this post was submitted on 14 Aug 2023
14 points (100.0% liked)

/kbin meta

4 readers
1 users here now

Magazine dedicated to discussions about the kbin itself. Provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics. ---- * Roadmap 2023 * m/kbinDevlog * m/kbinDesign

founded 1 year ago
14
Getting a suspicious download prompt while browsing all (media.kbin.social)
submitted 1 year ago* (last edited 1 year ago) by CarlsIII@kbin.social to c/kbinMeta@kbin.social
17 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] Pamasich@kbin.social 2 points 1 year ago (1 children)

I don't know why your browser treats this as a download, seems to be incredibly insecure.

If I didn't know others already confirmed it to be a video, I'd assume this was a scam website, distributing a virus disguised as a video. The actual url is encrypted so you can't tell what it actually points to, while the file extension is mentioned in the url parameters to give the impression it's a video file when it could really be anything. And it's being downloaded from Russia.

I think it was definitely a good idea to post this. You should probably look for a better browser that doesn't treat every shady url as a download. One misclick and you can get a virus on your phone like this.

As for kbin, I recommend making an issue about this on the codeberg repository. That's the best way to get kbin to actually do something about this.

[–] Teppic@kbin.social 1 points 1 year ago (1 children)

Browsers usually offer to download files with extensions they don't recognise, basically it's the browser saying "I can't display this, do you want to download it?". In this case the file appears to have no extension as observed by OP.
I think kbin is working fine, the preview did as expected and shared the URL of a video file (but unclear why OP doesn't see this as an mp4 video file).
My guess is OP will get the same popup if in navigates to the page with the video as he did from kbin. This issue is (I think) the video file's URL, not kbin.
Nothing at this point makes me think kbin could or would have included anything it shouldn't have in the preview.

All of that said - Would I be cautious if I saw the pop-up OP shows, yes absolutely. And while what I can see isn't hostile that doesn't 100% mean the website isn't convertly doing something on occasion, or for a subset of users. It is entirely possible to make a website show different people different things.

[–] Pamasich@kbin.social 1 points 1 year ago

I agree, I also think kbin isn't doing anything wrong here. But it might still be able to take actions to prevent or mitigate this, so that's why I suggested posting about it to the codeberg repository.