171
submitted 1 year ago by ctag@lemmy.sdf.org to c/firefox@lemmy.ml

Started this morning. All of my personal tools like nextcloud and RSS reader were blocked, and I had to go manually override that screen for each one. Unacceptable.

top 50 comments
sorted by: hot top controversial new old
[-] grandel@lemmy.ml 165 points 1 year ago

Looks like Google is the responsible one, not Firefox. Don't shoot the messenger.

[-] RobotToaster@mander.xyz 58 points 1 year ago

Why is firefox trusting the evil empire to tell it what sites are safe?

[-] Sethayy@sh.itjust.works 87 points 1 year ago

Don't have the funding to themselves, and probably worth it so new users don't get fucked

[-] sfgifz@lemmy.world 16 points 1 year ago

Why does Firefox need to tell Google which sites you're visiting even if you don't use Google Search ?

[-] RobAley@lemm.ee 139 points 1 year ago

All checking is done locally on your machine from a hashed list of "bad" domains, your visits aren't sent to google. You can get the full details here: https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work

[-] Quacksalber@sh.itjust.works 63 points 1 year ago

This is a protection mechanism to prevent laymen from falling for scam websites. It is a service offered by Google, enabled by default in Firefox. It can disabled in the configs.

[-] SzethFriendOfNimi@lemmy.world 12 points 1 year ago

Are they submitting that to Google or are they subscribing to some hashed list google has of domains with (according to them) know malware, issues, etc?

In that case everything happens on your pc and doesn’t go to google or Mozilla

[-] Cheradenine@sh.itjust.works 16 points 1 year ago

Hashed, but there is also a preferences cookie.

Copied from Wikipedia, but the citation is Google's white paper on this 'Logs, which include an IP address and one or more cookies, are kept for two weeks and are tied to the other Safe Browsing requests made from the same device.'

[-] SzethFriendOfNimi@lemmy.world 6 points 1 year ago

But that isn’t per domain is it? It’s just for fetching the list?

Similar to how your browser may request CRL’s

Not that it’s great that they’re setting a cookie.

load more comments (2 replies)
[-] nbailey@lemmy.ca 59 points 1 year ago

Set up google search console for that domain, then it will tell you why it’s blocked. It might be a false positive you can flag, or it might be that a host or service has been compromised or contains something harmful. Google’s blocklist is quite aggressive and often blocks entire domains if one of their subdomains has a violation.

[-] kevincox@lemmy.ml 45 points 1 year ago

Yeah, people are getting really upset at Google/Mozilla here but SafeBrowsing is actually a very good service. I legitimately believe that it frequently prevents malware infections and phishing on a regular basis. It is also architected with a privacy-first approach that reveals very little data to Google. And the SafeBrowsing privacy policy is actually one of Google's very tight ones.

I think Mozilla made the right choice to enable it by default. They also make it fairly easy to disable this for advanced users under the "Deceptive Content and Dangerous Software Protection" setting. (No need to crack open about:config, disabling it is fully supported.)

I understand that this may be a controversial opinion.

[-] ctag@lemmy.sdf.org 7 points 1 year ago

Thank you for the advice!

[-] netchami@sh.itjust.works 55 points 1 year ago

You can just disable Google Safe Browsing in the settings.

[-] Mereo@lemmy.ca 38 points 1 year ago

But the problem is the general public. People who have it enabled won't be able to visit his website.

[-] netchami@sh.itjust.works 45 points 1 year ago

It doesn't seem to be a public website

All of my personal tools like nextcloud and RSS reader were blocked

[-] yournamehere@lemm.ee 42 points 1 year ago

google owns the internet

[-] prokorean@lemm.ee 32 points 1 year ago

Are you using a free subdomain?

[-] FarraigePlaisteach@kbin.social 7 points 1 year ago

I am and have this issue sometimes. What’s the connection / cause?

[-] Carighan@lemmy.world 26 points 1 year ago

Reports of individual subdomains that are running shit lead to the main site slowly being pushed to "generally non-safe".

[-] QuazarOmega@lemy.lol 10 points 1 year ago

This is a crtified .zip moment

[-] possiblylinux127@lemmy.zip 5 points 1 year ago
[-] GameWarrior@discuss.online 5 points 1 year ago
[-] PipedLinkBot@feddit.rocks 1 points 1 year ago

Here is an alternative Piped link(s):

Google should retract these new top level domains- Brodie Robertson

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

load more comments (2 replies)
[-] TheBig2023Meltdown@lemmy.world 15 points 1 year ago

Anyone also using that free subdomain is linked to you because you're both using the same domain

[-] FarraigePlaisteach@kbin.social 4 points 1 year ago

Ahhh, that makes sense. Thanks.

[-] TheBig2023Meltdown@lemmy.world 6 points 1 year ago* (last edited 1 year ago)

You're welcome.

Think of it as you sharing a house with other people. You all have your own rooms (subdomains) but live at the same address (domain). You try to order a takeaway but they've blacklisted your address because another resident abused their service

(Analogy for anyone else who comes across this)

[-] anon232@lemm.ee 11 points 1 year ago

I imagine that domain is mostly used for spam/phishing sites so Google preemptively blocks all sub domains until they prove they aren't spam. That's one of the shortcomings of using a free domain I guess.

