Google flags Immich sites as dangerous | Immich Blog
immich.app
How Google actively breaks Immich deployments, an open-source Google Photos alternative.
    • Vex_Detrause@lemmy.caEnglish
      2·
      2 months ago

      I knew it was too good to be true when they give away free pic storage for their pixel phones. I just didn’t listen to my gut.

  • 𝘋𝘪𝘳𝘬@lemmy.mlEnglish
    36·
    2 months ago

    The URLs mentioned in their blog article all have a wrong certificate (different host name).

    I am sure if they fix it Google’s system would reclassify the sites as safe.

  • Darkcoffee@sh.itjust.worksEnglish
    262·
    2 months ago

    They’ve also started warning against android apps from outside repos. Basically they want to force people to use their ai-filled bullshit apps.

  • yeehaw@lemmy.caEnglish
    161·
    2 months ago

    Stop using google. Don’t you know their motto? “Be evil”

    • mic_check_one_two@lemmy.dbzer0.comEnglish
      5·
      2 months ago

      Easier said than done, if your end users run Chrome. Because Chrome will automatically block your site if you’re on double secret probation.

      The phishing flag usually happens because you have the Username, Password, Log In, and SSO button all on the same screen. Google wants you to have the Username field, the Log In button, and any SSO stuff on one page. Then if you input a username and go to start a password login, Google expects the SSO to disappear and be replaced by the vanilla Log In button. If you simply have all of the fields and buttons on one page, Google flags it as a phishing attempt. Like I guess they expect you to try and steal users’ Google passwords if you have a password field on the same page as a “Sign in with Google” button.

      • Appoxo@lemmy.dbzer0.comEnglish
        6·
        2 months ago

        Firefox ingests Google SafeBrowsing lists.
        If you are falsely flagged as phishing (like I was), then you are fucked regardless of what you use (except you use curl).

        I couldnt even bypass the safebrowse warning on my Android phone in Firefox.

  • A_norny_mousse@feddit.orgEnglish
    11·
    2 months ago

    Same when you try to deviate from the approved path of email providers or, dog forbid, even self-host email.

    This is why I always switch off that “block potentially dangerous sites” setting in my browser - it means Google’s blacklists. This is how Google influences the web beyond its own products.

    edit: it’s much more complex than simple blocklists with email

  • WhyJiffie@sh.itjust.worksEnglish
    10·
    2 months ago

    jellyfin had a similar issue too for a long time for servers exposed to the internet. google would always reblock the domains soon after unblocking them. I think they solved it in the latest update. Basically it’s that google’s scraping bots think that all jellyfin servers are a scam that imitate a “real” website.

  • MrSulu@lemmy.mlEnglish
    8·
    2 months ago

    Deadly to their margins by 0.000000000000000000000000000000000001%

  • ITGuyLevi@programming.devEnglish
    6·
    2 months ago

    I got a ‘dangerous site’ warning and then prompts for crap on my Vaultwarden instance (didn’t see it on Immich but this was a while ago). I think I had to prove I owned the domain with some DNS TXT records then let them “recheck” the domain. It seems to have worked.

  • Appoxo@lemmy.dbzer0.comEnglish
    3·
    2 months ago

    Was also flagged recently.
    In my case it was the root domain which is

    1. Geofiltered to only my own Country in Cloudflare
    2. Geofiltered to only my country in my firewall
    3. Protected by Authelia (except the root domain which says 404 when accessing)

    So…IDK what they want from me :p My domain doesnt serve public websites (like a blog) destined for public consumption…

  • spaghettiwestern@sh.itjust.worksEnglish
    2·
    2 months ago

    Google Safe Browsing looks to be have been built without consideration for open-source or self-hosted software.

    IMO Google Save Browsing was built with consideration for open-source and self-hosted software, but it has nothing to do with user safety, just like blocking Android apps from 3rd party sites has nothing to do with user safety. The harder they make it to move away from their products by making using alternatives difficult, the more money they make and money is now the only objective. Even if this only adds a fraction of a fraction of a percent to their profit it’s something Google will implement.

    The old social contract of businesses being of benefit to the community as a whole in addition to making a profit is long gone.