Strange behaviour for FFUpdater.
"An older version is available. Do you want to downgrade?"

Oh yes, a few more things.

On the login page, there is a <link rel="icon"> element containing a tracking string. So they may be collecting statistics of how many people go as far as to open that page.

Domain names are very recent (created a few days ago), which is of course highly suspicious.

And of course they escaped the whole HTML code and run document.write(unescape) inside a Javascript block. Typical!

Show thread

Anatomy of the <we-are-cpanel-you-should-update> scam.

1- Scammers send a forged email allegedly from your own domain, to any of your admin@, webmaster@, info@, postmaster@… address.

2- They claim to be about to deactivate your account, with a lame excuse.

3- The link is a small HTML page with a http-equiv="REFRESH" redirect instruction.

4- It brings you to a login screen that mimics the real cpanel website.

5- Basically, they want your login and password, to take over your website.

I found this in the filtered comments of a WordPress instance.

"Thanks for finally talking about > blog_title < Loved it!"

Looks like people who create spamming bots cannot even use variables properly. 😄

"mail‌.‌com respects your privacy. To learn more, please read our ‌Privacy Policy."

Guess what? The link to the privacy policy contains a long tracking string.

Another "creative" attack.

Somebody pretending to write on behalf of cPanel, informing about an alleged update of their privacy policy, in the name of GDPR compliance.

Attached is an HTML containing Javascript looking like this:

document.write(unescape('%3c%6c%69%6e%6b%20%72%65…

#FOSDEM succeeded to run a online conference with over 8000 participants with completely #FreeSoftware (#OpenSource).

Big thanks to the #FOSDEM and the #Matrix team!

This is breaking my heart:

# uptime
12:13:37 up 364 days, 13:57

And I had to reboot it now.
Didn’t even reach 1 year. 😭

This has been a recurring issue with F-Droid: after you have properly updated all your apps, sometimes the notification badge won’t go away and will still catch your attention.

The first version of was released 16 years ago, on October 20.

The other day I was teaching algorithms to a group of 12 years old children.

Namely how to calculate leap years, why 2100 will not be a leap year while the year 2400 will, and so on.

Suddenly, several kids exclaimed: "Why bother? After all, by 2100 there will be mass extinctions because of change, none of us will be left to see that."

It always looks good in a console.
You can add it to your motd if you want.

echo "My name is "`pwgen -s 128 1`", how are you?"

on a device. 🙄
I still haven’t found a legitimate reason why Galaxy Store needs those permissions.

WAIT, I AM ABLE TO MAKE
XKCD WITH CUSTOM EMOJI?
:blank: :balloonline_s: :blank: ALWAYS HAVE BEEN
:blank: :balloonline_s: :blank: :balloonline_s:
:beret_r: :balloonline_sw: :blank: :balloonline_se: :blackhat_l:
:body_phone_e: :blank: :blank: :blank: :body_s_w:
:legs_stand_e: :blank: :blank: :blank: :legs_stand_w:

Is privilege a driver of #privacy invasion? We think so.

With that said, desperation can be a factor. Not everyone that invades our privacy is doing so maliciously. Sometimes, their business is struggling to survive, and the idea that "we can stay afloat" if we learn everything about our customers seems like a no-brainer.

Marketeers tout this as the only way to win, and those desperate to stay in business fall prey to that philosophy.

It's as much on "us" to create new & ethical ways to win.

Our CEO just referred to SaaS as "Software as a hostage" and I think that's pretty spot on.

Of course, coronaviruses existed long before SARS-CoV-2. 😃

The point here is to say they have been really forward-looking by reserving a domain name for such a generic term.

notovirus.com, rotavirus.com, adenovirus.com… have also been existing for more than 10 years. Maybe one of them will become a familiar term one day.

Show thread

coronavirus.com redirects to a page by the WHO. Fine!

According to WHOIS, the domain name was created… back in 2002.

Domain Name: CORONAVIRUS.COM
Registrar URL: uniregistry.com
Creation Date: 2002-08-13-T02:31:44Z

Show older
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!