fedhow do I block friendica? Friendica allows markup to hide urls, one of the most basic of online safty layers.
Not just an instance, but the branch friendica
Allowing third parties to offer hidden urls to Mastodonians is a great crime. I can't be more clear.
Umm... I'm not sure there is a way to block an entire type of server software.
By the way, do you mean there's a link behind a piece of text? The URL would still be visible if you hover though?
@feditips no hover on devices, and yes, its text, blue as a link, author says yes he can do it
That's a very common link type on the internet though? Pretty much all links are like that.
You should be able to long-press on a link to see more details if you're on a touchscreen.
This is full out, flat out, nonsense.
"Phishing Attacks: The #1 Reason We Say “Don’t Click Links” "
2018 marked the first year since phishing statistics were recorded that compromised accounts had a higher occurrence rate than malware infections. Malware infections generally occur when you download a file or click a link that’s infected. They can also come from a vulnerability in your network that isn’t related to a specific email message.
https://www.safetynet-inc.com/resources/blog/phishing-attacks-do-not-click-links/
I might be missing something?
Can you explain the difference for me between these links and the ordinary links you see on most websites?
https://www.cisa.gov/topics/cyber-threats-and-advisories/malware-phishing-and-ransomware
https://www.getcybersafe.gc.ca/en/blogs/what-phishing-looks-2021
https://www.ivanti.com/blog/9-types-of-phishing-and-ransomware-attacks-and-how-to-identify-them
https://www2.deloitte.com/lu/en/pages/risk/articles/phishing-ransomware-how-to-prevent-threats.html
https://easydmarc.com/blog/ransomware-vs-malware-vs-phishing/
If I am on Time magazines website, and it has a link, under a word in the article, it carries the trust of the site. Time magazine wouldnt itself, and third parties couldnt hide malware under its hidden url. But if 13,000,000 people are hiding links from 10,000 servers we dont know....
I understand that, but there are already ways to see what a link's true URL is by hovering or long-pressing?
Just like emails, the top and preferred method of ransomeware
I'm sorry, I would love to help but I don't understand what the problem is?
Surely all websites and web links are using this same format?
Phishing can be looked up, security professionals could be contacted, research is certainly needed. Automatically exposing any hidden urls in the text of the post, is a helpful protocol.
Doesnt wordpress do that in comments?
Yes, thank you.
@kevinrns @feditips
Depends on if you're talking about blocking that branch for a whole server, or just for yourself.
If just yourself, use GreaseMonkey /TamperMonkey plugins to remove the links that have a missing or blank attribute.
Server side, it's more complicated. You would need to either block file names, or blacklist known freindica sites (set hosts file to 0.0.0.0 for that site name), or parse/filter any included content (but that gets CPU intensive / expensive).
@kevinrns hello, I use Friendica. What do you mean by "hide URL"? Friendica can format the display of URLs, but this is a normal function on the Internet, every website does it. Or am I misunderstanding you?
I can format the link like this:Here is the link to the [url=https://mstdn.social/@kevinrns/110664420029871643]post[/url]
And this is how the output will look like:
Here is the link to the post.
(Since I use Friendca, I don't know exactly how my comment is displayed on Mastodon.)
On emails, websites I have no reason to trust i click no links.
What protection prevents any hidden link on social media publishing to be malware?
Letting randos hide the url is a crime.
It reduces the safety of mastodon to "trusting randos"
It is a huge degrading of Mastodon.
I more than hope this gets a response.
@kevinrns I still don't know exactly what the problem is. Since the internet exists, links are formatted this way, also by Mastodon. Every hashtag, every profile name is a formatted link. Have a look at this post:
This is actually an accessibility issue. Blind people often request a list of links text on the page. If all they get are URLs, they won't be able to tell what following the URL is going to give them. Further, visible URLs may be read strangely by a screen reader.Maybe your idea could be an additional feature, which users could enable/disable in their client.