FA+
Shop
About those embedding links people use for a lot of servi...
2 years ago
General
So... i know it is well common practice to use these... "mirrors" by now...
But am i not the only person who was taught to be super suspicious and careful with everything on the internet?
Im talking of things like vx.twitter and fxraffinity for example.
Why is it now that, after 20 years of being told to be super careful about what the url says and domains that its suddenly acceptable to just blindly accept URL modifications?
I fully understand that these projects have fully transparent Github projects and the like, but i feel like its just bad practice to start accepting URL modifications as the norm.
All it takes is one bad apple to make an embed mirror similar to what we have now, people blindly click it because embed mirrors have become the norm but the site just redirects to a recreation of Furafflnity with a login prompt. Bam, hundreds possibly thousands of people get pwned before the news spreads.
Alternatively, the owners of the well known domains either get compromised, get bored of their project or it was all a bait and switch from the beginning, make a subtle change to how their domain works and accounts are lost again.
All this risk, so you dont have to copy/paste the image and link yourself? heck dragging an image into discord or telegram then dragging the url into the message as well is probably not that much slower than copying the url then adding vx / fx. (maybe quicker on mobile, lmao)
Anyway, just my two cents... Stay safe out there peeps, maybe if you do use these vx/fx mirror sites to make embeds work just... be safe about it, make sure if you do click on the link, that you land at the correct domain before you take any actions!
But am i not the only person who was taught to be super suspicious and careful with everything on the internet?
Im talking of things like vx.twitter and fxraffinity for example.
Why is it now that, after 20 years of being told to be super careful about what the url says and domains that its suddenly acceptable to just blindly accept URL modifications?
I fully understand that these projects have fully transparent Github projects and the like, but i feel like its just bad practice to start accepting URL modifications as the norm.
All it takes is one bad apple to make an embed mirror similar to what we have now, people blindly click it because embed mirrors have become the norm but the site just redirects to a recreation of Furafflnity with a login prompt. Bam, hundreds possibly thousands of people get pwned before the news spreads.
Alternatively, the owners of the well known domains either get compromised, get bored of their project or it was all a bait and switch from the beginning, make a subtle change to how their domain works and accounts are lost again.
All this risk, so you dont have to copy/paste the image and link yourself? heck dragging an image into discord or telegram then dragging the url into the message as well is probably not that much slower than copying the url then adding vx / fx. (maybe quicker on mobile, lmao)
Anyway, just my two cents... Stay safe out there peeps, maybe if you do use these vx/fx mirror sites to make embeds work just... be safe about it, make sure if you do click on the link, that you land at the correct domain before you take any actions!
To fix the problem? fxtwitter.com. A website specifically designed to improve the Discord/Telegram experience. I guess it turned into a pet project and has been used to work with a lot of sites: Furaffinity, Pixiv, Deviantart, etc. Discord and Telegram could fix the problem themselves but they choose not to.
Ultimately though, these sites exist to improve the usage of certain apps. You can put as much blame on twitter or Discord for taking that feature away and creating the desire for these helper sites.
Everyone is like, adblock this, VPN that, password manager that, etc etc, but a service offers a minor convenience? Hell yeah we'll ignore the security risks.
On the other hand, the projects are open source, and just like with fxtwitter, people who know will find out about changes and put the creator on blast if it gets some dubious changes.
Of course, what's to stop the developer from having a DIFFERENT project being hosted vs what's on github?
It's confusing cause I even find myself just being more lax about stuff, versus around the early/mid 2000s.
Even imgur was serving malware at one point so this is a legitimate risk.
These helper sites are definitely helpful and I use them, but I also understand the concerns.
> Of course, what's to stop the developer from having a DIFFERENT project being hosted vs what's on github?