ABE request for opendesigns website

[klj]

Using noscript on firefox 35, xubuntu trusty

Go to encrypted.google.com, searched for opendesigns website https://encrypted.google.com/search?q=opendesigns
thenk click on opendesigns.org (first result) and ABE pops up

other links are working.

Seems very strange to me, but maybe it's just a bug?

[barbaz]

Not seeing it here on SeaMonkey 2.32 (like Firefox 35) on a "Xubuntu-ified" Lubuntu Trusty...
It could be a temporary network glitch. If it still happens, could you please post your NoScript version and the output of running

Code: Select all

nslookup www.opendesigns.org

in a terminal?

[klj]

Still the same error, and

Name: www.opendesigns.org
Address: 184.173.94.2

Anyway, I tried in a xubuntu vm, with just firefox 35 and noscript and it works.
I'm using also adblock, requestpolicy, cookiemonster, refcontrol, tabmixplus, downthemall and other addons, maybe the "bug" happens only when interacting with something else

Thank you for your help investigating this issue

[barbaz]

WARNING: The following information assumes that your VM is easily restorable to a working state!!! Don't proceed with this advice until it is!

Anyway, I tried in a xubuntu vm, with just firefox 35 and noscript and it works.
I'm using also adblock, requestpolicy, cookiemonster, refcontrol, tabmixplus, downthemall and other addons, maybe the "bug" happens only when interacting with something else

OK let's see if we can reproduce in your VM / test environment (you're using VM snapshot right?) with application of a bit of a hammer.
Try shutting down both Fx in real xubuntu and xubuntu VM, then copy the entire profile directory from broken real machine into working xubuntu VM, then start Fx in xubuntu VM. Do you get the problem then?
If *not*, can you try shutdown Firefox and clear the DNS cache on the broken machine?

If you can reproduce in the VM with your entire profile, try the following steps, going on to the next only if it doesn't isolate the cause:
1) Disable all extensions other than NoScript. If that doesn't get it then outright remove them (again, leaving NS installed and enabled).
If it works then add them back one by one, to find the culprit.
2) Shut down Fx, then move the prefs.js file (and user.js, if it exists) in your profile somewhere else. If that doesn't solve it try that again with all your extensions (other than NS) disabled.
3) Repeat 1 and 2, but starting Fx from Terminal with

Code: Select all

firefox -purgecaches

each time.

Again, I'm assuming your VM is easily restorable to a working state. Do *not* do these aggressive diagnostic steps if it isn't.
Please let us know the results, thanks.

[klj]

It works with my profile in a VM, so I've found that it stopped working when I installed in the VM my custom hosts file that blocks many sites...

Sorry I just didn't think about it
It works saying that blocked sites (like opendesigns) are 0.0.0.0 , and that's local for noscript !

Found the cause, why is it blocked?
Do you find traces of malware on it?

Just because, testing my problem, I've opened it many times WITHOUT noscript and similar things

[klj]

Forgot to say thank you for your effort and sorry if the cause was quite dumb, but my /etc/hosts just autoupdates, I set that when I install my pc and then forget about it... It was quite obvious thinking again about it. If that site was redirected to 0.0.0.0 , it was from Google to LOCAL (as seen by noscript) ...

Checking reviews on that site it seems safe, anyway if you can confirm it ...

Thank you

[barbaz]

Forgot to say thank you for your effort and sorry if the cause was quite dumb, but my /etc/hosts just autoupdates, I set that when I install my pc and then forget about it... It was quite obvious thinking again about it. If that site was redirected to 0.0.0.0 , it was from Google to LOCAL (as seen by noscript) ...

Yep, unfortunately the de facto standard of using 0.0.0.0 for an "invalid address" in HOSTS files is gonna have that side effect. Giorgio blogged about it before: https://hackademix.net/2009/07/01/abe-w ... where-omg/
What puzzles me though is that in the comments, Giorgio says you're not supposed to get an ABE notification for 0.0.0.0...

Checking reviews on that site it seems safe, anyway if you can confirm it ...

I don't know how to do that... if I'm really unsure of a site I work with it inside a restorable VM and if nothing nasty happens there, the site is probably OK

Thank you

You're welcome