Pornography bug in Version 14

[circuitrider]

I hate to be the fly in ointment and be negative...  However,  everyone should be aware that there is some sort of bug in Version 14 that is linking(?) to pornographic material.  I warned a friend last night after reading about it here on the forums.  He went to his computer this morning and it came up on Accordance, fortunately the window was minimized and all he saw was the label.  He knew right what it was because of what I had told him.

 

This is a very serious matter.  Men and women's character can suffer if this bug pops up at the wrong moment or this material is 'accidentally' discovered on a minister's computer.  My friend mentioned that he does send church members to use his computer at times.  You can use your imagination as to issues this can cause.

 

Users should receive some confirmation that this bug has been dealt.

[Kristin]

Hi @circuitrider,

That is pretty wild, and thanks for letting everyone know. I saw that other thread and it seems to be connected to the "check for updates" section. I might be totally wrong, but this sounds more like malware than a bug, and I think that might mean that every computer which accidentally downloaded it would need to be cleaned independently, as opposed to it being fixed with an Accordance update, but I might be wrong.

 

Either way I agree it is serious, as I can see someone getting fired it it pops up on a work computer.

 

Kristin

[miketisdell]

What are the circumstances where that causes this link to be hit?

[mhanel]

I have no idea if this is connected or not, but the website accordance.bible no longer works. There is an error message saying that "error 1014 CNAME Cross-user banned."

 

I don't know what that means, if that means it was hacked or they didn't pay to renew the domain and someone took it over.

 

Guys though, you're killing me. One thing after another that keeps screaming out, this isn't a well-maintained ship anymore. Before he left Rick said finances were still very good and there's a bright future. But I'm not seeing it lately. It feels like the ship is falling apart.

[Michael J. Bolesta]

https://www.accordancebible.com is working on my Mac using Safari.

[Kristin]

Hi @mhanel,

I just checked https://www.accordancebible.com/ and it seems to be working on my end. On a side note, I did notice that Acc 14 is on the front page now, which seems new. I think up until recently it was still showing 13. In fact, maybe it was so recent that the site was down for a minute when they edited it to say 14, hence the message you got. Is it still down on your end?

[GYDOF1729]

Is the confusion accordancebible.org and accordance.bible?

[Michael J. Bolesta]

16 minutes ago, GYDOF1729 said:

Is the confusion accordancebible.org and accordance.bible?

 

Not sure about those sites. The official website is https://www.accordancebible.com

[mhanel]

accordance.bible is where you get sent to from within Accordance, so I assumed it is an official address/redirect.

 

https://accordance.bible/

 

Edited December 18, 2022 by mhanel

[Diatheke76]

Imagine you’re in the church’s office and you’re all fired up due to that sermon idea you just got and you say out loud: “Alright, let’s do this!” And the inappropriate content shows up on your screen and the church’s office staff walks up to you to see what the excitement is all about and they see you and inappropriate content on your screen 😂😂😂You better save these forum posts to get yourself out of hot water 😂😂😂 

[accord]

15 minutes ago, mhanel said:

accordance.bible is where you get sent to from within Accordance, so I assumed it is an official address/redirect.

 

https://accordance.bible/

 

 

This is the same on Mac.

 

1 hour ago, mhanel said:

I have no idea if this is connected or not, but the website accordance.bible no longer works. There is an error message saying that "error 1014 CNAME Cross-user banned."

 

I don't know what that means, if that means it was hacked or they didn't pay to renew the domain and someone took it over.

 

Internet search for "error 1014 CNAME Cross-user banned." provides an answer. 

 

[A. Smith]

I think accordance.bible is a mistake. I don't know how it got there, but afaik, that's never been their web address. 

[A. Smith]

Steve Walton was the first to bring this to my attention on FB a day or two ago. I encouraged him to ask here, which he did. Someone else then replied and said this was an issue on the beta as well at one point. He said it came up during the update dialogue at some point. The particulars are a bit unclear to me. But this is a very serious problem. 

 

In a possibly related issue, there was what I assume to be a spam post here in the forum the same day I heard from Steve. Someone by the name of 'couple' or something like that. The only content of the post was a dressed man and a woman in a too-small bikini. I reported it as spam and it was gone by the time I came back to the forum later that day. I mean, there's no reason to directly relate the two things. But I just found the co-occurrence of these two things suspicious.

[Steven S]

1 hour ago, A. Smith said:

I think accordance.bible is a mistake. I don't know how it got there, but afaik, that's never been their web address. 

 

I've seen that domain name in the Accordance 13 about box since at least the beginning of this year. But I don't think I ever paid much attention to it because my OCD always keeps me focused on the reference to "Psalms 119:130." 

 

[jlm]

There are technical details in the beta forum, but they aren't easy to understand. I'll try to explain, but I don't fully understand the details. What happened is due to an insufficiently careful configuration of the CDN, coupled with a recent migration of Accordance's servers. A CDN (Content Delivery Network) is a network of servers that replicate data from a main server to get it to users faster and support more users than one server can handle. It's very easy to use and gives a huge boost to the main server, so lots of people use them without knowing all the complicated details of how they work. On rare occasions, that lack of knowledge leads to something unfortunate, and this is one of those rare occasions.

 

The problem was that the connection from the CDN to the main server for Accordance downloads was not encrypted: it was using http instead of https. And what need was there to encrypt it? Encryption keeps the data transmitted secret, but there's nothing secret about an Accordance installer that anyone can download. Encryption keeps files from being tampered with by a man in the middle, but Accordance installers are digitally signed, so a tampered installer will fail to install. But release notes are not digitally signed, so something could happen to them, and did.

