48 points by rahulyc 7 days ago | 13 comments on HN
| Neutral High agreement (2 models)
Editorial · v3.7· 2026-03-15 23:04:40 0
Summary Information & Privacy Trust Acknowledges
This personal blog post documents an experience of discovering malicious content in Google search results and expresses loss of trust in the search platform. The content acknowledges concerns about institutional mediation of information access and implicitly advocates for user agency in evaluating search results, while exercising free expression rights through open publication. The engagement with human rights is tangential, focused on privacy and information autonomy rather than systematic rights analysis.
Rights Tensions1 pair
Art 12 ↔ Art 19 —Privacy-autonomy concern: Content expresses distrust in Google's algorithmic curation, framing privacy and information autonomy as compromised by corporate gatekeeping, while simultaneously exercising free expression to critique that gatekeeping.
Feels like the author is using Google for the first time? This has been a feature as long as the ads have.
You can literally find this exact same blog post from approximately 20 years ago. Absolutely nothing has changed since then!
Well, I lied. A lot has changed. Drive-by attacks are gone, largely thanks to Google. 15 years ago you would’ve been hacked immediately after you clicked the ad.
The least they could do is show subdomains, so that when you click on squarespace.com it doesn't take you to a virus. They will show https: but not subdomains? Excellent UI.
One of the things which really annoys me is the idea that it's every acceptable to blindly "curl -fsSL" bullshit .sh scripts.
Even large companies have adopted this crap and you don't know whether there's any digital signing going on or whether they're downright stealing anything you have of value.
It's not difficult to generate a rpm, deb, tgz and relevant detatched .asc PGP signature or if you hate PGP use openssh signatures or something.
> If this how google chooses to go out, then their death cannot come fast enough.
> Alphabet (Google) reported historic financial results for fiscal year 2025 (ending Dec 31, 2025), with annual revenue surpassing $400 billion for the first time. The company showed strong profit growth, with Q4 2025 net income at $34.5 billion, a 30% increase year-over-year. Key growth drivers were AI integration, YouTube ads, and a surging Cloud segment.
My experience is very different. Even in a private window with no ad-blocker and Google signed out, Claude.ai is always at the top spot.
And yes, the ad was clearly malicious. I'd never click on ad-link, though (even if it was the official site).
Agreed. I was using mise to install Claude (via it's npm package) and keep it updated, and then they nagged me to switch to the 'curl | bash' method. Now I get to keep it updated manually, plus they helped train all my peers to continue just executing random scripts right off the Internet
PSA: Adblock is non optional for personal and enterprise security.
My gf told me they blocked all addons at work, including adblock. Told her to recommend to the IT department that adblock be mandatory on all computers. Ad networks make too much money not to look the other way on malvertising.
Oh yes. Ok, that's probably on bash, but you look at the script and it's like 200 lines of code. Then you read the alternate install instructions and it goes like "download binary, make executable, add to $PATH, run" - ???
How would providing a signed .deb help? You're still getting the attacker's public key, they can sign whatever they want.
Trusting distro maintainers to curate software in their repos can help, if you only ever install from the curated repos. If there's some software not in the repo which you need, then you can't rely on that trust. "Stable" distros like Debian are less likely to have all the necessary software in their repos, and the difficulty of getting software into a curated repo itself creates legitimate software that doesn't get into repos. That means "is this software in my distro's repository" can give a good signal that some software is safe, but can't give much signal that the software is unsafe.
Content advocates for informed information access by documenting a gap in Google's search results—specifically, a malicious result ranking highly for a common query. The author exercises freedom of opinion and expression to publicly critique a dominant information platform, demonstrating that free speech enables scrutiny of institutional gatekeepers. However, the engagement is incidental rather than systematic.
FW Ratio: 60%
Observable Facts
Post content marked as isAccessibleForFree.
Author publishes personal criticism of Google on public Substack.
Article documents a specific malicious search result and author's loss of trust.
Inferences
Free publication enables the author to exercise opinion and expression rights by critiquing a major platform.
The structural openness of Substack supports the author's ability to share alternative perspectives on information gatekeepers.
Content expresses distrust of Google's search algorithm, framing Google as untrustworthy regarding information retrieval. The headline 'Top Google Result for Claude Code is Malicious' and subheading 'Why I don't trust google anymore' convey skepticism toward Google's ability to protect user privacy and autonomy in information access. While not attacking privacy directly, the narrative undermines confidence in institutional mediation of personal decisions.
FW Ratio: 60%
Observable Facts
Article headline states 'Top Google Result for Claude Code is Malicious'.
Subheading declares 'Why I don't trust google anymore'.
Author describes personal experience searching Google and encountering a malicious result.
Inferences
The framing expresses eroded trust in Google's algorithmic curation and suggests concern that institutional mediation of information may not serve user interests.
The personal narrative implicitly argues that automated search systems fail to protect users from harmful content, undermining privacy and autonomy.
Article published with free access (isAccessibleForFree: true) on an open platform (Substack), enabling the author's voice to reach readers without paywall or censorship. The structural openness supports dissemination of the author's perspective.
Content displays freely without paywalls or restrictions, supporting information access. However, the narrative itself questions whether search platforms protect personal autonomy in digital decision-making.
Headline uses 'Malicious' without technical substantiation; subheading 'Why I don't trust google anymore' employs emotionally charged language to frame distrust.
appeal to fear
The narrative implies that search algorithms may direct users toward harmful software, creating concern about digital safety.