[Coco] Big Security Issue
Patrick Ulland
rickulland1 at gmail.com
Sat May 27 09:54:55 EDT 2023
It seems many folks have this backwards. There is nothing wrong with a
zip file. The problem is 'smart browsers'. The example was an existing
site you know and trust includes the text 'never run 42.zip, yadda...'
That is now a valid URL, some future browser update will autoconvert
that text into a link the author never intended to be there. Google has
also added .mov and .foo to gather in more innocent sites. Is there a
troll in the house?
If you are in control of your connection, David has the fix. Blackhole,
son. The only sites on these new domains will be boutique, or scammers.
Mostly scammers.
You can always check the link - hover over, rt click, something will
popup the actual URL. If based on a known website, all is well:
https://computerarchive.com/Disks/Utilities/Coco.zip. If the link was
just text before, it is now a standalone website, helpfully (and
invisibly) autocompleted to https://CoCo.zip. Any random can register
that domain.
On 5/26/2023 9:54 PM, David Ladd via Coco wrote:
> On Fri, May 26, 2023 at 8:38 PM coco--- via Coco <coco at maltedmedia.com>
> wrote:
>
>> All Coco list users.
>> <cut>
>>
>> f i l e . z i p ( I have added extra spaces here for safety )
>>
> For those who do care about DNS security, I would probably just blacklist
> the TLDR zip in your DNS server like PiHole or other DNS service you might
> be using.
>
> Once I saw the TLDR show up called "zip" I knew it would be a problem and
> just blacklisted it right off the bat.
>
> Personally ICAN should never have allowed "zip" to be a TLDR.
>
>
>
>> <cut>
>>
>> In particular
>>
>> --
>> Coco mailing list
>> Coco at maltedmedia.com
>> https://pairlist5.pair.net/mailman/listinfo/coco
>>
>
>
>
> Sincerely,
> David Ladd
> ***END OF LINE***
>
More information about the Coco
mailing list