Phishing warning xda forum. - About xda-developers.com

I tried to go into xda from a PC bookmark, and it redirects to a phishing page... I'm using a bookmark. Made by me at the real site.
I think its an error as it does not allow me to go through by any means.like going to xda and then click on forum...
Now I'm in tapatalk...
Sent from my XT862 using Tapatalk

Me too, no matter where I try to navigate I also get the phishing warning. Was able to get into this because I had this tab open.
gierso said:
I tried to go into xda from a PC bookmark, and it redirects to a phishing page... I'm using a bookmark. Made by me at the real site.
I think its an error as it does not allow me to go through by any means.like going to xda and then click on forum...
Now I'm in tapatalk...
Sent from my XT862 using Tapatalk
Click to expand...
Click to collapse

Thanks for your report, I´ll flag an Admin.

Same here - if I access the forum directly from certain machines (which are going through a proxy, if that helps):
http://forum.xda-developers.com/
by bookmark or typing it in, I get the phishing warning. If I click on the "real" forum link - I get the phishing warning again.
I was able to access this link directly via Google.
On Friday, I also got it if I tried to post - so hopefully this post actually gets posted. (Edit: At least posting is working from this machine again...)

It's working fine for me on OSX and Linux. Haven't had any issues.

More detail:
From Firefox on a Windows 7 machine with an undetermined proxy, I get the phishing warning when I attempt to access:
http://forum.xda-developers.com/
If I instead use:
http://forum.xda-developers.com/index.php
It works fine
Works fine in all situations when I'm at home

Entropy512 said:
More detail:
From Firefox on a Windows 7 machine with an undetermined proxy, I get the phishing warning when I attempt to access:
http://forum.xda-developers.com/
If I instead use:
http://forum.xda-developers.com/index.php
It works fine
Works fine in all situations when I'm at home
Click to expand...
Click to collapse
On the PC that gets the phishing warning, does it only do it on Firefox, or is it all browsers?

This is from our sysadmin:
For those of you who got the phishing page on Friday (27th), it was a configuration error. We apologize and it was corrected within a few hours of us finding out. One of our Senior Mods was also affected, due to being behind a corporate firewall.
@Entropy512, unfortunately we have had phishing attacks against our members from a domain similar to ours and they are using various proxies to proxy our site and evade our detection/blocks. I highly recommend you don't use a proxy when viewing XDA for the safety of your account.
For everyone else, please be aware that you are on *.xda-developers.com, not a domain similar to it. This is the only domain that the official XDA site is served from. There have been phishing attacks against us and our members and we're doing everything we can to mitigate this.

Related

[Q] chrome xda-developers.com malware

I tried to log on to xda this morning using chrome and received a Malware warning.
"www.xda-developers.com contains malware. Your computer might catch a virus if you visit this site."
Its not recived on the home page or the forums but only any page located above http://www.xda-developers.com/android/
my browser has no problem with
http://www.xda-developers.com/windows-mobile
Whats going on?
there was an attack on the site I think, at least I got redirected to a malware site once when I clicked page2 on the android news section, but afaik it's all gone now
check this link, should explain all: http://forum.xda-developers.com/showthread.php?t=854561
me 2
Firefox 4.0 beta 7 also gives me a warning.
The main site, http://www.xda-developers.com/ is ok to view, but http://www.xda-developers.com/android/the-weekly-qa-week-16/ gets blocked right away.
WTF?
The site admins are aware, and steps are being taken to get the warnings removed, now the infection is gone.

Blocking Unwanted Connections with a Hosts File/block ads, banners, 3rd party Cookies

