this post was submitted on 10 Jul 2023
324 points (98.5% liked)

Android

17625 readers
73 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

πŸ”—Universal Link: [email protected]

πŸ’‘Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: [email protected]

For fresh communities, lemmy apps, and instance updates: [email protected]

πŸ’¬Matrix Chat

πŸ’¬Telegram channels / chats

πŸ“°Our communities below

Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to [email protected].

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to [email protected].

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
324
Lemmy.world and another instance have been compromised (lemdro.id)
submitted 1 year ago by [email protected] to c/[email protected]
80 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.ml/post/1895271

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?

edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 35 points 1 year ago (1 children)

Deeply unfortunate that something like this could happen, you always hope that code injection vulnerabilities are found before someone is hacked. With that in mind, this shows the importance of two security principles: always parse and clean user input and don't click links (including images) before checking where they are going to send you.

[–] [email protected] 17 points 1 year ago (2 children)

This used an onLoad which isn't generally shown when you hover over a link in a browser. Most people, even devs, aren't going to jump on the console to check every link.

NoScript would probably have helped though.

[–] [email protected] 30 points 1 year ago

What kind of terrible markdown editor allows adding onload scripts to images though.. it's insane.

[–] [email protected] 16 points 1 year ago (1 children)

Also doesn't help when using mobile and there's no hover over

[–] [email protected] 4 points 1 year ago (2 children)

You can usually click and hold on mobile and an popup will appear showing the link (I think) - or you can click and hold and copy the link and paste it somewhere to see where it's going to go.

[–] [email protected] 3 points 1 year ago

You can, yes, but it's not the sort of thing most do before taping. The hover-over is passive.

[–] [email protected] 1 points 1 year ago

Yeah good luck.