I didn’t know my city was cool enough to put signal flyers.

    • hash@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      6 months ago

      Respectfully I think this is a minimal attack vector in this case due to the limited character set of urls. But thanks for the callout, I didn’t know there was a name for this sort of attack.

      • Lichtblitz@discuss.tchncs.de
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        6 months ago

        Modern browsers happily show you the actual characters, while sending their encoded entities to the server. So, from a user perspective there is no ASCII limitation. Case in point: söhne.at (just some random website, I have no idea what they are or if they are legitimate)

        • gila@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 months ago

          They’d still resolve via DNS to an address in ASCII though, right? Wouldn’t that only be an issue if ICANN didn’t have a monopoly on DNS registration? i.e what we already depend on for a semblance of convenience without totally compromising opsec

      • 4stringscooter@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        6 months ago

        Or maybe a fraudulent signal app.

        I mean, generally speaking, just don’t click on random links. This is a random link. Qr codes are valuable but we’re conditioning society to just be cool with clicking on random shit without putting much thought into it.