GitHub disabled adguard filters repository

GitHub disabled adguard filters repository(twitter.com)

90 points by siproprio 1 year ago | 37 comments

ameshkov 1 year ago |

The issue is resolved now, the repo is available again.

We have not received any response to the support case that we opened, but we assume that it was a false positive of some automatic algorithm.

As a consequence of this we're going to set up a mirror outside Github so that the work didn't stop if something like that happens again.

UPD: We received the official response explaining that this was a mistake. I must admit the whole situation was resolved really quickly, good job.

rsync 1 year ago | |

You may have a free-for-life account which will allow you to:

  ssh user@rsync.net git clone mirror git://github.com/blah/blah

Just email us.

tredre3 1 year ago | | |

They're using github as an HTTP CDN, are you saying that rsync.net now supports this use case?

lacker 1 year ago | |

This does seem like exactly the sort of thing that would trigger false positives. The product is fundamentally a list of a bunch of text found in malware, so any sort of malware detector that's based on the textual content seems likely to give a false positive.

hifromwork 1 year ago | | |

*in phishing, not in malware. Adguard domains are unlikely to be found in malware.

sethops1 1 year ago |

Maybe it's being taken down because GitHub is not happy about serving as a free CDN for a non-source code repository?

Brian_K_White 1 year ago | |

The title says the repo is a filters repo. Did the repo actually contain filter rules, or was it used to distribute the closed source plugin package?

I would argue filter rules count as source code as much as anything else. It doesn't matter if the thing reading the filter rules is not open source.

Aside from that, github intentionally hosts all kinds of content that isn't literally code. gists, pages, wiki, discussions, issues.

People also host books on github where the text is the code and git is the update system and github is the distribution system, all exactly the same as with a c program. It's not abusing the system like using the CI compute to do random other work, it's using the facilities for exactly what they are each intended for. github wants everyone to use and grow to depend on github for things like that.

Wowfunhappy 1 year ago | |

But they've encouraged uses like this for ages, see also Github Pages.

If they're going to change the policy, at least announce it first...

8organicbits 1 year ago | |

No. https://news.ycombinator.com/item?id=41438980

Kim_Bruning 1 year ago |

In general this is why you shouldn't depend on 3rd parties like this. Though hopefully in this case it's mostly a brief mistake?

teqsun 1 year ago |

I see adblockers as another casualty of the end of the ZIRP era. Big Tech was benevolent when the money was free, but now that they have to tighten the waistband all the nice open-sourced add-ons (like 3rd party readers, ad-blockers, etc.) are all getting killed off (or at least they're trying to)

crooked-v 1 year ago | |

On the other hand, Apple is adding a "this is totally not an adblocker, I promise" it's-obviously-an-adblocker to the next version of Safari as a builtin feature. It's pretty barebones, as Apple copycat features tend to be, but I think it's a decent indicator of their attitude on the subject.

layer8 1 year ago | | |

My understanding is that it’s a DOM element hider. While it is possible to hide some ads with it, it probably won’t disable the tracking.

frizlab 1 year ago | | |

They intended it as an adblocker initially and dialed back the tone because of pressure from ad companies and co.

a1o 1 year ago | | |

There are adblockers for Safari too in the Appstore

csapdani 1 year ago |

The repo is accessible now.

Havoc 1 year ago |

We really need at least a duopoly in the git space. Nothing against github per se but they've got way too much of the mindshare.

mulmen 1 year ago | |

Better yet some kind of decentralized source control protocol.

auguzanellato 1 year ago | | |

Technically git is already decentralized, the issue is where git repos get hosted.

nephyrin 1 year ago |

For those that haven't bothered clicking the link, they add:

> Github was struggling with "malware" comment spam lately and we added several filter rules that block this stuff. Maybe this is what triggered disabling the repo?

The comments so far immediately jumping to conspiracy speculation is depressing.

It's already back up.

lucifargundam 1 year ago |

And its because of situations like this, that I push to multiple foundries at the same time. Consolidation of resources is makes it only as secure as your control of maintaining them.

throawayonthe 1 year ago |

pure speculation but i bet it’s somehow because it contains links to copyrighted/illegal content (to block it) lmao

giancarlostoro 1 year ago | |

Not that I agree, but for future reference, they keep all their DMCAs public here:

https://github.com/github/dmca

btown 1 year ago | |

Or just plain old links to malware, because sometimes even non-interactive links in a plaintext document can be presented by an attacker with context that socially-engineers a target to copy-paste a malicious URL into a browser.

I'm actually shocked that Github didn't have Adguard white-listed to prevent this from being picked up by malware scanning tools already. And it's a shame, because the whole point of scanning for malware is to protect people from falling victim to new attacks, and killing the filter repository is entirely counter to that goal.

kevingadd 1 year ago | |

Yeah putting full unobfuscated links to malware or copyrighted content into your repository seems like an obvious way to get it blocked. If they masked the URLs a bit it might've been fine.

dopp0 1 year ago | | |

if they were obfuscated the urls the app itself would need to process it to un-obfuscate, then the performance would take a hit, but I get your point. It's just the wrong service to host this.

PS: could not check the link, as my country blocked twitter.

hifromwork 1 year ago | | |

FWIW:

* I often put malware samples in my repositories on github (I prepare malware analysis trainings, and I develop my trainings on github). Never got banned.

* There are a ton of leaked malware sources (and/or binaries) stored on github. They are not banned

* Github is full of blatantly obvious malware (at best "pentesting tools", at worst "educational projects"). Sadly, not banned too.

toastercat 1 year ago |

Adblock is ethically equivalent to theft. This is a good thing, as far as I'm concerned (even if it wasn't deliberate).

JTyQZSnP3cQGa8B 1 year ago | |

Ads have been brainwashing people for centuries, and they now deliver malware.

As you once elegantly said: “It's like natural selection except our society has not selected them.” We now have the tools to remove them from the gene pool and it’s a good thing.

toastercat 1 year ago | | |

Except homeless people don't contribute anything good to society. Advertisers and services like YouTube do.

OfCounsel 1 year ago | |

A webpage serves many elements, all to which you are entitled to see. Adblock is just a way to decide which elements you see or do not see. Your ethical position, that we are compelled to see everything served to us, is troublesome.

toastercat 1 year ago | | |

When you visit a website or a YouTube video, there is an implied social contract that you will view the ads and allows trackers in exchange for consuming content. Otherwise, you are essentially freeloading off peoples' hard work. If you are not happy with the ads, simply go to another website that doesn't serve ads, host your own PeerTube instance or whatever. Just don't steal and then be entitled about it.