Google marked all sites as dangerous

Google marked all sites as dangerous on 31 January for 40 minutes. The processes of why this happened is explained below :

1. Google maintains a list of known malicious sites
2. Somebody entered the URL “/” on that list
3. The list was pushed to all of Google's servers between 6:27 and 6:40 a.m.
4. Because / is found in any URL, all websites were flagged as potentially dangerous

Google made a critical flaw. Noting that human mistakes are unavoidable, Google should have performed health check of the new list in a test environment before updating to all production servers.

Did Google learn a proper lesson about “change control” ?

No comments: