[Coco] Big Security Issue

Sat May 27 13:59:56 EDT 2023

On 5/27/23 13:02, coco--- via Coco wrote:
> 
> Not using google will not protect you from this problem they created I 
> have for starters told my router to reject all .zip and .mov urls and 
> also for good measure .ru domains problem is If I use surfshark or a 
> laptop or phone away from home I loose this protection so I need to 
> research how to do blocking for Android, Linux and Windows 10 as well.
> Furthermore surfshark protects me in other ways but would negate any 
> efforts at blocking domains which negates the efforts I have made if 
> anyone knows of a way to tell Surfshark that some domains are to be off 
> limits or know of an alternative VPN where this is possible and linux is 
> supported, though it would really suck to have to switch VPN's when I 
> already have Surfshark paid through to 2025.
> 
Well, the bottom line as I see it is that ICAN created this monster, and 
they can fix it.  The net has turned into a free-for-all with some of 
their recent actions destroying security in search. of every last dollar 
on the planet.  Anybody with an MBA (anything you don't get caught doing 
is ok) should be automatically unfit for the office.
> 
> On 2023-05-27 10:43, gene heskett via Coco wrote:
>> On 5/27/23 09:55, Patrick Ulland via Coco wrote:
>>> It seems many folks have this backwards. There is nothing wrong with 
>>> a zip file. The problem is 'smart browsers'. The example was an 
>>> existing site you know and trust includes the text 'never run 42.zip, 
>>> yadda...' That is now a valid URL, some future browser update will 
>>> autoconvert that text into a link the author  never intended to be 
>>> there. Google has also added .mov and .foo to gather in more innocent 
>>> sites. Is there a troll in the house?
>>>
>>
>> Yes, google.  Use ddg aka duckduckgo. The only way to discourage 
>> google's vacuum cleaner for your private data is to quit using it. 
>> Ditto for m$'s bing. That hits them in the pocketbook. And its the 
>> only language universally understood.
>>
>> TANSTAAFL folks.  Its a law you can't break even if you wanted to.
>>
>>> If you are in control of your connection,  David has the fix. 
>>> Blackhole, son. The only sites on these new domains will be boutique, 
>>> or scammers. Mostly scammers.
>>>
>>> You can always check the link - hover over, rt click, something will 
>>> popup the actual URL. If based on a known website, all is well: 
>>> https://computerarchive.com/Disks/Utilities/Coco.zip. If the link was 
>>> just text before, it is now a standalone website, helpfully (and 
>>> invisibly) autocompleted to    https://CoCo.zip. Any random can 
>>> register that domain.
>>>
>>>
>>>
>>>
>>> On 5/26/2023 9:54 PM, David Ladd via Coco wrote:
>>>> On Fri, May 26, 2023 at 8:38 PM coco--- via Coco <coco at maltedmedia.com>
>>>> wrote:
>>>>
>>>>> All Coco list users.
>>>>> <cut>
>>>>>
>>>>> f i l e . z i p  ( I have added extra spaces here for safety )
>>>>>
>>>> For those who do care about DNS security, I would probably just 
>>>> blacklist
>>>> the TLDR zip in your DNS server like PiHole or other DNS service you 
>>>> might
>>>> be using.
>>>>
>>>> Once I saw the TLDR show up called "zip" I knew it would be a 
>>>> problem and
>>>> just blacklisted it right off the bat.
>>>>
>>>> Personally ICAN should never have allowed "zip" to be a TLDR.
>>>>
>>>>
>>>>
>>>>> <cut>
>>>>>
>>>>> In particular
>>>>>
>>>>> -- Coco mailing list
>>>>> Coco at maltedmedia.com
>>>>> https://pairlist5.pair.net/mailman/listinfo/coco
>>>>>
>>>>
>>>>
>>>>
>>>> Sincerely,
>>>> David Ladd
>>>> ***END OF LINE***
>>>>
>>>
>>
>> Cheers, Gene Heskett.
>> -- 
>> "There are four boxes to be used in defense of liberty:
>>  soap, ballot, jury, and ammo. Please use in that order."
>> -Ed Howdershelt (Author, 1940)
>> If we desire respect for the law, we must first make the law respectable.
>>  - Louis D. Brandeis
>> Genes Web page <http://geneslinuxbox.net:6309/>
> 

Cheers, Gene Heskett.
-- 
"There are four boxes to be used in defense of liberty:
  soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
  - Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/>