MVPS HOSTS now includes entries for most major parasites, hijackers and unwanted Adware/Spyware programs!
What it does ...
You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection(s) that supplies these little gems. The Hosts file is loaded into memory (cache) at startup, so there is no need to turn on, adjust or change any settings with the exception of the DNS Client service (see below). Windows automatically looks for the existence of a HOSTS file and if found, checks the HOSTS file first for entries to the web page you just requested. The 127.0.0.1 is considered the location of your computer, so when an entry listed in the MVPS HOSTS file is requested on a page you are viewing, your computer thinks 127.0.0.1 is the location of the file. When this file is not located it skips onto the next file and thus the ad server is blocked from loading the banner, Cookie, or some unscrupulous ActiveX, or javascript file.
Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. Why? ... because in certain cases "Ad Servers" like Doubleclick (and many others) will try silently to open a separate connection on the webpage you are viewing, record your movements then yes ... follow you to additional sites you may visit.
Using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. This also helps to protect your Privacy and Security by blocking sites that may track your viewing habits, also known as "click-thru tracking" or Data Miners. Simply using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection".
In case you're wondering ... this all happens in microseconds, which is much faster than trying to fetch a file from half way around the world. Another great feature of the HOSTS file is that it is a two-way file, meaning if some parasite does get into your system (usually bundled with other products) the culprit can not get out (call home) as long as the necessary entries exist. This is why it's important to keep your HOSTS file up to Date. How to get notified of MVPS HOSTS updates.
How to get notified of MVPS HOSTS updates.
This download includes a simple batch file (mvps.bat) that will rename the existing HOSTS file to HOSTS.MVP then copy the included updated HOSTS file to the proper location. For more information please see the Windows version that applies to you ...
Windows 8 requires special instructions - over there see here
Windows 7 requires special instructions - over there see here
Win Vista requires special instructions - over there see here
Manual Install Method - Unzip in a "temp" folder and place in the appropriate installed location:
If you are having trouble downloading or extracting the HOSTS file [click here]
Note: the below locations are for the typical default paths, edit as needed.
Windows 8/7/Vista/XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows DNS Client Service
In most cases the DNS Client Service is not needed, it is recommended to turn it off. These instructions are intended for a single (home-user) PC. If your machine is part of a "Domain", check with your IT Dept. before applying this work-around. This especially applies to Laptop users who travel or bring their work machines home. Make sure to reset the Service (if needed) prior to connecting (reboot required) to your work Domain ...
To resolve this issue (manually) open the "Services Editor"
Start | Run (type) "services.msc" (no quotes)
Win8 users - Control Panel > Administrative Tools > Services
Scroll down to "DNS Client", Right-click and select: Properties - click Stop
Click the drop-down arrow for "Startup type"
Select: Manual (recommended) or Disabled click Apply/Ok and restart.
My recommendation easy way to do it:
Hostsman includes an option to turn off the DNS Service [screenshot]
Workaround for using the MVPS HOSTS file and leaving the DNS Client service enabled (set to: Automatic)
If you find after a period of time that your browser seems sluggish with the DNS Client service enabled you can manually flush the DNS cache
Close all browser windows ... open a "Command Prompt" from the Start Menu > All Programs > Accessories > Command Prompt
Win8 users - Charms Bar > Search > (type) command prompt > Select: Command Promt (left pane) Ok the UAC prompt
(type) ipconfig /flushdns (press Enter) Then close the Command Prompt ...
A better Win8/7/Vista/XP workaround would be to add two Registry entries to control the amount of time the DNS cache is saved. (KB318803)
Flush the existing DNS cache (see above)
Start > Run (type) regedit
Win8 users - from the Charms Bar, select: Search (type) run and select Run (left pane) and (type) "regedit" (no quotes)
Navigate to the following location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Click Edit > New > DWORD Value (type) MaxCacheTtl
Click Edit > New > DWORD Value (type) MaxNegativeCacheTtl
Next right-click on the MaxCacheTtl entry (right pane) and select: Modify and change the value to 1
The MaxNegativeCacheTtl entry should already have a value of 0 (leave it that way - see screenshot)
Close Regedit and reboot ...
As usual you should always backup your Registry before editing ... see Regedit Help under "Exporting Registry files"
P.S IT'S NOT MY WORK I JUST SHARE WHAT I FOUND SO PLZ SUPPORT DEVELOPER (MAIN WEB PAGE) IF YOU FOUND IT USEFULL
P.S 2 YOU AND ONLY YOU RESPONSIBLE FOR WHAT YOU DOING WITH YOUR PS
P.S 3 FEEDBACK AND TUBS UP IS REQUIRED
or use adblock for firefox and chrome and tracking lists in internet explorer (which also works on RT) rather than download dodgy 3rd party files with no source code which could just as easily be malware.
SixSixSevenSeven said:
or use adblock for firefox and chrome and tracking lists in internet explorer (which also works on RT) rather than download dodgy 3rd party files with no source code which could just as easily be malware.
Click to expand...
Click to collapse
Or you can just download it, check it and stop posting useless warnings. Although, not sure if you're able to decompile it.
Useless guy said:
Or you can just download it, check it and stop posting useless warnings. Although, not sure if you're able to decompile it.
Click to expand...
Click to collapse
Useless warnings? Come back to me when your computer is ridden in malware from carelessly downloaded files in a few months time.
Guys, calm down. @SixSixSevenSeven is right, though. I'd rather not download any weird files and copy them to my system32 directory, especially if there isn't any source available.
And anyways, isn't discussing this stuff against the rules?
You know, because we're all kinda developers and stuff, and that's how we make our money?
That host file is the exact same method used by android. There no compiling/decrypting/program or malware included. Is a text file ?
Thanks OP, it works as intended. Blocks all ads successfully.
D.O.C said:
That host file is the exact same method used by android. There no compiling/decrypting/program or malware included. Is a text file ?
Thanks OP, it works as intended. Blocks all ads successfully.
Click to expand...
Click to collapse
