Phishing warnings

coverartarchive
googlechrome
google
browser
Tags: #<Tag:0x00007fcb4ae51010> #<Tag:0x00007fcb4ae50ed0> #<Tag:0x00007fcb4ae50d18> #<Tag:0x00007fcb4ae50bd8>

#41

Here I make this post a wiki (anyone can edit this post) so that people can add the server they were warned about.


ia601506.us.archive.org

ia801504.us.archive.org

ia902900.us.archive.org


I advise to regularly click those google report links and to provide a link to this post or to this topic as comment.

If someone has a cool comment that we could just copy and paste, please feel free to type it instead of this paragraph. :slight_smile:

WIKI removed. Please edit the below ticket instead.


#42

Please use the following ticket for technical reference instead:

Description can be extended to list known flagged servers.


#43

It’s a bit hasty. All we know is that some IA servers are being reported to contain harmful content. It is most probably not related to the CAA, but we cannot assert it is not for sure as we still don’t know the reason. The issue is on the end of the Internet Archive and Google Safe Browsing. The IA most likely requested an independent review or directly contacted Google about this, we don’t have the details.


#44

@yvanzo what I mean by “Your copy of Chrome is lying to you” is based on how Google word the warning. Look at the text - it says that The Site you are Visiting is infected. The accusation in the big title is that Musicbrainz is infected. Only when the user reads the details do they see it is actually a different site that has the issue.

This is what I mean by lying. It is a very misleading error message. Most users will read it as MusicBrainz having that infection and not a shared server used to store images.

Yes, we all know that those same servers are abused in all kinds of ways. I remember seeing a number of dodgy KODI repos being stored on there via the Wayback machine. And archiving websites will also mean archiving dodgy stuff too. Yet that also happens with Google Drive - there are good things and bad things on that shared resource. So why doesn’t Chrome scream at ALL Google Drive access as infected?

Google is being lazy. Not building a system that understands a shared use server.

Just to add: I suggested posting server names in this thread as not everyone has login credentials to the ticket system. Many people have come hunting here in the forum to find details of this issues. They are less likely to hunt the bug reporting system. I also liked the way that @jesus2099 started adding the complain links alongside… allows us to add more complaints to Google.

(I probably need to shut up on this now as I have waffled enough in this thread :wink: I just don’t like big bully companies like Google bullying smaller groups like MB )


#45

Nice solution as placeholder for CAA images on the front page. Thanks!

Cover art on the homepage is disabled for Chrome-based browsers, which are known to issue an incorrect phishing warning since the 11th of November 2018; see ticket CAA-116 for follow-up.
A phishing warning may show up on any other page with cover art. You are encouraged to report errors to Google Safe Browsing (https://safebrowsing.google.com/safebrowsing/report_error/). Sorry for the inconvenience!

#46

From now on, and until CAA-116 gets fixed, cover art images are disabled for Chrome-based browsers on the MusicBrainz homepage. It also features a banner about the whole issue, potential phishing warnings on other pages, and a link to report errors. If you still want the regular homepage, just remove Chrome from user agent string for this page.

This page is not public, it is not possible to check it without an account. But CAA-116 is reported to potentially affect each of MusicBrainz editing history pages.

Absolutely, and that’s why everyone agreed on temporarily hiding cover art on the homepage from Chrome-based browser.

This is more likely!