I vouch for SBS Radio!


This graphic by 夜宵 on Pixiv is what I assume listening to the SBS Radio PopAsia station I learned about at SMASH! (photos coming soon, I promise!) must be like, given Firefox blocked the site for me on the grounds it was an "attack page"!

A subtle dig at Asian music, perhaps?

Browsing the site this afternoon for a change of pace while we frantically get this house cleaned for our next inspection (fun times in rentland!), I was told:

This web page at sbs.com.au has been reported as an attack page and has been blocked based on your security preferences. Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system. Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.

This sure didn't sound (hah) like the site of my nation's "National Multicultural Broadcaster", so I clicked "Why was this page blocked?". Under the heading "What happened when Google visited this site?":

Of the 2 pages that we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time that Google visited this site was on 2011-07-16, and the last time that suspicious content was found on this site was on 2011-07-16.

Malicious software is hosted on 1 domain(s), including tecnoprosnc.cu.cc/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including tppkuban.ru/.

This site was hosted on 2 network(s) including AS9667 (HOSTWORKS), AS17477 (MCT).

Screenshot of the error on the SBS Radio site.

Using "(s)" means the developer is lazy

So if I'm interpreting the Googlese properly, the site itself wasn't malicious, but it contained a link to a site that hosted malware.

The little but loud conspiracy nutjob in me thinks the timing is awfully convenient, at least for the perpetrators. Step one, get a site advertised at a convention to people with generally higher than average disposable incomes and/or younger people who may not be as serious about patching their systems. Step two, get their machines to download malicious content. Step three, profit! It's like convention social engineering!

In any case, it can't have been good publicity for the fledgling Asian pop music station to be targeted, 24 hours after they were advertised and played non-stop at SMASH. Here's hoping they can get their site off Google's blacklist before too many people are turned off the service.

The site could have had a code injection attack levelled against it, or I'm assuming more likely is someone left a comment pointing to a malicious site. This has happened to Rubenerd.com several times since 2004, its an honest enough mistake to make to let these kind of comments get through.

Blacklisting sites is but one of the examples of just how much power Google wields, and how much trust we put in them that they'll do the Right Thing™. As a publicly listed company they determine how much more than half of what the English speaking world ends up seeing.

Update, 20:00 AEST

The site seems to be back to normal again, as far as I can tell.

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.