Friday, October 09, 2009

Warning Messages

A couple of people have contacted us recently to say they are getting warning messages when they visit this site. There are two possibilities: malicious code has been inserted on our web server, or the users reporting this have a virus on their personal computer. So far the people who reported it have found viruses on their computers, which are not necessarily related to this site.

I have taken the precautions I can to assure that there is nothing dangerous here, changed the ftp password, etc., and don't see any HTML code that looks suspicious, but of course I can't swear that no one has hacked some code here.

Please do us a favor. If you are browsing the blog, or any pages at TTF and you get a warning message, will you please let us know? Easiest is to put a comment on this post. If you can copy the message, that's helpful. If you want to include more information you can email us at and let us know what you see. And if you are one of our "Anonymous" commenters, don't worry, we won't tell anybody who you are. Two of us get that email and we will protect your privacy (of course we already know who some of you are!).

I am pretty sure the problem is on the user's end, but there is some nasty stuff out there and I'd like to be absolutely sure we are not hosting something bad. Please help us out.

BTW, if people post unrelated comments on this thread, I'm going to delete them. This post is here for one reason only.

[Update Friday 9PM. A couple of more people have emailed with similar stories. Norton's SafeWeb and McAffee's Site Advisor site say we're safe. I have hand-picked through all the code; I found a couple of "interesting" spam comments, maybe those were a problem, they're gone now. I will keep looking and updating what I find -- please keep reporting incidents. JimK ]

[ Update Saturday 1:30PM. I have scanned the files numerous times with various checkers, and have scanned my own PC several different ways, and found nothing worse than a few tracking cookies on my computer.

One comment thread here triggered several warnings, and that one had two comments where the users' names were linked to web sites. I think those links might have triggered the warning messages. If you notify us that you're having a problem, please specify what screen you were looking at. At this point it appears that there is a new kind of spam on Blogger sites that may set off some security software. It is not really a threat (unless you click on it, though those two were nonthreatening links), just your computer being extra-careful. I will continue to investigate. JimK ]


Anonymous Aunt Bea said...

Thanks for this info, Jim.

When I tried to post a comment earlier today, I got this message:

Suspicious Web Page Blocked

For the past two weeks or so, I have gotten similar warnings a few times when clicking on a link to make comments. I found a virus last week, but have been virus free since then.

October 09, 2009 6:02 PM  
Anonymous deluxe said...

I've been getting similar messages the last few weeks when I log in, every few days and always when I go to TTF.

When I try to escape, it starts a scan. And a web site for finding "sexual partners" starts up.

I just do CONTROL-ALT-DELETE and use task manager to close it down and then immediately delete all temporary files and cookies.

I've had my IT guy look at it a couple of times and he hasn't found anything unusual.

Next time it comes up, I'll get more precise information.

October 10, 2009 4:37 AM  
Blogger Orin Ryssman said...

FWIW, both Norton's SafeWeb and McAffee's Site Advisor are held in low least among the pc techs I work with...

October 10, 2009 9:09 AM  
Blogger JimK said...

Orin, I'm not surprised. If you can recommend a better service I'd like to know. I found two spam comments on one thread that had triggered several of these warnings, the users names were linked to business URLs but they were not malicious -- I deleted them. If someone has inserted code into the blog's HTML, I don't see it; there must be some sort of site that can crawl our web pages and look for bad code.

I appreciate the feedback -- we got several emails, as well as comments here. Still not clear if the problem is here, or on the user's machine.

Please keep reporting to us. Thanks.


October 10, 2009 9:16 AM  

Post a Comment

<< Home