Issue: Microsoft marking librarycat.org as unsafe

SnakTinyCat

Bliv bruger af LibraryThing, hvis du vil skrive et indlæg

Issue: Microsoft marking librarycat.org as unsafe

1kristilabrie
apr 18, 12:49 pm

On Saturday, April 6, Microsoft's Defender SmartScreen flagged https://www.librarycat.org as unsafe. Our sysadmin Ganawa submitted a ticket to Microsoft to review us and get us in the clear, or give us more information on why we were flagged, as we saw no real indication that this was a warranted action.

We haven't received a reply from Microsoft, but they appear to have cleared us sometime last week. Unfortunately, today, Microsoft seems to have flagged us as unsafe once more.

We are actively working on the situation and looking at all angles, including getting an answer from Microsoft Support.

Here's what you can do if you're having trouble accessing TinyCat:

1. Send feedback to the warning you're receiving from Microsoft that https://www.librarycat.org is indeed safe, so they will review us and get us in the clear. (We are working on this on our end, as well.)
2. Try using a non-Edge browser (this may still not work, but some users have had success).
3. Your network administrator can whitelist the TinyCat URL (librarycat.org) for all users if they are using policies at https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#smartscreen...
4. Users can also manually bypass SmartScreen by following instructions at https://support.microsoft.com/en-us/microsoft-edge/how-can-smartscreen-help-prot...
5. Stay posted on this thread for updates, or to ask questions.

Thank you for your patience as we work on this!

2Ganawa
apr 19, 11:36 am

Hi everyone!

I wanted to provide an update on the current situation with Tinycat. We're continuing to work through Microsoft's escalation to resolve the SmartScreen issue. We're also working with Cloudflare (our CDN provider) to correct some caching issues which is also contributing to the issues.

Here are some additional steps I've identified with libraries that have corrected the issue:

1. If possible, use DNS servers 1.1.1.1 or 8.8.8.8.

Windows: https://www.windowscentral.com/how-change-your-pcs-dns-settings-windows-10
MacOSX: https://support.apple.com/guide/mac-help/change-dns-settings-on-mac-mh14127/mac

2. Clear your browser DNS cache (https://kinsta.com/knowledgebase/flush-dns/)

As always we appreciate your patience as we work on this; please stay tuned for updates soon!

3kristilabrie
apr 22, 12:19 pm

Note: a member using Apple devices found that by turning the Private Relay feature off, their Apple devices could access TinyCat. Let us know if you try this and it works!

4kristilabrie
apr 22, 2:09 pm

Well, with approximately zero headway made with Microsoft (who has been a black box thus far), we are canvassing the community for any contacts at Microsoft who can help us clear our good name: https://www.librarything.com/topic/360288. Please share away and let us know if you find someone! Free swag to the member who finds the contact that can get us back to normal. :)

5kristilabrie
apr 24, 11:01 am

Request for members getting Microsoft SmartScreen's warning that librarycat.org is unsafe: Please click to view the details of the warning, on the lefthand side of your browser URL bar, so you can see the explanation of why SmartScreen is deeming us as unsafe. Then, copy and paste that explanation here or in an email to us at tinycat@librarything.com. This may give us some breadcrumbs to explore. The details should look something like this:



I messaged directly with Microsoft Support on Twitter/X, yesterday and today, and they were unfortunately of no help. We hope to make further progress soon and are still working on this. Thanks for your extended patience.

6franklinlibrary
apr 24, 2:21 pm

From Franklin Library (Maine): this is the detail statement we receive for the warning:

>5 kristilabrie: About librarycat.org

Dangerous site
Hosted by https://www.librarycat.org/
Attackers on the site you're trying to visit might trick you into installing software or revealing things like your password, phone, or credit card number.

Report as safe

Show unsafe content
Permissions for this site
Cookies (0 cookies in use)
Tracking prevention for this site (Balanced)

Trackers (0 blocked)

7kristilabrie
apr 25, 2:19 pm

I received this update from Microsoft Support this morning, and am passing it along:

We are addressing your issue regarding the website being blocked by Windows SmartScreen. This feature is an additional layer of protection for your devices, but it can be disabled. However, we advise caution if you choose to proceed.

