Single post
jump to replies
(open profile)
one of these is real, the other will get you hacked. can you tell them apart?
21 visible replies; 8 more replies hidden or not public
back to top
(open profile)
@sunny One is obviously trying to run something. The other is so suspicious that I would still never do it.
(open profile)
@sunny not doing either of those things, nu-uh!
(open profile)
@sunny trick question they both get you hacked, just one comes with extra steps
,
@renard@equestria.social
@sunny imagine being unable to pass captchas on the internet because you do not run Google's DRMs on your personal phone
(open profile)
@sunny I wouldn’t touch any of them without biohazard gloves
(open profile)
@sunny yeah I love how dreadfully put-together genuine messages can be, also. My dentist sends the most this-must-be-nefarious type messages when they need extra info. No wonder ppl have trouble telling them apart.
(open profile)
Both will eventually get you hacked since it's trivial to clone the real one.
(open profile)
@sunny that “cloudflare” one is definitely bad. There is zero chance I’m going to scan some random QR code to “verify” I’m human either though 🤮
(open profile)
@sunny I wouldn't cooperate with either of these tbh
(open profile)
@sunny
Hey browser makers, weren't you supposed to be running in a sandbox? You realize that the clipboard is outside the sandbox, right?
And that everyone who cares about security was warning you that allowing Javascript to access the clipboard was a security hole decades ago?
So, how many of you still haven't fixed this glaring hole?
(open profile)
@sunny I positively ID the left as click fix - though I’d be very suspicious of the second one too.
(open profile)
@sunny on both I would immediately disembark of whatever I was trying to do
(open profile)
@sunny I wouldn't trust either of them, but telling me to do Win+R is a big hell no.
(open profile)
@sunny first one is the real one
(open profile)
@sunny Both are malicious
(open profile)
But only because I work in IT and do such shit for a living.
more relevant question: can you formulate a single sentence criterion on how stupid users should tell those apart?
And I'd say that's impossible.
Worse: any that I came up with would rather recognize the wrong one as malicious.
(open profile)
,
@number6@fosstodon.org
The hacker left off a step.
The one on the left will give you a serious sounding warning that what you are about to do could hurt your system.
So a sentence about, "If you receive a message saying you might be hurting your system, stop, and contact IT immediately." might help.
The one on the right could be malware, but either the Stores have to be compromised, or you will need to side-load an app, which is non-trivial for most users.
(open profile)
@sunny One gives RCE, all my data and likely my identity to some botnet or ransomware group, the other gives the same to a surveillance tech monopolist corp that abandoned even pretending to "not be evil"
At this point i would definitely put more trust in the first one. Ransomware gangs at least give you customer support after locking you out of your digital life 💀
(open profile)
@sunny
Is this a trick question?
In both cases you end up hacked; it is just a question of who is doing the hacking and do o you really care? Your privacy is gone.
(open profile)
ok so you just can't proceed if you don't have a very new android or ios device?