Uassets: Malware domain list is making political decisions

http://www.malwaredomainlist.com/mdl.php?search=kiwifarms&colsearch=All&quantity=50

Date (UTC) | Domain | IP | Reverse Lookup | Description | Registrant | ASN |  
-- | -- | -- | -- | -- | -- | -- | --
⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ | ⇑ ⇓ |  
2017/10/17_17:40 | kiwifarms.net/js/Jawsh/xmr/cryptonight-worker.js | 104.24.17.94 | - | crypto mining | - | 13335 |  

https://archive.is/5oxN5

Remove the crypto miner you're running and you may have a chance at getting the website unblocked from MDL.

It's already gone.

My community has been completely cut off at the knees by traditional monetizing services and everyone was pitching in, knowingly, willingly, to sustain the site. You have arbitrarily blacklisted it as malware for trying to survive, to the point where no new traffic using uBlock Origin can actually access the site. It's not even like with ads where you can say "hey guys turn off adblock to help! xD", it's literally warning people that the site has somehow been compromised with malware when it has not.

Whoever runs this fucking list is a sick cunt.

On Oct 20, 2017, 4:12 PM, at 4:12 PM, uBlock-user notifications@github.com wrote:

Remove the crypto miner you're running and you may have a chance at
getting the website unblocked from MDL.

--
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
https://github.com/uBlockOrigin/uAssets/issues/773#issuecomment-338310929

And apparently this list is used by colleges to populate blocklists so now people in class can't check the site without a VPN or alt domain.

The amount of unmitigated power the curator of this list has over the content of the Internet is genuinely remarkable and disturbing.

The crypto miner has indeed been removed as far as I can see.

Considering that the stated reason for the inclusion in the malwaredomainlist is crypto-mining and that
the typical user of that website will see that it is blocked in a Malware list and conclude that visiting such a site is probably not a wise decision, I am inclined to add
||kiwifarms.net^$badfilter to uBO-unbreak until the site has been removed from the malwaredomainlist, but I would like to know if @gorhill agrees before I do that.

@jaw-sh if your site uses a cryptominer and becomes part of a list because of it I will not disable such a filter.

Your demands have been acknowledged and I bow down to your online content curation powers. I will find other ways of enabling my community to continue existing. Thank you, sir, for your mercy.

You misunderstand me, I demand nothing, I have not added your site to any list.

@jaw-sh I have no problem if your site uses an opt-in crypto-miner and I do not think such a site should be blocked.

It's already gone.

Script is still here. Other pages may use it.
Maybe authedmine will work for you https://github.com/uBlockOrigin/uAssets/issues/770

That crypto-miner forces the client's CPU and other resources for its own gain and that MDL considers it as malware. You can call names and act all frustrated, it doesn't matter but when you get blacklistlisted by HOSTS file maintainers like MDL and other famous ones, it's no wonder your traffic will cut-off, as they're used whereever custom HOSTS files are used.

The JS is still present, better remove it and make an appeal to MDL and you might just get unblocked.

I am not inclined to go against what is in MDL, unless it is an obvious case of false positive (like it has happened in the past with outlook.live.com or amazonaws.com).

This is not a false positive here, the reason why kiwifarms.net is blacklisted is clearly stated in the site's database: "cryptomining" because of kiwifarms.net/js/Jawsh/xmr/cryptonight-worker.js, which is still present on the site. So best is to remove this file then maybe the maintainer(s) of MDL will agree to de-list your site.

If uBO creates an exception for one site in MDL, this opens the door for whoever is not happy to be blacklisted in MDL (or whatever other list) to come here and further burden the volunteers here to ask for a de-listing through a badfilter option. I don't want this to happen, unless this is a clear case of false positive.

This is not a uBO-specific issue as not only uBO uses MDL, so the real solution here is to clean the site to make MDL happy.

The file was cached by Cloudflare. It was deleted at the time I stated. The cache has since been purged and your demands have been met. The community has fully capitulated to your whims.

I second this. UBO should stop malware domain list.

@gorhill Do we need Malware list to be enabled by default? Most modern web browsers have malware/phishing protection built in including Chrome and Firefox which uBlock officially supports.

It can still be listed in the list of filters but I am not sure if it should be enabled by default.