Had a brush with some badness named “openh264.org”.<\/p>\n
I am sitting in a Starbucks with its own internet access, my very own local shady access point.\u00a0 When I connect to the access point, there is a popup which requires me to click I ACCEPT THE TERMS etc, and then hit the CONNECT button. This usually goes smoothly, as I have the password stored, and that’s all I have to do. But today I got hit with a pop-up that said such-and-such a site is trying to download(?) a file.\u00a0 The file was named something like this:<\/p>\n
http(s?):\/\/ciscobinary.openh264.org\/{LONG-ugly-UID-here}.zip<\/pre>\nWhat do you want to do with this file, open with IE, do something else, [ ] remember this choice, OK\/CANCEL.<\/p>\n
This popul was the obscured by another that said something like, The following file could not be found:<\/p>\n
C:\\{long user path}\\ciscobinary.openh264.org\/{LONG-ugly-UID-here}.zip.part<\/pre>\nClicking OK closed both popups.<\/p>\n
I looked around for the openh264 and Cisco wisdom (using my cellphone browser over the TELCO signal), and was not satisfied that this particular download attempt was legit. After all, I am at a public access point.<\/p>\n
So I whacked the URL provided by the shady access point from this:<\/p>\n
http:\/\/local.shady.accespoint?lotasparameters&something=https:\/\/msftconnecttest.com%2fredirect%2fmsn.something.something...<\/pre>\nwhich always redirects me to MSN which i despise anway…\u00a0 to this:<\/p>\n
http:\/\/local.shady.accespoint?lotasparameters&something=https:\/\/drudgereport.com<\/pre>\nWhy did I do this? Because drudgereport always flushes cache. That site updates every minute or so, and does not want anybody stuck on yesterday’s content. Every access to DR is like the first of the day.\u00a0 And because I would rather claw my own eyes out than look at MSN.<\/p>\n
Well, it worked perfectly. Now I cannot replicate the condition, hence some of the uncertain language here. I could probably let my session time-out on the local shady access point and try again.<\/p>\n
But why is this file being pushed to me — by Microsoft<\/em>? The way I assess the failure is this: MS wanted me to accept that file without even asking, but I have my shields up, so the browser stopped the download and asked me whether to accept the file (thank you, Firefox).\u00a0 I think that this caused the file-not-found-ness, and that failure caused my validation by “msftconnecttest.com” to bottom out. And that is why I could not connect.<\/p>\nInterestingly, it seems the local shady access point asks for but DOES NOT REQUIRE validation from the Microsoft connection test. This is probably the site which returns the fleeting “Success!” one-word HTML page which precedes the appearance of the execrable MSN page.<\/p>\n
Whatever this file is, I don’t want it. And I now have an interesting work-around for non-enforced validation at shady local access points.<\/p>\n
\r\n \r\n \r\n <\/i>\r\n <\/a>\r\n <\/span>\r\n<\/div>\r\n \r\n <\/i>\r\n <\/a>\r\n <\/span>\r\n<\/div><\/div>","protected":false},"excerpt":{"rendered":"Had a brush with some badness named “openh264.org”.<\/p>\n
I am sitting in a Starbucks with its own internet access, my very own local shady access point.\u00a0 When I connect to the access point, there is a popup which requires me to click I ACCEPT THE TERMS etc, and then hit the CONNECT button. This usually goes smoothly, as I have the password stored, and that’s all I have to do. But today I got hit with a pop-up that said such-and-such a site is trying to download(?) a file.\u00a0 The file was named something like this:<\/p>\n
http(s?):\/\/ciscobinary.openh264.org\/{LONG-ugly-UID-here}.zip<\/pre>\nWhat do you want to do with this file, open with IE, do something else, [ ] remember this choice, OK\/CANCEL.<\/p>\n
This popul was the obscured by another that said something … Continue reading