@mtomczak All of your attempts to suggest adtech is anything but something we should literally just imprison everyone involved with fails to recognize that Google actually makes all it's decisions about pricing and display and moderation based on optimizing the maximum profit return.

@mtomczak The reason the ad is displayed on the page is because Google is confident it is the best way for Google to make the most money from it, and Google isn't acting on reports against an ad that's significantly more profitable than it's removal.

Thanks to Section 230, Google faces no risk of penalty for knowingly serving malicious content, so... they actively serve malicious content.

@ocdtrekkie You've never worked with or in Google have you?

I ask because your perception of what the ad team actually does is so far removed from reality that I have no idea what your source is.

@mtomczak I've not worked at Google, but I've worked with a significant number of Google employees and teams.

It's absolutely a culture of arrogance and learned blindness.

@mtomczak Maybe Ars Technica will finally get their attention? Spamhaus is advising everyone not to use Google to download software. https://arstechnica.com/information-technology/2023/02/until-further-notice-think-twice-before-using-google-to-download-software/

@ocdtrekkie Ars reporting on the problem will certainly light a fire under the team to do more about it than they already are.

I'll be interested to see if that has effect or if the problem is actually fundamentally intractable.

ETA: Ars does a good job of breaking down why Google's been struggling with this problem. So Google employs all manner of out-of-band detection to suss out bad-faith advertisers. Problem is, this new wave of malware vendors is savvy to Google's methods and is cloaking the endpoints from those scans, which means when Google tries to decide if those sites are malicious, they vend a clean front.

(I'm aware of several tricks Google has up their sleeve for this issue, which I choose not to divulge, but if *I* know about them, I assume people who generate revenue by breaking them *definitely* know about them).

In any case, it all circles back to square one again: it's worth it for these folks to optimize their attack against Google's countermeasures because Google is the largest target. This is the "Viruses on Windows" problem again.

@mtomczak The solution is simple: Google should only run ads approved by humans. Of course, that's expensive, so we need a solution to make it worthwhile: Hold Google legally liable for fraud and malware distributed by its platforms.

@ocdtrekkie That's not expensive; it's completely unscalable. It would collapse Google's ability to offer search as a service (it would collapse *all* search engine's abilities to offer search as a service, except possibly for Bing if Microsoft treats it as a loss-leader).

... and it wouldn't solve the problem, because the bad actors would provide a clean front to the humans.

@mtomczak Good. Collapse it. Scale is not a justifiable excuse for misconduct, and it's long past time we start shutting down companies too big to operate responsibly.

Also, how many billions in profit did Google bring in this quarter? It's not unscalable, it's just not going to make them one of the most valuable companies on the planet. Their position is based on ill-gotten gain and lack of responsibility.

@ocdtrekkie I think we're done on this topic if your response is "Well, search had a good run."

The value provided by having search engines outstrips the harm done by bad actors leveraging ads to vend malware. Point me to one counter-example of a general-purpose search engine that isn't ad-backed if you're going to demand we collapse the ecosystem.

Or, as I said, you're actually advocating for just handing search on the web to Microsoft. A hilarious solution for checking Google's power.

@ocdtrekkie USPS is also a private corporation that makes ~20% of its money on ads.

https://facts.usps.com/top-facts