There's a webpage provided by brightcloud.com where you can enter in a domain name and find out something about the dangers of downloading from that site.

And there's a website called www.sisyphusion.tk that provides (courtesy of me) pre-compiled perl packages (ppm) for MS Windows.
It was brought to my attention last week that if one went to the above-mentioned lookup page and looked up "sisyphusion.tk" then one was informed that:
1) this was a malware website;
2) in the last twelve months, one machine had been infected from this website;
3) this site was found to contain windows exploits;
4) this site posed a "High Risk".

If one went to the trouble of finding out what they meant by "High Risk", then one found:
--quote--
High Risk - There is a high probability that the user will be exposed to malicious links or payloads
--end quote--

Furthermore, it seems that at least one sysadmin actively blocks access to sites rated as "High Risk" by brightcloud.com, and prevents users from accessing those sites. (This was how I found out about the situation - a particular person wanted to 'ppm install' a certain package from sisyphusion.tk, but couldn't do so because the sysadmin had blocked access to the site - on the strength of the brightcloud.com rating. In fairness to the sysadmin, she/he also contacted me.)

And, I believe, the sysadmin was happily paying money to brightcloud.com for the service !!

Naturally, I was a little curious and sent brightcloud.com a "please explain", asking that they:
1) provide the facts upon which they had based their assertion that sisyphusion.tk was "High Risk";
2) identify the file(s) that contained the windows exploits;
3) provide me with the evidence they had that one machine had, in fact, been infected from sisyphusion.tk.

Two days later they replied:
--quote--
This was a false positive classified by one of our Automated Classifiers. We've reclassified this site to Computer Info. The changes should be available to you within 24 hours.

Thank you for bringing this to our attention.
--end quote--

So ... here we have a company happily making money out of making slanderous and defamatory assertions ... and (at least) one sysadmin happily forking out money for the snake oil provided by that company.

Seems that brightcloud.com is an American company, presumably living out the Great American Dream ("shoot first, think later").
In fairness to them, they have now repaired the rating.

Is there some body to which I can report their earlier abuse ?

Cheers,
Rob

Comment on brightcloud.com - for those who like a touch of venom with their snake oil
Re: brightcloud.com - for those who like a touch of venom with their snake oil
by marinersk (Chaplain) on Aug 13, 2013 at 15:55 UTC
    I empathize with your experience.

    I don't know how you would go about seeking repair from libel; I presume a lawsuit is the usual approach. I wouldn't expect a high probability of success in that area, but I have no experience in that space.

    I don't know how to ask this next question without sounding cheeky, but I am deadly curious and so will risk it and trust you will find the question is in earnest:

    What was the point of casting an inaccurate definition ( http://en.wikipedia.org/wiki/American_Dream )? Did it help you present the sequence of events in some way?

      Barring a pre-lawsuit settlement, a lawsuit would likely be drawn out by various delay tactics, taking several years once appeals are factored in. In other words, your chance of success is in large part contingent on having the time and financial resources to see the lawsuit through to the end.

      Update: Note that one risk in filing a lawsuit aimed at a pre-trial settlement is that if that falls through and you try to withdraw the lawsuit, it may be dismissed with prejudice, meaning you will not be able to file it again.

      Another option might be small claims court, but I do not think they handle these types of cases.

      Disclaimer IANAL, and your mileage may vary.

      Elda Taluta; Sarks Sark; Ark Arks
      My deviantART gallery

Re: brightcloud.com - for those who like a touch of venom with their snake oil
by Old_Gray_Bear (Bishop) on Aug 13, 2013 at 21:14 UTC
    For what it is worth, Brightcloud is a British company acquired by an American firm, Webroot. It would be and interesting exercise to determine which legal jurisdiction would handle a complaint.

    ----
    I Go Back to Sleep, Now.

    OGB

      If jurisdiction landed in the UK, then I believe that would work in syphilis's favor: "Under American libel law, a public figure who claims to have been libelled must prove that the statements in question are defamatory, that they are false, and that they were made with actual malice. Furthermore, reliance on reliable sources (even if they prove false) is a valid defence. In contrast, English libel law requires only that the claimant show that the statements are defamatory. The burden of proof falls on the defendant to prove that the statements were substantially true, and reliance on sources is irrelevant".

      Source: Irving v Penguin Books and Lipstadt. Note that that court case deals with denying certain horrific events occurred during WWII.

      Elda Taluta; Sarks Sark; Ark Arks
      My deviantART gallery

        My US armchair attorney senses want to ask the question, "What are his damages?" If there are no quantifiable damages (being mad doesn't count), there's no just compensation to seek.


        Dave

Re: brightcloud.com - for those who like a touch of venom with their snake oil
by ruzam (Curate) on Aug 13, 2013 at 21:51 UTC

    You got off lucky. Seriously

    I host a friend's family website on my personal webserver. No javascript, no cookies, no included links, no copied content, minimal CSS, just some basic family photos, wood working projects, etc. It's as minimal as a website can be and it hasn't been updated in years (and years). Occasionally I browse it after upgrades just to verify everything is OK with the webserver.

