My trivia league was blocked by Heathrow's airport wifi because of "games/sports". I contacted Boingo, who told me they don't block websites (? okay, so then your client operates a rogue blocklist that uses Boingo headers for the error page -- that's even worse). I also tried contacting some sort of pseudo-government safe browsing list to see if it was their blocklist being used by Heathrow and got no response.
The annoying thing is not the false positives: these things happen, and mostly it's not all that urgent to resolve immediately. The annoying thing is a total lack of obvious appeals process to resolve a false positive. At least the OP's example is on GitHub and thus can easily be issued.
My static home IP was blocked by my new energy supplier.
It took almost 4 months to get through to someone who would accept my problem wasn't forgetting my password.
In the end, I was pointed to their third provider and told "sort it out yourself, not our problem". Thankfully that other company had a reasonable-ish appeals process...
...obviously I got relisted in their db a few times but things seem to have calmed down now.
Ah, "Reputation" and "Threat Intelligence". One of the things I didn't expect but should have after BeyondCorp and Zero Trust is that some people would decide they need to go the exact opposite direction.
Instead of designing our systems as though they all face the hostile public Internet like Google, why not instead police all of the public Internet as though it's our internal network? That way we don't need to adopt any actual security practices. What could go wrong?
As you saw, basically everything, all the time.
I actually moved energy supplier a few months ago. I had a good quote from a new supplier, and when I tried to sign in to see how close the quote from my old supplier was their site wouldn't load in my browser, tried again a day later, no joy. OK cool, bye then.
One of my coworkers ended up blocked because Amazon maintains a block list of bot like users and our WAF was subscribed to it. This coworker was using scrapers for find GTX 3080s.
Surprisingly, Amazon does not block customers they put on this list.
A place I worked blocked Github for "hacking tools." Each new software developer hire had to request access and get it approved by their manager, a process that took a few hours.
The company I work for blocks Google Translate. IT claims it's the default that comes with the filtering software it uses.
Fortunately, since I build multi-lingual web sites, I was able to get an exemption from the security department.
(No, I don't use Google Translate to translate web sites. The company has three internal and two external professional translators for that. But sometimes when I'm copying-and-pasting between versions, I like a little reassurance that what I'm pasting is what I think it is.)
Hah! I have used Google Translate to do some naïve translations. Was creating portlet code that supported i18n, and took a crack at a few of the labels. Much to the amusement of the folks I demoed to, I used the French word for a person's back, not back in the context of navigation.
The funny thing is that they often are blocking the well known sites but don’t block less known and potentially shady sites. I always notice this when I try to download a software I need. Popular sites are blocked but very questionable sites are open.
Ofcom (the UK’s coms regulator) has just announced a review of net neutrality [1]. Which will have some big companies aiming to give themselves more “flexibility”.
Currently however, providers are bound by EU mandates to treat every packet the same (roughly speaking).
Yeah, the airport provides the Internet uplink and contractually it can be as locked-down and broken as they like. Boingo just manages the WiFi infrastructure and payment/login. Usually they're extremely lazy and just use a DNS service with business-style blocking rules and unblock popular stuff one at a time when people notice and complain.
The annoying thing is not the false positives: these things happen, and mostly it's not all that urgent to resolve immediately. The annoying thing is a total lack of obvious appeals process to resolve a false positive. At least the OP's example is on GitHub and thus can easily be issued.