Parent talk Psa Show more
If my parents take my phone expect me to.be gone for a few months.
long post, info re: security risk concerns Show more
string="OK so for those who'd like a further explaination with regard to potential security issues related to displaying images via bbcode, here's a post for ya";
string="I think what people may have been trying to reference? was an attack known as a code injection attack, in which invalid data is sent to an interpreter in order to circumvent security measures.";
string="this is an attack that is, from what I understand, generally used against things like databases and websites.";
string="presumably, the thought is that information or programs could be smuggled in with an image, and then the information in that image would be executed in a way that would compromise the user's computer? I'm genuinely somewhat unsure as to what exactly people were referring to with regard to security issues.";
string="however, the images uploaded through the BBcode aren't even stored on the server with the rest of the website. in a way, I think this could actually make them, to a degree, more secure than simply uploading the image to the trollian site, as the post contains the BBcode (with the link to the image). the code that mastodon runs on then converts the BBCode, (on your computer, not on the server, the post is stored in the server as the string including the bbcode tags, which is also sanitized to prevent code injections) into an HTML image (so hypothetically I might also be able to add alt text that screen readers could pick up on)";
string="the images are then rendered using the software on your computer (built into the browser), and the image is displayed up on your screen.";
string="So basically, unless a virus was programmed in a way in which it's capable of exploiting vulnerabilities in whatever browser you're using, the virus would have no way of executing on your computer. also, by hosting the images offsite, Momxy is able to save on costs that would otherwise go towards paying for disk space on which to host those images";
string="(sidenote, if someone found a vulnerability in your browser, they could execute the same virus using images that don't use bbcode as well, as it'd be a security flaw in the way the images were displayed, not the formatting of the page that they are on)";
Also I think it's time to come out and say it.
The jokes/insults about smoking crack or being "crackheads" are neither funny nor appropriate. This also includes other implications of drug abuse. Drug Abuse is a very serious issue and using it as an insult or a joke is insensitive and offensive.
This is just a general warning for those who have down this in the past and for going forward in the future. Please refrain from doing so.
Im Juice or Hex i post all my au work and casual shit I am 15!!! (16 june 20)
A Homestuck Instance. Just all of the Homestuck. All of It.