Here are the steps to disable Windows SmartScreen:

1. Open Settings.
2. Navigate to the 'Privacy and security' tab on the left pane.
3. Click on 'Windows Security'.
4. Then, open the 'App and browser control' tab in the left pane.
5. Click on 'Reputation-based protection settings'.
6. You will see four different SmartScreen filters; select the SmartScreen for Microsoft Edge or adjust other settings as needed.

Please inform us if this resolves your issue with accessing the website. -Lei


Please note that we would not recommend removing such a security filter for any website, but if you really want to do this for our TinyCat site (since we are valid), the above instructions should help.

8kristilabrie
Redigeret: apr 29, 11:18 am

Update: we found a recent URL issue and have since fixed this, so we'll be curious to see if that changes Microsoft's flags on TinyCat. We are still working on reaching a real person at Microsoft to resolve this ASAP. Thanks for your extended patience.

9kristilabrie
maj 1, 11:32 am

Update: Microsoft appears to have finally removed their flags from librarycat.org, if you can have a look and let us know if you're still having trouble accessing your TinyCat.

(After nearly a month of us trying everything possible to clear our name, I find it very interesting that we're all clear on May 1, the start of a new month. I'm curious if it's a monthly cycle that Microsoft tends to do this. None of this you need to know, of course!)

Thanks for your extended patience through this more than unpleasant ordeal!

10RSSAA
maj 2, 9:41 am

We tried on Windows and Mac Computers, and none of them could open the TinyCat still. (May 2nd) 😬.

11kristilabrie
maj 3, 7:26 am

>10 RSSAA: Are you getting an ERR_SSL_PROTOCOL_ERROR or something similar? Can you provide a screenshot of what you're seeing? We are still experiencing an error similar to above, and Ganawa has been working with libraries who are still seeing this. This appears to be unrelated to the Microsoft flags that were resolved this week.

Let me know what you're seeing and we can take a closer look!

12CDJLibrary
Redigeret: maj 3, 3:11 pm

We, Children's Diversity & Justice Library, librarycat.org/lib/CDJLibrary/, are still unable to access our tinycat catalog on our work servers. Can access from home and mobile devices not connected to work wifi or network .

Can't seem to provide a screenshot here, but says "This site can't provide a secure connection. www.librarycat.org sent an invalid response . Try runing windows network diagnostics. ERR_SLL_PROTOCOL_ERROR. Relaod"

Same on Chrome or Edge. Library unable to be used by patrons because it is self serve with QR codes directing them to the catalog in a building where the site can't be reached. Any ideas? miriamdavis@tvuuc.org

Can't screenshot the details of the warning, but it says,

Your connection to this site is not secure
You should not enter any sensitive information on this site (for example, passwords or credit cards) because it could be stolen by attackers. learn More.

Cookies and site data
Site settings

--------------------
Clicking Cookies and site data then brings me to Manage on-device data, which says "On-device site data. To improve you visit, sites often save your activity - often to your device. Manage site Data"

clicking manage site data brings me here chrome://settings/content/siteData:

Settings
Search settings
You and Google
Autofill and passwords
Privacy and security
Performance
Experimental AI
Appearance
Search engine
Default browser
On startup
Languages
Downloads
Accessibility
System
Reset settings
Extensions
About Chrome
On-device site data
A site you visit can save info about what you're doing so that it works as expected — for example, to keep you signed in to a site or to save items in your shopping cart. Often sites save this info temporarily on your device.
Default behavior
Sites automatically follow this setting when you visit them
Allow sites to save data on your device
Sites are more likely to work as you would expect
Delete data sites have saved to your device when you close all windows
Sites will probably work as you expect but won't remember you after you close all Chrome windows
Don't allow sites to save data on your device (not recommended)
Sites may not work as you would expect. Choose this option if you don't want to leave information on your device about sites you visit.
Customized behaviors
Sites listed below follow a custom setting instead of the default
Allowed to save data on your device
No sites added
Always delete site data from your device when you close Chrome
No sites added
Not allowed to save data on your device
No sites added
-------------------------------
Following Site Settings from the Information details of the error messages, I get chrome://settings/content/siteDetails?site=https%3A%2F%2Fwww.librarycat.org

Settings
Search settings
You and Google
Autofill and passwords
Privacy and security
Performance
Experimental AI
Appearance
Search engine
Default browser
On startup
Languages
Downloads
Accessibility
System
Reset settings
Extensions
About Chrome
www.librarycat.org
Usage
240 B
·
7 cookies
Permissions
Location
Ask (default)
Camera
Ask (default)
Microphone
Ask (default)
Motion sensors
Allow (default)
Notifications
Ask (default)
JavaScript
Allow (default)
Images
Allow (default)
Pop-ups and redirects
Block (default)
Intrusive ads
Block if site shows intrusive or misleading ads

Block (default)
Background sync
Allow (default)
Sound
Automatic (default)
Automatic downloads
Ask (default)
MIDI device control & reprogram
Ask (default)
USB devices
Ask (default)
Serial ports
Ask (default)
File editing
Ask (default)
HID devices
Ask (default)
Protected content IDs
Chrome Live Caption might not work

Allow (default)
Clipboard
Ask (default)
Payment handlers
Allow (default)
Insecure content
Block (default)
V8 optimizer
Allow (default)
Third-party sign-in
Allow (default)
Augmented reality
Ask (default)
Virtual reality
Ask (default)
Your device use
Ask (default)
Window management
Ask (default)
Fonts
Ask (default)
Automatic picture-in-picture

13armature
Redigeret: maj 6, 8:57 pm

>11 kristilabrie: For what it's worth, I had been blocked from accessing TinyCat from both at home and at work since early April, getting the ERR_SSL_PROTOCOL_ERROR along with other symptoms. It didn't matter what browser, device or operating system. I thought a router reboot had solved it at home, but that was only briefly and it never worked again. See my previous posts here: https://www.librarything.com/topic/359915#8501616

I finally resolved the issue in my case, however. What both of my networks have in common is that they are using Comcast Business Internet. It turned out that Comcast had enabled a feature called SecurityEdge and hadn't told me (I'm the administrator on both networks, and the point of contact for these Comcast accounts). Not being in favor of Comcast deciding what we can or can't access, and knowing their reputation for being unresponsive when they're blocking legitimate sites, I disabled SecurityEdge using the instructions found here: https://forums.businesshelp.comcast.com/conversations/domain-namesstatic-ip/mult... . TinyCat was immediately available again.

Now some folks may not be comfortable disabling what is supposed to be a security feature (in our case, I use other means to secure my networks), or may not even have access to the account settings for their site, but I wanted to put this out there in case it helps.

14kristilabrie
Redigeret: maj 6, 7:40 am

>13 armature: This is very helpful information, armature. From our investigation, the error/s you (and other members) were (are) seeing was not on our end, but had to do with the firewall as you describe. It's good to have some confirmation with this.

15CDJLibrary
maj 7, 12:45 pm

I have learned that we are also a Comcast Business user. I suspect the reason we can no longer access our TinyCat site is because of this Security Edge issue. I am a home Comcast customer and can access from home, so it must only be business accounts.

Our IT folks (volunteer) have had this to say, "uncomfortable with "Untick the box to set the status of SecurityEdge™ to
Disabled." We already have too much security exposure since we have no technical support staff or contract. And as the article stated. "You DO NOT want to remove this feature from your service as it will break your "combo" package and they'll charge you more.

And this, "Comcast is our best internet option. I don't know of any cost-effective alternatives except KUB, which would require replacing and reconfiguring some of our network equipment if it is available. The problem is not Comcast since most carriers are requiring tighter and tighter security. Microsoft Edge Security is the best defense against Chinese and Russian hackers, which is probably why Comcast started using it. One solution is to allow users to use a mobile hotspot. Since LibraryThing is the only software I know of that we use that is blocked, I think the problem is more with their software. Anyone on the Management Team can call Comcast, but my experience is that they will not change the configured generic firewall settings to accommodate one software package that is not widely used by their customer base. I'm not sure what else to do but wait till they have a patch or upgrade."

Our library is self checkout by patrons who can now not access the catalog in the library. is there any hope of talking to Comcast and getting them to clear this issue for TinyCat?

