Phishing using Discord webhooks will be harder.

“Attackers, Trellix wrote, use the platform’s webhooks to pull data from victims’ computers and drop it into Discord channels run by the attackers.”

@Flex@lemmy.world
link
fedilink
English
81Y

Interesting news but I don’t really get how this is self-hosted?

Trying to keep those classified documents on the DL for home grown radical terror.

@justaveg@lemmy.world
link
fedilink
English
261Y

lol@ this. My bet what is actually happening: cost cutting or future nitro feature.

@ndguardian@lemmy.world
link
fedilink
English
61Y

Honestly, I’m okay with this at least until they fix the fact that all shared files are accessible without authentication. Granted, you still had to get the link before downloading an uploaded file, but the fact that there was no authentication required to download a file uploaded to Discord was pretty surprising.

@kalkulat@lemmy.world
creator
link
fedilink
English
11Y

And a LOT risky

@uis@lemmy.world
link
fedilink
English
01Y

You still need to know magical numbers to download file.

It’s probably also way cheaper to do it that way. As far as I could tell when I checked in on it some time ago, most of the content goes through a Cloudflare proxy straight to a GCP S3-compatible bucket.

@LufyCZ@lemmy.world
link
fedilink
English
01Y

What is a password? A string of characters. What is a link? A string of characters.

If you make it long enough, it’ll be impossible to guess one.

Your files are safe

paraphrand
link
fedilink
English
421Y

I always thought it was a bad idea for people to treat Discord as a free CDN.

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 61 users / day
  • 98 users / week
  • 231 users / month
  • 844 users / 6 months
  • 1 subscriber
  • 1.53K Posts
  • 8.7K Comments
  • Modlog