I tried to submit this to the false-positive report system but it won’t accept the URL, which it claims is “not valid”.
It’s a weblink to a PDF document that is a genuine New York State Voter Registration form. VirusTotal reports it as “No match found.” Yes, I know it has a suspicious name but that should not be an adequate reason for Avast to block it. I have no idea why Avast thinks it’s not a valid URL; I can navigate to it just fine and display the form for a few seconds before Avast blocks it.
This is really important in this USA election year. Avast needs to stop blocking this URL immediately. Here’s the URL:
That red message appeared as soon as focus moved off the URL textbox, when I tried to click the “I am not a robot” checkbox. It’s exactly what I got when I tried earlier today.
This is getting off-topic I fear but I have to report that both my Firefox and my IE are not reliably able to display those VirusTotal pages. Granted my Firefox is about a year old but my IE is version 11 and should work. In both browsers the pages just flash back and forth between white nothing and grey placeholder images and never resolve into anything readable. Sometimes reloading the page helps but most of the time it doesn’t. I don’t want to have to use Chrome because it spies on people. Surely a website dedicated to internet security would take that seriously?
Anyway, thanks for your help.
Edited to add:
Also, for the past few weeks I frequently get Firefox SSL errors (the server was reset because the browser couldn’t verify the authenticity of the website) when trying to get to Avast web forum pages. I have not changed my Firefox version in this time period, and I don’t get those errors in IE. This suggests some issue with the forum certificates.
Off-topic or not, you might surely have a point there. It could be a matter of having a valid certificate or not.
I am thinking along such lines also. As avast team member, Milos, was also hinting at eventual trailing spaces in that address,
could not have been covered under that particular certificate.
(common-name and the alternative names are not included in that certificate)
Issues like that could then kick-up problems inside a browser of sorts (firefox for instance handles this differently, and you know that in these days Google calls almost all the shots with all browsers playing sort of a Google chromium monopoly. You hinted at the averse effects of that. On the other hand almost all developers have a family to feed and therefore will hop onto Google’s bandwagon.
Covid-19 days are helping them in their policies.
Could well be that that was what you experienced and was posting about without having it pinpointed down to the realm of what that particular certificate in it’s validity covers. Not all authorities are certificate prone specialists. Check that website’s cert validity.
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
