Third Party Emojis

Any problems with the site? How can we improve KVR?
RELATED
PRODUCTS

Post

Many times when someone uses an emoji from outside KVR in a post I get the following security warning:


BD Warning.png

I believe this is coming from people who use their android or possibly apple phones to post and use the emojis from there.

This isn't a KVR issue but maybe there is some way to mitigate the unmatched security certificate issue.

This just started in the last few days so I don't know what has changed. I could just keep deleting the warnings which come several times a day depending on which threads I visit or can just add it to the exceptions list but that never seems like a good idea.
You do not have the required permissions to view the files attached to this post.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe

Post

Yes. Something has changed very recently. I don’t get the error, but the emojis I use in my iPhone don’t display.
C/R, dongles & other intrusive copy protection equals less-control & more-hassle for consumers. Company gone-can’t authorize. Limit to # of auths. Instability-ie PACE. Forced internet auths. THE HONEST ARE HASSLED, NOT THE PIRATES.

Post

I've got 41 error messages today just from a few minutes spent at KVR.

From Bitdefender Total Security which is one of highest rated security suites:

"We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one".

Perhaps Bitdefender is being a bit paranoid (or other suites a bit lax) but in this day and age should we really trust anything/anyone? :shrug:
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe

Post

Well I've poked around KVR today and so far no warning messages. Not sure if a fix came from this side or the unmatched certificate was addressed from the other side but so far today the issue seems to be resolved.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe

Post

test emoji: 🧪

I see a test tube emoji character in the editor:
Screenshot 2024-04-10 at 15.48.50.png
It shows as [?] while viewing the posted subject, rendered as an image:

Code: Select all

https://twemoji.maxcdn.com/2/svg/1f9ea.svg
and the certificate presented by maxcdn dot com has issues, so nearly no browser will accept that.

Long live plain simple ASCII & UniCode...
You do not have the required permissions to view the files attached to this post.
We are the KVR collective. Resistance is futile. You will be assimilated. Image
My MusicCalc is served over https!!

Post

Well I spoke too soon:


BD 041024-1.png

"firefox.exe attempted to establish a connection relying on an unmatching security certificate to twemoji.maxcdn.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one".


The emoji above triggered the warning.

I have no idea how to contact "twemoji" to let them know their certificate is wonky.

Found this:

"Twitter has an open source emoji library called Twemoji. Since the Twitter takeover, anyone working on it has been laid off, so the future of it seems uncertain".

Open source can absolutely make it a security risk. I suggest everyone stick with the KVR emojis.
You do not have the required permissions to view the files attached to this post.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe

Post

BertKoor wrote: Wed Apr 10, 2024 5:41 am test emoji: 🧪

I see a test tube emoji character in the editor:
Screenshot 2024-04-10 at 15.48.50.png

It shows as [?] while viewing the posted subject, rendered as an image:

Code: Select all

https://twemoji.maxcdn.com/2/svg/1f9ea.svg
and the certificate presented by maxcdn dot com has issues, so nearly no browser will accept that.

Long live plain simple ASCII & UniCode...
This is what I’m seeing too, and it is NOT yet fixed. 🙂
C/R, dongles & other intrusive copy protection equals less-control & more-hassle for consumers. Company gone-can’t authorize. Limit to # of auths. Instability-ie PACE. Forced internet auths. THE HONEST ARE HASSLED, NOT THE PIRATES.

Post

I was just going to post this. Bitdefender goes nuts. They come from : twemoji.maxcdn.com
It says Unmatching Security Certificate.

Post

Same on an iPad with Safari, even with Content Blockers turned off.

Post

If only there was a sub-forum where we could report issues with this site......

BD.png
You do not have the required permissions to view the files attached to this post.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe

Post

I suspect it may be a bug in a new version of the software. I see the same thing happening on another forum I frequent, and the emojis used to work fine there too, but now don’t.
C/R, dongles & other intrusive copy protection equals less-control & more-hassle for consumers. Company gone-can’t authorize. Limit to # of auths. Instability-ie PACE. Forced internet auths. THE HONEST ARE HASSLED, NOT THE PIRATES.

Post

It's the Russians.
No, wait, the Chinese.
Nah, man, it's the US.

Folks, let me put this straight: it's the lil green Mars men doing this to us.

Post

osiris wrote: Mon Apr 15, 2024 12:34 pm I was just going to post this. Bitdefender goes nuts. They come from : twemoji.maxcdn.com
It says Unmatching Security Certificate.
basically, the problem is with images served from maxcdn, because maxcdn has shut down. so it looks as though the ssl certificate has defaulted to the primary domain of whoever owns the domain - and because that doesn't match the url, the browsers no likey: https://github.com/twitter/twemoji/issues/580

to stop the warnings you either need to whitelist the domain in your browser (which is a very bad idea because the chances are the domain will wind up in the hands of spammers and other n'er do wells) or for someone at kvr to write a script to kill the maxcdn urls (or convert them to whatever resource is now hosting deep links to emojis).

or just ban third-party emojis (yay!).

Return to “Site Stuff”