Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Penquin47]

So, I'm not sure if this is the right place to put this, and if it's not could the mods figure out where is and move it there?

In the past few days, I've been having problems where I'm reading through the archive, and when I hit "next comic" it goes to the next comment for less than a second - and then I get hijacked by something telling me to update my video player because I'm using Google Chrome and my video player might be out of date.  Obvious scam, but extremely annoying.  I've only had it happen on QC, which is why I think it's a site problem and not a problem with my computer.

Anyone else seeing this?

[Carl-E]

Actually, I was getting a notice that my malware filter was catching something after being on the comic page for a couple of seconds, and yes, only in the archives.  But seemingly on every page in the archive...

Well, every one I visited. 

[Kugai]

I don't know whether this is related, but I had issues earlier on getting the Forum to load.  This, and several of the regular Sites/Forums I visit were either refusing to load, hanging or coming back with Server Reset messages.  I only managed to get the Forum to load just an hour ago after several fruitless hours trying with it and the other places.

[Carl-E]

That sounds more like an ISP problem.  Of course, if it were just this forum, I'd attribute it to the extra traffic from the most recent squeefest...

 

[Kugai]

You may be right.  It seems to have cleared up in the last half hour and I'm able to load the other places now.

[Penquin47]

New development: on an archive page, I got a talking commercial for a Methodist Church and now it's talking to me about ISIS and the situation in the Middle East.  I cannot find anything on the page that would appear to be where the sound is coming from, but it's the one that's giving me the little speaker icon indicating sound.

http://questionablecontent.net/view.php?comic=2379 is the page I was on.

[Kugai]

Not getting any of that myself, but I use Adblocker and Adblocker Plus on my Browser.

[Is it cold in here?]

Bad advertisers do find their way in sometimes. That would be one guess.

[pwhodges]

So, I'm not sure if this is the right place to put this, and if it's not could the mods figure out where is and move it there?

In the past few days, I've been having problems where I'm reading through the archive, and when I hit "next comic" it goes to the next comment for less than a second - and then I get hijacked by something telling me to update my video player because I'm using Google Chrome and my video player might be out of date.  Obvious scam, but extremely annoying.  I've only had it happen on QC, which is why I think it's a site problem and not a problem with my computer.

Anyone else seeing this?

Looks like malware to me.  In fact I've seen that one, but can't remember the name or details right now.  If you're sure that your machine is totally clean, then it could be in the QC ad feed - but Jeph keeps that pretty tight, so I doubt it.  I'm not seeing it, anyway.

If you're convinced, then email Jeph at the link given on the contact page, or via tumblr; but I guess he'll have a lot of mail to wade through right now!

[Kugai]

If you've not got one installed, I'd recommend you instal a good Anti-Malware/Spyware program.

Spybot Search and Destroy is a good one, so is Malwarebytes.  Both are free.

[Coffee_Kaioken]

Yeah just now AVG blocked several "update" attempts from something trying to re-direct me to another page. That was scary.

[Penquin47]

I've got Malwarebytes and I ran it and a couple others last night.  I'm still having the problem, and it's still just this site.

[hedgie]

Before I redirected all of Giggle's ad stuff to look at 127.0.0.1, I used to get attempted downloads of stuff all the time.  Thank fuck I'm on Linux (although I'd hate to have to redo WINE from the start).  The other adverts were never a problem.  Honestly, I'd suggest just blocking *ALL* ads, and just joining Patreon and giving him money directly (something that I plan to do this week).

[Carl-E]

Don't know if this helps at all...

[Kugai]

Hmmm

Avast! hasn't picked anything up, but then I may have missed all the hubbub.

[Aziraphale]

I haven't had any problems up to this point, but when I went on the homepage just now, my antivirus (Norton) showed a warning message.

[Rghfrgl]

Actually, I was getting a notice that my malware filter was catching something after being on the comic page for a couple of seconds, and yes, only in the archives.  But seemingly on every page in the archive...

Well, every one I visited. 

I, hopefully, didn't get any malware, but a long time ago when I was catching up on archives I got a lot of intrusive ads that other people were saying they weren't. I wonder if the providers intentionally target bad ads there where JJ is less likely to notice and veto them.

I think he should consider new ad providers. I'd love to actual turn adblock off for qc.

[bhtooefr]

I'll note that I haven't seen any weirdness with Flash disabled by default (I have to click on something Flash for it to run), although I am on OS X (meaning most of the drive-by malware won't target me).

I disable adblock for questionablecontent.net, for what it's worth, so I'd suspect a malicious Flash ad specifically.

[BenRG]

New Issue
I can't currently access the site properly because of some SSL certificate error. Chrome blocks me and I keep on having to reasure IE that I don't mind.

[pwhodges]

Two things have happened simultaneously.

