An anonymous reader writes:
A few months ago I searched for a very unique string (with letters,
numbers and shift-number characters) on Google.co.uk. No search terms
were returned. The other day I searched again, and there were three spam
results — one was spam added as hidden comments on a seemingly innocent
tech site, the other were blogspot.com spams (i.e.
yjumdfjsdhsd.blogspot.com).
A couple of other people I know have reported the same thing. Their
quotes:
"I think google sells the search strings to companies. I typed in a
search maybe 3 years ago, and I did a partial search using some of the
same keywords a few months ago. I was surprised to see my exact phrase
that I used years ago, but on a spam site."
"I had an idea of an adult dating site name for a story I was writing,
googled it, and nothing existed. Now it's a couple months later and I
regularly get that search term in the subject line of spam to me.
There's a break in the chain somewhere I guess. "
Does Google sell the terms that people search for?
Notes: I might have used either google.co.uk directly or maybe Firefox's
in-built Google search box. I always use Firefox with RefControl to hide
the referer, NoScript and AdblockPlus turned on with Google adverts
hidden, Google History is disabled, I use OpenDNS but have Google's IPs
hardcoded into my hosts file in case I'm ever DNS-poisoned (and also
because OpenDNS reroutes Google via their own server), I have never had
mal/spyware, I use NOD32, and regularly check for odd TCP connections
and run Rootkit Revealer, etc.
Here are google searches to some of the sites full of search terms. Most
of these need the google cache, as the blogspot sites seem to have been
removed (numbers are easiest to search for because the search strings
are all concatenated):
http://www.google.co.uk/search?q=4764958132
http://www.google.co.uk/search?q=6126270270
http://www.google.co.uk/search?q=%22121+2319310%22&filter=0
Note that because I use NoScript and AdBlock Plus, I have no idea if any
of these pages are laden with malware. Be careful.
Sometimes Google returns different results for different countries, so
here are some Cache links. You can find other blogspot domains and
hidden comment spam sites by searching for some of the unique keywords
found on these pages:
http://209.85.165.104/search?q=cache:Yz-jU4KyWDQJ:rddfedardmb.blogspot.com/+%22121+2319310%22&hl=en&ct=clnk&cd=1&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:4MlXZFoTDzIJ:qsschhtrcy.blogspot.com/+%22121+2319310%22&hl=en&ct=clnk&cd=2&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:Yg4b30AX8vIJ:crjospiyh.blogspot.com/+%22121+2319310%22&hl=en&ct=clnk&cd=3&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:ECWdBoe5QAkJ:crjospiyh.blogspot.com/2007/11/this-website-will-help-you-to-find-out.html+%22121+2319310%22&hl=en&ct=clnk&cd=4&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:e7FRCXG68DQJ:srjugojiz.blogspot.com/+%22121+2319310%22&hl=en&ct=clnk&cd=5&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:IJFLnDocQNMJ:qbgickstiwu.blogspot.com/2007/12/id-trade-million-pretty-words.html+%22121+2319310%22&hl=en&ct=clnk&cd=7&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:Zw_nJFZNLPYJ:sjapeqgyvsru.blogspot.com/+%2297+29950071%22&hl=en&ct=clnk&cd=5&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:4Got9ZG1D_YJ:gzymsthst.blogspot.com/+%2297+29950071%22&hl=en&ct=clnk&cd=6&gl=uk&lr=lang_en
http://209.85.165.104/search?q=cache:hATOYFipUhYJ:ghwsvpzsqddg.blogspot.com/+%2297+29950071%22&hl=en&ct=clnk&cd=9&gl=uk&lr=lang_en
The only things I can think of is that either someone is sniffing search
queries destined to Google, Google reveals search words to anyone who
wants to buy adverts (as opposed to advertisers saying "I want to buy a
million searches of the keywords "suntan lotion"), or someone working at
Google sells search terms to SEO companies, or an enterprising SEO
person has found a backdoor to see Google search terms.