Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.
The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.
(Credit and/or blame to David Gerard for starting this...)
I got a spam message with a phishing link.... Via Github? Seriously? Are we really doing this?
Not a completely unusual comment.... From the URL it was very obvious that this was a phishing link though. Curiosity got the better of me. The site shows you a "cloudflare" captcha. OK, let's click the checkbox. The usual loading animation starts, then this is shown:
Yeah ok, right....
I'm actually a bit impressed with this, these captchas are so common, I didn't even really think about checking the box. But of course, that interaction means the browser will allow the site to add something to your clipboard.
But like.... Why distribute it via Github? I cannot think of a worse audience to try and con into "paste something random into your windows console". Am I just being naive here? Is this something common I somehow never experienced before?
Yeah that copy paste commands that give control over your pc shit is pretty nasty. Also over a year old at least. So it isnt specifically an attack at vibe coders. Not sure what the initial targets were but these usually try to target people not that knowledgeable in computer matters so lol that this now includes vibe coders.
Ah, I had been wondering if this is new, or I had just never noticed it. So it's the latter, good to know.
It's kind of genius as well.... A single comment will get the attention of potentially dozens of people, sent to a valid email address without having to guess/buy lists, and there's an air of "trust" around the (completely legit) mail you then get from github, containing the link.
I don't know how new it is, but it first dropped on my radar about a year ago due to listening to the Risky Business cybersecurity podcast, not to be confused with the recent (and baffingly named (*)) podcast called 'Risky Business with Nate Silver and Maria Konnikova' (**) by dweeb Nate Silver. So I don't know how long it was going on the wild, and im talking about the windows button + r attack method and not the github comments, no idea how long they used comments as a vector. And yes that part is also good, like the addition of trust of github + quite an effective attack is clever. Shouldn't work on Real Nerds however.
*: The name means that at least one of they didn't [know|care|google] about the decades old cybersecurity podcast before naming their podcast that is true. Any of those is odd.
**: addition to above, the tagline of the podcast is 'a weekly podcast about making better decisions' Look inwards Nate, look inwards.
Github only catches strays, it's much more widely deployed
Yeah, that this happens elsewhere I have no doubt, I just never noticed on GH before.
Getting in early on targeting the vibe coder demographic.
Oh god
Although... Do you think VideCodersTM read github issues?