> and while I remain flabberghasted I'm saying this - Edge is a better chromium browser than Chrome
This is surprisingly true. On my work Windows laptop I switched as (a) the system overhead was less than half and (b) the performance was better. Been months, and other than the occasional wrong icon being clicked I've not launched Chrome since.
Just to jump on the anti-google bandwagon, google news search has fell off a cliff over the past decade. Can anyone recommend a news search that allows me to filter by year or year range?
241 comments
[ 3.1 ms ] story [ 251 ms ] threadThe incentives are just not aligned anyways, Google Search gets its money from the ad links on the top, they don't really lose anything if the links below are half terrible...
I'd be surprised if anyone at google would understand that to be a problem, because "It is difficult to get a man to understand something, when his salary depends upon his not understanding it."
It’s made supporting very old things (products, code, computers) extremely difficult.
Incidentally the first algorithm updates to 'combat spam' came around by then, starting with 'Penguin'. They were supposed to cut the spammy sites from search. All that they did ended up being removing small sites, blogs and ecommerce businesses from search results for the benefit of mega companies at the cost of search quality...
It feels truly absurd how many queries I need to append "reddit" to get something useful. The web has changed but Google isn't keeping up.
I assume all those posts such as “what did buy (for less than $x) that you find most useful” are spammers so they can reply with their own products.
And I am sure they are making posts asking for product/restaurant/etc recommendations and then replying to themselves.
I had joined a few (like The Swift Programming Language), and would see questions like "I have this problem <Detailed description of the issue>, how can I solve it?"
Since (in at least one case) this was a problem I had easily solved, years before, I would provide a detailed, concise, answer, showing how to deal with it in a few lines of code.
My answer would get ignored.
Instead all these replies would show up, saying things like "I added the <XXX Library>, and it solved the problem!". These would get voted up, and the original poster would actually engage them.
After seeing a few of these, I realized that LI groups are dumpster fires, and quit them all.
I am no longer interested in discovering new web sites. The established ones are known to be good, and any new, unknown one is almost 99.9999% likely to be SEO spam. For example, I'm not interested in Dropshipper 45512's automatically generated web store where he gets a commission to ship you Alibaba goods, and that's really all you get in the long tail of shopping searches. Search engines need to pivot away from helping people find new web sites (since they are mostly crap) and instead help to curate the best content from existing known-good ones.
Yes, it sucks if your new site is legitimitely one of the 0.0001% that are human-made and awesome. Sorry, but I'm not going to find you through search. Don't worry, I'll find you through word of mouth if you are actually high quality.
When I use search on NewPipe, I get _much_ better results, and those unrelated videos don't show up, presumably because those searches don't use a Google account. I get much better results when I search on NewPipe, and have found some great videos from the normal YouTube frontend search
The regular google results are filled with affiliate-link-driven ads disguised as product reviews. If you want to really know what people think about products, you have to go digging these days.
corporatism is everywhere and infecting the web to enrich a few at the expense of everyone else
So what you're saying is I should create dedicated subreddits about my products that only allow my multitude of bot accounts to post to it, but look like real conversations?
For those attempting to game reddit, the trick may be in properly categorizing the accounts.
surprisingly few topics haven't been discussed here. Often there's interesting technically-minded thinking, and for most (most!) topics it's less likely than a dedicated forum for any interested parties to be present. The latter really applies to any generalist forum or off-topic section of a forum where a sincere community has gathered. Until the dead-internet is achieved, at least.
I'll usually `query bla Talos II bla bla site:ycombinator.com`, and if that doesn't give me what I want, I'll try the Algolia search [1]. And only then will I give up and try `site:reddit.com`, unless there is a more specific site I know to try first [2].
---
[1]: I'm sure most regulars here know it, but if you don't, it is super useful. I just wish it had more query operators to filter out stuff sometimes -- <https://hn.algolia.com>
[2]: I'd be interested in what others here do. Off the top of my head, these are the ones I'll usually use, maybe it'll be helpful to someone else:
• For questions about server hardware / networking equipment / weird second-hand HPC stuff, ServeTheHome has a surprising number of quality articles and lots of forum discussion -- `site:servethehome.com` or `site:forums.servethehome.com`
Level1Tech's Forum (site:forum.level1techs.com) can be decent as well for such topics and stuff like ZFS-related questions, but it tends to have a more 'inexperienced'/consumer userbase relative to STH (though usually more into it than, say, the LTT audience).
