ReHIPS forum

English Subforum => Developers' Blog => Topic started by: fixer on January 17, 2018, 03:24:41 pm

Title: [BUG] Google's strange love
Post by: fixer on January 17, 2018, 03:24:41 pm
Sometimes I get questions like "why does Chrome safe browsing mark your ReHIPS installer as potentially dangerous?". Let's take a closer look at this issue.

Looks like Google Chrome relies on Google API when marking downloaded files as malicious or dangerous. So it's possible for other Chrome-based browsers using the same API to behave the same way.

Apparently Google loves us. But in its own stange way. The story with this "love" goes back for quite some time. It's a funny story actually. Well, "funny" also depends on your point of view. At first they didn't like our ReHIPS installer. Have no idea why actually, we racked all our brains over this, but found no reason, it's served through HTTPS, HTTPS certificate is OK, installer is signed with a valid digital signature, no protectors, packers, obfuscators, whatsoever, no AV detections, programming language, compiler, linker and installer are also standard and wide-spread. In other words, everything from top to bottom looked OK. We decided it's not good, hoped for Google reasonability and tried to fix it via Google webmaster tools. Then the whole forum and site were banned as their crawler found links to the installer. When users were visiting it, a huge red banner was displayed over the whole screen screaming this site must be malicious as it serves dangerous files. That's not a nice thing for our customers to see, to say at least. We're afraid to fix it further, maybe they'll ban the whole provider network or country :)

Google forums are full of questions like this, but none have an adequate solution, most of them end up with either "have no idea, but it seems fixed" or "I stopped trying, to hell with Google". I left tons of feedback/comments in their webmaster tools, but none were answered. Antivirus companies at least have some well-known and official way to contact them if some legitimate software gets falsely detected by their product as malware for some reason. And they do check this mail and they do fix their mistakes. Not Google. They don't have any official way to contact them. Or at least it's hidden so well that I wasn't able to find it, along with tons of other people on their forums.

We did our best, but Google is Google. I never had any hard feelings towards it. But when you face this and don't have many options what to do and there is no adequate support, it's hard to remain unbiased.
Title: Re: [BUG] Google's strange love
Post by: shmu26 on January 17, 2018, 08:28:23 pm
Google should be sued for arbitrarily blacklisting a company's product without providing any recourse.