EurAsiayour console hacking resource
Select topic
  Create an account Home  ·  Your Account  ·  Online Shop  ·  Forums  ·  Downloads new  ·  Wiki  
Main Menu
· Home
· About Us
· Downloads
· FAQ
· Forums
· Info Pages
· Members List
· Online Shop
· PDA - AvantGo
· Private Messages
· Search Stories
· Statistics
· Stories Archive
· Submit Story
· Top 10
· Topics
· Upload
· WAP
· Web Links
· Wiki
· Your Account

Online Shop
Credit Card

Bitcoin

Namecoin

EurAsia Online Shop
enter

new products
· EurAsia File Collection 2017
· Matrix Infinity 2.0
· Sky3DS Plus
· Modbo 5.0
· Screwdriver GC/SNES
· X360ACE V3
· E3 NOR Flasher
· TX J-R Programmer v2
· Corona Postfix Adapter V2
· SuperCIC cart key
· SuperCIC SNES kit
· Gateway 3DS
· X360ACE V1
· Wasp Fusion
· 3k3y 3KR (SATA)
· Mtx Glitcher v1
· Xk3y Reloaded (XKR)
· 3k3y Ripper v2
· Corona Postfix Adapter
· Corona 4GB NAND RW Kit

complete price list

Tor Hidden Service
Tor Project
EurAsia Onion URL: wrqgfbrcgttkp6pi.onion

Who's Online
There are currently 158 guest(s) and 14 member(s) online.

cdps2 - Faze - ferid - garyopa - guerrierodipace - heydricas - hiropon - jhmiller - konkz - modrobert - p0rn0free - Robert - tripod731 - vanesa

Welcome honored guest. You can register for free by clicking here.

Site Protection
INFOSEC
BM

Hot Wikis
· PS4 firmware updates
· 3k3y nokeys ISO tutorial
· 3DS game fw updates
· 3k3y microSD recovery
· PS3 SKU Models
· PS3 Metldrpwn
· Xk3y microSD recovery
· Xbox360 motherboards
· Xbox360 Reset Glitch Hack
· PS3 Blu-ray Drive
· Homemade Sputnik360
· PS3 BD drive swap
· PSP Crypto Keys
· PS3_Crypto_Keys
· PS3 Hypervisor RE
· PS3 Dongle User Guide
· PSGroove tutorial
· Xecuter LT Fakir
· PS3 YLOD Fix
· NSMB Modchip Tutorial
· PS3 Glitch Hack
· Xbox360NoDvdRom
· Ps3FactoryRestore
· Free60JtagHack
· Ps3HddDecrypt
· WiiKey2EjectFix
· SaveMiiFree
· WiiHwDiagram
· Ps3OsRels
· PandoraNoHomebrewPsp
· GcOsMultiGameWiiHowTo
· Xbox360LinuxBurn
· Xbox360EraserFix
· Xbox360Kernel
· Xbox360DisasmXtreme
· Ps2HdlPatchTutorial
· Ps2VersionTable
· XboxErrorCodes
· XboxVersionTable
· GameCubeLaserTweak
· ModchipSolderingGuide
· PspUmdIsoHaxorLinux

RSS Feed
News & Downloads & Wiki

IRC
#eur
EFnet

Hosted By

Ad

Respected Sites
· consolereview.net
· Home of the Hitmen
· gc-forever
· pouet.net
· English Amiga Board
· GXArena OFW Repo
· WiiBrew.org
· PS4mod
· Maxconsole.com
· Console Wizard
· GameCube Linux
· Xbox Linux
· Xbox-Scene.com
· XboxHacker.Net
· xbins.org
· Doom9.net
· bunnie's blog
· debugmo.de
· GX-Mod.com
· ElOtroLado.net
· uCON64
· GBADEV.ORG
· GBAtemp.net
· PocketHeaven.com
· PDRoms
· GameSX.com
· ASSEMbler
· phrack.org
· Woz.org
· Captain Crunch

Support...

Pirate Party

Bitcoin

Namecoin

OpenCores
Electronic Frontier Foundation
Amnesty International

Nectarine Radio

Demovibes Radio

GNU
Linux
Mozilla

Total Page Views
We received
129846855
page views since June 2002

The corrupt red screen browser system
Posted on Friday, November 04, 2016 @ 09:24:51 GMT

general modrobert writes: "After seeing whole sites affected by the 'red screen' browser warning, for example wupinstaller.com, several console hacking related files on GitHub, and now finally the EurAsia download section, I thought it was high time to write a story. The file signature/checksum system the common browsers like Firefox and Chrome uses is corrupted by market forces. Files which clearly are harmless to the user are reported as malicious by business alliances protecting copyright or other interests, which then leads to the 'red screen' warning in the browser. As most of you probably already know, when it comes to antivirus, anything bypassing copyright protection measures (eg. cracks, keygenerators) are already flagged by all major AV vendors. The new thing here is the automated browser procedure (with similarities to the YouTube flag system) where the site owner (content provider) has the burden of proof.

red screen


In the case of Chrome it basically works like this; when you download a file its checksum is verified against a malware database, if the file is flagged (for whatever reason, copyright, someone don't like the content, etc.), the user is warned the file is malicious, while in the background the URL where the file originates from is sent to a cloud based database by the browser (without user interaction, phoning home) where the information eventually will be used in the shared database all major browsers rely on to show the 'red screen' warning while browsing.