• If you don't mind Google Translate, Russia's more-or-less HN equivalent, Habr [3] often has pretty high-quality, in-depth articles on a variety of tech/programming topics. It differs from HN a bit in that companies themselves tend to write them and they are displayed inline on Habr itself rather than more of a Reddit-like link-aggregation system like on HN.
The style tends to be similar to stuff like the CloudFlare blog posts -- `site:habr.com` (word of warning: great content, but the comments can be quite mean at times - e.g., the blog post on Cosmopolitan was just filled with awful transphobic stuff).
• For anything video encoding-related, `site:doom9.org` is a great resource when Googling specific questions. And for finding out which country has the best quality release of a movie, outside of something like a torrent tracker, screencaps from <https://caps-a-holic.com> are great, and adding `site:forum.blu-ray.com` or `site:dvdcompare.net` to your queries can help a ton to find actual info about a disc.
Otherwise, certain Discord chats, like Beatrice-Raws, /r/av1's Discord, and the SeaDex Discord can have useful discussion.
• Anything Linux-related, the Gentoo Wiki is really good, and Arch too - adding `https://wiki.gentoo.org` to a query can help a lot, particularly for weird compiler flags and old/obscure hardware, or `site:wiki.archlinux.org`. For LTO and optimization bugs, the Gentoo LTO overlay project is also really useful, between the patches/notes and the issue tracker discussions [4]. AUR comments can also be helpful for issues with somewhat bleeding-edge builds.
• Arch's PKGBUILDs and Alpine's APKBUILDs are really easy to read, and I find actually getting to them/the sources for their patches is easier/quicker than most distros. If I'm running into trouble, I tend to check their stuff to avoid the useless Google searches.
• For anything drug/medication-related, the Psychonaut wiki [5] and Tripsit [6] tend to be better than stuff like Wikipedia in terms of "wtf did my doctor prescribe me, what will this do, and do I need to worry about taking it in combination with XYZ".
As a last resort, if neither has good info on some obscure thing I've been given, like when I was living in Russia, if you're willi...
As you mentioned a smaller, tighter community that delivers. This is what deliver looks like.
Maybe add a "tl;dr" section
Reddit is kind of like that effect that people say about popular journalism; for the things that you're an expert on, they always get it wrong, but for things you know nothing about, they have a way of sounding right. Reddit is very much like that for me; if I know nothing about something, I love the comments. If I know a lot about something, it's all too crazy to even read. (I stopped reading programming subreddits like 15 years ago. A lot of very mean wrong people hanging out there.)
My bigger issue with it is that volunteer-mods are often power-hungry and ban people who they disagree with or who hurt their feelings.
Reddit is a social experiment, and the result is humans are still trash to each other when they’re anonymous.
Default subs and big subs are by far the worst about this. Comments in threads on r/technology for example frequently perpetuates easily verifiable falsehoods that would quickly get shot down in smaller communities.
Most people are too busy to have the time to be an online moderator and those who have the time typically don't have the political skills to get appointed as a moderator of a large online community. That's why the best way to hire a good mod for your online community is to make it a paid position and to randomly monitor them for evidence of bias and/or abuse of power.
If you want real, unvarnished reviews and opinions of products, you need to get it from real people that have owned the product for more than 1 day before leaving the review.
I recently needed to purchase a new winter coat. Surfing many reddit threads across a dozen or so subs actually convinced me to not purchase the coat I had in mind. It looked nice and all, but real users that had owned it for a while had disappointing things to say about the zippers failing prematurely.
That's not something you would find in Amazon reviews, which are mostly people who recently purchased the item and have not owned it long enough to experience failures.
Plus, do your own research of course. I don't exclusively use reddit for this sort of research... if I'm looking for outdoor gear I will browse outdoor gear forums for people's thoughts. Cycling, same thing... etc. You look for a consensus to be formed before making your own opinion.
My point was default google search results are now unreliable because they are almost always affiliate links.
How do you know that?
It's pretty obvious when someone is communicating nothing but positive things about a product, or nothing but negative things about another competing product. Sometimes it's more subtle... but seriously, if you read enough comments you will locate the ones that are obviously shilling or astroturfing. They won't talk about many topics (or no other topic) except the item or company they're promoting.
