551
top 50 comments
sorted by: hot top controversial new old
[-] gerryflap@feddit.nl 168 points 10 months ago

Seems like a good idea to put that there. People who know what they're doing won't be bothered by it, but it might save a few people from getting hacked

[-] Blackmist@feddit.uk 31 points 10 months ago

Yeah, but when a man really wants to see some Instagram models private nudes, he'll ignore all those warnings and then some.

You see it all the time with banking, where somebody has literally had the bank ring them up to ask them if they really know the person they're sending money to, and that they think they're being scammed, and they push on regardless getting angry with the bank, only to be all surprise Pikachu in the papers when they are, unsurprisingly enough, scammed.

[-] limelight79@lemm.ee 11 points 10 months ago

Years ago, when one of those emails with the malicious links was going around (I forget which one), one of our coworkers clicked on it. This one promised pictures of cute kittens. She later said she knew it was fake, but she was hoping she'd still get to see the picture of the kittens...

[-] Thavron@lemmy.ca 3 points 10 months ago

Honestly if you're going to scam someone with the promise of cute kitten pictures, you could at least look up some pictures.

[-] Rhynoplaz@lemmy.world 9 points 10 months ago

They just put that there so I can't see the titties!

[-] Honytawk@lemmy.zip 4 points 10 months ago

Just put some ascii tiddies in the code as well

[-] lagomorphlecture@lemm.ee 8 points 10 months ago

When the cashier at Walmart gets all concerned and asks why you need 50 iTunes gift cards you should stop and think for a second.

[-] tillary@sh.itjust.works 154 points 10 months ago

I'm admiring the ASCII art - great usage of different characters to smoothe out the outline of the text

[-] shasta@lemm.ee 23 points 10 months ago

Probably generated by a bot

[-] doesnt_use_lemmy@lemmings.world 90 points 10 months ago

Somebody had to program that bot! They still sat down and did the hard work of getting it smooth, but for every character

[-] nailbar@sopuli.xyz 4 points 10 months ago* (last edited 10 months ago)

Ah, but you can have a bot do that too

[-] adoth@lemmy.world 5 points 10 months ago

Somebody had to program that bot too!

[-] intensely_human@lemm.ee 2 points 10 months ago

Not if there's a bot building bot for that

[-] doesnt_use_lemmy@lemmings.world 1 points 10 months ago

Hmmm, I see your point. Touché.

load more comments (2 replies)
[-] idunnololz@lemmy.world 10 points 10 months ago
[-] EdibleFriend@lemmy.world 7 points 10 months ago

Oh? Let's test this. THIS STATEMENT IS A LIE

don't think about it don't think about it don't think about it don't think about it

[-] papalonian@lemmy.world 4 points 10 months ago

Hmmm.. uh, true, gonna go true on that one.

[-] Arthur_Leywin@lemmy.world 1 points 10 months ago
[-] intensely_human@lemm.ee 1 points 10 months ago

The thing that nobody would have predicted about AI was that it lacked even the coherence of mind to recognize these logical puzzles, let alone be broken by them.

[-] intensely_human@lemm.ee 7 points 10 months ago

Generated by a function, come on

[-] ElectricMoose@lemmy.world 71 points 10 months ago

Hacker: That's ok, we don't want you to paste stuff in there, we just want you to send us your cookies. It's not like you're eating them anyway…

[-] doctorcrimson@lemmy.today 13 points 10 months ago

Hey once your logged in, can I have that unique identifier over there? It's for science. ;>

[-] RobotToaster@mander.xyz 51 points 10 months ago

Yeah, you see this on a few sites.

[-] pineapplelover@lemm.ee 4 points 10 months ago

Think discord has it as well

[-] lurch@sh.itjust.works 45 points 10 months ago

reddit had a recruitment ad in it, once

[-] wahming@monyet.cc 22 points 10 months ago

Now they'll just try and charge you a fee to mess with it instead

[-] MP3Martin@programming.dev 5 points 10 months ago

Discord does that

[-] glibg10b@lemmy.ml 34 points 10 months ago

Firefox has a built-in warning against pasting. I think Chromium too. I don't think they warn about account theft, though.

