This morning I had an email warning from from facebook due to an autopost failure from a WordPress blog:
Array ( [0] => Array ( [date] => 2016-01-16 12:18:48 [act] => Error [msg] => -=ERROR=- Array ( [Warning] => [Error] => Your message couldn’t be sent because it includes content that other people on Facebook have reported as abusive. ) [extInfo] => | PostID: xxxx – Iran: “American sailors started crying after arrest” |im [type] => E [nt] => Facebook – BlogName ) )
Very odd as this blogger is very cautious on the content of posts, as they are often targeted for mass reporting, to leverage FaceBook’s automated blocking/banning feature, where they act on the reports if there are enough of them without manually checking if their valid. But this post really was benign, so I went to share the post manually, and I was surprised to see this warning.
You can’t post this because it has a blocked link
The content you’re trying to share includes a link that our security systems detected to be unsafe:
http://jihadwatch.org/wp-content/uploads/2016/01/us-sailors-held-by-iran.png
Please remove this link to continue. If you think you’re seeing this by mistake, please let us know.
Unsafe? how? well it’s true that a PNG can carry malware, incredibly rare but doable, of course if this is the case this concerned me doubly, how did the anti-virus software on the bloggers machine not pick it up as any AV software should, and secondly, how could the firewall have missed it, as even from a whitelisted IP, it should never allow that.
So I looked at the raw code in the PNG, malware sticks out like a sore thumb, tagged onto the end of the file, being pretty much the only clear text when you open in a text editor. Nothing there, so possible that some unusual combinations of characters in the PNG code match some part of a known virii signature, so I scanned here which checks 66 AV databases.
So whats going on, for sure the files is clean, and there is no reason for a “false positive”, I see them a lot where security is so tight, stuff gets blocked that shouldn’t be.
So I made a report to FaceBook, and luckily within a couple of hours the block was lifted.
Posting this now incase we start to see more of this, while this may not be an attempt at censorship, this can’t be due to mass reporting, as there is just no option to report an image as having malware on facebook, many other options, but not that, the simple reason being, it would be so simple for them to scan the image on upload, which I have confirmed they do.
I have been trying to log in to your site for 2 days and as soon as I click on the login button it opens a blank page and nothing happens. I left it on that page for at lest 20 min. Please let me know if the log in is working. If it is working, others my not like what I have to say and they are blocking me. My email is
I do get to your web site with no problem.
Thanks
We’re not blocking you,
Try clearing your cache and checking you have javascript enabled, more details here
https://freespeechdefense.net/2015/05/browser-issues-with-javascript-ddos-protection/
Please let me know how you get on?