It's really hard to make a bot or corporate account appear, sound and feel like a genuine human writing about their experiences. Particularly on a platform like reddit where people speak rather freely about products and ruthlessly call out astroturfing accounts.
With all that said - perhaps some people have better BS detectors than others. I like to think mine is rather accurate most of the time.
The same problems? No. But humans pretty notoriously don't always communicate effectively.
>It's pretty obvious when someone is communicating nothing but positive things about a product, or nothing but negative things about another competing product. Sometimes it's more subtle... but seriously, if you read enough comments you will locate the ones that are obviously shilling or astroturfing.
Yeah, you'll notice the ones that are obvious, but that doesn't really tell you much about your overall accuracy, since you don't know how many non-obvious ones you're missing.
These searches often lead to niche communities that have built up expertise over time in their wiki or FAQ, though.
As for HN, I think it's fine. It really hasn't gotten worse over the years (people were saying that in 2010 too). Moderation here is excellent, and people mostly behave themselves. But, you do have to stay away from certain subject areas. If you see "it's a lab leak for sure!!!" with 2000 comments, I recommend bypassing that. Lot of people very mad at each other. Anything technical, though, lots of good discussions, even on popular topics, and I often learn something. The intersection of technical and social is mixed, but generally you don't feel terrible after reading them.
HN does feel like it skews younger than it used to. Probably because I am now older than when I first started using the site. I read a lot of things where I think "you'll figure it out in a few years" more and more, but know that you can only explain so much. Lessons have to be learned firsthand, HN's average reader has many good life lessons to learn. So do I, of course!
I'd argue that Google incentivized the web to change in a way in order to better exploit/profit from Google, and that's led to a net negative experience for Google users (who then leave, causing problems for Google).
And EVERY search for products needs to say "-pinterest".
Like breaking a shop window to steal something small and easily transported/resold.
I usually give up and end up having to go and StackOverflow the ffmpeg filters I'll never remember for burning in subs just to clip it myself -- `ffmpeg -i episode.mkv -vf "subtitles='episode.mkv':si=0" -c:v libx264 -preset slow -crf 18 -c:a aac_at -b:a 320k -ss start_duration -t opening_duration output.mp4` [1].
I think it bothers me even more given anime is rarely even natively fully 1080P 29.97/30 FPS, let alone 4K 60.
I try my best to live and let live, but it's my biggest pet peeve. It drives me nuts that basically all TV manufacturers do this too now by default -- everything I've purchased over the past ~10-12 years or so comes preset with """"smooth""" motion and a billion other video "correction" modes enabled, despite it just artifacting or making everything look straight up worse [2].
I'm genuinely really curious, does anyone here on HN use and enjoy those modes? Maybe there is something I'm missing.
Or maybe I'm just hyper-sensitive to that kind of thing. It made me laugh when I moved back to the US after school in Russia; family had gotten a new TV and within like seconds of being home and trying to watch a movie together, I'm immediately sitting there fiddling with the sittings, meanwhile no one else apparently even noticed the frame interpolation was on in the first place.
Anyway, sorry for the rant ;-)
[1]: OK, this time it was from memory, so it might not quite be right. But maybe I've finally memorized the correct incantation?
[2]: good video on the topic - <https://www.youtube.com/watch?v=m1nUCyC8hGA>
It takes me much less effort to do the former than the latter.
Usually, a great product will have enough activity surrounding it that it's difficult to fake with bots. Especially, Instagram profiles with <1000 followers + non-seo-optimized stories/posts raving about something signals that the the <joy-from-product> is organic rather than manufactured.
I think the strongest signal for legitimate IG accounts is the ephemeral nature of the 24-hour IG stories. I suppose someone enterprising could auto-build hundreds of personas that post stories daily, but a random profile with stories posting activism, their morning latte art, a selfie with some friends seems doesn't fit in the ROI of a scalable marketing strategy across a ton of accounts. Maybe I could be wrong?
Part of the issue is our built-in bias towards thinking of other Reddit users (and HN and whoever) as people just like ourselves. That means we give undue weight to their recommendations.
I definitely find myself being more swayed by a single user's recommendation with maybe a few dozen upvotes, over SEO-gamed websites and Amazon reviews. But in reality, that's a ludicrous assumption, since advertisers knows it too, and it only takes 5-10 fake accounts to create that kind of pretend consensus.
