Firefox blocks all GitHub release downloads as deceptive

If you are using the Mozilla Firefox web browser right now to download releases hosted on the project hosting website Github, you will notice that you cannot do so directly anymore.

For instance, if you try to download the latest Atom editor builds, you get the warning message.

The browser displays a "deceptive site!" warning when you click on a download link and states that site the downloads are hosted on has been reported and blocked.

Update: The issue has been resolved.

Downloads on GitHub are powered by Amazon AWS.

This web page at "site url" has been reported as a deceptive site and has been blocked based on your security preferences.

Deceptive sites are designed to trick you into doing something dangerous, like installing software, or revealing personal information, like passwords, phone numbers or credit cards.

Entering any information on this web page may result in identity theft or other fraud.

deceptive site github

I tested this using Firefox Stable and Firefox Nightly, and both browsers showed the "deceptive site" intermediary page for most -- but not all -- GitHub release downloads that I tried to download.

Source file downloads don't seem to be affected, but any other download, be it for Windows, Linux or Mac, appears to the flagged by the Firefox browser currently.

While it is theoretically possible that the whole of GitHub has been compromised, it seems highly unlikely. Firefox users may bypass the warning to continue with the download.

  1. When you get the "Deceptive Site" warning in Firefox, click on the "ignore this warning" link displayed in the bottom right corner of the warning page.
  2. This bypasses the warning page and starts the download of the selected file.
Read also:  Privacy blunder? Firefox's Get Add-ons page uses Google Analytics

I tried the downloads in other browsers, thinking that it may be a problem with Google's Safe Browsing security feature. Chrome downloads these release files just fine however which means it is probably not, unless Mozilla uses a different version than Google does.

Closing Words

This is a misconfiguration most likely, and something that will probably be resolved quickly by Mozilla. It is interesting to note that this affects Mozilla's repositories on GitHub as well.

Summary
Article Name
Firefox blocks all GitHub release downloads as deceptive
Description
The Firefox web browser blocks all GitHub release downloads right now by marking the download site as deceptive and displaying a warning page.
Author
Publisher
Ghacks Technology News
Logo
Advertisement
Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to Firefox blocks all GitHub release downloads as deceptive

  1. TelV July 25, 2017 at 2:20 pm #

    Doesn't seem to be a problem at https://github.com/pirate/sites-using-cloudflare which loads normally.

    • Martin Brinkmann July 25, 2017 at 2:25 pm #

      This has no releases. This affects only the releases.

      • TelV July 25, 2017 at 3:54 pm #

        I can access the site via your link to download the latest Atom builds though. Copy to the latest one is: https://github.com/atom/atom/releases/download/v1.19.0-beta5/atom-1.19.0-beta5-delta.nupkg

        Of course it's possible that they fixed whatever was causing the problem before.

      • HK-Rapper July 25, 2017 at 5:29 pm #

        >quote: "may be a problem with Google's Safe Browsing"

        Correct! Why the deceptive headline then if you even realize this in the foot note? I'm no Mozilla apologetic like Sören, but Firefox and Mozilla are innocent this time.

        You are better than using such article names. Rather tell your visitors why any sane and privacy concerned person disables "Google Crap Browsing" in settings:

        https://en.wikipedia.org/wiki/Google_Safe_Browsing

        >Google Chrome, Safari, Firefox, Opera, and Vivaldi web browsers use the lists
        >Safe Browsing also stores a mandatory preferences cookie on the computer[10] which the US National
        >Security Agency allegedly uses to identify individual computers for purposes of exploitation.[11]

      • ams July 25, 2017 at 8:26 pm #

        I can't understand why HK-Rapper seems upset. Has the article title already been edited, prior to my reading?

        I'm saying: Martin, thanks for the article. Whatever the cause of the problem ~~ mismatched certificate, cross-site scripting, fumbled http header redirects... firefox's handling of the situation is non-ideal. Upon encountering such a block page, I'm unsure what a user SHOULD choose to do: proceed? exit? clear browser cache and retry? restart bind9 service? attempt reaching "github" via a proxy? wait, and try again later in the day? toggle off (or on) SafeNanny and try again?

      • Martin Brinkmann July 25, 2017 at 9:20 pm #

        No it has not been edited.

