Has this impacted your self hosted instances of Immich? Are you hosting Immich via subdomain?
Related:
You must log in or # to comment.
Google, protecting you from privacy
Google protecting Google from FOSS.
They’re right too, after using Immich I don’t want to go back.
Also protecting you from the East Wing of the White House.
I smell fear.
I knew it was too good to be true when they give away free pic storage for their pixel phones. I just didn’t listen to my gut.
The URLs mentioned in their blog article all have a wrong certificate (different host name).
I am sure if they fix it Google’s system would reclassify the sites as safe.
I think that marking things as “safe” could have more complications than this depending on their definition but I think you’re right that’s probably all this issue is. This is almost the only sane comment here. Everyone else seems to be frothing at the mouth and I’m guessing its a decent mix of not understanding much of how these systems work (and blindly running tutorials for those that do self host) and blind ideology (big companies are bad / any practice that restricts my personal freedom in any way is bad)
any practice that restricts my personal freedom in any way is bad
Yes? I don’t want to live in a world where giant companies decide what I can and cannot see. And big companies are bad, they act as pseudo governments that aren’t accountable to anyone, we used to break them apart before they started buying up politicians and political power.
Agreed after the yes.
I’m not sure how what you said either: justifies the comments not fitting that label; justifies that “any practice that restricts my personal freedom in any way is bad” is a practical ideology; or even establishes much a link between what you’ve quoted and what you’ve said. And I think you need to be doing one of those to be making a counter argument
I don’t blame people for thinking that something is off after reading the linked blog post. This wouldn’t be the first time Google does something like this to OSS that poses some kind of potential threat to their business model (this is also mentioned in the post).
Yeah, sure, 5 years after google flagged one of the sites i hosted, some firewalls (including isp-level blocks) mark the domain as unsafe. Google removed the block after more than a week but the stink continues until today.
It was also a development domain and we were forced to change it.
Immich users flag Google sites as dangerous
They’ve also started warning against android apps from outside repos. Basically they want to force people to use their ai-filled bullshit apps.
Google marks half the apps on my phone as dangerous. Google are evil xxxxxx’s
Stop using google. Don’t you know their motto? “Be evil”
OP is impacted by Google SafeBrowsing which various websites use.
Easier said than done, if your end users run Chrome. Because Chrome will automatically block your site if you’re on double secret probation.
The phishing flag usually happens because you have the Username, Password, Log In, and SSO button all on the same screen. Google wants you to have the Username field, the Log In button, and any SSO stuff on one page. Then if you input a username and go to start a password login, Google expects the SSO to disappear and be replaced by the vanilla Log In button. If you simply have all of the fields and buttons on one page, Google flags it as a phishing attempt. Like I guess they expect you to try and steal users’ Google passwords if you have a password field on the same page as a “Sign in with Google” button.
Firefox ingests Google SafeBrowsing lists.
If you are falsely flagged as phishing (like I was), then you are fucked regardless of what you use (except you use curl).I couldnt even bypass the safebrowse warning on my Android phone in Firefox.
deleted by creator
jellyfin had a similar issue too for a long time for servers exposed to the internet. google would always reblock the domains soon after unblocking them. I think they solved it in the latest update. Basically it’s that google’s scraping bots think that all jellyfin servers are a scam that imitate a “real” website.
But the malvertisements on Google’s front page are ok, I guess
Deadly to their margins by 0.000000000000000000000000000000000001%
I got a ‘dangerous site’ warning and then prompts for crap on my Vaultwarden instance (didn’t see it on Immich but this was a while ago). I think I had to prove I owned the domain with some DNS TXT records then let them “recheck” the domain. It seems to have worked.
Was also flagged recently.
In my case it was the root domain which is- Geofiltered to only my own Country in Cloudflare
- Geofiltered to only my country in my firewall
- Protected by Authelia (except the root domain which says 404 when accessing)
So…IDK what they want from me :p My domain doesnt serve public websites (like a blog) destined for public consumption…
Google Safe Browsing looks to be have been built without consideration for open-source or self-hosted software.
IMO Google Save Browsing was built with consideration for open-source and self-hosted software, but it has nothing to do with user safety, just like blocking Android apps from 3rd party sites has nothing to do with user safety. The harder they make it to move away from their products by making using alternatives difficult, the more money they make and money is now the only objective. Even if this only adds a fraction of a fraction of a percent to their profit it’s something Google will implement.
The old social contract of businesses being of benefit to the community as a whole in addition to making a profit is long gone.