(1) Yesterday the forum was made accessible by https only; this means that (2) is a pain.  Eighteen months ago, after a DoS attack on the comic server, the comic and forum were placed behind a CloudFlare cache, to mitigate the effects of such attacks in the future.  A while later, I requested https access to the forum for reasons I won't elaborate on here; this was provided, but required removing the forum from the CloudFlare system because the free option (which is being used) didn't support https.  CloudFlare has now added https to the free option, and so the forum has been moved back to it, and a new certificate that is not self-signed has been provided.  BUT...

(2) Yesterday a major security breach in the old SSL3 protocol was announced (called Poodle).  Many servers are now disabling SSL3 to force the use of the more modern TLS protocol.  However, some clients still default to SSL3, and may not be graceful about it no longer being available.  So, I have one machine at home that can't see the forums today, and another that can; Tapatalk on the iPhone is OK, but not on Android; I have problems with Thunderbird with one university's mail server; there will be a new release of FireFox to handle this shortly (v34); the list goes on and on.

However, I'm puzzled by your seeing SSL certificate errors (I am not, in either of those browsers), because there is now a proper certificate as opposed to the previous self-signed one that would have generated that warning.  In this case I suspect that you have been forced to https because of the forum change, but that the CloudFlare server that you are going through still has the old certificate cached.  I suggest you either wait for a day or so for it to clear, or delete the self-signed certificate from your certificate store and see if you then get a new one.

[bhtooefr]

I've seen that both Chrome 38 on Android and Firefox 32 on OS X are unhappy with the certificate chain not being fully audited, but not so unhappy that they're throwing up warnings.

[BenRG]

FWIW, my prehistoric version of IE8 is saying: "The security certificate presented by this website was issued for a different website's address." I'm betting it's the "http://" vs "https://" issue.

[bhtooefr]

SSL certs are issued to a hostname, not a protocol.

However, the certificate applies to multiple domains, and that may be what IE8 is choking on - the name that it's assigned to first is sni10399.cloudflaressl.com, and then from there to the various sites running on that server (which includes forums.questionablecontent.net).

[BenRG]

So, what's the solution? Do I just have to wait until cloudflare's people finish updating their documentation so that the certificate includes all of the downstream domains?

[bhtooefr]

The certificate lists it, I'd say the solution may be to stop using IE8.

[BenRG]

The certificate lists it, I'd say the solution may be to stop using IE8.

It's the only browser I've got on this computer that actually accesses the forums right now. Chrome insists the site doesn't exist due to an "SSL Error or Cypher Mismatch"!

[pwhodges]

Not sure what to suggest; Chrome here (on Windows 8.1) is fine with it.  Also FireFox33, Maxthon, IE11, Otter...

[BenRG]

Not sure what to suggest; Chrome here (on Windows 8.1) is fine with it.  Also FireFox33, Maxthon, IE11, Otter...

I'm behind my office's firewall here so it may be something in the company's security settings. I'm going to try Firefox and see if it lets me through. If not, then I know it's a local security issue.

[EDIT]
Installed Firefox 33.0 and it worked fine. Thanks for your help, guys; I think that there was something seriously corrupted about the Chrome installation as it spazzed ut when I tried to update it.

[pwhodges]

Note:  Tapatalk users will now need to delete the forum from their app and then add it back.  This appears to be the only way to update the forum address in the app.  Sorry for the inconvenience.

[Omio]

I noticed this issue a WHILE back, but the thing was that the redirect happened only after a long wait. I'm going to assume it's fixed, now.

[pwhodges]

The change to the forum URL that affected Tapatalk (and some other systems, actually) was made on Wednesday evening (my time), and the change to the Tapatalk server to fix it on Thursday evening (my time).  Anything previous to that was another issue which I know nothing of, and which was probably local.


The change has actually affected a number of things, and I'm working through them slowly.  I've fixed the YouTube embedding, which was the most visible problem.  The same cause has killed SoundCloud embedding;  I have the fix for that too, but I have a technical problem delaying the installation of it.  I also have some image and avatar issues still to work through, but may not be able to deal with them until after the weekend.

The URL change (to https only) happened purely coincidentally on the same day as the announcement of the Poodle exploit; as a result the servers (plural because now CloudFlare) have had SSL3 disabled, which is fine because it's an old and deprecated protocol; but this has caused issues in some systems in which the use of SSL rather than TLS is still default.  For instance, I cannot now access the forum using Chrome in Windows XP, even though Chrome is OK elsewhere, and other browsers are OK in XP.  Some of these defaults will get patched in the near future, but those related to older software may not.

[Masterpiece]

Anybody know who @cyclingtiger is on twitter? They've contacted me reg the fora issue and I couldn't connect the username to the twitterhandle

[Pilchard123]

EDIT: I found who it is, but I shall PM with my findings rather than leave them floating around here.

[Mlle Germain]

So, I'm not sure if this is the right place to put this, and if it's not could the mods figure out where is and move it there?

