Privacy

43141 readers

1066 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

229

Found this wondering town (lemmy.world)

submitted 2 years ago by InternetCitizen2@lemmy.world to c/privacy@lemmy.ml

43 comments fedilink hide all child comments

I didn't know my city was cool enough to put signal flyers.

you are viewing a single comment's thread
view the rest of the comments

[–] TaviRider@reddthat.com 71 points 2 years ago (4 children)

I still wouldn’t trust it because of homograph attacks.

[–] hashferret@lemmy.world 30 points 2 years ago (2 children)

Respectfully I think this is a minimal attack vector in this case due to the limited character set of urls. But thanks for the callout, I didn't know there was a name for this sort of attack.

[–] Lichtblitz@discuss.tchncs.de 22 points 2 years ago* (last edited 2 years ago) (1 children)

Modern browsers happily show you the actual characters, while sending their encoded entities to the server. So, from a user perspective there is no ASCII limitation. Case in point: söhne.at (just some random website, I have no idea what they are or if they are legitimate)

[–] gila@lemm.ee 6 points 2 years ago (1 children)

They'd still resolve via DNS to an address in ASCII though, right? Wouldn't that only be an issue if ICANN didn't have a monopoly on DNS registration? i.e what we already depend on for a semblance of convenience without totally compromising opsec

[–] qaz@lemmy.world 9 points 2 years ago* (last edited 2 years ago)

It utilizes punycode under the hood. The actual DNS entries still use ASCII.

[–] qaz@lemmy.world 13 points 2 years ago

Punycode enables you to encode any Unicode character as ASCII. Almost all browsers support this.

[–] 4stringscooter@lemmy.ml 9 points 2 years ago (1 children)

Or xss/sqli/etc attacks on vulnerable sites that don't sanitize url query parameters

[–] 4stringscooter@lemmy.ml 14 points 2 years ago

Or maybe a fraudulent signal app.

I mean, generally speaking, just don't click on random links. This is a random link. Qr codes are valuable but we're conditioning society to just be cool with clicking on random shit without putting much thought into it.

[–] captain_aggravated@sh.itjust.works 6 points 2 years ago* (last edited 2 years ago)

Oh is that like bankofarnerica.com or whatever, hoping the r and n look enough like an m for at least some people to click?

edit: under absolutely no circumstances click on the above link. Your bank will be robbed and your foreskin soldered shut. To very don't.

[–] InternetCitizen2@lemmy.world 5 points 2 years ago

That's fair