[SAC] Malware alarm: QGIS, ... sites

Hamish hamish_b at yahoo.com
Fri Aug 7 18:20:29 PDT 2015


Markus wrote:

>>  Attackers on www.qgis.org might attempt to trick you into installing
>>  programs that harm your browsing experience (for example, by changing
>>  your homepage or showing extra ads on sites you visit).


Martin Spott:> Is this an outcome of Google's new strategy to enforce the use of SSL
> encryption or do OSGeo's sites indeed contain malicious content ?


I'd find that pretty hard to believe, based on the text of the error message and other collateral damage that would be happening on the wider net. Short of other information we need to take them on their word that there are links to some nasty site on a wiki or else where. Frustrating they don't give you a clue what it is!

Likewise if links to github users' content was really triggering the warning surely the internet would be alight. Unless that's a typo-squat.
I guess we could try removing those links and see what happens.

Is the qgis wiki hosted within the same domain?

Any other scanning option?


regards,
Hamish
(ps- Hi everyone :)


More information about the Sac mailing list