A few months ago, we warned that malevolent people were buying Google ads leading people to fake #GIMP websites to trick them into downloading malware.
Apparently this is still continuing to this day (as were reported to us). Google is still not blocking these fake ads despite the many reports and articles which happened for months now. 😓
Be careful and always make sure where you download your software from. Also the GIMP project doesn't buy ads!
https://floss.social/@mithrandir@defcon.social/109773987578181949
@ocdtrekkie You're trying to build a case on individual datapoints for a service that serves 237 billion ad clicks per day.
I think you may find your numbers less than convincing to those of us who know how statistics work, even though we agree that the number should, ideally, be zero.
@mtomczak I mean, I'm just pointing out that examples of this cross my feed incidentally *every* *single* *day*. And that's forgetting the silent majority, and all of the people who do not even understand what is happening.
Google has trained a lot of people to ignore individual datapoints, and it's why Google is the go-to platform for crime: They're ****ing blind, lol.
@ocdtrekkie Yes. I am not surprised that instances occur every single day in an ecosystem with 200+-billion-clicks per day.
Ever heard the statistics on how many of Google's datacenter machines burst into flames per day? Yet Google doesn't sue their vendors for mis-manufacturing; they know how scale works.
@mtomczak You are ignoring all of the data which is inconvenient for your beliefs: That this has impacted a major open source organization and Google has refused to address it for a number of months. And of course, that Google makes money on it, and hence has the perverse incentive to do it.
@ocdtrekkie It's a scale problem. You can make similar accusations of phone companies regarding scam calls.
The consequences of being biggest is you become the largest fraud vector by virtue of scale, no matter how much counter-with you do. That doesn't imply you stop doing the work, but it will never be enough.
@mtomczak If a company is too big to handle being an intermediary in a criminal operations for several months without acting on it, the company should be shut down. Full stop.
@ocdtrekkie Cool.
So what *is* your recommended alternative to phone companies and USPS?
https://www.npr.org/2022/02/03/1077766541/usps-checks-mail-fraud-bank
@mtomczak I mean, the USPS is a public service which delivers mail without regards to it's contents (and doesn't make profit based on the value of the content therein).
I agree telco regulation should be better, and the FCC is currently acting heavily to shut down telcos failing to act on SHAKEN/STIR and KYC. We're fixing it. But for what it's worth, a telco is a public utility that provides societal value.
Google is an adtech company and a blight on the planet.
@ocdtrekkie USPS is also a private corporation that makes ~20% of its money on ads.
