Hello!
I’ve been using Greenbone source/community edition for years now. Either on Kali or just on a stand alone Ubuntu. Since a little while back, there is now an annoying spam-like popup every time I login to the web gui, nagging me about buying enterprise license. I’ve been looking around trying to confirm and permanently close this, but nope.
Has anyone found a way to remove this nagware-like popup?
Not only is the popup annoying nagware, it is also incorrect and trying to scare you into buying using FOMO (Fear of missing out). The paid enterprise feed does NOT have 60% more vulnerabilities (I’ve checked and compared).
@xaero ok. you can easily disable this “notification from sourcecode, if needed”
root@ip-172-31-43-237:~# grep -Ri ‘Learn’ *
gsa/public/locales/gsa-en.json: “Learn more”: “Learn more”,
gsa/public/locales/gsa-de.json: “Learn more”: “Mehr dazu”,
gsa/public/locales/gsa-zh_TW.json: “Learn more”: “”,
gsa/public/locales/gsa-zh_CN.json: “Learn more”: “”,
gsa/src/web/pages/login/notifications/CommunityFeedUsageNotification.tsx: aria-label=“Learn more about feed comparison”
gsa/src/web/pages/login/notifications/CommunityFeedUsageNotification.tsx: {_(‘Learn more’)}
root@ip-172-31-43-237:~# less gsa/src/web/pages/login/notifications/CommunityFeedUsageNotification.tsx
root@ip-172-31-43-237:~#
I think it located in CommunityFeedUsageNotification.tsx
Eero
Thanks a lot for the effort, I will try this tomorrow when I get to work
@xaero looks like it requires recompilation of gsa(d) package.
if you are using kali linux, then I can provide instructions and or package that remove that ”nag”
Eero
I have both Kali and Ubuntu. I have the nag on both of them
@xaero please test script and report me back. if issue is fixed, then close thread as resolved.
Eero
Thank you @xaero and @Eero , it should not be doing this (it should only show up one time post-install, not each time it’s run) and I have submitted an internal request for a bugfix.
Eero, sorry for late reply. We had 2 very busy days! I did not use your script, so I did not get to test it, but I did what you did and grepped files and just nerfed it manually. I do want to thank you for your effort!
@xaero good. I don’t understand why ad windows are added to open source. They can be removed very easily.
Eero
As mentioned before, I nerfed the spam-nag-popup manually. Today I updated my Greenbone on Kali, and the spam-nag is back. And it’s there every time I login. I understand you guys want to sell your premium feed, but this is ridiculous. The info in the spam-popup isn’t even true. It’s shady FOMO marketing.
Hi @xaero ,
I know this is frustrating. It should be fixed with the next community version release, at least to only appear one time after install and then not come back (edit- once per used browser). I will also ask about the message on it. It will take some time from our release to propagate to different distributions so it will still be around for a bit. But again, I do understand this is annoying.
While not involved in this topic at all (like anyone else active in this forums) only a remark on these:
This could be also a misinterpretation of the message because the message itself is actually stating:
Over 60% of all relevant exploits remain hidden.
which is IIUC not the same as “it has 60% more vulnerabilities”.
Once per used browser. There is now also a setting gmp.settings.enableCommunityFeedNotification – which allows the notification to be disabled. This is good
Eero
Thank you @Eero for the more accurate phrasing (I edited my other post).
To someone working in IT security, all vulnerabilities are relevant, which means the message reads that the enterprise feed has 60% more exploits, which is false and very questionable FOMO marketing.
I guess there the misunderstanding could originating from then:
For example a vulnerability which is from 1999 for a 3rd party product which can be only installed on Windows NT 4.0 is not relevant anymore these days.
But i guess there is no point in continuing this discussion about the message here as the responsible team / person who had created this message is unlikely reading or commenting on this discussion (as very very unlikely active here) and it seems it can also interpreted in multiple different ways.
