• mateomaui@reddthat.com
    link
    fedilink
    English
    arrow-up
    119
    ·
    edit-2
    1 year ago

    Maybe the dipshits who host the updated GoXLR firmware and software solely on Discord will finally take the advice to put it somewhere where it actually makes sense, like on their own fucking website where it should be.

    • DrownedAxolotl@feddit.de
      link
      fedilink
      arrow-up
      44
      ·
      1 year ago

      Seriously, I don’t know why people are so obsessed with creating pointless discord servers. Is it really that hard to host files elsewhere?

      • Scrubbles@poptalk.scrubbles.tech
        link
        fedilink
        English
        arrow-up
        17
        ·
        1 year ago

        I have one for my friends, (I know, I know, matrix), and that’s how I think discord should be used. It’s original purpose, friends hanging out. Now it’s every megacorp has a discord server and all their fans just fawn over them there. Pass for me, I just want voice and text chat with friends.

        • JCPhoenix@beehaw.org
          link
          fedilink
          English
          arrow-up
          10
          ·
          edit-2
          1 year ago

          (I know, I know, matrix)

          Getting people that you want to talk to – friends, family, etc – onto is a new platform is so difficult. No one wants to have 10 different communications apps, plus associated accounts*, just so they can talk to one or two people on each. It’s the network effect. It also doesn’t help that some of these platforms just aren’t as convenient or easy to use, especially for non-tech people.

          But yeah, so many of these communities make no sense on Discord (or live chat period; IRC suffered from this too). I think troubleshooting is the worst, especially in larger, active communities. You have different conversations going on, so it’s easy to miss questions or answers. Plus, Discord’s search isn’t great, IMO. Better than reddit, but that’s not saying much. So someone probably asked the same question some time ago; good luck finding it, and even if you do, you still have to sift through the adjacent chat history to see if others responded and track that conversation.

          Larger Discords remind me of the chats of large Twitch streamers, where the chat is going a million miles per hour. What’s even the point?

          At least with a forum, it’s much slowed down, and there are clear divisions between topics, that give people the space to discuss those topics.

          Websites are so easy to make these days, too. No coding experience even needed. I’m not saying Discord is worthless; it’s not and I use it plenty everyday. But it has its place. People need to use the right tools for the job.

          *In many ways, websites suffer this issue, too. I have to make an account on this standalone separate website, just for my one question, and then after it gets answered, I’ll probably never go back to it? That’s why reddit (and Lemmy to a lesser extent) is so popular.

        • gk99@beehaw.org
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I don’t understand how people hang out in these places. It just doesn’t seem like a system conducive to discussion. The forum/link aggregator format works much better imo

          • Scrubbles@poptalk.scrubbles.tech
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            For large groups absolutely, chat moves so fast that there’s no way that it can mean anything. Trying to get help in a gaming discord is just terrible.

            However for a small group of friends it’s great, using discord for what it was meant to be used for (chatting with friends about games, setting up gaming nights, voice chat) is perfect.

    • Chloyster [she/her]@beehaw.org
      link
      fedilink
      arrow-up
      9
      ·
      1 year ago

      Unfortunately seems like this won’t help that, if they expect you to be on the server to get the files. The article says the links will be auto refreshed daily, so it’s only the links shared outside the server that won’t work after a day :(

      • mateomaui@reddthat.com
        link
        fedilink
        English
        arrow-up
        8
        ·
        1 year ago

        FUCK. You’re probably right. It’s such a ridiculous thing they make us go through just to get updated installers. Last I checked they don’t even make it obvious what the commands are to get the download links, you have to ask for them in chat and wait for someone to eventually reply back with them. It’s so annoying, they could just put the installers on the website next to the outdated one that’s been there forever.

        • Chloyster [she/her]@beehaw.org
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          I feel the same way. I end up being in 30 or so different Pokemon ROM hack servers just to get the patch files for the games. Very frustrating to have to do that when there are websites dedicated to hosting these files

  • RocketBoots@programming.dev
    link
    fedilink
    arrow-up
    36
    ·
    edit-2
    1 year ago

    This is a very sensible change. It’s an open secret that discord has been leveraged by hackers for quite some time. You can even search Github and find examples where exfiltration of data is done via discord. Discord is not a file host and should not be used as such. I’m just glad they’re doing it in such a way to minimize the impact on users and devs.

    • i_am_not_a_robot@discuss.tchncs.de
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      I don’t know how much of a difference it will make.

      It’s easy to host files. Even if the malware “author” is clueless and just buying a customizable malware, either they’ll figure out how to host files or file hosting will be provided along with the service they’re buying.

      It may not stop Discord from being the file host either. Malware distributing bot accounts could keep copying a new link to the file, or could upload a new version of the file on demand.

      Discord can’t expire webhooks the same way so webhooks will continue to be used for exfiltration. Pointing out that it’s used for exfiltration as if it were related seems like bad reporting. It’s a difficult problem because if they did break webhooks it’d only make things more difficult for legitimate users. These malware packages usually hijack the user’s Discord installation and could send out the information as the user without using webhooks.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    🤖 I’m a bot that provides automatic summaries for articles:

    Click here to see the summary

    The company told Bleeping Computer that doing so will help the company fight malware spreading on its platform since that gives it more ability to “restrict access to flagged content.”

    According to the article, Discord says the change won’t affect anyone sharing content on the platform, as links within the client will be refreshed automatically.

    However, links shared outside of Discord won’t work a day after they’re regenerated.

    The company said that it will share more “in coming weeks” with developers, who “may see minimal impact.”

    As Bleeping Computer notes, cybersecurity company Trellix reported it had “found around 10,000” malware samples distributed online that were stored on Discord’s content delivery network (CDN).

    Attackers, Trellix wrote, use the platform’s webhooks to pull data from victims’ computers and drop it into Discord channels run by the attackers.


    Saved 18% of original text.

  • totallynotfbi@lemm.ee
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    I’ve looked around malware link scrapers (ex. URLhaus) before, and I recall seeing that a large portion of the malware links were hosted on Discord, especially trojans. Although it will break a lot of legitimate shared files, I respect them for fixing this security issue