In many ways, Reddit is far easier to spam.
What made Google take off was not only was it fast, but you also got what you were looking for in the first page of results — if not the top of the first page.
No more carefully crafting queries to try to filter out the chaff. What you wanted, fast, and easy enough that someone not versed in how to carefully structure queries could be immediately successful.
- -
If some search engine or other tool can get us back to that point, that’s not only what will eat Google’s lunch, but devour it - and quickly.
"here are some ads that match your search query"
The perversity is that site-local searching used to be better when it existed, but people (users and web devs both) came to rely on google. It's a sorry state that google remains the primary interface to sites that should know their data better them google...
Upon discovery, my mother gave him some hard side-eye. But I explained the whole malvertising thing, and that seemed to placate her.
Don't get me wrong; he probably was looking at naughty pictures. But I actually think he's more likely to have gotten that from a legit site.
Putting the keyword "download" after the name of software, ebooks, or music will lead into weird websites that distribute malware, and they rank very high.
I just tried searching for an old Game Programming book I happen to have. There's two piracy sites, then one site with a "Download" button that gives me a DMG with an executable. Those are above Archive.org, the official github repo of the book and the official website.
For music download, I searched some Bowie. There's Amazon... plus a few pages of of weird websites that I have no idea what they are, but look like "paid piracy", they either ask for credit card or give me a DMG which supposedly has a downloader.
For software I searched the one I made by the company I work at. There's stuff like Filehorse, Softonic (I don't even know if they're legit), then there's a few which look like those aggregators but end up giving you malware when downloading.
That's with ads blocked, and subscription to several lists.
In the end IMO this is terrible for small businesses, people will end up distrusting anything that's not Amazon or anything that they try to search organically, or they'll get malware.
piracy is a known vector for distributing malware.
this is more for general searches or software with no paid option.
google should deindex scam sites, but this is easier said than done. however they should NEVER have paid ads for malware as they're directly profiting from malware
Installing an ad blocker does not solve the problem. At best it hides the problem.
The issue here is you're looking at this as a 'you' problem and not an 'everyone' problem. If you block ads that's not a problem. When everyone does it Google will change how the page renders in such a manner that your adblocker is worthless. And then you're back to it being a you problem. You cannot disentangle the search and the ads any more than you can disentangle being human and needing oxygen to survive.
I think the reality is more like "when you search for software on Google do not use links in the ads that you get at top of the results".
Though of course there may well be "normal" results leading to shady sites, the issue talked about is related to advertisement results.
If I didn't know any better, I would think about suing Google for boosting malware spread x)
As an aside, I'm always suspicious of free utilities being downloadable from well-designed hosting websites, such as www.fosshub.com. I'm less suspicious downloading it from a very basic, almost plain text web page, for whatever reason.
Then I read this and realized I have not seen those google search ads in years unless I'm setting up a new machine. I always found the 8 ads before results to be absolutely evil and now its causing real damage.
[1] https://www.chip.de/news/Vorsicht-bei-Windows-11-und-VLC-Fak...
Classic clickbait tactics. That was intentional, it made you click the link.
Fortunately I changed my password again before it was an issue- and then my bank locked my account when they saw the suspicious activity. So nothing bad really happened to me other than some inconvenience. However I'm still amazed that Google would let their search results get poisoned with these ads for phishing sites.
The ad companies could cleanup the business and actually enforce security/safety standards, but that would cost money and god forbid they lose some.
Ethics is a two-way street.
It’s about time for her to upgrade anyway. I’m going to encourage her to get a new $599 Mac Mini. Yes I know there is nothing inherently more secure about the Mac than your typical Windows computer besides perhaps code signing. But isn’t targeted as heavily.
Think of how many people (older and/or not technically proficient) fall in this same trap everyday.
Since ads are paid for (and an invoice is made for the payment), google could well verify the id of the people placing the ad and the correspondence with the "real" organization/website.
They send postcards with a code to verify addresses/titolarity for google business profiles:
https://support.google.com/business/answer/4588357?hl=en
and they don't double and triple check ads for banks and similar?
The "real" credit card was stolen in a similar practice from another user. The phone number was entered by my grandma. The address verification was submitted someone fooled in a previous stint.
