I wrote to our IA contacts. They said they’d pass the notification to whoever needs to see it, and this:
We do get those reports periodically, and if we can figure out which item on the server is responsible, we can take it down. but it is hard to keep google happy, given how many files from how many different uploaders pass through a given server, and how obscure their criteria are (intentionally, i guess, to keep spammers from gaming the system, but it also keeps well-intentioned hosts from finding the malware on our own).
Here is a direct link to report false positives. the more peole that report it will help google in deciding to white list the domain that MusicBrainz uses.
I know that the source is the ia801504.us.archive.org. But are you sure, that everyone will come back after this huge red “Phising-Suspicion” screen as startpage for MB?
@InvisibleMan78 click the link to complain to Google. The more people complain the better.
Personally I think this is borderline libellous of Google with this accusation. The “warning” page is directly worded to imply that MusicBrainz “the site you are visiting” is hosting the phishing content. When the actual issues lie on the SHARED use archive website.
Totally agree with you that it is going to be putting people off accessing the MusicBrainz website. You can see in this thread that some things are being done to try and address this… but Google is too arrogant to listen.
Interesting, I just tried with Chrome, it doesn’t warn me at all. Not even when I visit http://ia801504.us.archive.org/ directly. “Safe Browsing” is active. Obviously Chrome does not want to protect me from the evils lurking in the interwebs
It is totally messed up random as to when that warning appears. There is no sensible pattern to it at all.
One visit it is there, next visit it is gone. There is no logic to how Google decides this. I’ve not seen the warning today, but did get one yesterday.
I don’t use Chrome, but it is a Chromium based browser. One of the features left accessible is this spyware check. It can be useful when it works. But seeing how it keeps randomly popping up here just because MB links to a few images on that server shows that it is probably just as unreliable on other sites too.
Conspiracy Theory says it only started happening when the MB Privacy Policy started blocking Google Analytics… they clearly got upset when all our tracks were not being passed to them anymore. ( need sarcasm font…)
Yeah - we all get that same patronising BS when we fill in the reports.
As this is Google it is all probably being filed away in /DEV/NULL/ but something has to be done. Anyone know any lawyers who can fill in that form and explain that they are accusing the wrong people?
On the https://musicbrainz.org/ homepage, it’s probably triggered by one (or more) of the cover art images in the “Recent Additions” section. Since that section is constantly being updated, it would explain why the warnings come and go.
I realise it is the links on the front page to the images. What I mean by it’s randomness is there are always links on the front page. Always linking to a small number of servers. Only ever loading an image. Sometimes the warnings appear, other times not even though the images are coming from the same server.
It is never correct in its accusations. Those images, and the way they are loaded, are not going to deliver anything dangerous to you.
I had one warning pop-up on the “My Open Edits” page when the only images in view were ones I had uploaded the day before…
Their scam warning is not narrow enough. It has no ability to understand the concept of a shared server. So it sees something bad on one little corner of the Wayback Machine and then paints the whole huge server as “bad”. There should be the same warning for anyone visiting GoogleDrive as there are bad things hosted in corners of that too.
Oh yes we could trick the homepage by showing the Amazon image for the new releases that have both a CAA and an Amazon link. Recent Additions are already a filtered down list anyway.
But that won’t solve it for the other pages that display images. It is just delaying the point someone would see the warning message.
This has to be hassled at the Google end. That is where the real issue lies.
And please - no Amazon images. Most of the time when I login there are unusual images being shown that are unlikely to be on Amazon. Saw someone uploading a bunch of old Punk Cassettes the other day. It is quite an enjoyable feature seeing a random selection of images that I wouldn’t normally ever see.
This issue has been discussed in weekly meeting yesterday. Everyone agreed on temporarily hiding cover art on the homepage from Chrome-based browser. But I cannot reproduce the issue.
Is the issue still current? Or does it only happen on the homepage? Anyone facing this issue again, please report the list of recent additions (with links or MBIDs) present on the homepage at that time.
I use Vivaldi, based on Chrome.
I only had this problem for one day maximum, but maybe I did check a box saying « don’t bother me again for this site, I trust it. » ?
Actually I am using FUNKEY CAA user script that shows me all those release cover arts.
Without user script, you might have to locate which of those releases does trigger the google red screen of hell.
Then I clicked on visit this unsafe site and indeed I am no longer warned.
It may have stored my wish to visit this (ahem) unsafe site for a week or two.