      • HK-Rapper July 25, 2017 at 9:57 pm #

        @ams
        I'm not upset and I enjoy Martin's site a lot. The thing is, this is a "Google Safe Browsing" message.

        So it would have happened on all the browsers I've mentioned above, not just FF. For journalistic completeness this should have been tested with more browsers and GSB on/off, a different headline reflecting on it.

        Occasionally people report safe websites to GSB in order to grief. Whatever caused the site being flagged as bad surely is gone. I never noticed it because I don't trust google. The wiki article sheds light on the privacy issues with GSB.

      • Martin Brinkmann July 26, 2017 at 6:52 am #

        I tested this in Chrome and it did not happen. It only happened in Firefox. If it would have happened in all browsers that use Safe Browsing, I'd use a title that reflects that, but it only happened in Firefox.

  2. insanelyapple July 25, 2017 at 3:06 pm #

    The only problem I have with github recently is that damn banner "Join github today" that seems to be prone to remember that I'm not interested when I click "dismiss".

    And the problem you're talking about may be related to safe browsing/pishing protection component - I have turned these lists off and I see no problem with accessing page.

    • Heimen Stoffels July 25, 2017 at 4:36 pm #

      If you're using uBlock (or something similar like AdGuard), you can simply block the banner by right-clicking it and selecting Block Element.

  3. Richard Allen July 25, 2017 at 3:19 pm #

    Firefox v54 and Nightly are both downloading from github without issue on my end. I don't use any of the options under "Phishing Protection". Don't use Google's version of safebrowsing either. I've never been convinced it was worth the bandwidth, for me. But then I've been known to enable it for others though. ;)

  4. Anonymous July 25, 2017 at 4:46 pm #

    All downloads on Github are already blocked by NoScript on my side anyway:
    "NoScript filtered a potential cross-site scripting (XSS) attempt"...

    • Anonymous July 28, 2017 at 9:32 am #

      Still me: v 5.0.7.1 [XSS] Fixed bug causing false positives (thanks Georg Koppen for reporting).

  5. CHEF-KOCH July 25, 2017 at 4:52 pm #

    Useless to block most popular sites anyway. Makes no sense. GitHub is especially designed to share files and knowledge.

  6. dmacleo July 25, 2017 at 5:12 pm #

    aws issue I bet

  7. Troy July 25, 2017 at 5:18 pm #

    Seems to be working for me using Firefox 54 default settings. was able to download the Atom Editor without any bannor

  8. CHEF-KOCH July 26, 2017 at 12:07 am #

    I recently had similar popup banner on ghacks, after 1 day or so it went away. Maybe just False/positive on adblocker. Fun thing I disabled adblock for ghacks.

  9. Richard Steven Hack July 26, 2017 at 3:30 am #

    Well, today I couldn't access this GHacks page in Firefox. I kept getting a "problem prevented this page from loading" message, I think from AdBlock.

    When I "temporarily enable all this page", the page finally loaded. Don't know which server or script was the problem.

  10. Anonymous July 26, 2017 at 4:27 am #

    uMatrix says it is a script from http://www.ghacks.net. I blocked it, no "problem prevented this page from loading" anymore.

  11. alison July 26, 2017 at 5:49 am #

    WaterFox doesn't have this; and it's a superfast browser too.

  12. Mystique July 26, 2017 at 4:44 pm #

    Pale Moon Browser also shares the same defect. It has been happening for a few days now (possibly a week)

    ---------------------------------------------

    Secure Connection Failed

    An error occurred during a connection to github.com.

    The server uses key pinning (HPKP) but no trusted certificate chain could be constructed that matches the pinset. Key pinning violations cannot be overridden.

    (Error code: mozilla_pkix_error_key_pinning_failure)

    ---------------------------------------------

    Disabling HPKP resolves the issue but do so at your own discretion.

    Options > Security > Enable Certificate Key Pinning (HPKP)

  13. Curtis K July 26, 2017 at 9:45 pm #

    https://twitter.com/GitHubHelp/status/889866861801766913 They have fixed this.

  14. Omar July 26, 2017 at 10:27 pm #

    I tried to download from mentioned site ( firefox browser ) and was no problem .

  15. Guest703 July 27, 2017 at 8:05 pm #

    Martin, any chance you could do an article on this topic? https://metafluff.com/2017/07/21/i-am-a-tab-hoarder/

Leave a Reply