Yes, it may be the same method, but the hosts files are open source and you have open source apps which do the installation for you.
And I still think this thread is against the rules. ..
Sent from my GT-I9505 using XDA Premium HD app
http://someonewhocares.org/hosts/
Here's the host file I use. Works pretty good - no need for Android apps or anything.
Beatsleigher said:
Yes, it may be the same method, but the hosts files are open source and you have open source apps which do the installation for you.
And I still think this thread is against the rules. ..
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Against what rules
vasiaeva said:
Against what rules
Click to expand...
Click to collapse
Against the XDA rules, which you read and accepted as you created your account
Sent from my GT-I9505 using XDA Premium HD app
Beatsleigher said:
Against the XDA rules, which you read and accepted as you created your account
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Don't worry about XDA there is admins army who watch for that...
But i like you sense of humor :good:
Beatsleigher said:
You know, because we're all kinda developers and stuff, and that's how we make our money?
Click to expand...
Click to collapse
I don't see any developers here
Useless guy said:
I don't see any developers here
Click to expand...
Click to collapse
Thanks man. I guess you don't see me...
Sent from my GT-I9505 using XDA Premium HD app
Guys, there is nothing wrong with this - it's been going on for years in this exact format. Any ad-blocker that you use (apart from browser extensions/add-ons) will use this method.
The hosts file (yes, located in a sub-directory of System32 ) is what your PC looks at for address translation. It's a text file, so you can open it in a text editor (even notepad will do it) and check it there, but other than being used to translate domain names to IP addresses it is not in any way active.
If you're concerned about it I suggest you don't use it. If you're curious about it then open the hosts file and look at the contents. Other than that, it's nothing to worry about.
Beatsleigher said:
Yes, it may be the same method, but the hosts files are open source and you have open source apps which do the installation for you.
And I still think this thread is against the rules. ..
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
I really don't know what you are talking about, OP just shared a method to block ads, no application discussion whatsoever, never stated it was a "only method" or anything like it. You are definitively successful at changing topics though.
and BTW, it is not against forum rules.
The only thing that could possibly be against the rules is the fact that ads are getting blocked - but AFAIK XDA has nothing about that.
Perhaps you don't like how it uses a closed source utility (which is actually open source)? Well then you might not like 90% of ROMs on this site - for all we know they set all the text we type in to some Chinese servers.
SilverHedgehog said:
The only thing that could possibly be against the rules is the fact that ads are getting blocked - but AFAIK XDA has nothing about that.
Perhaps you don't like how it uses a closed source utility (which is actually open source)? Well then you might not like 90% of ROMs on this site - for all we know they set all the text we type in to some Chinese servers.
Click to expand...
Click to collapse
What? Dude. I'm a dev myself. I don't care if somethings closed source, as long as it has good enough documentation or unless I know exactly what the program's for...
And for all I know, from the IP address of the XDA servers, they're based in America. The only Chinese servers used in XDA are those of Chinese people wanting us to download their ROMs.
And I don't know what the OP uploaded, as far as U knkw it's a text file. But even text files can contain viruses, just like pictures can, which is why I'm not downloading it and think it could be against the rules. But never mind. If you want to download it, go ahead. I'm not and I'm using AdBlock Plus, which I built from source.
Sent from my GT-I9505 using XDA Premium HD app
Beatsleigher said:
What? Dude. I'm a dev myself. I don't care if somethings closed source, as long as it has good enough documentation or unless I know exactly what the program's for...
And for all I know, from the IP address of the XDA servers, they're based in America. The only Chinese servers used in XDA are those of Chinese people wanting us to download their ROMs.
And I don't know what the OP uploaded, as far as U knkw it's a text file. But even text files can contain viruses, just like pictures can, which is why I'm not downloading it and think it could be against the rules. But never mind. If you want to download it, go ahead. I'm not and I'm using AdBlock Plus, which I built from source.
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
You misunderstood me. I'm saying that closed source software could always have backdoors, even if it comes from XDA users.
Even if somebody did find an exploit that somehow executed code in a .txt file, they wouldn't be using it one some kids wanting to block ads, they'd make a lot of cash either by reporting that bug to Microsoft or by selling it on a black market.
Beatsleigher said:
What? Dude. I'm a dev myself. I don't care if somethings closed source, as long as it has good enough documentation or unless I know exactly what the program's for...
And for all I know, from the IP address of the XDA servers, they're based in America. The only Chinese servers used in XDA are those of Chinese people wanting us to download their ROMs.
And I don't know what the OP uploaded, as far as U knkw it's a text file. But even text files can contain viruses, just like pictures can, which is why I'm not downloading it and think it could be against the rules. But never mind. If you want to download it, go ahead. I'm not and I'm using AdBlock Plus, which I built from source.
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Mannn I didn't upload anything. If you check the link in OP its brings you to another XDA thread. Better double check before you say something that you don't now . ..
Sent from my SPH-L900 using Xparent Skyblue Tapatalk 2
vasiaeva said:
Mannn I didn't upload anything. If you check the link in OP its brings you to another XDA thread. Better double check before you say something that you don't now . ..
Sent from my SPH-L900 using Xparent Skyblue Tapatalk 2
Click to expand...
Click to collapse
There is a reason I donb't click on links like that. That is (mainly) because my laptop's dead and I'm using my mum's, which is a really cheapy-sh*tty thing which doesn't even support NX from sides of the CPU (Which means it can't run Windows 8 and/or 8.1).
And the other reason being: I don't trust any files which I, myself, downloaded from somewhere you can't always trust where someone wants me to copy it to my system path.
So, no. I won't check things out that 'I don't know'.
And what was the point of this thread, is if only leads to a different thread?

