OT: ajax image galleries
Andy Powell
openmoko at automated.it
Wed Jun 4 22:55:53 CEST 2008
On Wednesday 04 June 2008 18:12, Joseph Reeves wrote:
> Disable javascript and it works much better. I use the NoScript FF
> extension.
Best FF extension imho.
> TinyURL on the other hand... Why would anyone ever use that? I never
> click on links unless I know where they link to. Here's a plan for
> abuse:
tinyurl is useful instead of typing in twattishly long urls which many sites
insist on using. Generally you don;t want to click on a link provided by
someone you don't know/trust. Not only that but if I use this url as an
example - look what your mail client / this mailing list does to it (break it
on wrap)
http://www.youtube.com/watch?v=eBGIQ7ZuuiU&srp=dhFg13955&bmio=freerunner&manuf=fic-om
it's clearly easier to have
http://tinyurl.com/4e7o6d
>
> 1: Discover browser 0-day exploit
> 2: Put up a gallery of FreeRunner pictures on a website
> 3: Point a tinyurl at the gallery
> 4: Wait until everyone's linked to it and is clicking it
> 5: Change gallery to 0-day exploit
>
> Or even easier:
>
> 1: Link to goatse.
Right, and any webpage could still redirect your browser to another so your
example fails.
> TinyURL takes all the best practice Internet guidlines you try and
> teach people and ruins them all. Can't stand it.
>
and yet you're happy to advocate hotlinking to images, thus leeching
bandwidth. That's worse imho.
--
Andy / ScaredyCat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openmoko.org/pipermail/community/attachments/20080604/27357a9d/attachment.pgp
More information about the community
mailing list