You can't block, detect nor prosecute these people. Google could only try to protect "PayPal" searches but for the rest of them it's going to be a feat. Let's not make it sound like a computer could just tell that all of these are obvious scams. To a computer there's little difference between mybank.tld and mybankverified.tld. Domain age has plenty of false positives and negatives too.
While it's great that google figured out how to monetize search by inserting ads, it was a lot more ethical back when their major demographic was geeks who could tell the difference between an ad link and a genuine result. Now? Not so much.
I think the ads used to be more distinct as well, with a different background color even, if I remember correctly. I guess it's a fine line to walk between "It should be obvious what is advertisement" vs "Users should be confused enough to sometimes click the advertisement", and Google chose to go for the latter in order to raise click rates.
As a matter of fact, when Google was the scrappy new underdog, they used to make fun of the legacy search engines for the practice of mixing ads into the list of search results.
They were incredibly useful.
This has frustrated me so many times, although its not really related to ads.
- Upton Sinclair
Google doesn't exactly care about this because they still get paid for the click. The malware companies are willing to bid extremely high for that single click (since they end up pwning your computer).
Then, no one will use them, and they will have a hard time getting it back; they may still exist, but only as a husk of their former stature.
But this is why someone in the executive or CxO suite must be on top of flagging potentially existential issues like this and getting on top of it — instantly.
If it were my company, I'd be temporarily pulling down all ads not from a known previously-vetted source (e.g., the major agencies of publicly listed US companies), setting up an emergency team to develop some recognition technology, then opening it back up again with very strong surveillance.
But yeah, likely the execs there will just say 'it won't collapse that fast, and I'll be off on sunnier beaches then...
On macOS, 90% of what you'd ever need is on Homebrew—this is more or less a solved problem—but it's still unofficial and Apple promotes their pointless App Store instead.
In Windows land, the unofficial package managers are nowhere near comprehensive (understandable, I guess), but you'd think with Microsoft's approach toward WSL and GitHub, they would have an officially supported HomeBrew-like alternative.
I'd be interested in knowing why keeping the Windows Store around and having a secondary package list for winget that most people don't use is a better paradigm.
"winget search torrent" listed some apps which I had never heard of before.
Here is winget's submission requirements info:
> Expectations for submissions:
> The manifest complies with the schema requirements. All URLs in the manifest lead to safe websites.
> The installer and application are virus free. The package may be identified as malware by mistake. If you believe it is a false positive you can submit the installer to the Microsoft Defender team for analysis.
> The application installs and uninstalls correctly for both administrators and non-administrators.
> The installer supports non-interactive modes.
> All manifest entries are accurate and not misleading.
>The installer comes directly from the publisher's website.
https://learn.microsoft.com/en-us/windows/package-manager/pa...
https://en.wikipedia.org/wiki/Windows_Package_Manager
https://learn.microsoft.com/en-us/windows/package-manager/wi...
And if not official then you can always use Chocolatey https://chocolatey.org/
A community repo: https://github.com/microsoft/winget-pkgs/tree/master/manifes...
You can, and "highly encouraged" to pull request packages
The other one is the MS App Store itself
[0] https://scoop.sh/
Package management has a boot-strapping problem for mainstream platforms: the same people telling the public that you should install Firefox using their ad bundle installer would instantly pivot to saying that you should install Firefox by adding their “store” to your system package repository list, and then SEO-ing their instructions as hard as they can.
Homebrew works because the audience is heavily technical and they don’t accept every app. Change either of those and quality would decline, and gaps in package coverage normalizes the behavior of installing things from outside of the store.
The real solution is probably something regulatory requiring Microsoft and Apple to run a basic store at cost, possibly allowing premium add-on services, or perhaps having a way to setup other stores with proof of liability insurance and auditing. The basic tier could be something like having a verification process for developers and a robust way to yank abusive apps.
"At cost" for digital stores run well* appears to be between 12% and 18% depending how readily end users can unsubscribe or how easily they can end up interacting with a human for a support, since it costs more to be user friendly. Stores charging less, e.g. 8%, have processing billed separately, generally adds back up to 12% or more.
Relative to that, keep in mind Apple's 30% in the first year drops to 15% in the second, and 85% of apps are hosted/delivered free.
* "Well" as defined by end user, not by developer.
