It matters less if it's actually true than if someone trying to pull off the scam thinks it might be. The only way to find out if that hole exists in the system is either to have an insider tell you that it would, or to try it out...
Oh, and to add further to the nonsense: the product description technically doesn't say that what you're buying is a pair of shoes. So a sufficiently automated system might mistake a single shoe for a legitimate product. It's absurd, but not impossible to see how you might end up there.
I am experiencing very weird and suspicious issue on debian 12.
For context, I am using grsecurity + RBAC, which gives me the
possibility to see what files each program wants to access. My issue is
not caused by RBAC. but RBAC brought my attention to this issue.
SO, I have upgraded chromium browser to: 138.0.7204.49
and suddenly when chromium starts, in addition to trying to access the
usual files in my home, such as ~/.config/chromium or ~/.cache , it now
tries to access sensitive folders on my system:
~/.ssh/
~/.gnupg/
~/.dbus/
/boot/
(while ~/.dbus is not as immediately alarming as the others, Chromium
accessing this when it didn't before is still a change in behavior that
deserves scrutiny)
this never happened before. I am sure, because the RBAC rules that I am
using would have alerted me.
this is highly suspicious and potentially a serious security issue !
this issue was originally reported on chromium 138, fixed in next version, and now it's back in version 140.0.7339.80
Given a test of https:// news.ycombınator.com [1] it seems that no, hovering over the URL shows it in its rendered form
data:text/html,<meta charset="utf-8"><body><a href="https://news.ycomb%C4%B1nator.com/login">login to news.ycombinator.com</a></body>
and only by clicking it and getting an NXDOMAIN does one see the Punycode:
> We can’t connect to the server at news.xn--ycombnator-1ub.com.
1: Ironically HN actually mutated that link, I pasted the unicode version news.ycombınator.com (which it seems to leave intact so long as I don't qualify it with a protocol://)
more alarming than .help domain is the domain registration just few weeks ago.
I got scammed just last week when paying with credit card online, and only later when investigating discovered several of identical eshops with different .shop domains registered just months ago
if domain is less that year old, it should raise red flags
he reminds me of Jordan Peterson.
Both are clearly smart (raw IQ) but are deranged, they speak in convoluted sentences that are intentionally overcomplicated and that make no sense and
Russel Brand is the master of this. He will never use 1 word then he can use 10. And he talks so fast that it is hard to parse. By the time you can say 'hang on, that's BS' he has already moved on. He is also an extreme example of audience capture, moving from left-wing comedian to right-wing christian.
I sometimes intentionally ask naive questions, eve if I think I alredy know the answer. Sometimes the naive question provokes a revealing answer that I have not even considered. Asking naive questions is a learning hack!
reply