Bitcoin Forum
August 21, 2019, 03:19:18 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Disable Links disguised as Bitcointalk.org topics.  (Read 282 times)
Steamtyme
Hero Member
*****
Online Online

Activity: 742
Merit: 1150



View Profile WWW
April 04, 2019, 03:02:52 PM
Last edit: April 04, 2019, 04:52:11 PM by Steamtyme
Merited by LoyceV (2), stompix (1), DdmrDdmr (1)
 #1

Edit: I missed the fact that this was bitcointalkorg to bypass the safeguards in place.

I've noticed this happening a few times recently someone uses the hyperlink to disguised as a bitcointalk.org topic. I personally thought this was already disabled as I tried to do it in a [PSA] thread I created a while ago. I linked to the second message as it was a "Rickroll" to show about clicking on anything you see.

This quote shows it broken down well in the topic so I'm crossposting it here, as it will likely be deleted from the original thread - it's unrelated but up as a warning until the original post is dealt with.

Really excited to see the offering


 [ url = http : // https : // mega . nz / #!27giCaBA!MpY7jO2eBIFixadv3jbdqfnHS_iZH5pAMp_mztL3FHY ]


https : // bitcointalkorg/index.php? topic=284987.9 [ / url]

here it is deconstructed

and it leads to this



What I'm wondering is can we disable using "bitcointalk.org" as a title for hyperlinks. That would be the best blanket solution in case hacked accounts start posting the same garbage. Another option is prohibiting brand new and newbie accounts from posting a clickable link.

Sorry if the terminology is off, but I'm pretty sure most will catch the drift here.

1566400758
Hero Member
*
Offline Offline

Posts: 1566400758

View Profile Personal Message (Offline)

Ignore
1566400758
Reply with quote  #2

1566400758
Report to moderator
1566400758
Hero Member
*
Offline Offline

Posts: 1566400758

View Profile Personal Message (Offline)

Ignore
1566400758
Reply with quote  #2

1566400758
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1566400758
Hero Member
*
Offline Offline

Posts: 1566400758

View Profile Personal Message (Offline)

Ignore
1566400758
Reply with quote  #2

1566400758
Report to moderator
1566400758
Hero Member
*
Offline Offline

Posts: 1566400758

View Profile Personal Message (Offline)

Ignore
1566400758
Reply with quote  #2

1566400758
Report to moderator
1566400758
Hero Member
*
Offline Offline

Posts: 1566400758

View Profile Personal Message (Offline)

Ignore
1566400758
Reply with quote  #2

1566400758
Report to moderator
bL4nkcode
Copper Member
Hero Member
*****
Offline Offline

Activity: 1274
Merit: 756


dýnami stous arithmoús


View Profile WWW
April 04, 2019, 03:08:35 PM
 #2

I've noticed this happening a few times recently someone uses the hyperlink to disguised as a bitcointalk.org topic.
You can observe if the link/thread containing the domain https://bitcointalk.org of the anchor's hover is green and not blue.

Another option is prohibiting brand new and newbie accounts from posting a clickable link.
I thought this was disabled a long time ago by theymos or maybe just in PM? as I see some newbies posting with a disabled link included images.
 

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
jackg
Copper Member
Legendary
*
Online Online

Activity: 1470
Merit: 1288


https://bit.ly/2FR9nyn - free python tutorials


View Profile
April 04, 2019, 03:14:33 PM
 #3

There are a few ideas I can spring in addition to this. In computing format (as it's the only way I can do it) we should screen for phishing llinks to with a:

<string> !::= <b><i><t><c><o><i><n><t><a><i><k>
<b> ::= b|8|B
<i> ::= i|I|1|l|L
<t> ::= t
<c> ::= c
<o> ::= 0|o|O
<n> ::= n|N
<a> ::= a|A|4
<k> ::= k

or something like that (with an exclusion for the original of course).


People seem to have moved on from the request of a timed screen between "safety" and whatever lies on the opposite side of a malicious link. I wouldn't suggest clickng those links, I was doing research earlier and found there's a way to get access to loads of stuff in your memory(/RAM) and send it back to a server...

LoyceV
Legendary
*
Offline Offline

Activity: 1582
Merit: 4411


Largest Merit Circle on BPIP!


