[LLVMdev] LLD improvement plan

David Blaikie dblaikie at gmail.com
Wed May 27 10:54:19 PDT 2015 

On Wed, May 27, 2015 at 9:56 AM, Reid Kleckner <rnk at google.com> wrote:

> I think I found the problem:
> https://opia.illinois.edu/content/targeted-attack-protection-tuning
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__opia.illinois.edu_content_targeted-2Dattack-2Dprotection-2Dtuning&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=Mfk2qtn1LTDThVkh6-oGglNfMADXfJdty4_bhmuhMHA&m=pyqOZZ6H4FRzC6FoXgbrqI80GKcuvyHIFfCMdrDHDIk&s=NIkJf2Vrf1men7PeqZKFwdcO7M-9jKFpHyNop3y0eww&e=>
>
> UIUC is apparently rewriting HTML links in emails to redirect through
> urldefense.proofpoint.com. This is visible in my version of Rui's email.
>

Richard Trieu filed a bug in llvm.org/bugs that emails from the bug
database are getting similar treatment, FWIW.

I don't think it's assuming maliciousness, just tracking everything most
likely.


>
> On Wed, May 27, 2015 at 9:36 AM, Rui Ueyama <ruiu at google.com> wrote:
>
>> I sent the mail from Gmail. I checked the source using the Gmail "show
>> original" mode (which displays a mail in plain text including headers and
>> all MIME sections) from a different computer, but I cannot find that URL. I
>> cannot check an email copy that the mailing list server sent back because
>> Gmail automatically de-dup emails, which is annoying, but I think it's
>> unlikely that my machine is infected from evidences I've seen so far. Maybe
>> a mail transfer agent in between Gmail to you inserted the link? I'd
>> appreciate if you can forward the mail including headers to me.
>>
>> On Wed, May 27, 2015 at 9:12 AM, David Chisnall <
>> David.Chisnall at cl.cam.ac.uk> wrote:
>>
>>> On 27 May 2015, at 16:49, Rui Ueyama <ruiu at google.com> wrote:
>>> >
>>> > David,
>>> >
>>> > The link works fine with my Mac and Android. The source of the mail
>>> looks okay to me (I verified that from a different machine than the one I
>>> sent the mail). You may want to check your browser or proxy?
>>>
>>> It’s correct in the plain-text version of the mail.  The HTML MIME part
>>> contains this:
>>>
>>> <a href=3D"
>>> https://urldefense.proofpoint.com/v2/url?u=3Dhttp-3A__reviews=
>>>
>>> .llvm.org_D10036&d=3DAwMFaQ&c=3D8hUWFZcy2Z-Za5rBPlktOQ&r=3DMfk2qtn1LTDThVkh=
>>>
>>> 6-oGglNfMADXfJdty4_bhmuhMHA&m=3D8dYF1obzqNfZvfOxlk7H-g8VUfu1ZyS0GdcCWRkWxCk=
>>> &s=3DRu6670O4y8SpAwlp17gVmI7BLz3mIY7gs1Irvo9iDRw&e=3D">
>>> http://reviews.llvm.
>>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__reviews.llvm.&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=Mfk2qtn1LTDThVkh6-oGglNfMADXfJdty4_bhmuhMHA&m=UxTA9_ALGj6dP9lASAs-vE6FoBX_s9ZbD803t-a4XQA&s=Ubr9G2mEli5qzBQAq5lmtafexJu4OZ_lw4HIpfG_QKM&e=>
>>> =
>>> org/D10036</a>
>>>
>>> Apparently they’re not malicious, but I find it somewhat unnerving when
>>> the URL that I click on turns out not to be the one that the mouseover text
>>> pops up.  If you feel the need to insert a redirection link, I’d very much
>>> appreciate it if you would post the full link in the text version, as well
>>> as the href.  If, on the other hand, you are unaware that your computer is
>>> doing this, then I would encourage you to work out what it is and that it
>>> is not malicious.
>>>
>>> The archives only include the plain text version, not the HTML copy, so
>>> will not see this.
>>>
>>> David
>>>
>>>
>>
>> _______________________________________________
>> LLVM Developers mailing list
>> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>>
>>
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20150527/07f4655e/attachment.html>

More information about the llvm-dev mailing list