This morning I had an email warning from from facebook due to an autopost failure from a WordPress blog:

Array ( [0] => Array ( [date] => 2016-01-16 12:18:48 [act] => Error [msg] => -=ERROR=- Array ( [Warning] => [Error] => Your message couldn't be sent because it includes content that other people on Facebook have reported as abusive. ) [extInfo] => | PostID: xxxx - Iran: "American sailors started crying after arrest" |im [type] => E [nt] => Facebook - BlogName ) )

Very odd as this blogger is very cautious on the content of posts, as they are often targeted for mass reporting, to leverage FaceBook’s automated blocking/banning feature, where they act on the reports if there are enough of them without manually checking if their valid. But this post really was benign, so I went to share the post manually, and I was surprised to see this warning.


FB-share-post-warningYou can't post this because it has a blocked link
The content you're trying to share includes a link that our security systems detected to be unsafe:
Please remove this link to continue.
 If you think you're seeing this by mistake, please let us know.

Unsafe? how? well it’s true that a PNG can carry malware, incredibly rare but doable,  of course if this is the case this concerned me doubly, how did the anti-virus software on the bloggers machine not pick it up as any AV software should, and secondly, how could the firewall have missed it, as even from a whitelisted IP, it should never allow that.

So I looked at the raw code in the PNG, malware sticks out like a sore thumb, tagged onto the end of the file, being pretty much the only clear text when you open in a text editor. Nothing there, so possible that some unusual combinations of characters in the PNG code match some part of a known virii signature, so I scanned here which checks 66 AV databases. 

BBB-MacD1So whats going on, for sure the files is clean, and there is no reason for a “false positive”, I see them a lot where security is so tight, stuff gets blocked that shouldn’t be.

So I made a report to FaceBook, and luckily within a couple of hours the block was lifted. 

Posting this now incase we start to see more of this, while this may not be an attempt at censorship, this can’t be due to mass reporting, as there is just no option to report an image as having malware on facebook, many other options, but not that, the simple reason being, it would be so simple for them to scan the image on upload, which I have confirmed they do.

2 Responses to “False security warning on a PNG file at FaceBook”

  1. Ray McKee

    I have been trying to log in to your site for 2 days and as soon as I click on the login button it opens a blank page and nothing happens. I left it on that page for at lest 20 min. Please let me know if the log in is working. If it is working, others my not like what I have to say and they are blocking me. My email is
    I do get to your web site with no problem.

Leave a Reply


January 16th, 2016

False security warning on a PNG file at FaceBook

This morning I had an email warning from from facebook due to an autopost failure from a WordPress blog: Array […]

November 4th, 2015

using a VPN to bypass censorship in Quebec – Bill 59

It’s where Kafka meets Orwell’s 1984, all I can say is, I am lucky not to be in Quebec, and I […]

November 4th, 2015

Setup your own VPN server

VPN offer far more security than the proxy servers which most people are used to using, when using commercial paid for […]

June 25th, 2015

Are Fake Virus Warnings a new method to disrupt Free Speech

This has been driving me nuts, Avast, an Anti-Virus product, I have in the past recommened have been flagging […]

June 12th, 2015

False Positive Virus Warnings

These were a surprise for me this morning, I have a dozen emails from some very worried visitors to […]

June 4th, 2015

Hacking for Jihad

David Merkel, CTO of FireEye, a leading IT security firm, has confirmed what I already knew for years, there are a […]

May 31st, 2015

How secure is Skype?

There is no doubt that the NSA have the ability, resources and approval from Microsoft to listen in on any […]

May 19th, 2015

Major win for Free Speech

Google not required to remove ‘Innocence of Muslims’ video. This was a great win for freedom of speech online, and kudos to […]

May 18th, 2015

Browser Issues with Javascript DDoS Protection

Often when a site is under DDoS attack, one of the popular methods of repelling it (at the application layer) is […]

May 3rd, 2015

UK – The Computer Misuse Act 1990 Amended to include Life Sentence

As of today 3rd May 2015, The Computer Misuse Act 1990 has been amended to include a life sentence in […]