top | item 42230895

(no title)

h4x0rr | 1 year ago

Anyone else feels like this will be abused for phishing and/or malware distribution?

discuss

is there any hosting site that isn't? feels like a computing law at this point; if you build a hosting site, someone will try to use it for malicious purposes.

EGreg|1 year ago

Can’t you just make the hosting site features only be for real purposes?

Like a link shortener which only forwards to a domain that matches the subdomain? Or only for watching videos and collecting metrics etc.

kuschku|1 year ago

It will be. We had the same issue with Matrix attachments.

Arathorn|1 year ago

got fixed by https://github.com/matrix-org/matrix-spec-proposals/blob/mai... fwiw

bigfatkitten|1 year ago

It'll take about 5 mins for that to happen and then for *.bsky.network to start getting blocked by Google Safe Browsing, Palo Alto, Bluecoat etc.

remram|1 year ago

I don't see how. This is a direct link to the author's bluesky server (PDS) so of course it is controlled by them.

nicky0|1 year ago

The link in question (linked from the the sumbitted link) is `porcini.us-east.host.bsky.network`. That's hosted by bsky, isn't it?

benatkin|1 year ago

Lack of moderation combined with an offical-sounding domain name.

This would have to get the user to follow a link or call a phone number or something though. These are plausible. It's too bad the content-security-policy can't prevent following links.

ndjdjddjsjj|1 year ago

Phish could be this:

$inane_marketing_trope

...

Click here to Unsubscribe from Bluesky

https://porcini.us-east.host.bsky.network/xrpc/com.atproto.s...

...

Redirects to bad site.

unknown|1 year ago

[deleted]

ineedaj0b|1 year ago

hehehe. I pinned it to the top research ideas. I'll get back to you on this