This 'red screen' browser system is now being constantly abused, not just by copyright holders, as it used to be through AV vendors, but also indirectly by major corporations like Sony, Nintendo and Microsoft, most likely through their business alliances having associated law firms doing the dirty work of misreporting the files.

At EurAsia we recently received warnings from Google about 'Social engineering content detected' at the website, pointing out a few Windows files in our download section. Quote from email: 'Google's Safe Browsing systems have detected that some pages on your site might be hacked or might include third party resources such as ads that are designed to trick users into installing malicious software or giving up sensitive information. To protect your site's visitors, your site has been demoted in Google's search results and browsers such as Google Chrome now display a warning when users visit your site.' The files had our editorial warning that they might include virus, and better be executed in sandbox/virtual. Apparently my warning was somehow regarded as phishing.

Being a bit naive I deleted the files in question and requested another check by the Google bots (or real persons, not sure). A few hours after submitting the report/review we got the following info in the mail; 'Google has received and processed your security review request. Unfortunately, our systems still indicate that URLs on http://www.eurasia[.]nu/ contain content that can harm visitors. Browsers such as Google Chrome will continue to display a warning when users visit your site or click links on your site that lead to downloads containing malware or unwanted software.'

At EurAsia we have over 10 000 files total in the download section, many which include console hacking related material. This is legal material, no copyrighted content like ROMs etc., all checked for virus in the upload process, but that doesn't really matter since the files are being falsely reported as malicious anyway as mentioned previously.

So what can be done to avoid this?

There are browser settings to turn off 'protection from dangerous sites', but that would include actual malicious sites where exploits potentially could take over the browser and infect your computer/device, so I don't really want to recommend that.

Sure, you can also bypass the 'red screen' browser warning itself, and continue to the website (or download), perhaps the best choice for now. Learn to know which websites you can trust, and just visit anyway, ignoring the bullshit warnings.

If you have any idea how to solve this growing problem then please comment."

 
Login
Nickname

Password

Member Registration

Related Links
· More about general


Most read story about general:
InFeCtuS - modchip for xbox360, ps2, ps3, wii


Story Rating
Average Score: 4.9
Votes: 10



Options

Printer Friendly Page  Printer Friendly Page


"Login" | Login/Create an Account | 15 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.
Re: The corrupt red screen browser system (Score: 1)
by modrobert on Friday, November 04, 2016 @ 15:11:36 GMT
(User Info | Send a Message)
Hmm, since the files aren't actually checked for malware, just tested against checksum in database. I could code a routine in the download module which adds a random file to each archive upon download, making all downloads unique regarding checksum, no matter if the same file is downloaded over and over again. Also, an added random hash string to the download URL, making that unique as well.


[ Please login if you wish to reply to this comment ]

Re: The corrupt red screen browser system (Score: 1)
by modrobert on Saturday, November 05, 2016 @ 03:47:16 GMT
(User Info | Send a Message)
This strengthens the theorem that any system designed to block users on internet will eventually turn corrupt, no matter how good the initial intentions are.


[ Please login if you wish to reply to this comment ]

Re: The corrupt red screen browser system (Score: 1)
by modrobert on Wednesday, November 09, 2016 @ 02:23:05 GMT
(User Info | Send a Message)
After a second attempt, Google's security review was successful; 'Google has received and processed your security review request. Google systems indicate that http://www.eurasia[.]nu/ no longer contains links to harmful sites or downloads. The warnings visible to users are being removed from your site. This may take a few hours to happen.'

I'm not sure what made Google change their mind, because we haven't deleted any files between the attempts.

I doubt Google supports flagging of harmless files/sites, it would not be in their interest, but they help facilitating the abuse by having automated systems threatening webmasters to be demoted from the search engine unless files are removed. The burden of proof is on the webmaster/owner of the site, and since the system appears to be automated, you can't really argue with bots basing their claims on false information.


[ Please login if you wish to reply to this comment ]

Re: The corrupt red screen browser system (Score: 1)
by Robert on Thursday, November 17, 2016 @ 10:01:37 GMT
(User Info | Send a Message) http://www.eurasia.nu
I want to thank Dr Richard Stallman for linking this story!

https://stallman.org/archives/2016-sep-dec.html#8_November_2016_(Data_base_of_malicious_web_pages)


[ Please login if you wish to reply to this comment ]

 

All trademarks and copyrights on this page are owned by their respective owners.
Comments and forum messages are owned by the Poster.