Realizing this blew my mind. Definitely more interesting than following people.
I'd wager you're likely fine if you're using a mobile app when the affected image loads. Also, it appears they're stealing auth tokens.. not passwords or anything. At worst they could impersonate you until your token expires.. but you're not a high value target unless you're an admin of an instance.
What kind of terrible markdown editor allows adding onload scripts to images though.. it's insane.
If it's onload then simply viewing the image runs that script. Yikes.
This is hilariously timed considering the current panic at the hacked instances.
Looks like it's issuing a GET to https://zelensky.zip/save/{ENCODED_JWT_TOKEN_AND_NAV_FLAG}.
The ENCODED_JWT_TOKEN is from btoa(document.cookie+nav_flag) where nav_flag is essentially 'navAdmin' if the account hit is an admin or '' if the user hit is not an admin (it checks if the admin button in the nav exists). Their server is likely logging all incoming requests and they just need to do a quick decoding to get jwt tokens and a flag telling them if it's an admin account.
I'd be hesitant to visit Lemmy on a browser atm 😓
Yep, Lemmy is filling a Reddit-shaped hole. It's a bit different but nice.
Hopefully there's more research done. It doesn't sound like it's "absolutely carcinogenic".
The "radiofrequency electromagnetic fields" associated with using mobile phones are "possibly cancer-causing". Like aspartame, this means there is either limited evidence they can cause cancer in humans, sufficient evidence in animals, or strong evidence about the characteristics.
This is awesome info. There should be a place to document all the nuance around hosting an instance plus some tips and tricks.
For me at least.
Looks like they enforced rate limits an hour before midnight UTC.
The one reserved for residential usage is
home.arpa.https://www.rfc-editor.org/rfc/rfc8375.html