[-] cm0002@lemmy.world 4 points 1 year ago

That's one of the shortcomings of using a free domain I guess.

Domains are cheap as dirt for the most part anyways, it's like 12$/year for a .com if you don't mind having one of those weirder TLDs I've seen those as cheap as 2$/year

2 dollars a year

[-] Euphoma@lemmy.ml 2 points 1 year ago

I got 1 dollar a year on my domain, gen.xyz has some real cheap domains if you don't care about it being a string of 6-9 numbers.

[-] echodot@feddit.uk 3 points 1 year ago* (last edited 1 year ago)

What were they thinking with some of those TLDs?

There's also .website which seems like a weird choice, yeah this website here, yeah this one here, it's a website.

[-] cm0002@lemmy.world 1 points 1 year ago

It's gets so much worse

.zip exists

[-] sheepishly@kbin.social 2 points 1 year ago

Sounds absolutely sus as fuck. I'm in

load more comments (1 replies)
[-] ctag@lemmy.sdf.org 3 points 1 year ago

I'm not, I guess I wouldn't be surprised if this happened and I was though. Thanks for the context.

[-] Max_P@lemmy.max-p.me 31 points 1 year ago

I got hit by that, basically forced me to make a Google account and add all my sites to it even though I couldn't care less about SEO and indexing. Now it keeps sending me spam emails about "problems" with my websites. No, I'm intentionally not letting you index this.

What seems to be going on is it's flagging random widespread open-source software as impersonation/phishing login page because it's seen it on a bigger site and assumes you're doing some phishing.

Filed an appeal and it thankfully promptly got resolved. Google ain't known to be friendly to developers.

I want to like that feature because I'm sure it's helpful for the less technically savvy. But I hate that Google can just decide my site is unsafe and essentially cut my sites off the Internet for most people. If Google denies your appeal you have basically zero recourse.

[-] ctag@lemmy.sdf.org 2 points 1 year ago

That sucks, yeah. Thanks for sharing, its good to know that its not just me.

[-] PeachMan@lemmy.world 25 points 1 year ago* (last edited 1 year ago)

I think we need more info here. I'm guessing this is a locally hosted site? How are you exposing it to the web? DDNS? Reverse proxy? Honestly it's hard to diagnose without knowing your IP, which you definitely shouldn't give us.

Edit: you can check your site here, maybe they'll give you details on why it was blacklisted: https://transparencyreport.google.com/safe-browsing/search

[-] ctag@lemmy.sdf.org 4 points 1 year ago

Thank you for the link, but it just returns "no data" on my site.

Locally hosted on a not-static IP with cloudflare DNS and their proxy stuff.

[-] ctag@lemmy.sdf.org 1 points 1 year ago

Just reporting back that the transparencyreport page just says "some pages on this site are unsafe" without elaboration. It then offers that if I want details I have to give it individual page links at a time to see if they're the cause of the alert... Ugh.

[-] Yerbouti@lemmy.ml 20 points 1 year ago

Happend to me recently, with no option to "ignore and continue". I opened the page in private mode and it worked. Weird.

[-] SGG@lemmy.world 15 points 1 year ago

If you have a dynamic IP from your ISP, could be you got unlucky and were given a address previously used by attackers.

Or if you have a static IP on a VPS or similar, they may have had a lot of attacks from the IP Range.

By attacks in this instance I mean people setting up phishing or similar websites as the most common example. A simple web form, probably with obfuscated code. They then send a bunch of emails line "click here to view your invoice"and gather office 365 credentials.

While it's not good that this kind of false positive happens from time to time, I am more thankful this kind of service exists. Yes, there's privacy and security implications, but smart screen has stopped legitimate attacks at our clients before, and we force it enabled wherever possible.

[-] ctag@lemmy.sdf.org 6 points 1 year ago

Thank you for the context, that makes sense and it would be difficult to prevent a recycled IP from causing this kind of problem.

[-] Ciel@lemmygrad.ml 6 points 1 year ago* (last edited 1 year ago)

it lieratly gives you a link to report a detection problem

[-] teft@startrek.website 3 points 1 year ago* (last edited 1 year ago)

Click “ignore the risk” and it will continue to the page. You better be certain you aren’t being man in the middle attacked though.

[-] Enkers@sh.itjust.works 3 points 1 year ago* (last edited 1 year ago)

I think people are missing the point here if they say "just click through". Mozilla's reliance on Google could potentially be anticompetitive in nature if Google is essentially worsening a self hosted service which would compete with their own offerings.

[-] Bitrot@lemmy.sdf.org 7 points 1 year ago

Except this is more a symptom of relying on someone else’s hardware, network connectivity, and/or domain. Google isn’t blacklisting Nextcloud.

[-] hal_5700X@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

That's weird. Google is using Safe Browsing to censor the Internet.

You can go to about:config and set browser.safebrowsing.blockedURIs.enabled to false.

It will be better if Mozilla make their own version of Google Safe Browsing. Because less Google is good.

[-] ctag@lemmy.sdf.org 2 points 1 year ago

Thank you for the tip!

load more comments
view more: next ›
this post was submitted on 03 Nov 2023
171 points (87.7% liked)

Firefox

18063 readers
135 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 5 years ago
MODERATORS