malicious impersonator of xda

I just stumbled on this malacious impersonator/mirror of xda, maybe you can take steps against it with the hosting provider. I have replaced the tt in http with xx to make the link non clickable as the site contains malware: hxxp://forum.datadevelopement.com/
@bitpushr
Thanks guys, another proxy site. They are blocked.
bitpushr said:
Thanks guys, another proxy site. They are blocked.
Click to expand...
Click to collapse
they are not a proxy, they impersonate XDA to spread malware. They copy all our posts and articles (or intellectual property), some of which have our real names attached to them, to spread malware (in our names) you should contact the authorities and at least the hosting provider and domain registrar
godutch said:
they are not a proxy, they impersonate XDA to spread malware. They copy all our posts and articles (or intellectual property), some of which have our real names attached to them, to spread malware (in our names) you should contact the authorities and at least the hosting provider and domain registrar
Click to expand...
Click to collapse
I would love to have the authorities go after them, but from experience they are not very interested in people like this. They use multiple hosting providers and multiple IPs to essentially fetch our site and automatically inject their own ads (and malware). It's a proxy and we are able to track which IPs they connect from, and block those IPs.
There are a few pages thay they cache and are still serving but typically they will shut down the site in a few hours.
Came across this thread when searching the above website. I am also seeing that the website is now showing up on xda aswell. If you do a search for the site name there are 193 results. Luckily my firewall blocked the website but, others may not be so lucky. Just wanted to give a heads up so the links can be removed or somehow sanitized.

Using Alternative Browsers

Does XDA support Chromium-based browsers such as Vivaldi? For the last few weeks, every time I attempt to access XDA with Vivaldi, I keep getting redirected to the mobile page.
Steps to reproduce:
1. Install Vivaldi from vivaldi.com.
2. Start Vivaldi by clicking on its desktop icon.
3. Navigate to http://forum.xda-developers.com/nexus-6 (or any other forum on XDA.)
Expected result: The information on the left side of the page regarding the features of the Nexus 6 as well as the XDA Portal threads beneath it should display. When reading a thread, avatars and signature graphics should be displayed. In addition, it should be possible to view who has thanked a given post.
Actual result: The information on the left side of the page is replaced by a large black space. When reading a thread, avatars and signature graphics do not appear, and it is not possible to see who thanked a given post.
Currently I have a user agent switcher in place so that Vivaldi functions correctly on the site. But if it is possible to fix things, please do so.
Using the same browser, have the same problem. XDA is displayed as mobile website until I change the user agent.
xda runs fine on vivaldi on my computer. i don't see any problems.
XDA uses the https://github.com/serbanghita/Mobile-Detect library for detecting mobile browsers. If you are having an issue with your browser being detected as mobile, you should request that your user agent be added so that it can be properly recognized as a desktop browser.
Can confirm this issue happening on the latest stable and developer releases of Vivaldi (1.3+ 64-bit). Oddly enough, this doesn't happen on any other Chromium-based browser I've tried. Will send a request to the developer of that PHP class.
EDIT: Thanks for mentioning the User-Agent switcher extension. Fixes the problem entirely!
laith8123 said:
thx xda
Click to expand...
Click to collapse
Thank you for your very constructive message. It helps us a lot.
Deleted

Why is this website so slow to load?

