In 2010 people who read my blog told me all of a sudden McAfee corporate anti-virus software was saying my site was evil and wouldn't let people read it. I was curious why. It's just a blog. As far as I know, there never has been software on this site that justified such a label. #- Here's the story. One day, I had the whole site in a folder on a local disk, and thought, why not zip this up and make it a download on the site. Maybe someday in case there's a failure on my server, in the 23rd Century perhaps, it might be nice to have a few spare copies out there. Or someone might think of something neat to do with it today. I figured there weren't too many archives that linked-out as much as mine does, that go back as far as it does. #
- There were actually a few of these files, and a DLL for Frontier and a zip file containing Frontier 4.2.3, a long-lived release for the Mac from the mid-90s. Widely deployed. Curiously Frontier and the DLL are the files I would have been most concerned about, but they gave them a low "annoyance level." The others, which really freaked them out, were zip files containing HTML and OPML files. Obviously harmless, but you'd have to look inside the archive to see that, I guess. Here's the writeup.#
- McAfee, on crawling my site, saw a zip file, and without looking inside, figured I was doing something bad, and kept their customers out of the whole site. When I contacted them, they said basically what Google says about HTTPS, you can get rid of the problem by getting rid of the file. I said no no thanks. I am not going to let a mindless bot tell me what I can and can't write. What comes next? Will it be considered malware to criticize the government? And will Google, next year, consider criticism of Google to be "not secure?"#
- I'd rather not even take the first step down that slippery slope. We know how this goes. Feeling empowered, Google will want to exercise more control. AMP is a good example. I don't support that either. They took over RSS readers, and then dumped the users. Was that benign or malicious? It doesn't matter, the net-effect is the same. They are royalty and we are subjects. I know programmers get that way. I've seen it over and over. They know, without looking, better than everyone else, what's best for us. They don't. But that doesn't stop them from acting on the belief that they do.#
- My policy: When in doubt, basic 1990s web functionality is fine for me. If they don't want to let their users read my site, that's okay. The workaround is easy. Get a different browser. 🚀#
- PS: McAfee apparently fixed the problem. They now say scripting.com looks safe. That's right. They could have even said "It's even worse than it appears" and I would have been okay with that. Just don't say I'm malicious unless you can prove it (and you can't, I'm not).#