View Profile WWW
April 04, 2019, 03:25:37 PM
Last edit: April 04, 2019, 03:38:31 PM by LoyceV
Merited by jackg (1), Steamtyme (1), DdmrDdmr (1)
 #4

I thought this was disabled a long time ago
It's disabled for bitcointalk.org, this guy used bitcointalkorg (without dot).

This code (I had to add a space to be able to use code tags):
Code:
[url=google.com]bitcointalkorg[/url]
[url=google.com]bitcoin talk.org[/url]
Results in these links:
bitcointalkorg
http://google.com

Here's another one doing the same: https://bitcointalk.org/index.php?topic=5109224.msg50457962#msg50457962

It's much bigger: (I've reported the ones that aren't nuked yet)
     1.enchicneto1972
     2.paaburgpama1974
     3.diatherswesti1976
     4.muscdemepan1985
     5.adpredalra1978
     6.trimthigore1972
     7.ambioporbi1970
     8.longmortsynchhou1984
     9.spyrlecfeiwin1987
    10.diagranmensock1972
    11.majerede1977
    12.tibirdcastde1971
    13.terjuetreatut1987
    14.kummoaknappos1977
    15.gaimechantmen1983
    16.fratlacmero1977
    17.erexrira8517
    18.topdlacomra7218
    19.intenludoub2689
    20.roeratancha5683
    21.fiddrhexoonted8647
    22.ridevimo3728
    23.coltstelamprem7343
    24.ulugstipla2618
    25.hulkversterhe8171
    26.trapfirsdestdoll9165
    27.ekirtrapan384
    28.derhatchrosde3127
    29.cycusarro4442
    30.firatirid3958

theymos
Administrator
Legendary
*
Offline Offline

Activity: 3486
Merit: 6051


View Profile
April 04, 2019, 03:46:31 PM
 #5

It's ~impossible to preemptively detect all cases like that, and very difficult to do even a halfway-decent job. That guy isn't even trying to link to "bitcointalk.org". So it's whack-a-mole. That's why the green highlight was added: it's easier to whitelist than blacklist.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1192


WYGIWYD


View Profile WWW
April 04, 2019, 04:01:48 PM
 #6

I'm sure people always check the links they open if they are posted from a suspicious member with negative feedback or a newbie. I'm doing this every time if I open something in the forum and outside it too.
If I'm on the mobile I just quote the post with the link to see where it's leading.

Steamtyme
Hero Member
*****
Online Online

Activity: 742
Merit: 1150



View Profile WWW
April 04, 2019, 05:12:22 PM
 #7

It's ~impossible to preemptively detect all cases like that, and very difficult to do even a halfway-decent job. That guy isn't even trying to link to "bitcointalk.org". So it's whack-a-mole. That's why the green highlight was added: it's easier to whitelist than blacklist.

I understand it's a constantly changing battle. That was  my mistake, in missing the punctuation. Thanks to you and LoyceV for pointing that out.

Also sorry, what green highlight?

Would disabling clickable links for brand new and newbie accounts be something you would consider. Only because it's easy to create an army of these accounts to post these types of links.

Iasenko- not a lot of newer accounts realise the pitfalls of clicking on links early on. Even some older members slip up from time to time. I get we can't baby proof everything but small steps to help along the way are nice. I do the same i quote pretty much all links just to make sure they're on the up and up.

LoyceV
Legendary
*
Offline Offline

Activity: 1582
Merit: 4411


Largest Merit Circle on BPIP!


View Profile WWW
April 04, 2019, 05:35:00 PM
 #8

Also sorry, what green highlight?
Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
this turns green
this doesn't

I barely notice the difference on my old low-quality screen though.

stompix
Legendary
*
Offline Offline

Activity: 1162
Merit: 1075



View Profile
April 04, 2019, 06:35:25 PM
 #9

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
this turns green
this doesn't

I barely notice the difference on my old low-quality screen though.

I had to come close like 50 cm to the screen to see a notable difference and I''m looking at it on a 4k display.
Probably it would work better if the outgoing links would have a splash page before taking you to the site?