That might still be worthwhile if the idea was something like allowing your computer to have a policy saying it'll only run signed binaries but the default assumption is that most people should stick to the higher-margin more curated App Store since that would still make it more expensive to run malware / adware campaigns if you had to burn a business identity as each one was discovered.
Of course, you can always find something wrong with every approach, but the truth that everyone needs to face here is that you need to trust SOMEONE to distribute good software to you.
Google's store might be a lost cause, but ironically the fact that the platform isn't a walled garden can be used to our advantage here: Use F-droid.
As does PortableApps (portableapps.com).
We didn't fix SourceForge problems by allowing a megacorp to kill all competition and enshrine that cesspool, but by creating new sources of software.
They just have to allow other stores.
But, the big flaw in the article is the author fails to suggest a better alternative. DDG raises 2 malware sites in the top 10 organic (I assume) results for "tor download". You're not safe from this stuff anywhere.
As a bit of a joke I used one of those browser fingerprint tools running on a browser under OpenBSD/macppc. The entire setup was completely unique, they had never encountered another user that matched. It would confuse the bad guys, but it’s very easy to track.
Doesn't help that Windows' own app store is a huge mess on Windows 10 - and presumably 11.
In particular the article points out several big red flags about how malware scanners are automatically finding the site and download are suspicious. It's a shame Google Ads isn't using that information.
(As for DownloadStudio, they have a Wikipedia page that looks 100% innocuous. Searching for "DownloadStudio" has Google search offering an inline answer to "Is DownloadStudio safe" with a reference to the website for DownloadStudio saying "yes it's safe". In this case the inline result is actively harmful. https://i.imgur.com/37GzDKe.png)
I've seen it happen myself with my father. He gets served malware and phishing ads at the top of searches on his iPad for completely innocuous searches like "Apple Canada support", while I get completely different results in the same house from my own devices. There's no way to report these incidents either.
Ads really should be less ephemeral than they are. Sometimes I see an ad I'm interested in but miss it before clicking a link at which point it's gone after hitting the back button. Similarly, if an ad is for a scam, there needs to be a way to go back, find it, and then flag it.
Ive been wondering why a loved one is constantly getting phishing emails.
Ive been fighting a losing battle using email filters to contain the phishing fraud emails.
Your post gave me the idea to clean up his browsing caches. Thank you
Micro-targeting may go down as a multi-billion dollar industry-wide mistake by the time this plays out past logical extremes like this "most software download ads are now malware launchers and Google can't seem to or doesn't want to fix it".
As ownership of content platforms is disconnected from local communities, it becomes more profitable to engage in exploitative behaviour that would not be acceptable on a local scale. Computers simply don't care if you trust them or not, and we the programmers have yet to make that an important factor in how platforms decide which content is promoted to end users.
I have no idea how to improve this situation outside of legislation by our governments.
I believe this is by design, at some level. The programmers don't make that an important factor, because the ones who actually make the decisions don't make that an important factor.
I don't understand how Google have got themselves to this spot even though it seems an 'obviously' very serious problem. Both the 'card' and 'inline' results suggest some sort of curation, a greater googly authoritativeness. They introduce a sort of hierarchy of trust - this result is more trustworthy than the potentially less trustworthy generic search result. Then it's all thrown away by these 'curated' results being bad or worse. It's hard to square this with the knowledge there are piles of smart people at Google whose expertise and responsibilities involve exactly that kind of stuff.
For reference... A private Jellyfin server I use for hosting videos of my kid for his grandparents, and some music I legally own is consistently flagged as phishing (along with basically anyone else hosting them publicly based on this thread: https://github.com/jellyfin/jellyfin-web/issues/4076)
Google has "automated" itself into the garbage.
This is surprisingly true. On my work Windows laptop I switched as (a) the system overhead was less than half and (b) the performance was better. Been months, and other than the occasional wrong icon being clicked I've not launched Chrome since.
I would have laughed in your face 10 years ago if you'd told me I would prefer a MS browser over chrome... but here we are.
Google is rapidly becoming a dinosaur, and I don't think they have the ability (or perhaps desire) to change course.
Frankly - I'd like to see their search monopoly broken up at this point. It's time for some fresh air in the space.
I switched to Duck Duck Go some time ago, but I hadn't required it for extended family. Now I do.