In the past few days, I've been having problems where I'm reading through the archive, and when I hit "next comic" it goes to the next comment for less than a second - and then I get hijacked by something telling me to update my video player because I'm using Google Chrome and my video player might be out of date.  Obvious scam, but extremely annoying.  I've only had it happen on QC, which is why I think it's a site problem and not a problem with my computer.

Anyone else seeing this?

I also got something that told me to update my Adobe Flash Player when I was browsing the archive right now. My antivirus programme didn't pick anything up, but after reading this on the forums, it seemed fishy.

Edit: I mean the QC archive page forwarded me to some other page saying I should update Flash Player, just like Penquin47 described.

[pwhodges]

Dodgy ads.  Email Jeph with details and a clear subject; he has the ability to have them removed.  How likely he is to see the email and react to it I cannot say, but it has been known.

If it continues to be a nuisance, the technical answer is to install an ad blocker (Ad Block or Ad Guard, for instance), and salve your conscience over Jeph's income from ad shows by contributing some other way.

Adware is currently the most prevalent form of malware, in my experience.  If you Google for Chrome downloads, the top hit is for Google's own download.  However, above it, in the same layout, and with only a small orange "Ad" tag, is a malware-infested fake download.  Yes, "do no evil" Google places an ad for an infected version of its own software above its own proper link!  Videolan VLC is another item that is afflicted this way.

[BenRG]

There are also the fake Flash and Java download alerts that are links to ransomware downloads that hide in legitimate ads hosted by fairly major advert providers. It's pretty clear that the hosting companies either don't vet well or the malware gangs know the way around their vetting procedures well enough to beat them more often than not.

The lesson? Think two or three times before clicking on an ad, no matter how reputable and major the host.

[Mlle Germain]

If it continues to be a nuisance, the technical answer is to install an ad blocker (Ad Block or Ad Guard, for instance), and salve your conscience over Jeph's income from ad shows by contributing some other way.

This is the thing. I do have my Kaspersky Internet Security Adblocker on at all times.

[bhtooefr]

The first important thing is to always block plugins unless you click to activate, or are using a site that you'll always activate the plugins (in which case I whitelist it on those sites). I personally use Firefox's built-in functionality for that, plus an extension (Click to Play per-element) to restore old (Firefox 23 and prior) behavior of that functionality.

Then, I use AdBlock Plus. On sites where I've whitelisted a plugin (especially Flash or Java), I will not whitelist it in ABP. QC is whitelisted in ABP, but not for any plugins, in my configuration.

[Mlle Germain]

Hallo everyone,
I'm really sorry to be harping on about this, but now I can't even get to the QC main page without getting the stupid video player update things (which always come with some Trojan programme being blocked by my antivirus, by the way) -- which also means I can't find Jeph's e-mail address to tell him about the problem.
Can someone supply me with the e-mail address? Thanks!

[Omio]

Hallo everyone,
I'm really sorry to be harping on about this, but now I can't even get to the QC main page without getting the stupid video player update things (which always come with some Trojan programme being blocked by my antivirus, by the way) -- which also means I can't find Jeph's e-mail address to tell him about the problem.
Can someone supply me with the e-mail address? Thanks!

Best way I can share it without bots being evil about it atm.

Also, same issue, going to assume that Google's advertising is getting hit again.

[Mlle Germain]

Thanks for that!

[pwhodges]

For the past couple of months, Google have allowed an advert linking to a malware-infested install of Chrome, their own software, to come above the link to their official download page; the same happens with VLC.  Between adware infested installs for Chrome and VLC, I've had to deal with more messed-up PCs at work in the last three months than in the previous five years.

"Do no evil", eh?

As for the problem with the ad on the QC site, install an ad-blocker to get round this.  You can turn it on and off for individual sites as necessary; but if you leave it on for QC, please consider compensating Jeph some other way.

[Mlle Germain]

As I said, I do have an adblocker. It happens regarless...

[ReindeerFlotilla]

Screen shot?

[BenRG]

Screen shot?

I've seen it; I'm actually insulted that they're using their faked Flashplayer update page with a slightly modified logo.

[ReindeerFlotilla]

This kinda thing Is my job. Screen shots would tell me things about what's happening.

[Mlle Germain]

I get three different ones. Took a screenshot of one of them and sent it to Jeph. I don't know how to post pictures that are not on the internet in this forum, so I'm sorry that I can't put it here as well.
Anyway, it sucks, because I can't visit the comic homepage at all. This does not seem to be the case for everyone here, so I wonder if it is an issue of my computer specifically?

[ReindeerFlotilla]

That's what I wonders as well. You might want to try RKill, and Malwarebytes. It couldn't hurt.

[jwhouk]

Okay, what just happened? Site and forums were impossible to load just a bit ago (0700-0730 CST).

[ReindeerFlotilla]

Cloudflare errors, of regular time outs?