mersenneforum.org  

Go Back   mersenneforum.org > Other Stuff > Forum Feedback

Reply
 
Thread Tools
Old 2017-12-22, 12:10   #1
kladner
 
kladner's Avatar
 
"Kieren"
Jul 2011
In My Own Galaxy!

100111101011002 Posts
Default Mersenne Forum vs. Malwarebytes

In the last few days, Malwarebytes Anti-malware has intermittently decided that mersenneforum.org is a malicious site, or has a suspicious IP. This has not happened on other sites in the same time frame. Restarting MBA makes the complaint go away for some hours. MBA scans turn up nothing. Norton Security doesn't see any problems. This is happening in Firefox 53.0.3. I have not tried another browser when the problem occurs, as yet.
EDIT: It came back in minutes instead of hours, just now.
kladner is offline   Reply With Quote
Old 2017-12-22, 12:27   #2
retina
Undefined
 
retina's Avatar
 
"The unspeakable one"
Jun 2006
My evil lair

5×1,217 Posts
Default

So then delete malwarebytes. It seems you can't trust it.
retina is online now   Reply With Quote
Old 2017-12-22, 14:10   #3
VictordeHolland
 
VictordeHolland's Avatar
 
"Victor de Hollander"
Aug 2011
the Netherlands

23×3×72 Posts
Default

Does it do the same to other non-SSL sites?

Does upgrading Firefox (I'm on 57.0.2 64bit) remove the issue?

Could it be that Malwarebytes thinks vBulletin v3.8.11 is too old and therefore flags it?
I'm not saying the forum should update to a new vBulletin, I quite like the current (clean) layout.
VictordeHolland is offline   Reply With Quote
Old 2017-12-22, 22:29   #4
kladner
 
kladner's Avatar
 
"Kieren"
Jul 2011
In My Own Galaxy!

22·2,539 Posts
Default

Those are good questions and suggestions. I dislike updating Firefox unless I have to. New versions often muck up my plugins and add-ons, and "helpfully" update the GUI from my carefully preserved "Classic" look. I suppose it is worth a try at this point, anyway.

I don't think I've seen this block anywhere else. I suspect that Malwarebytes changed some definition in an update. I'll see about updating FF.

Of course, some people will say that if I was still using FF 3.0.1, I would not have these problems.
kladner is offline   Reply With Quote
Old 2017-12-22, 23:05   #5
ewmayer
2ω=0
 
ewmayer's Avatar
 
Sep 2002
Rep├║blica de California

2D5D16 Posts
Default

Does Malwarebytes give users a per-site whitelisting option along the lines of FF's 'confirm security exception' pop-up?

Last fiddled with by ewmayer on 2017-12-23 at 00:50
ewmayer is offline   Reply With Quote
Old 2017-12-22, 23:17   #6
retina
Undefined
 
retina's Avatar
 
"The unspeakable one"
Jun 2006
My evil lair

5·1,217 Posts
Default

Quote:
Originally Posted by kladner View Post
Those are good questions and suggestions. I dislike updating Firefox unless I have to. New versions often muck up my plugins and add-ons, and "helpfully" update the GUI from my carefully preserved "Classic" look. I suppose it is worth a try at this point, anyway.

I don't think I've seen this block anywhere else. I suspect that Malwarebytes changed some definition in an update. I'll see about updating FF.
No, don't update other things just to please malwarebytes. That is backwards. "Update" malwarebytes with the delete button and use something else, or nothing at all.
Quote:
Originally Posted by kladner View Post
Of course, some people will say that if I was still using FF 3.0.1, I would not have these problems.
retina is online now   Reply With Quote
Old 2017-12-23, 00:45   #7
a1call
 
a1call's Avatar
 
"Rashid Naimi"
Oct 2015
Remote to Here/There

26×31 Posts
Default

There does not seem to be any issues with this site at the moment:

https://www.virustotal.com/#/url/b01...5c5a/detection
a1call is offline   Reply With Quote
Old 2017-12-23, 02:02   #8
chalsall
If I May
 
chalsall's Avatar
 
"Chris Halsall"
Sep 2002
Barbados

2×11×431 Posts
Default

Quote:
Originally Posted by kladner View Post
Of course, some people will say that if I was still using FF 3.0.1, I would not have these problems.
Most browsers are going to start warning about any site that isn't over SSL (read: HTTPS) shortly.

Of course, the malware people are already there.
chalsall is online now   Reply With Quote
Old 2017-12-23, 03:00   #9
retina
Undefined
 
retina's Avatar
 
"The unspeakable one"
Jun 2006
My evil lair

5×1,217 Posts
Default

Quote:
Originally Posted by chalsall View Post
Most browsers are going to start warning about any site that isn't over SSL (read: HTTPS) shortly.
I think you mean TLS? And not only that many sites now require at least TLS 1.2.

Last fiddled with by retina on 2017-12-23 at 03:00
retina is online now   Reply With Quote
Old 2017-12-23, 03:05   #10
chalsall
If I May
 
chalsall's Avatar
 
"Chris Halsall"
Sep 2002
Barbados

2·11·431 Posts
Default

Quote:
Originally Posted by retina View Post
I think you mean TLS? And not only that many sites now require at least TLS 1.2.
I stand corrected.

mersenneforum might want to get it's act together sometime soon.

Last fiddled with by chalsall on 2017-12-23 at 03:07 Reason: s/might what/might want/;
chalsall is online now   Reply With Quote
Old 2017-12-23, 10:41   #11
S485122
 
S485122's Avatar
 
Sep 2006
Brussels, Belgium

3·19·29 Posts
Default

Quote:
Originally Posted by kladner View Post
...
I dislike updating Firefox unless I have to. New versions often muck up my plugins and add-ons, and "helpfully" update the GUI from my carefully preserved "Classic" look. I suppose it is worth a try at this point, anyway.
...
You might try the ESR (extended Support Release) of Firefox, but even that one will "upgrade" in May 2018 to version 60, at that point you will have to use themes to try to get a reasonable interface, but will still have telemetry, data collection, sponsored links, etc.
If you like the classic interface there are forks available. I am currently using PaleMoon which is based on Firefox 27 but receives security updates. You might try Waterfox that will continue to support the old plug-ins like "Classic Theme Restorer".

Jacob

(It is a pity that so many software developers want to impose their view on how we should work and what layout our screen should have. Very often the customisation options still exist in the code but are hidden because "they" know what we should like.)
S485122 is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
Small inconsistencies between mersenne.org and mersenne.ca factor databases GP2 mersenne.ca 44 2016-06-19 19:29
Any mersenne prime finders on the forum? Damian Lounge 14 2011-06-01 17:01
How did you get your forum name? ixfd64 Lounge 41 2008-07-31 21:50
Mersenne Wiki: Improving the mersenne primes web site by FOSS methods optim PrimeNet 13 2004-07-09 13:51
Forum+Weekends=Dead Forum on Weekends? E_tron Lounge 10 2003-09-03 02:43

All times are UTC. The time now is 16:29.

Mon Mar 8 16:29:56 UTC 2021 up 95 days, 12:41, 0 users, load averages: 1.22, 1.64, 1.69

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.