Safe Browsing troubles.

This site is currently being reported as phishing by Google Safe Browsing. It isn't.

A picture of Vivaldi showing a big, red, scary warning about phishing on this website.
Well, you've probably seen this if you use Chrome. If you haven't, this is what Chrome users see when visiting.

What happened?

A few days ago, while trying out Vivaldi as a browser, I got a Safe Browsing alert for this website. I thought it was an error at first: maybe the Safe Browsing API returned a wrongly interpreted error.

I went to check whether that was the case: I tried the Safe Browsing Transparency Report and indeed got the following beautiful message.

The site mbmjertan.xyz contains harmful content, including pages that:
  • Try to trick visitors into sharing personal info or downloading software

I tried appealing it in the Search Console, which I signed up to for that purpose, but to no avail. The only thing that changed after requesting rereview was that Sample URLs for deceptive content were no longer N/A, but https://mbmjertan.xyz. Does this imply that Google is claiming that my CV is deceptive content? šŸ¤·

I also submitted false positive reports to Safe Browsing directly, and asked my friends to do the same. As is Google tradition, there is no contact info for the Safe Browsing team. A confusing choice for a service that can obliterate you from the Internet. I also reached out to a familiar person at Google, and slid into the DMs of the Head of Product for Google Security, Cy Khormaee on LinkedIn to see if I could bring this to the Safe Browsing team's attention somehow or resolve it. I'm still awaiting a reply from either of them. I'm also pretty aware that this isn't a unique position. Maybe I should have waited for a reply longer, however...

In the meantime, an IP address registered to Google visited this website today (2023-06-25). Incidentally, the Transparency Report also shows that Google last evaluated this decision today, while still showing the alert for mbmjertan.xyz. This suggests that someone at Google really thinks there is deceptive content on the front page of this website - I'll let you be the judge of that yourself.

Initally, I thought this was a simple classifier error, but given the circumstances, I am not sure what is going on.

It's really a weird feeling when the world's fourth largest company claims you're a scammer to anyone who tries to read your website online. I have applied to jobs with this website linked, not knowing this was occurring. I can't begin to describe my shock here. This could run a retailer or a webshop to the ground. There are no actually meaningful ways to get in touch with a service that can cause immense harm to your or your businesses reputation and trustworthiness - in similar ways that defamation can, while coming from one of the most powerful entities the world has ever known.

There have been many stories of false positives in Safe Browsing negatively impacting small website (business) owners, and mine isn't special. I'm just sharing this in the interest of transparency, to reflect on my own thoughts on this, and to let visitors know what's going on. As a visitor, please trust me that I do not want do decieve you in any way.

Have you been hacked?

I don't think so. This domain hosts four services: this website, which is static with a dash of PHP to allow for building components and fancy routing; a Phabricator instance I set up a few days ago to play around with and that's private; two WordPress staging environments, both not indexed and neither showing any traces of compromise. The same applies for the server itself, it shows no signs of any unauthorized access. I couldn't find anything hosted here that would be deceptive in any way.

This site has never served any sort of deceptive content, and has always served only as a CV/blog/playground - take a look around the Wayback Machine.

If you find any deceptive content or indicators of compromise, please email me and I'll do my best to resolve the issue ASAP. Otherwise, please consider reporting this as a false positive on Safe Browsing at your own discretion.

Regarding your privacy on this website. This website is self-hosted by myself and doesn't contain any third-party scripts. Only server access logs are being collected, which are rotated every 90 days. They give me a sense of how much traffic this site is getting, but otherwise aren't used. The site's hosted in the EU. Fonts are loaded from Google Fonts and rsms.me's CDN, which is powered by CloudFlare. If this is the sort of thing that bothers you, you might want to consider blocking those URLs, or reach out to let me know that you mind this and I'll consider replacing them with self-hosted versions. This comes at the cost of performance, so I've avoided doing this as it doesn't seem to bother people. Otherwise, this site is entirely built with privacy in mind, and does not store cookies of any kind or collect any personal data apart from what was already described. Hope you enjoy your stay.