[clamav-users] Anyone else having trouble reaching the ClamAV website?
Paul Kosinski
clamav-users at iment.com
Fri Jan 6 21:54:51 UTC 2023
I occasionally see a similar message from sites other than clamav.net saying something equivalent to Cloudflare's "review the security of your connection".
The phrasing is pure gaslighting. It isn't for *connection* security -- HTTPS provides *that*. What it really means is that the site is trying to search your computer by running some Javascript (which I block by default via NoScript, thus causing the message). They assume, probably correctly, that most visitors will think it's for *their* benefit After all, security is good, isn't it?
Why can't Cloudflare et al be honest and say that they're trying to avoid Denial of Service attacks and other bandwidth overload?
On Thu, 5 Jan 2023 10:18:38 -0500
Kris Deugau <kdeugau at vianet.ca> wrote:
> I went to load a semi-bookmarked page for signature writing
> (https://docs.clamav.net/manual/Signatures.html), but it failed and kept
> reloading Cloudflare's "security check" voodoo.
>
> (Side question to pass up the chain at Cisco/Talos - is there a knob
> that can be twisted somewhere to force that check to run exactly once,
> then stop? I can't imagine any scenario where running it over and over
> and over has any benefit to anyone. [And for bonus points, display an
> error message that gives some sliver of a hint what
> beyond-the-bleeding-edge headacheware the site or its security provider
> insist on relying on this week.])
>
> I then tried to load the main site, https://www.clamav.net, which also
> went into the same loop.
>
> I usually use Seamonkey (all-in-one Mozilla suite). I tried Konqueror
> which seemed to load things up fine.
>
> Since starting to write this and putting it aside, I've come across a
> small handful of other sites with the same issue, including one case
> where the base site triggered the issue but a directory under the base
> site did not. Since I'm *not* seeing it across a large number of sites,
> it's pretty clearly some specific security option in Cloudflare causing
> the failure.
>
> -kgd
More information about the clamav-users
mailing list