Many times when someone uses an emoji from outside KVR in a post I get the following security warning:
I believe this is coming from people who use their android or possibly apple phones to post and use the emojis from there.
This isn't a KVR issue but maybe there is some way to mitigate the unmatched security certificate issue.
This just started in the last few days so I don't know what has changed. I could just keep deleting the warnings which come several times a day depending on which threads I visit or can just add it to the exceptions list but that never seems like a good idea.
Third Party Emojis
-
- KVRAF
- Topic Starter
- 18569 posts since 16 Sep, 2001 from Las Vegas,USA
You do not have the required permissions to view the files attached to this post.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
- KVRAF
- 4873 posts since 19 Apr, 2002 from Utah
Yes. Something has changed very recently. I don’t get the error, but the emojis I use in my iPhone don’t display.
C/R, dongles & other intrusive copy protection equals less-control & more-hassle for consumers. Company gone-can’t authorize. Limit to # of auths. Instability-ie PACE. Forced internet auths. THE HONEST ARE HASSLED, NOT THE PIRATES.
-
- KVRAF
- Topic Starter
- 18569 posts since 16 Sep, 2001 from Las Vegas,USA
I've got 41 error messages today just from a few minutes spent at KVR.
From Bitdefender Total Security which is one of highest rated security suites:
"We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one".
Perhaps Bitdefender is being a bit paranoid (or other suites a bit lax) but in this day and age should we really trust anything/anyone?
From Bitdefender Total Security which is one of highest rated security suites:
"We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one".
Perhaps Bitdefender is being a bit paranoid (or other suites a bit lax) but in this day and age should we really trust anything/anyone?
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
- KVRAF
- Topic Starter
- 18569 posts since 16 Sep, 2001 from Las Vegas,USA
Well I've poked around KVR today and so far no warning messages. Not sure if a fix came from this side or the unmatched certificate was addressed from the other side but so far today the issue seems to be resolved.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
- KVRAF
- 15292 posts since 8 Mar, 2005 from Utrecht, Holland
test emoji: 
I see a test tube emoji character in the editor: It shows as [?] while viewing the posted subject, rendered as an image:
and the certificate presented by maxcdn dot com has issues, so nearly no browser will accept that.
Long live plain simple ASCII & UniCode...
I see a test tube emoji character in the editor: It shows as [?] while viewing the posted subject, rendered as an image:
Code: Select all
https://twemoji.maxcdn.com/2/svg/1f9ea.svgLong live plain simple ASCII & UniCode...
You do not have the required permissions to view the files attached to this post.
We are the KVR collective. Resistance is futile. You will be assimilated. 
My MusicCalc is served over https!!
My MusicCalc is served over https!!
-
- KVRAF
- Topic Starter
- 18569 posts since 16 Sep, 2001 from Las Vegas,USA
Well I spoke too soon:
"firefox.exe attempted to establish a connection relying on an unmatching security certificate to twemoji.maxcdn.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one".
The emoji above triggered the warning.
I have no idea how to contact "twemoji" to let them know their certificate is wonky.
Found this:
"Twitter has an open source emoji library called Twemoji. Since the Twitter takeover, anyone working on it has been laid off, so the future of it seems uncertain".
Open source can absolutely make it a security risk. I suggest everyone stick with the KVR emojis.
"firefox.exe attempted to establish a connection relying on an unmatching security certificate to twemoji.maxcdn.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one".
The emoji above triggered the warning.
I have no idea how to contact "twemoji" to let them know their certificate is wonky.
Found this:
"Twitter has an open source emoji library called Twemoji. Since the Twitter takeover, anyone working on it has been laid off, so the future of it seems uncertain".
Open source can absolutely make it a security risk. I suggest everyone stick with the KVR emojis.
You do not have the required permissions to view the files attached to this post.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
- KVRAF
- 4873 posts since 19 Apr, 2002 from Utah
This is what I’m seeing too, and it is NOT yet fixed.BertKoor wrote: ↑Wed Apr 10, 2024 1:41 pm test emoji:
I see a test tube emoji character in the editor:
Screenshot 2024-04-10 at 15.48.50.png
It shows as [?] while viewing the posted subject, rendered as an image:and the certificate presented by maxcdn dot com has issues, so nearly no browser will accept that.Code: Select all
https://twemoji.maxcdn.com/2/svg/1f9ea.svg
Long live plain simple ASCII & UniCode...
C/R, dongles & other intrusive copy protection equals less-control & more-hassle for consumers. Company gone-can’t authorize. Limit to # of auths. Instability-ie PACE. Forced internet auths. THE HONEST ARE HASSLED, NOT THE PIRATES.
-
- KVRAF
- 10580 posts since 20 Nov, 2003 from Lost and Spaced
I was just going to post this. Bitdefender goes nuts. They come from : twemoji.maxcdn.com
It says Unmatching Security Certificate.
It says Unmatching Security Certificate.
-
- KVRist
- 323 posts since 1 Jan, 2021
Same on an iPad with Safari, even with Content Blockers turned off.
-
- KVRAF
- Topic Starter
- 18569 posts since 16 Sep, 2001 from Las Vegas,USA
If only there was a sub-forum where we could report issues with this site......
You do not have the required permissions to view the files attached to this post.
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
- KVRAF
- 4873 posts since 19 Apr, 2002 from Utah
I suspect it may be a bug in a new version of the software. I see the same thing happening on another forum I frequent, and the emojis used to work fine there too, but now don’t.
C/R, dongles & other intrusive copy protection equals less-control & more-hassle for consumers. Company gone-can’t authorize. Limit to # of auths. Instability-ie PACE. Forced internet auths. THE HONEST ARE HASSLED, NOT THE PIRATES.
-
gaggle of hermits gaggle of hermits https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=521655
- KVRian
- 965 posts since 18 Jul, 2021
basically, the problem is with images served from maxcdn, because maxcdn has shut down. so it looks as though the ssl certificate has defaulted to the primary domain of whoever owns the domain - and because that doesn't match the url, the browsers no likey: https://github.com/twitter/twemoji/issues/580
to stop the warnings you either need to whitelist the domain in your browser (which is a very bad idea because the chances are the domain will wind up in the hands of spammers and other n'er do wells) or for someone at kvr to write a script to kill the maxcdn urls (or convert them to whatever resource is now hosting deep links to emojis).
or just ban third-party emojis (yay!).
