Author Topic: Siglent.eu - Malwarebytes shows riskware  (Read 1285 times)

0 Members and 1 Guest are viewing this topic.

Offline 807Topic starter

  • Frequent Contributor
  • **
  • Posts: 297
  • Country: gb
Siglent.eu - Malwarebytes shows riskware
« on: December 23, 2023, 01:00:09 pm »
Whenever I try to visit siglent.eu, I get a warning that the site is not secure, and a riskware popup from Malwarebytes. This happens in firefox, chrome and edge.

I know that sometimes Malwarebytes can indicate false positives, but there must be a reason why the website triggers this response. This isn't a recent event it's been doing it for months (years?). Surely the website creator can put this right?
« Last Edit: December 23, 2023, 03:25:04 pm by 807 »
 

Online coromonadalix

  • Super Contributor
  • ***
  • Posts: 7012
  • Country: ca
Re: Siglent.eu - connection not secure
« Reply #1 on: December 23, 2023, 01:22:47 pm »
kill your software, and this site works with no warning on my side

edge and waterfox and firefox

it is an official site so far ?   unless other(s) say otherwise

Download section is working fine ?
« Last Edit: December 23, 2023, 02:12:05 pm by coromonadalix »
 

Offline wraper

  • Supporter
  • ****
  • Posts: 17952
  • Country: lv
Re: Siglent.eu - connection not secure
« Reply #2 on: December 23, 2023, 01:28:19 pm »
"connection not secure" appears only because Malwarebytes interfered with it. As of why, who knows, it says riskware, not even malware.
 
The following users thanked this post: 807

Offline tautech

  • Super Contributor
  • ***
  • Posts: 29810
  • Country: nz
  • Taupaki Technologies Ltd. Siglent Distributor NZ.
    • Taupaki Technologies Ltd.
Re: Siglent.eu - connection not secure
« Reply #3 on: December 23, 2023, 02:05:23 pm »
Avid Rabid Hobbyist.
Some stuff seen @ Siglent HQ cannot be shared.
 
The following users thanked this post: coromonadalix

Offline rf-loop

  • Super Contributor
  • ***
  • Posts: 4135
  • Country: cn
  • Born in Finland with DLL21 in hand
Re: Siglent.eu - connection not secure
« Reply #4 on: December 23, 2023, 02:54:20 pm »
@807 and all
 
If one want to visit Siglent's official website in European region, correct address is:

https://www.siglenteu.com/

 There is often confusion about this. Someone has also come to tell me that he has looked some information on Siglent's website and then when we wondered about it, it turned out that people had never even visited Siglent's website, but that dealer's website and was under the belief that it was Siglent's website.  It has often caused confusion. 
Of course, it says on the page that it is an authorized distributor, but a surprising number of people still thought they had visited the device manufacturer Siglent's website.
EV of course. Cars with smoke exhaust pipes - go to museum.
Wises must compel the mad barbarians to stop their crimes against humanity. Where have the (strong)wises gone?
 

Offline 807Topic starter

  • Frequent Contributor
  • **
  • Posts: 297
  • Country: gb
Re: Siglent.eu - connection not secure
« Reply #5 on: December 23, 2023, 03:06:19 pm »
@coromonadalix...I did quit Malwarebytes & the warning went away, & no, I didn't have to start a thread about it, but I thought it would be helpful feedback, knowing that tautech would read a thread that mentioned Siglent  ;)

It may well be a false positive, but there's still a reason why it's flagged up. If I was a web creator & this happened to my website, I would want to know why & then do something about it, rather than ignore it & potentially lose hits to my website.
 

Offline 807Topic starter

  • Frequent Contributor
  • **
  • Posts: 297
  • Country: gb
Re: Siglent.eu - connection not secure
« Reply #6 on: December 23, 2023, 03:07:13 pm »
All the other Siglent websites work OK. This is the order that is shown when I Google for "siglent"...

siglent.eu
siglenteu.com
siglent.co.uk
int.siglent.com
 

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 7466
  • Country: hr
Re: Siglent.eu - connection not secure
« Reply #7 on: December 23, 2023, 03:19:25 pm »
All the other Siglent websites work OK. This is the order that is shown when I Google for "siglent"...

siglent.eu
siglenteu.com
siglent.co.uk
int.siglent.com

siglent.co.uk - Siglent Products from Telonic Instruments
siglent.eu  - Siglent authorized distributor

Siglent (company itself):
siglenteu.com
siglentna.com
siglent.co.jp
www.siglent.com
int.siglent.com
"Just hard work is not enough - it must be applied sensibly."
Dr. Richard W. Hamming
 

Offline jjoonathan

  • Frequent Contributor
  • **
  • Posts: 865
  • Country: us
Re: Siglent.eu - connection not secure
« Reply #8 on: December 23, 2023, 03:30:14 pm »
> Surely the website creator can put this right

Yeah, but it's non-trivial for important reasons.

Here's what is supposed to happen: your computer trusts a bunch of root certificate authorities to sign off on websites. This list is determined by your browser/os/antivirus. Every connection needs to be signed off by one of the authorities. This prevents "man in the middle" attacks where some goober at your ISP or landlord or employer or Starbucks pretends to be amazon.com and tries to steal your credentials / bomb you with ads. How does your browser know if it's talking to the real amazon or goober amazon? By seeing if the certs are signed. The cert authorities don't sign off on goobers.

