lownote Posted July 12, 2022 Share Posted July 12, 2022 (edited) Anyone else getting a disproportionate number of anti-virus or malware alerts from popular bass websites? The worst is BassDirect, which my app insists has a Trojan embedded in the site and won't let me on. I've contacted the owner twice but he says it must be my AV, and anyway he's think of updating the site. So I paddled off to Strings Direct to do my business there only to receive a lesser alert about some issue there too. Edited July 12, 2022 by lownote Quote Link to comment Share on other sites More sharing options...
bartelby Posted July 12, 2022 Share Posted July 12, 2022 Nope. No issues here. Quote Link to comment Share on other sites More sharing options...
Bigguy2017 Posted July 12, 2022 Share Posted July 12, 2022 24 minutes ago, lownote said: Anyone else getting a disproportionate number of anti-virus or malware alerts from popular bass websites? The worst is BassDirect, which my app insists has a Trojan embedded in the site and won't let me on. I've contacted the owner twice but he says it must be my AV, and anyway he's think of updating the site. So I paddled off to Strings Direct to do my business there only to receive a lesser alert about some issue there too. Yes, using Win11 + Edge browser I get this... Works AOK using Firefox. Looks like some kind of Certificate / SSL negotiation problem 1 Quote Link to comment Share on other sites More sharing options...
lownote Posted July 12, 2022 Author Share Posted July 12, 2022 (edited) I get this from Bass Direct running Malwarebytes amd Bitdefender over Win 10 and Firefox. It doesn't just warn me, it refuses me access. I could force access, but what's the point of having an AV if you ignore it? Edited July 12, 2022 by lownote Quote Link to comment Share on other sites More sharing options...
ezbass Posted July 12, 2022 Share Posted July 12, 2022 I’ve had occasional warnings about BD’s site possibly being fake, but it’s not consistent. As to BD’s ‘new website’, the constant reminders that this coming in their weekly newsletters, is becoming farcical. It’s been months and months, “New website coming,” nothing seems to be happening. It’s almost like they’re saying it just to deflect the various comments about how poor the site is (FWIW I think it’s OK, not great for sure, but no better or worse than The Gallery’s). 1 Quote Link to comment Share on other sites More sharing options...
Saul Panzer Posted July 12, 2022 Share Posted July 12, 2022 I've had nothing from my browsers and I use a few including more security focused ones. Can't comment on Windows saying anything as I don't use it. Quote Link to comment Share on other sites More sharing options...
Ed_S Posted July 12, 2022 Share Posted July 12, 2022 SSL Labs usually gives you a fair idea of what's going on, and their tests won't complete for the BD site due to behaviour which "usually happens when there are multiple TLS servers behind the same IP". Before failing, the tests return the SAN certificate I'd expect, and also a seemingly unrelated wildcard for a shared SSL CA which seems to belong to a hosting provider called Heart Internet. The IP of the site sits under the ASN for Host Europe, but in a block assigned to Heart, so that ties up. I don't get alerts from either my home systems or our secure gateways at work, so I'll continue to look at the pretty pictures on the purely personal assessment that it's more likely a sub-optimal configuration than anything malicious in that one particular instance. 4 hours ago, lownote said: I could force access, but what's the point of having an AV if you ignore it? Yup! And and don't trust my assessment either - you've paid them to keep you safe and they seem to be doing an alright job. 2 Quote Link to comment Share on other sites More sharing options...
Bolo Posted July 12, 2022 Share Posted July 12, 2022 That's some TurboEncabulator text right there 1 hour ago, Ed_S said: SSL Labs usually gives you a fair idea of what's going on, and their tests won't complete for the BD site due to behaviour which "usually happens when there are multiple TLS servers behind the same IP". Before failing, the tests return the SAN certificate I'd expect, and also a seemingly unrelated wildcard for a shared SSL CA which seems to belong to a hosting provider called Heart Internet. The IP of the site sits under the ASN for Host Europe, but in a block assigned to Heart, so that ties up. I don't get alerts from either my home systems or our secure gateways at work, so I'll continue to look at the pretty pictures on the purely personal assessment that it's more likely a sub-optimal configuration than anything malicious in that one particular instance. Yup! And and don't trust my assessment either - you've paid them to keep you safe and they seem to be doing an alright job. 1 Quote Link to comment Share on other sites More sharing options...
Ed_S Posted July 12, 2022 Share Posted July 12, 2022 6 minutes ago, Bolo said: That's some TurboEncabulator text right there I have a MicroThumpinator if that's similar? Quote Link to comment Share on other sites More sharing options...
TrevorR Posted July 12, 2022 Share Posted July 12, 2022 9 hours ago, lownote said: I get this from Bass Direct running Malwarebytes amd Bitdefender over Win 10 and Firefox. It doesn't just warn me, it refuses me access. I could force access, but what's the point of having an AV if you ignore it? Maybe your browser just really hates reggae? 🤔🙄 #dadjoke 1 Quote Link to comment Share on other sites More sharing options...
Reggaebass Posted July 12, 2022 Share Posted July 12, 2022 7 minutes ago, TrevorR said: Maybe your browser just really hates reggae? 🤔🙄 #dadjoke I see what you did there 😁 Quote Link to comment Share on other sites More sharing options...
Cliff Edge Posted July 12, 2022 Share Posted July 12, 2022 (edited) No issues on either site here using Safari on an IPad. No AV or Malware apps here of course but Safari will flag up issues when appropriate. The problems some are seeing are related to ssl certificate configurations, and in some cases Windows certificate caches. It’s wrong for the AV software and Malware Bytes to say the sites are insecure or contain malware because of this. The site owners should contact their hosting companies to sort our the problem, it’ll take about 5 minutes. Edited July 12, 2022 by Cliff Edge 2 Quote Link to comment Share on other sites More sharing options...
steve-bbb Posted July 12, 2022 Share Posted July 12, 2022 6 hours ago, Ed_S said: SSL Labs usually gives you a fair idea of what's going on, and their tests won't complete for the BD site due to behaviour which "usually happens when there are multiple TLS servers behind the same IP". Before failing, the tests return the SAN certificate I'd expect, and also a seemingly unrelated wildcard for a shared SSL CA which seems to belong to a hosting provider called Heart Internet. The IP of the site sits under the ASN for Host Europe, but in a block assigned to Heart, so that ties up. I don't get alerts from either my home systems or our secure gateways at work, so I'll continue to look at the pretty pictures on the purely personal assessment that it's more likely a sub-optimal configuration than anything malicious in that one particular instance. Yup! And and don't trust my assessment either - you've paid them to keep you safe and they seem to be doing an alright job. +1 this - sounds like they have not configured to force all traffic via https and redirect http to https Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.