    Recently Firefox stopped letting me visit the site because in HUGE scary words it tells me that the site is a "Reported Attack Page!". Clicking on the "why is this page blocked" link takes me to a Google advisory, with more scary information.

    Site is listed as suspicious - visiting this web site may harm your computer.

    Part of this site was listed for suspicious activity 4 time(s) over the past 90 days.

    Of the 67 pages we tested on the site over the past 90 days, 49 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-07-21, and the last time suspicious content was found on this site was on 2013-07-21.

    Malicious software includes 11 exploit(s).

    Malicious software is hosted on 2 domain(s), including dv-suedpfalz.de/, ntrfm.com/.

    (I have no idea why those domains are listed? They have nothing to do with my hosting or the blocked website)

    I have gone over the entire website with a fine tooth comb. There is absolutely nothing malicious on it. There isn't even a file modified stamp that isn't several years old. None of my other hosted websites are flagged as malicious, so it's not the server. In short the Google advisory is completely bogus.

    How's that for a false positive?

Re: brightcloud.com - for those who like a touch of venom with their snake oil
by sundialsvc4 (Abbot) on Aug 13, 2013 at 22:17 UTC

    Furthermore, notice that there is no person to sue.   An “automatic classifier” made the call, and when you complained to a human-being, s/he responded timely.

    And, as for the tens of thousands of other companies whose sites might be similarly “auto-blacklisted,” the odds are pretty good that no harm is being done to them, because if it were, they too would have done as you did.   If the baby’s not crying, and is breathing, then presumably he is not in pain.

    And so, the company, or rather the company’s (and Google’s ...) bots, are dishing out a heaping helping of “feel-good snake oil.”   Yes, they are standing on the tower walls and calling out, “Wolf!” ... and maybe they have found a way to make money at it.   It sure did good by Peter Norton.

    “ ... and two to take him.”

      Thanks for the interesting responses, guys.

      I wasn't really contemplating taking legal action. I thought that perhaps there might be some consumer watchdog organisation somewhere that might be able to pull them into line a bit - but, as I think more about it, such a watchdog would probably be toothless, anyway.

      I thought they might have at least said "sorry", and maybe even made out that they were working hard at eliminating such slip ups.
      But, as was pointed out, brightcloud.com (or webroot) really have nothing for which to apologise. It's all the fault of that damned "Automated Classifier" - that's who *should* be apologising.

      Cheers,
      Rob

        But, as was pointed out, brightcloud.com (or webroot) really have nothing for which to apologise. It's all the fault of that damned "Automated Classifier" - that's who *should* be apologising.

        FWIW, I imagine they're just running a signature based virusscanner, and those throw up false positives all the time (they're just scanning for byte strings)

        But they should be running 30 virus/malware/scanners, if 10 or 20 flag the file, then it might be bad :) I don't think I've seen the same file flagged by more than 2 stay flagged for very long

        I wonder if from a legal standpoint apologizing might be tantamount to admitting fault.

        Elda Taluta; Sarks Sark; Ark Arks
        My deviantART gallery

Re: brightcloud.com - for those who like a touch of venom with their snake oil
by KnowZero (Initiate) on Sep 10, 2013 at 18:58 UTC
    I don't think this is limited to brightcloud. I have tried at least 3 different antivirus programs and they all label sisyphusion.tk as a malware site. For example, here is Trend Micro: http://global.sitesafety.trendmicro.com/

      I don't think this is limited to brightcloud. I have tried at least 3 different antivirus programs and they all label sisyphusion.tk as a malware site. For example, here is Trend Micro: http://global.sitesafety.trendmicro.com/

      I could tell from their malware-ish user-interface for their virusscanner that they sucked :) this is what they explain


      Is it safe?
      Dangerous: The latest tests indicate that this URL contains malicious software or phishing.
      How would you categorize this URL?
      Spam: Sites whose addresses have been found in spam messages
      Disease Vector: Sites that directly or indirectly facilitate the distribution of malicious software or source code

      The criteria is asinine -- millions of spammers since the dawn of spam use "at" google "at" nbc "at" any legitimate business or website in their spam to lend an air of legitimacy

      Then you have the weasel-words "directly or indirectly", "facilitate"... weak

      this says safe, this says safe

      I couldn't find any more websites update: searching for "at"..... I found sisyphusion.tk safe website ? Check it now which not only says its safe, it also says TrendMicro Clean NOT FOUND that means its safe, its not on the trendmicro blacklist -- among 26 others (27 total) -- thats a contradiction

      I have tried at least 3 different antivirus programs and they all label sisyphusion.tk as a malware site

      Thanks for the notification. I've submitted a re-classification request to Trend Micro.
      Could you identify the other fuck-brained maggots you found so that I can request re-classification with them, too ?

      Cheers,
      Rob