/*## (c) SECURITY EXPLORATIONS    2025 Poland                                #*/
/*##     https://security-explorations.com                                   #*/
/*## (c) AG Security Research     2019-2025 Poland                           #*/
/*##     https://agsecurityresearch.com                                      #*/

This file is not available for download any more in order to maintain continuous
operation of Security Explorations website (https://security-explorations.com).

Since Sep 2022, we've been relying on Google Cloud and its Firebase service in
particular for website hosting. Unfortunately, for some unknown reasons Google
Cloud automation started to flag some of our 10+ years old Proof of Concept
codes as potentially malicious. As a result, some severe disruption of our
website operation took place (such as suspension of whole site operation in
particular).

Some past suspension along a major incident we experienced from Oct 16, 2025
till Oct 21, 2025 is described in this Full Disclosure mailing list post:

"Google Firebase hosting suspension / "malware distribution" bypass"
https://seclists.org/fulldisclosure/2025/Oct/13

Additionally, on Oct 28, 2025 Google automation applied restrictions on a more
global level to our account. As a result, all of our projects were suspended,
we also lost access to them (we couldn't modify their content). The suspension
revealed questionable operation of Google Cloud scanning such as flagging URLs
with respect to projects which were not hosting target files at all.

While the issue has been successfully resolved on the same day (Oct 28, 2025),
per information received from the company:
1) "there is no way to white list our account to allow us to host whatever we
    want without being flagged either. Basically, after a while Google will
    enforce on the Project / GAIA level and this is working as intended because
    it helps keep Google customers safe",
2) "if we keep hosting these malicious entities, and they keep getting flagged,
    eventually our account will get enforced again".

The following contains the list of URLs, which are not available for download
any more from our website for the reasons depicted above (to avoid flagging /
website suspension by Google):
 
https://security-explorations.com/materials/se-2012-01-69.2.zip
https://security-explorations.com/materials/se-2014-02-32-34.zip
https://security-explorations.com/materials/se-2014-02-codes.zip
https://security-explorations.com/materials/se-2012-01-rmi.zip

It's worth to note that:
a) Google started to flag some of our POC codes in Aug 2024, nearly 2 years
   following their presence in Google Cloud / as part of our website hosting
   project,
b) Google neither provided us with any explanation / rationale for flagging
   10+ years old Proof of Concept Codes for the issues addressed by vendors,
   nor the reasons for the apparent violation of its Cloud Policies / TOS
   ("hosting, distributing, or facilitating the distribution of malware,
   unwanted software, or viruses")
c) among files flagged by Google as potentially malicious, there are Proof of
   Concept codes illustrating security issues found in Google's own App Engine
   for Java