Phishing warnings

That doesn’t help if they never make it to the home page before the red screen of scare appears. That’s why it makes sense to hide cover art there specifically (and mention why: “Cover art is temporarily disabled on Chrome because of this issue, complain here!”), and let it be elsewhere on the site, where hopefully people will now know the warning should be ignored.

6 Likes

Yes. Now that makes more sense. Chrome Only warnings. Maybe a dirty great big Green and Orange pop-up box that says “Your copy of Chrome is lying to you. Complain to Google if you want your pretty pictures back”. :wink:

Then add links to “Download Firefox here”

That should help get their attention :smiley:

2 Likes

I just got the phishing warning immediately when I uploaded a new cover.

1 Like

Were you able to end the upload process properly?

Yes, the warning came after the edit completed and MB tried to redisplay the page. It’s still giving me the red screen on that image this morning.

I got it for ia902900.us.archive.org server now.
I should have noted the other warnings I got because I think each time there is a new supsected server, I get a new message.

I got it for ia902900.us.archive.org server now.

I’m still glad I am using Firefox.

Getting it on this page: https://musicbrainz.org/artist/07a17571-81fc-4cf8-a634-98f0d926d313/edits

Ah - so you’re the one uploading dodgy images. :rofl: Maybe this is Google doing quality control… or just trying to stop people uploading to non-Google servers. Stick the Google “knows all” Analytics back on and the warnings will stop. This is Google Mafia…

Found the problem on the server. Clearly Google has found this:

Would it help if we started listing the servers we get warned about? Though I notice most technical conversations about this say Google refuses to ever tell the server owners where the suspect files are.

Here I make this post a wiki (anyone can edit this post) so that people can add the server they were warned about.


ia601506.us.archive.org

ia801504.us.archive.org

ia902900.us.archive.org


I advise to regularly click those google report links and to provide a link to this post or to this topic as comment.

If someone has a cool comment that we could just copy and paste, please feel free to type it instead of this paragraph. :slight_smile:

WIKI removed. Please edit the below ticket instead.

2 Likes

Please use the following ticket for technical reference instead:

Description can be extended to list known flagged servers.

2 Likes

It’s a bit hasty. All we know is that some IA servers are being reported to contain harmful content. It is most probably not related to the CAA, but we cannot assert it is not for sure as we still don’t know the reason. The issue is on the end of the Internet Archive and Google Safe Browsing. The IA most likely requested an independent review or directly contacted Google about this, we don’t have the details.

3 Likes

@yvanzo what I mean by “Your copy of Chrome is lying to you” is based on how Google word the warning. Look at the text - it says that The Site you are Visiting is infected. The accusation in the big title is that Musicbrainz is infected. Only when the user reads the details do they see it is actually a different site that has the issue.

This is what I mean by lying. It is a very misleading error message. Most users will read it as MusicBrainz having that infection and not a shared server used to store images.

Yes, we all know that those same servers are abused in all kinds of ways. I remember seeing a number of dodgy KODI repos being stored on there via the Wayback machine. And archiving websites will also mean archiving dodgy stuff too. Yet that also happens with Google Drive - there are good things and bad things on that shared resource. So why doesn’t Chrome scream at ALL Google Drive access as infected?

Google is being lazy. Not building a system that understands a shared use server.

Just to add: I suggested posting server names in this thread as not everyone has login credentials to the ticket system. Many people have come hunting here in the forum to find details of this issues. They are less likely to hunt the bug reporting system. I also liked the way that @jesus2099 started adding the complain links alongside… allows us to add more complaints to Google.

(I probably need to shut up on this now as I have waffled enough in this thread :wink: I just don’t like big bully companies like Google bullying smaller groups like MB )

1 Like

Nice solution as placeholder for CAA images on the front page. Thanks!

Cover art on the homepage is disabled for Chrome-based browsers, which are known to issue an incorrect phishing warning since the 11th of November 2018; see ticket CAA-116 for follow-up.
A phishing warning may show up on any other page with cover art. You are encouraged to report errors to Google Safe Browsing (https://safebrowsing.google.com/safebrowsing/report_error/). Sorry for the inconvenience!
1 Like

From now on, and until CAA-116 gets fixed, cover art images are disabled for Chrome-based browsers on the MusicBrainz homepage. It also features a banner about the whole issue, potential phishing warnings on other pages, and a link to report errors. If you still want the regular homepage, just remove Chrome from user agent string for this page.

This page is not public, it is not possible to check it without an account. But CAA-116 is reported to potentially affect each of MusicBrainz editing history pages.

Absolutely, and that’s why everyone agreed on temporarily hiding cover art on the homepage from Chrome-based browser.

This is more likely!

3 Likes

How would I do this?

1 Like

(Unlike good old Opera presto) You can not have such per site settings.
Find and install a user agent change extension:
https://duckduckgo.com/?q=chrome+change+user+agent
Then remove Chrome word from use agent on musicbrainz.org root.

2 Likes

@yvanzo When you take this block off can you please post a notice up here to lets us know. Now I’ve had to hack my User Agent it will be impossible to tell when the block is lifted.

I’ve changed it so I get the nice images back, but also so I can spot if this is still an ongoing issue or not… I want to be able to keep sending the complaints to Google when it occurs

1 Like

2 posts were split to a new topic: “New notes have been left on some of your edits.” notice on front page

Just bumping this thread to ask if this is still a problem. It’s been months since I’ve last seen the Google alarm on a release page. Has anyone seen the problem lately?

2 Likes