 

Accordance recently migrated the main server, which changed its IP address. An IP address is like a phone number: you look up a name in a directory, get a number, and connect to that number. One or more servers in the CDN didn't realize the IP address had changed, and contacted the old number, which meanwhile had been given to a fly-by-night pornographic website. At this point, if they had been using https to connect to the main website, they would have hung up immediately, because the SSL certificate of the bad website doesn't match the name of the website they were trying to contact. In that case, the release notes would probably have looked like that error message you get if you try to open accordance.bible. But since they were using http, they went ahead and asked the porn server to send them the file at the URL of the release notes. It didn't have any file by that name, and could have sent back an error message, but instead of losing what it could be a potential client, it redirected them to its home page. So the CDN server took that to be the release notes, and sent it out to everyone who tried to download the release notes through it, and that's how the porn site's webpage wound up being displayed in place of the release notes.

 

Steps have been taken to fix this and prevent it from recurring, and more steps will be taken once it's clear they won't have unintended side effects.

 

[A. Smith]

2 hours ago, Steven S said:

 

I've seen that domain name in the Accordance 13 about box since at least the beginning of this year. But I don't think I ever paid much attention to it because my OCD always keeps me focused on the reference to "Psalms 119:130." 

 

Interesting. It reads the same in v14. But when you click the current sales button it takes you to accordancebible.com, not accordance.Bible. Hmm. 

[Sean Nelson]

7 hours ago, A. Smith said:

In a possibly related issue, there was what I assume to be a spam post here in the forum the same day I heard from Steve...

Just to curb speculation, I was the one who deleted the post in question and there's no reason that I know of to suspect that it is connected to the recent issue with the update. As I understand the situation, jlm's post above is largely correct in describing what occurred with the update file and in the fact that steps have been (and are being) taken to assure that nothing similar happens in the future. 

I don't know how much this will set anyone's mind at ease, but just about every website with a comments section or forums is inundated daily with spam bots and illicit links. Thankfully, the vast majority of spam we get on our site is in the product reviews and blog comments, which are automatically held for moderator approval, so they are never seen by the user. On the forums however, comments are only held for moderation if the poster has a warning associated with their account, so occasionally a spam post will slip through. If you see any posts you suspect to be spam, please report them so they can be taken down. (Like the one from the other day.)

[Solly]

Sean, to whom or how do we report spam?

 

—Joseph

[ScottDF]

@Solly, if you are talking about reporting Spam on the forum, it's the ellipsis at the upper right of any individual post. 

 

[R. Mansfield]

So, I did not get the porn ad when I updated my Windows version of Accordance to 14.03 (my Mac version is staying at 13.x for the time being). However, I just now clicked on a link to a job openings site sent to me from a friend in Slack, and I hit that same porn site that was shown in the beta thread. One thing that Accordance and Slack have in common is that they both use Electron. That could mean that the issue in Accordance has infected any other app on my Mac that uses Electron such as Slack. Or it could mean that there's a common issue in Electron itself. 

Just reporting this to see if it helps to shed any light.

Edited December 19, 2022 by R. Mansfield

[miketisdell]

20 minutes ago, R. Mansfield said:

So, I did not get the porn ad when I updated my Windows version of Accordance to 14.03 (my Mac version is staying at 13.x for the time being). However, I just now clicked on a link to a job openings site sent to me from a friend in Slack, and I hit that same porn site that was shown in the beta thread. One thing that Accordance and Slack have in common is that they both use Electron. That could mean that the issue in Accordance has infected any other app on my Mac that uses Electron such as Slack. Or it could mean that there's a common issue in Electron itself. 

Just reporting this to see if it helps to shed any light.

 

If it is not related to Electron itself, then it could be very troubling i.e. malware that has affected your system. 

As it seems this is being reported only on Macs, it seems that malware should be a high concern.

[R. Mansfield]

10 minutes ago, miketisdell said:

If it is not related to Electron itself, then it could be very troubling i.e. malware that has affected your system. 

As it seems this is being reported only on Macs, it seems that malware should be a high concern.

 

It just somehow seems significant that it was the exact same site reported in the beta forums.

[Solly]

1 hour ago, ScottDF said:

@Solly, if you are talking about reporting Spam on the forum, it's the ellipsis at the upper right of any individual post. 

Thank you Scott—this old dog just learned a new trick.

 

—Joseph

[Michel Gilbert]

8 hours ago, jlm said:

I don't fully understand the details.

 

I barely understood, which exposed my lack of knowledge. 🙂

 

In all seriousness, your explanation helped. Thanks.

 

[Rich]

2 hours ago, R. Mansfield said:

So, I did not get the porn ad when I updated my Windows version of Accordance to 14.03 (my Mac version is staying at 13.x for the time being). However, I just now clicked on a link to a job openings site sent to me from a friend in Slack, and I hit that same porn site that was shown in the beta thread. One thing that Accordance and Slack have in common is that they both use Electron. That could mean that the issue in Accordance has infected any other app on my Mac that uses Electron such as Slack. Or it could mean that there's a common issue in Electron itself. 

Just reporting this to see if it helps to shed any light.

 

Hey Rick — I find no evidence of the Mac Accordance app using Electron at all.   I have 11 apps on my Mac that use Electron — and I can very quickly tell you each of them (both from UX and by peeking into their frameworks / resource contents).  I doubled checked and in Accordance 14 — I see no Electron utilization.