What is wrong with xda-developers.com?
It taskes like more than 15 seconds to load pages.
The delay occured when xda switched to https (At least for me)
Try changing your theme or browser, see if that makes a difference
kuromusha38 said:
What is wrong with xda-developers.com? It taskes like more than 15 seconds to load pages.
Click to expand...
Click to collapse
DSA said:
The delay occured when xda switched to https (At least for me). Try changing your theme or browser, see if that makes a difference
Click to expand...
Click to collapse
I can't state for sure but, in addition to what @DSA had stated...
I think that it does stem from the XDA Server switching to Https but, the advertising as well as other items that the web page loads may be via Http.
If so, then this is what's called "Mixed Content/Mixed Domains" whereas the website loads content not only from the XDA Server but, content from other, outside the XDA Server, URL's using both the Https, Http, and possibly others.
Maybe @bitpushr, @Wood Man or @MikeChannon (or another Admin) can confirm, deny or just state that I've won the "XDA Official Nut Case Award"... LMAO!
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.
Ibuprophen said:
I can't state for sure but, in addition to what @DSA had stated...
I think that it does stem from the XDA Server switching to Https but, the advertising as well as other items that the web page loads may be via Http.
If so, then this is what's called "Mixed Content/Mixed Domains" whereas the website loads content not only from the XDA Server but, content from other, outside the XDA Server, URL's using both the Https, Http, and possibly others.
Maybe @bitpushr, @Wood Man or @MikeChannon (or another Admin) can confirm, deny or just state that I've won the "XDA Official Nut Case Award"... LMAO!
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.
Click to expand...
Click to collapse
Yup, there are multiple reasons including the ones you mention, but add to that the high volume of Users we have and the ever increasing size of our databases and a highly customized version of vBulletin. We have been aware of load times and it is always a focus for the Server Admins. The site has evolved and been added to with many non standard additions and we're at the limits of vBulletin, but like I say we do always have plans and have done things over time to improve things.
Mike
We monitor load times constantly, usually based on our metrics pages should be loading within 1 or 2 seconds - with the ads there is sometimes a delay of up to 15s for a 'full' page load. Those external assets are mainly out of our control and can be removed by purchasing XDA ad free.
Regarding https - we made this switch over a year ago - there is no noticeable difference in load time based on switching to https. Actually, right after the move to https we were able to upgrade to http2 which allows the browser to load multiple assets in parallel faster and should actually have sped up the site for most people.
As @MikeChannon stated XDA is based on older forum software. At our size it slows down noticably, and in particular if you have a lot of threads/posts, subscriptions and that sort of thing. For logged out users we already cache a ton of things, making the site very fast. We are in the process of rewriting the backend to make this faster for everyone. At present, the first time you load the page after a while we need to cache some user-specific items and this can delay page loading a few seconds.
@bitpushr & @MikeChannon, how does the the loading of XDA via the PC/Android Browser affected when the XDA server is accessed by way of other methods like the Tapatalk website as well as the various Apps too?
I mean the load on the Server Accessing the XDA Server using other methods besides using the traditional xda-developers URL from a browser.
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.
Ibuprophen said:
@bitpushr & @MikeChannon, how does the the loading of XDA via the PC/Android Browser affected when the XDA server is accessed by way of other methods like the Tapatalk website as well as the various Apps too?
I mean the load on the Server Accessing the XDA Server using other methods besides using the traditional xda-developers URL from a browser.
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.
Click to expand...
Click to collapse
Overall there is no impact, but each method has its own benefits/drawbacks. For example, I know when Tapatalk is first loaded - it loads all forums and is very slow to load.
bitpushr said:
Overall there is no impact, but each method has its own benefits/drawbacks. For example, I know when Tapatalk is first loaded - it loads all forums and is very slow to load.
Click to expand...
Click to collapse
I see...
I wasn't sure of the impact on the server between the Apps and other sources and the typical browser access.
I've got a feeling that a percentage of members/guests accessing the forum via the browser is getting smaller and smaller as more and more members/guests are using Apps and other sources like the Tapatalk website.
Or is this percentage not something that has been looked at much?
~~~~~~~~~~~~~~~
I DO NOT provide support via PM unless asked/requested by myself. PLEASE keep it in the threads where everyone can share.
bitpushr said:
- with the ads there is sometimes a delay of up to 15s for a 'full' page load. Those external assets are mainly out of our control and can be removed by purchasing XDA ad free.
Click to expand...
Click to collapse
So unless we buy ad free, long load times are a thing..
Yeah but I have Ublock installed, so ad shouldn't be an issue then. Still slow

Categories

Resources