[-] gornius@lemmy.world 15 points 10 months ago

Chromium now requires you to type a string inside the console before it lets you paste anything.

[-] glibg10b@lemmy.ml 29 points 10 months ago

Firefox as well:

⚠️ Scam Warning: Take care when pasting things you don’t understand. This could allow attackers to steal your identity or take control of your computer. Please type ‘allow pasting’ below (no need to press enter) to allow pasting.

[-] mvirts@lemmy.world 21 points 10 months ago

Soon browsers will require you to implement fizzbuzz in the console before enabling paste 😅

[-] Oszilloraptor@feddit.de 6 points 10 months ago

Honestly, a Modulo-Captcha wouldn't be that bad of an idea?

Sure, it's not really "non-dev-proof"; but I guess a simple "To enable pasting, please type result to the following formula: 5%3" would at least stop some people that will glady ignore the warning because obviously nobody wants to let you hack other Facebook accounts, but those guys told me it's fine - but will already be confused and then feel smart by entering 0.15 because 5% of 3 is 0.15 ... and wonder why it doesn't work

[-] bamboo@lemmy.blahaj.zone 10 points 10 months ago

Before you try to enable enable vim mode in Obsidian, you're prompted to show you know how to exit vim before continuing.

[-] brbposting@sh.itjust.works 4 points 10 months ago

What would a pasting attack look like and how would it work?

[-] glibg10b@lemmy.ml 9 points 10 months ago* (last edited 10 months ago)

JavaScript can be used to get your password (if you enter it somewhere after pasting) or a session token, which gives an attacker temporary access to your account, unless a website is designed well enough to suspect that the attacker is not you.

[-] Black616Angel@feddit.de 9 points 10 months ago

Now what most people don't know is that websites can insert arbitrary text when you copy stuff of them. A malicious site will abuse that.

It works like that:

You follow a tutorial online or search for a code snippet. You copy some code/said snippet and paste it into a terminal or the browser command line. This copied text is altered by the site to be a one line command to install malware or grab passwords or cookies. All of that is followed by a line break and maybe your real command to lower suspicion.

Some of the terminal or browser shells interpret a line break in the copied text as enter which then executes the command.

To prevent that, get a shell, that doesn't just execute what you paste (fish shell) or a terminal program, that warns you about line breaks (Moba xterm).
And please check text from unknown sites before pasting it into a program that may execute it right away. (Just paste it into a text editor or look at your clipboard manager like Win+V in windows)

[-] brbposting@sh.itjust.works 2 points 9 months ago

Great info. Thank you!

[-] Kerb@discuss.tchncs.de 3 points 10 months ago* (last edited 10 months ago)

they even straight up disable pasting until you reenable it.

and both browsers warned about identity theft in the error message when i tried it.

[-] dipshit@lemmy.world 23 points 10 months ago

With access to front-end javascript comes great responsibility.

[-] TheCheddarCheese@lemmy.world 19 points 10 months ago
[-] spookex@lemmy.world 5 points 10 months ago

Yep, that's the first place where I saw something like that

[-] KSPAtlas@sopuli.xyz 15 points 10 months ago

Lots of sites have this, I'd assume its common security practice for large sites where scammers are aplenty

[-] MonkderZweite@feddit.ch 2 points 10 months ago* (last edited 10 months ago)

But .tsx, i don't know...

load more comments
view more: next ›
this post was submitted on 12 Feb 2024
551 points (99.3% liked)

Mildly Interesting

17350 readers
4 users here now

This is for strictly mildly interesting material. If it's too interesting, it doesn't belong. If it's not interesting, it doesn't belong.

This is obviously an objective criteria, so the mods are always right. Or maybe mildly right? Ahh.. what do we know?

Just post some stuff and don't spam.

founded 2 years ago
MODERATORS