I saw once a warning like that, can't remember where when it was telling you're clicking a link to a site not affiliated with ****.com



khaled0111
Hero Member
*****
Offline Offline

Activity: 798
Merit: 502


View Profile
April 04, 2019, 06:50:56 PM
 #10

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
this turns green
this doesn't

I barely notice the difference on my old low-quality screen though.
It is not helping when you are using a smartphone. It turns to green after clicking on it.
What about adding a warning page with a message like "you are being redirected to ... Do you want to proceed"
Chris!
Legendary
*
Offline Offline

Activity: 1274
Merit: 1071


Signature for rent


View Profile
April 06, 2019, 03:24:48 AM
 #11

It's ~impossible to preemptively detect all cases like that, and very difficult to do even a halfway-decent job. That guy isn't even trying to link to "bitcointalk.org". So it's whack-a-mole. That's why the green highlight was added: it's easier to whitelist than blacklist.

Even better would be to just not click links. Ever. Just copy and paste the URL if you actually trust it. If you don't know what it links do don't click it. It's really just that simple.

On the other hand I understand that it's hard to teach the general public this basic security. Most people aready screw up an even bigger issue, like reusing the same 8 digit password on every website and saving it in their browser. Ugh.

UserU
Member
**
Online Online

Activity: 308
Merit: 26

Free Counter-Strike @ CSONLINE2.NET


View Profile WWW
April 06, 2019, 05:23:16 AM
 #12


It is not helping when you are using a smartphone. It turns to green after clicking on it.
What about adding a warning page with a message like "you are being redirected to ... Do you want to proceed"

This is actually a good idea, I've seen some forums implement that.


actmyname
Copper Member
Legendary
*
Offline Offline

Activity: 1484
Merit: 1724


Switzerland has fallen. Long live Khilandia.


View Profile WWW
April 06, 2019, 06:04:37 AM
Merited by mprep (3), bones261 (2), LoyceV (1)
 #13

I want to point out this very sneaky feature of BBCode.

Even better would be to just not click links. Ever.

Hover over that quote.

Think about how that can be applied maliciously. Do not blindly trust quotes, either.

Steamtyme
Hero Member
*****
Online Online

Activity: 742
Merit: 1150



View Profile WWW
April 06, 2019, 06:19:39 AM
 #14

Hover your mouse over a link, if it stays within Bitcointalk, it turns green:
~snip~
I barely notice the difference on my old low-quality screen though.

Thanks for that. I had never noticed the feature before. Useless to me at the time I was on mobile. I see what people mean about the older monitors I tried on a couple, and wouldn't have noticed at all on a couple if I didn't know it was there.

Even better would be to just not click links. Ever. Just copy and paste the URL if you actually trust it. If you don't know what it links do don't click it. It's really just that simple.
On the other hand I understand that it's hard to teach the general public this basic security. Most people aready screw up an even bigger issue, like reusing the same 8 digit password on every website and saving it in their browser. Ugh.

I know but depending on what section of the forum I'm in links can be useful. In mining it's common to link someone to a cable,fan or other various part they need. Might even just be to reference a thread they might find help in. I'm just saying links can serve a purpose, and having a few extra safeties in place would be nice. In this case I was wrong about the safety not being there, as I misread the link, they would have had me if I didn't already quote posts before clicking on links to see what's really there.

~snip~

Well that's devious as all hell. Thanks for showing me that, I've never really considered worrying about following a quote to source. It does give itself away when I go to type a reply, but that's the same as quoting beforehand and a step I wouldn't have taken.

I would liken clicking on it to closing the car door, and only a split second after it's to late to stop the door seeing your keys on the seat. It would look weird as I went to click on the quote but I would have already been on autopilot

Silent26
Sr. Member
****
Offline Offline

Activity: 546
Merit: 322


Politeness: 1227: - 0 / +1


View Profile
April 06, 2019, 10:31:39 AM
Merited by LoyceV (1)
 #15

It is not helping when you are using a smartphone. It turns to green after clicking on it.
What about adding a warning page with a message like "you are being redirected to ... Do you want to proceed"
I've experienced this before as I usually use mobile devices in accessing Bitcointalk but I've found a better solution that might help mobile device users. I always do this whenever I need to check the link that is posted by some "untrusted" members or some newbies. This is what I do.
- Long press the link or the text link and a pop up will appear, it shows "open in new tab, open in incognito tab, copy link addresses etc." You'll notice that there is a link above of it that shows where you will be directed. Take a look below. (I long pressed Actmyname's post where YouTube link is hidden in the quoted text).


Tested and it works in some known mobile browsers like Google Chrome, Firefox, and Puffin. Though it's not working in Uc Browser.
Hope this might help.



404 Not Found
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!