16RSSAA
maj 7, 5:07 pm

>11 kristilabrie:
I cannot add a screenshot here, but I will copy that is written:

"This connection is not Private
This website is may be impersonating "www.librarycat.org" to steal your personal or financial information. You should go back to your previous page."

17armature
Redigeret: maj 7, 8:29 pm

>15 CDJLibrary: "is there any hope of talking to Comcast and getting them to clear this issue for TinyCat?"

Yeah, I didn't bring it up in my post, but this would be the better fix, given the varying levels of comfort or ability for others to make the changes I did. I haven't seen it happen yet, but I've also heard that Comcast may reenable SecurityEdge without asking under certain conditions, so disabling it may a less than permanent fix.

"And as the article stated. 'You DO NOT want to remove this feature from your service as it will break your "combo" package and they'll charge you more.'"

I don't think disabling SecurityEdge is the same as removing it from your service. I don't expect it to change my service plan, but I guess I'll find out when I get billed.

18Ganawa
maj 8, 11:08 am

>15 CDJLibrary:

Hey everyone! I'm going to reach out to Comcast to see if we can get this corrected, I'll keep everyone updated here with any progress I make

My guess is here is that there's a similar process we had to with Microsoft to get Tiny Cat marked as a safe site.

19OregonGS.org
maj 9, 11:29 am

Test.

20Ganawa
maj 9, 12:20 pm

Hi all!

I worked with Comcast yesterday and they are in the process of "investigating" our request to remove TinyCat from their security product. I will keep everyone posted as we hear more

21DanishAmerLibraryMN
maj 9, 12:26 pm

We continue to be unable to access Tiny Cat and our library home Search page (over a month now). We have attempted to fix the issue using advice from this thread, including the one posted April 25, with either no luck or not enough tech savvy on our part. Similar to another post, we also don't have a contract for tech assistance. The sites function at home but not here at work.

I appreciate all that is being done by LT staff members to find a fix!

22CDJLibrary
maj 9, 10:51 pm

>18 Ganawa: Thank you. Looking forward to an update

23OregonGS.org
maj 10, 6:15 pm

For those using Comcast business, I was able to work around the problem by adding librarycat.org to the allow list within SecurityEdge. I don't know if your Comcast web pages will match mine, but this is what worked for me.

Go to https://business.comcast.com

click on signin (upper right for me)

After logged in look for "Subscribed Services"

In the "BUSINESS INTERNET STANDARD" box right below the speed we pay for is a link to "SECURITYEDGE™" click on it. It should take you to (https://business.comcast.com/sso-gateway/product/securityedge). You'll have some redirects as it logs into SecurityEdge.

Towards the top it should show:
"Dashboard, Settings, Block & Allow Lists, Block Page Customization, Domain Lookup, Scheduled Reports"

Click on "Block & Allow Lists"

You should see a box with "www.example.com" in it and a shadowed out "Check" button to the right.

Enter librarycat.org and click on the "Check" button (as soon as you type the "Check" button with be clickable). It'll check your entry and display the following:

Whole website librarycat.org
This whole domain will be added to the list, not just a URL

Then Block and Allow buttons, click on the "Allow" button.

You'll see the librarycat.org show up in the "Allow list".

At this point you'll need to restart SecurityEdge. Unfortunately for me this required a phone call to Comcast support. Once they restarted it I no longer had the problem accessing librarycat.org

I tried to opened a ticket requesting that they globally remove the filter of libarycat.org,
but that didn't go anywhere.

For those without Comcast the SecurityEdge s/w was done with Akamai so it may have other names???

Hope this helps.

24DanishAmerLibraryMN
jun 6, 10:34 am

Whoever out there fixed the access to Tiny Cat and the library's online Search page, THANK YOU!

I logged in at our library today and was just thrilled that we have access again. I am very grateful to all those who spent time on this trying to fix the problem.

Felicity

25kristilabrie
jun 6, 12:05 pm

>24 DanishAmerLibraryMN: Thanks for the note! I know Ganawa was working diligently to get our flags removed from Microsoft and Comcast, etc., so hopefully whatever he did was what we needed. :) I'll pass along your thanks, it will be much appreciated I'm sure.

Thank you for your patience!

26VitaSporer
Redigeret: jun 22, 2:48 am

Denne bruger er blevet fjernet som værende spam.