Here's a common problem: what if a CA gets caught signing off on goobers? Then Google/Microsoft/Malewarebytes pull that CA and all the sites they signed stop working for you until they find another CA. It could be that your browser/os/antivirus revoked the CA but siglent's browser/os/antivirus didn't because China is less concerned about the particular goober than Google/Microsoft/Malewarebytes. In that case the website looks good to siglent but you get a warning as if someone was trying to pull off an attack even though the actual problem is administrative/political. Here's another common problem: if siglent gets a cert that expires in 2 years and then the website administrator for the English domain leaves in 1 year and either forgets to leave a note to renew or the new guy doesn't internalize the need to act on the note, the existing cert expires and boom you get a warning. At least in this case everyone will see the same warning and it should be fixed quickly.

99% of the time if you see one of these warnings it's a false positive and an indication of an administrative/political snafu rather than an actual MITM attack. The language on the cert warnings is dire because if most people condition themselves to bypass the errors, the system stops being an effective deterrent. However, because the language *is* dire and the system *is* an effective deterrent, 99% of the time the right move is to bypass. If you're just window shopping new oscilloscopes, bypassing is probably fine. Just try not to get so complacent that you would bypass and then fill in an important login or payment form.

EDIT: changed the language to not point so squarely at siglent, there's a good chance the snafu didn't start with them.
« Last Edit: December 23, 2023, 03:48:16 pm by jjoonathan »
 
The following users thanked this post: 807

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 7466
  • Country: hr
Re: Siglent.eu - connection not secure
« Reply #9 on: December 23, 2023, 04:20:41 pm »
> Surely the website creator can put this right

Yeah, but it's non-trivial for important reasons.

Here's what is supposed to happen: your computer trusts a bunch of root certificate authorities to sign off on websites. This list is determined by your browser/os/antivirus. Every connection needs to be signed off by one of the authorities. This prevents "man in the middle" attacks where some goober at your ISP or landlord or employer or Starbucks pretends to be amazon.com and tries to steal your credentials / bomb you with ads. How does your browser know if it's talking to the real amazon or goober amazon? By seeing if the certs are signed. The cert authorities don't sign off on goobers.

Here's a common problem: what if a CA gets caught signing off on goobers? Then Google/Microsoft/Malewarebytes pull that CA and all the sites they signed stop working for you until they find another CA. It could be that your browser/os/antivirus revoked the CA but siglent's browser/os/antivirus didn't because China is less concerned about the particular goober than Google/Microsoft/Malewarebytes. In that case the website looks good to siglent but you get a warning as if someone was trying to pull off an attack even though the actual problem is administrative/political. Here's another common problem: if siglent gets a cert that expires in 2 years and then the website administrator for the English domain leaves in 1 year and either forgets to leave a note to renew or the new guy doesn't internalize the need to act on the note, the existing cert expires and boom you get a warning. At least in this case everyone will see the same warning and it should be fixed quickly.

99% of the time if you see one of these warnings it's a false positive and an indication of an administrative/political snafu rather than an actual MITM attack. The language on the cert warnings is dire because if most people condition themselves to bypass the errors, the system stops being an effective deterrent. However, because the language *is* dire and the system *is* an effective deterrent, 99% of the time the right move is to bypass. If you're just window shopping new oscilloscopes, bypassing is probably fine. Just try not to get so complacent that you would bypass and then fill in an important login or payment form.

EDIT: changed the language to not point so squarely at siglent, there's a good chance the snafu didn't start with them.

Again: that is not Siglent site.
That is a company that sels Siglent stuff..
"Just hard work is not enough - it must be applied sensibly."
Dr. Richard W. Hamming
 

Online KungFuJosh

  • Super Contributor
  • ***
  • Posts: 3165
  • Country: us
  • TEAS is real.
Re: Siglent.eu - connection not secure
« Reply #10 on: December 23, 2023, 04:52:30 pm »
Again: that is not Siglent site.
That is a company that sels Siglent stuff..

Yeah, this whole thread doesn't belong here.
"Right now I’m having amnesia and déjà vu at the same time. I think I’ve forgotten this before." - Steven Wright
 

Offline 807Topic starter

  • Frequent Contributor
  • **
  • Posts: 297
  • Country: gb
Re: Siglent.eu - Malwarebytes shows riskware
« Reply #11 on: December 23, 2023, 05:47:02 pm »
While I realise that it's not the manufacturers website, it still reflects on them, as the .eu site is an authorised distributer of their stuff, with the Siglent logo showing next to their address in the search list. So I would have thought that Siglent would show interest in the problem.

I've changed the thread title to indicate it's a Malwarebytes problem, rather than a browser problem.
 

Online coromonadalix

  • Super Contributor
  • ***
  • Posts: 7012
  • Country: ca
Re: Siglent.eu - Malwarebytes shows riskware
« Reply #12 on: December 23, 2023, 05:58:24 pm »
well     Siglent should do some cleanup and tell other "look a like site(s)"  to change their name(s)   just bring confusion   pffffffff

I did use this site to recover docs and fw updates

well  my bad if it is  .........


 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf