The power of big tech companies to censor has recently been getting spotlighted quite a bit. One element of that which doesn’t seem to get nearly as much focus when that comes up, is whether those actions are being taken in line with the stated policy justifying it when not involving high profiles actors and if there is a fair process to fix a mistake or undo things if changes have been made. While the focus on that censoring is usually in relation to social networks, it can impact other areas as well. NortonLifeLock’s Safe Web system being an example of one with problems, which we ran across again while dealing with a website that had been hacked.
The website was cleaned of malicious code about a month ago. But the company doing that Sucuri, failed to do other work that is part of a proper cleanup, so we were brought in. Another issue with the website is it being blocked NortonLifeLock’s software that relies on their Safe Web system. The block page shown when using their Norton Safe Search Enhanced extension for the Chrome web browser warns “Dangerous Webpage Blocked” and “This is a known dangerous web page. It is highly recommended that you do NOT visit this page.”:
That most likely would be connected to the hack, but it isn’t clear and, even if it is connected, there is no way to tell if that is based on the state of the website before it was cleaned or after.
Clicking the “View Full Report” button brings up the entry for the website on NortonLifeLock’s Safe Web website, which provides almost no additional detail. At first glance it just provides the same exact information:
Clicking the “Click here to submit dispute” link provides one additional detail, the website has been categorized as “Malicious Sources/Malnets”:
If you don’t know what that means, you are not alone, as despite dealing with hacked website for years, we are not familiar with any significance of that terminology.
How exactly are you supposed to reasonably dispute such an action when you don’t know what is you are even disputing?
While in this situation the website was in fact hacked, so the blocking could be justified, NortonLifeLock isn’t exactly a company that has shown it should be trusted. One of their predecessor companies paid major fines for false claims and the other has years worth of behavior that seems like it should have put them out of business.