On Fri, Sep 6, 2024 at 12:04 AM Tim via users <users@lists.fedoraproject.org> wrote:
> On Thu, 2024-09-05 at 13:11 -0400, Jeffrey Walton wrote: > > This made my radar today: > > < > https://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/ > >. > > It's like Peter Gutmann said: "A great many of today’s security > > technologies are “secure” only because no-one has ever bothered > > attacking them." > > Security failures like this exist in many other things: You give up a > telephone service, someone acquires your old number, people use your > old phone number to exploit you. Likewise with email addresses. I've > kept old email addresses just to stop someone else misusing them. > I have an account on a community network that was the first public access to internet where I live. My extended family includes kids, and I have noticed increases in smap messages (currently running around 100 per day) when kids get internet access and also times when corresponding with friends and relatives after someone dies. > I gave up on an old website, kept the domain name for a while, left the > site showing a site closed down notice, with a redirection to the new > one. Over the years I have purchased gear from businesses that have since failed. In many case their domains have been taken over by click-bait sites. There was also an incident where a small scientific NGO had some clone the site with the name changed by swapping underscore and dash. The new name came first in web searches. I eventually decided it was a waste of my money. The moment the > domain expired, someone grabbed it, and filled it with junk that > scrapes content from elsewhere hoping to get people reading it, hoping > that it'll get former traffic to my site. Years later, it's still like > that. I have a look from time to time. It contains nonsense, it's not > any kind of service, it's just a domain squatting parasite. They must have a way to monetize clicks that makes it worth maintaining the name. > It's a shame that domain names became so expensive, it may have been worth > a > few dollars just to maintain ownership of the domain name, but there's > a threshold to how much money you're prepared to waste. And you can > also run afoul of rules about not hoarding domain names. > AI seems to have been a big boost to clickbait sites. They can take the top 100 Windows questions and use AI to generate pages that claim to have the best answers. -- George N. White III
-- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
