Disable Links disguised as Bitcointalk.org topics.

[Steamtyme]

Edit: I missed the fact that this was bitcointalkorg to bypass the safeguards in place.

I've noticed this happening a few times recently someone uses the hyperlink to disguised as a bitcointalk.org topic. I personally thought this was already disabled as I tried to do it in a [PSA] thread I created a while ago. I linked to the second message as it was a "Rickroll" to show about clicking on anything you see.

This quote shows it broken down well in the topic so I'm crossposting it here, as it will likely be deleted from the original thread - it's unrelated but up as a warning until the original post is dealt with.

Really excited to see the offering


 [ url = http : // https : // mega . nz / #!27giCaBA!MpY7jO2eBIFixadv3jbdqfnHS_iZH5pAMp_mztL3FHY ]


https : // bitcointalkorg/index.php? topic=284987.9 [ / url]

here it is deconstructed

and it leads to this

What I'm wondering is can we disable using "bitcointalk.org" as a title for hyperlinks. That would be the best blanket solution in case hacked accounts start posting the same garbage. Another option is prohibiting brand new and newbie accounts from posting a clickable link.

Sorry if the terminology is off, but I'm pretty sure most will catch the drift here.

[1714915393]

1714915393

[bL4nkcode]

I've noticed this happening a few times recently someone uses the hyperlink to disguised as a bitcointalk.org topic.

You can observe if the link/thread containing the domain https://bitcointalk.org of the anchor's hover is green and not blue.

Another option is prohibiting brand new and newbie accounts from posting a clickable link.

I thought this was disabled a long time ago by theymos or maybe just in PM? as I see some newbies posting with a disabled link included images.
 

[jackg]

There are a few ideas I can spring in addition to this. In computing format (as it's the only way I can do it) we should screen for phishing llinks to with a:

<string> !::= <b><i><t><c><o><i><n><t><a><i><k>
<b> ::= b|8|B
<i> ::= i|I|1|l|L
<t> ::= t
<c> ::= c
<o> ::= 0|o|O
<n> ::= n|N
<a> ::= a|A|4
<k> ::= k

or something like that (with an exclusion for the original of course).

People seem to have moved on from the request of a timed screen between "safety" and whatever lies on the opposite side of a malicious link. I wouldn't suggest clickng those links, I was doing research earlier and found there's a way to get access to loads of stuff in your memory(/RAM) and send it back to a server...

[LoyceV]

I thought this was disabled a long time ago

It's disabled for bitcointalk.org, this guy used bitcointalkorg (without dot).

This code (I had to add a space to be able to use code tags):

Code:

[url=google.com]bitcointalkorg[/url]
[url=google.com]bitcoin talk.org[/url]

Results in these links:
bitcointalkorg
http://google.com

Here's another one doing the same: https://bitcointalk.org/index.php?topic=5109224.msg50457962#msg50457962

It's much bigger: (I've reported the ones that aren't nuked yet)
     1.enchicneto1972
     2.paaburgpama1974
     3.diatherswesti1976
     4.muscdemepan1985
     5.adpredalra1978
     6.trimthigore1972
     7.ambioporbi1970
     8.longmortsynchhou1984
     9.spyrlecfeiwin1987
    10.diagranmensock1972
    11.majerede1977
    12.tibirdcastde1971
    13.terjuetreatut1987
    14.kummoaknappos1977
    15.gaimechantmen1983
    16.fratlacmero1977
    17.erexrira8517
    18.topdlacomra7218
    19.intenludoub2689
    20.roeratancha5683
    21.fiddrhexoonted8647
    22.ridevimo3728
    23.coltstelamprem7343
    24.ulugstipla2618
    25.hulkversterhe8171
    26.trapfirsdestdoll9165
    27.ekirtrapan384
    28.derhatchrosde3127
    29.cycusarro4442
    30.firatirid3958

[theymos]

It's ~impossible to preemptively detect all cases like that, and very difficult to do even a halfway-decent job. That guy isn't even trying to link to "bitcointalk.org". So it's whack-a-mole. That's why the green highlight was added: it's easier to whitelist than blacklist.

[TheBeardedBaby]

I'm sure people always check the links they open if they are posted from a suspicious member with negative feedback or a newbie. I'm doing this every time if I open something in the forum and outside it too.
If I'm on the mobile I just quote the post with the link to see where it's leading.

[Steamtyme]

It's ~impossible to preemptively detect all cases like that, and very difficult to do even a halfway-decent job. That guy isn't even trying to link to "bitcointalk.org". So it's whack-a-mole. That's why the green highlight was added: it's easier to whitelist than blacklist.

