Users are getting malicious content and red harmful programs warning screens when trying to access ticket attachments Follow

Comments

8 comments

  • Avatar
    Jonathan March

    Jay, glad to have any security measures in place, but it's unclear to me where Google fits into the workflow? Do you mean that ZD has contracted with Google to scan all so-called "attachment" downloads on any browser on any platform?

  • Avatar
    Jessie - Community Manager

    Hey Jonathan!

    I believe that's correct. My understanding is that Google has a safe browsing product that will do this. Jay can chime in if I'm off-base.

  • Avatar
    Jonathan March (Edited )

    Thanks, Jessie, and thanks, Jay for updating the article. I apologize for being overly literal-minded, but given the importance of security, I think a more explicit description is needed. some potential sources of ambiguity here are:

    • Google is the name of a company and a search engine, but you are using it to refer to a malware scanning product. (We wouldn't normally say "Microsoft" to refer to Excel.)
    • We are used to seeing Gmail scan our email attachments, and Chrome scanning our browser downloads, so it's not clear from the article that you not just saying "If a customer sees this warning, it means that the customer's google product (e.g.  chrome) detected malware during a download.)
    • The article still doesn't explicitly say that all ticket attachments are scanned by a Google malware scanning product running on your servers, before a requested download is performed. An explicit statement like that would be reassuring.

    Thanks!

  • Avatar
    Jessie - Community Manager

    Let me see if I can track down Jay to address your points. Stand by!

  • Avatar
    Jay Elloso

    Hello Jonathan, I'll see what I can dig around regarding this and check out what specific product is doing this specifically. But just to clarify, we have not contracted Google to perform this service.

    I'll update the article to reflect what I find and will just include the official Google links as I I think they might be able to best explain what they're doing.

    Funnily, I do see the same (not very specific) wording in Google's own article though:

    https://support.google.com/webmasters/answer/3258249?hl=en&ref_topic=4596795

  • Avatar
    Jonathan March (Edited )

    Thanks, Jay. As I read that page:

    > Google checks websites to see whether they host downloadable executables that negatively affect the user experience. You can see a list of any suspected files hosted on your site in the Security Issues report.

    it appears that this is something that Google the company does as it crawls the net (presumably for use in its "Google" search engine and Chrome browser and perhaps in other apps).

    But they would not be able to check ZD "Attachments" that are only accessible by logged-in users (as is the case for *all* of our ticket attachments). Since you say that ZD does not contract for such checking with Google, presumably the only access that Google would have to check such attachments would be when Google was involved in the download, e.g. in a Chrome browser.

    If that's the case, then this would very much be browser-dependent, i.e. not something that we can rely on happening. </speculation>

    Look forward to hearing what you learn.

  • Avatar
    Jay Elloso

    Hello Jonathan!

    That's correct. I made some adjustments to help clarify your questions.

    Aside from browsers, Google safe Browsing is used by Google Search, Google ads, Gmail, and Android.

    I couldn't find information on what other specific browsers use this service on Google's Safe Browsing page,  but I did find a list on Wikipedia.

    I also found an announcement on the Google Security Blog regarding this feature which I included in the article.

    Please note that this article is about providing information on what Zendesk is doing behind the scenes if a customer sees those warnings, as this issue can cause all attachments in your subdomain to be flagged as “malicious” or “harmful” until a successful review confirms that malware attachments have been removed.

    However, I do see several discussion taking place on the need for better and more reliable restrictions on attachments like here and here

  • Avatar
    Jonathan March

    Great, thanks so much, Jay!

    (To clarify for the record: Despite the page's main purpose being to explain a particular pop-up, I think it's helpful to be explicit because one can easily get here (as I did) while searching for information about whether Zendesk security-checks file attachments, so it's important that the user not be given a false impression that this is the case.)

    Thanks too for those discussion links!

Please sign in to leave a comment.

Powered by Zendesk