I just woke my daughter’s laptop, got networkmanager’s notifications of connecting to wired and wireless networks, AND a notification saying authentication or validation (or something similar) was required and an CONTINUE or OK button.
Pressing the button opened firefox at http://networkcheck.kde.org which showed a blank page with OK in the top left corner. Firefox has the noscript extension enabled, so the site possibly was blocked.
Google show no results for this non-https site. What is that? A new virus, trojan, kde going bonkers, what?
Very weird.
On Wed, 21 Jun 2017 20:16:01 +0000, brunomcl wrote:
> Google show no results for this non-https site. What is that? A new
> virus, trojan, kde going bonkers, what?
Looks like just something to check and see if you have a network
connection that works.
Going to the page itself results in an “OK” response. Given that it’s
kde.org, it’s highly unlikely that it’s anything malicious.
Jim
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On Wed, 21 Jun 2017 20:57:51 +0000, Jim Henderson wrote:
> On Wed, 21 Jun 2017 20:16:01 +0000, brunomcl wrote:
>
>> Google show no results for this non-https site. What is that? A new
>> virus, trojan, kde going bonkers, what?
>
> Looks like just something to check and see if you have a network
> connection that works.
>
> Going to the page itself results in an “OK” response. Given that it’s
> kde.org, it’s highly unlikely that it’s anything malicious.
>
> Jim
Indeed, searching for “networkcheck.kde.org” resulted in a number of hits
for me, including this one:
http://git.net/ml/kde-commits/2017-01/msg00200.html
From the comments, it’s intended for captive portal detection (ie, the
thing you get when you log in on a ‘public’ network that asks you to
accept T&Cs before letting you access the Internet).
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
Hmm. I searched for the site itself and looked for networkcheck.kde.org in the results - like when you search for amazon.com, for example, and there’s a green https://www.amazon.com/etc. under most links. So I found strange that it seemed like a non-existent site, if that makes any sense at all. The link you listed, however, is the sixth in google’s list, I should have seen it.
Also it being http instead of https didn’t inspire much confidence.
Since the first post I’ve rebooted and also put the laptop to sleep and wake up. No request to check however.
But I suppose you’re right, there’s no need to worry - much… 
Thanks,
Bruno
On Wed, 21 Jun 2017 22:56:01 +0000, brunomcl wrote:
> hendersj;2827218 Wrote:
>
> Hmm. I searched for the site itself and looked for networkcheck.kde.org
> in the results - like when you search for amazon.com, for example, and
> there’s a green https://www.amazon.com/etc. under most links. So I found
> strange that it seemed like a non-existent site, if that makes any sense
> at all. The link you listed, however, is the sixth in google’s list, I
> should have seen it.
Yeah, I skimmed through the results and saw what looked like a git
entry. Where I work, DNS records are maintained in a local git repo, so
I thought that was most likely what was being done here. 
> Also it being http instead of https didn’t inspire much confidence.
It makes sense, though - if you’re checking for a captive portal, trying
to go to https://www.google.com (for example) will cause some browsers to
throw an error because the SSL certificate isn’t valid for that name.
Using an http address means you don’t have to put in all kinds of
exception handling to handle a potentially invalid certificate.
Especially given how Chrome and other browsers won’t let you bypass
invalid certificates for some sites (like Google). I run into that
regularly when logging in through, say, an Xfinity public hotspot -
because my default is to go to Google to trigger the authentication.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C