The real value of software based business comes from scale. The marginal cost to serve one more customer is close to zero. That is the main reason for big bets and valuation.
It is wrong in so many levels. Couple of years back we were talking google may send you an email advertising cremation services based on your email history. It is becoming a reality. The worrying part is upright, honest googlers are supporting it whole heartedly.
You are trivializing the underlying issue here. If the same thing happened in a physical world it will be a high profile public defamation case.
Browser is the window through people sees the world. That’s the reality we live in. In our target market, Google chrome holds 40% market share. Because of its stupid categorization, in one stroke Google harmed our reputation and the reputation of companies we serve. It is not a simple browser compatibility issue. Google chrome is telling the world our software is phishing software while we are not. What is the recourse here?
We don’t care what Chrome’s algorithms are. But the results are not factual and it harms our business. "One cannot escape saying hey that is our algorithm. We don’t do evil…" Remember.
Believe me, I am empathetic to the pain this is causing you. I can understand the anger you are feeling.
But I don't think that I am trivializing things. The fact is, that phishing sites are causing a real pain (as in millions of dollars lost by the victims, hundreds of thousands of computers becoming zombies, etc).
All major browsers are trying to mitigate these risks by implementing phishing & malware filters.
None of these implementations are perfect (you probably know a bit or two about bugs in software development).
But on average these filters have a positive ROI - especially for the target market (which is Joe WebUser and sadly NOT your company - or mine for that matter). The costs of a false positive ("I'll go & find that information on another site") far outweigh the costs of a false negative ("I put my login+password into this legitimate looking website and now I can no longer access PayPal").
Just one more thing. Since our product is self-hosted by our customers under their own domain, white listing just our development domain is unlikely to help our cause.
I believe they actually whitelisted/disabled the part of the classifier that is affecting your site(s) more-generally, so it should be working across all domains. That said I know very little about the internals of that system.
I'm sure they will contact you via regular customer support channels (ie. not HN) if they need any more info to debug the problem.
A request to YC mods. It seems like this post is getting flagged. This issue is really a big risk for our startup and we will appreciate if you allow the post to get the visibility it deserves.
We have checked with one of the latest beta builds. In that build it didn't show the warning. It happens with the live chrome version. The issue is much more complex.
This specific instance in the screenshot has been fixed (this is the second time). Basically, in this specific instance if the "Login" button is changed to localize to a specific keyword "Connexion" as part of french translation, it shows up. No other keyword triggers it.. and no way to find out what the heck chrome wants.
It is like playing proverbial whack-a-mole. Every update of chrome can potentially change their "heuristic" that thinks it has "found" a phishing attack.. and we have to scramble to see what the heck caused it and fix it.
This would be funny if it wasn't so detrimental to a business. I will get the dev to recreate this on dev1 and post it.
