Community interest post by SmolSlime in c/askburggit@burggit.moe
[-] SmolSlime@burggit.moe 3 points 1 year ago* (last edited 1 year ago)

Lol I'm quite surprised there are actually queer people here. I assumed since this is a, well, free speech Lemmy instance, this place would be filled with anti-LGBT people. So I minimized talking about it here.

ILLUSION close up shop by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 3 points 1 year ago

Damn, didn't expect them to close

Beware of clicking on links in all Lemmy instances by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 3 points 1 year ago

That's great news! I just made this post as an additional warning to other users who browse other instances, since the previous post only mentioned sidebar exploit.

can the lemmy apps block instances? I can't get burggit to load on memmy or wefwef all the sudden. by SmolSlime in c/askburggit@burggit.moe
[-] SmolSlime@burggit.moe 3 points 1 year ago

Is that so? I read that roughly a month ago, when there was a Reddit blackout and Jerboa was still very new. Maybe they changed it or I mistook it for another app.

6
Beware of clicking on links in all Lemmy instances (burggit.moe)
submitted 1 year ago* (last edited 1 year ago) by SmolSlime@burggit.moe to c/general@burggit.moe
7 comments fedilink

There's a JavaScript injection exploit going on. Apparently the exploit also works on comments, just by embedding an image and adding some JS code in it. I don't know if this could steal the entire cookies or just the website's, but just to be safe don't randomly click every link.

The post below is copy pasted from https://kbin.social/m/android@lemdro.id/t/168524/Lemmy-world-and-another-instance-have-been-compromised#entry-comment-661712

Some information I have posted to Lemmy.World:

I am not a super code-literate person so bare with me on this… But. Still please becareful. There appears to be a vulnerability.

Users are posting images like the following:

imgur.com/a/RS4iAeI

And inside hidden is JavaScript code that when executed can take cookie information and send it to a URL address.

Among other things. At this time if you see an image please click the icon circled before clicking the link. DO NOT CLICK THE IMAGE. If you see anything suspicious, please report it immediately. It is better a false report than a missed one.

I have seen multiple posts by these people during the attack. It is most certainly related to JS.

Lemmy.world hacked, redirects to lemonparty. by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 2 points 1 year ago

Uh oh.... They said it's a cookie stealer and it even works on comments.

can the lemmy apps block instances? I can't get burggit to load on memmy or wefwef all the sudden. by SmolSlime in c/askburggit@burggit.moe
[-] SmolSlime@burggit.moe 5 points 1 year ago

Some apps block Burggit by hardcoding it. IIRC Jerboa also did it, but someone made a fork without the block.

Everyone here tired of so many services requiring phone verification? by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 3 points 1 year ago

Thanks for that link. I've been looking for that kind of service but I don't trust the websites that show up in search engine's top results.

Everyone here tired of so many services requiring phone verification? by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 3 points 1 year ago* (last edited 1 year ago)

Yeah phone number kinda sucks here ever since it requires your govt. ID just to register. Back then I could just buy any random number and activate it.

I actually paid an sms verification website

What service did you use? I'm looking for similar service but I don't trust recommendation from articles enough.

Everyone here tired of so many services requiring phone verification? by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 8 points 1 year ago* (last edited 1 year ago)

That's what I'd love to do, but everyone and their grandma keeps making communities in Discord.

25
Everyone here tired of so many services requiring phone verification? (burggit.moe)
submitted 1 year ago by SmolSlime@burggit.moe to c/general@burggit.moe
25 comments fedilink

This is my old account that I just logged in today. Just joined a server and Discord asked for email verification. Okay, that's not hard, thankfully Discord doesn't restrict email to only big providers. But then suddenly DIscord asked to verify by phone number, because "something is out of ordinary". What's out of ordinary from that??? Joining a server > Discord asks to verify > I verify.

I was losing my mind seeing people suggesting moving to Discord when Rexxit happened. Like WTF, it's even worse than Reddit. Non-indexable content, worse privacy, needing account just to access the said content, etc.

I really hate how services nowadays require your phone number just to use their service. Unfortunately most people just don't care of privacy, thanks to "I have nothing to hide" mindset.

Disgusting by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 7 points 1 year ago

Apparently a lot of people, judging by how popular Threads gets just in a few days.

It's been about a week. What's your opinion on Open Registrations? by SmolSlime in c/general@burggit.moe
[-] SmolSlime@burggit.moe 2 points 1 year ago

I didn't even know you changed the registration. It still feels the same to me here. Not sure if that's a good thing or not.

What is your personal opinion on Threads implementing ActivityPub? by SmolSlime in c/askburggit@burggit.moe
[-] SmolSlime@burggit.moe 9 points 1 year ago* (last edited 1 year ago)

Kinda worrying tbh. With Meta being Meta, I'm afraid they're trying to capitalize the whole Fediverse and farming more data at the same time. I really hope other instances start defederating them. Let them be their own walled garden.

view more: next ›

SmolSlime

joined 1 year ago