I understand it's a constantly changing battle. That was  my mistake, in missing the punctuation. Thanks to you and LoyceV for pointing that out.

Also sorry, what green highlight?

Would disabling clickable links for brand new and newbie accounts be something you would consider. Only because it's easy to create an army of these accounts to post these types of links.

Iasenko- not a lot of newer accounts realise the pitfalls of clicking on links early on. Even some older members slip up from time to time. I get we can't baby proof everything but small steps to help along the way are nice. I do the same i quote pretty much all links just to make sure they're on the up and up.

[LoyceV]

Also sorry, what green highlight?

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
this turns green
this doesn't

I barely notice the difference on my old low-quality screen though.

[stompix]

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
this turns green
this doesn't

I barely notice the difference on my old low-quality screen though.

I had to come close like 50 cm to the screen to see a notable difference and I''m looking at it on a 4k display.
Probably it would work better if the outgoing links would have a splash page before taking you to the site?

I saw once a warning like that, can't remember where when it was telling you're clicking a link to a site not affiliated with ****.com

[khaled0111]

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
this turns green
this doesn't

I barely notice the difference on my old low-quality screen though.

It is not helping when you are using a smartphone. It turns to green after clicking on it.
What about adding a warning page with a message like "you are being redirected to ... Do you want to proceed"

[Chris!]

It's ~impossible to preemptively detect all cases like that, and very difficult to do even a halfway-decent job. That guy isn't even trying to link to "bitcointalk.org". So it's whack-a-mole. That's why the green highlight was added: it's easier to whitelist than blacklist.

Even better would be to just not click links. Ever. Just copy and paste the URL if you actually trust it. If you don't know what it links do don't click it. It's really just that simple.

On the other hand I understand that it's hard to teach the general public this basic security. Most people aready screw up an even bigger issue, like reusing the same 8 digit password on every website and saving it in their browser. Ugh.

[UserU]

It is not helping when you are using a smartphone. It turns to green after clicking on it.
What about adding a warning page with a message like "you are being redirected to ... Do you want to proceed"

This is actually a good idea, I've seen some forums implement that.

[actmyname]

I want to point out this very sneaky feature of BBCode.

Even better would be to just not click links. Ever.

Hover over that quote.

Think about how that can be applied maliciously. Do not blindly trust quotes, either.

[Steamtyme]

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
~snip~
I barely notice the difference on my old low-quality screen though.

Thanks for that. I had never noticed the feature before. Useless to me at the time I was on mobile. I see what people mean about the older monitors I tried on a couple, and wouldn't have noticed at all on a couple if I didn't know it was there.

Even better would be to just not click links. Ever. Just copy and paste the URL if you actually trust it. If you don't know what it links do don't click it. It's really just that simple.
On the other hand I understand that it's hard to teach the general public this basic security. Most people aready screw up an even bigger issue, like reusing the same 8 digit password on every website and saving it in their browser. Ugh.

I know but depending on what section of the forum I'm in links can be useful. In mining it's common to link someone to a cable,fan or other various part they need. Might even just be to reference a thread they might find help in. I'm just saying links can serve a purpose, and having a few extra safeties in place would be nice. In this case I was wrong about the safety not being there, as I misread the link, they would have had me if I didn't already quote posts before clicking on links to see what's really there.

~snip~

Well that's devious as all hell. Thanks for showing me that, I've never really considered worrying about following a quote to source. It does give itself away when I go to type a reply, but that's the same as quoting beforehand and a step I wouldn't have taken.

I would liken clicking on it to closing the car door, and only a split second after it's to late to stop the door seeing your keys on the seat. It would look weird as I went to click on the quote but I would have already been on autopilot

[Silent26]

It is not helping when you are using a smartphone. It turns to green after clicking on it.
What about adding a warning page with a message like "you are being redirected to ... Do you want to proceed"

I've experienced this before as I usually use mobile devices in accessing Bitcointalk but I've found a better solution that might help mobile device users. I always do this whenever I need to check the link that is posted by some "untrusted" members or some newbies. This is what I do.
- Long press the link or the text link and a pop up will appear, it shows "open in new tab, open in incognito tab, copy link addresses etc." You'll notice that there is a link above of it that shows where you will be directed. Take a look below. (I long pressed Actmyname's post where YouTube link is hidden in the quoted text).


Tested and it works in some known mobile browsers like Google Chrome, Firefox, and Puffin. Though it's not working in Uc Browser.
Hope this might help.