alt Hacker NewsInstagram's URL Blackhole
Comments
The use of "storage.googleapis.com" is probably because it's an "authority" domain that apps can't easily ban without side effects. Buckets can typically be used as a static site host where u can host a client side redirect, depending on how you set it up you can make it almost impossible for an app to ban a campaign in real time.
> CYBERSECURITY_PHISHING_FOA (likely Foreign Origin Actor)
That’s probably “Family of Apps” instead, referring to the family of apps that Meta owns (e.g. IG, FB, WhatsApp, etc)
Ironic the Apple App store allows a "phone antivirus" to exist.
Blackhole is the name of one of the services used in display-time malicious content filtering.
I’m guessing the urls in that db were either generating a ton of backend load, so they were pushed to devices, or perhaps are customized on a per user basis for some reason
FOA means “family of apps”. Source: Meta’s quarterly earning reports
At this point it must be intentional that there's always something uncanny about these fake pages. That google logo is so old that if I see it I immediately know to get out of there.
So I find it fascinating how there's always the odd typo, the old logo, the impossible combination of iPhone needing an antivirus, etc and I refuse to believe is incompetence.
How does Apple allow this? Here I thought the App Store was supposedly superior to the Android eco-system and that's why Apple justified the insane 30% tax on developers back then
It's fun and all, is there a way to safely host .html but does not allow rendering it?
CORS? sec-fetch-dest, sec-fetch-mode and sec-fetch-site ?
If storage.googleapis.com weren't operated by Google, the domain would be blocked by Google's "Safe Browsing" long time ago.
Instagram blocks me from sending Facebook.com in DMs to people. No idea why and support doesn't help.
Ironic seeing this as a medium post.
This brings to mind this question:
Should HN allow links to sites that break the back button, like all Meta sites (Ig, Fb, etc)?
I tried visiting that link on my device, and after many redirects and uBO warning screens, I ended up on an AI content farm in my native language, Swedish.
With default uBlock Origin filters on mobile Firefox, all Medium blogs show up as a blank page. Which in this day and age is akin to saying that the page is utterly broken.
... why is the hxxps:// URL in the article linkified? It's a URL scheme created to explicitly mark URL as unsafe.
lol "your iphone is severely damaged by viruses"
Facebook was known to aggressively filter URLs too if posted too often.
I thought this was going to be about how links have become harder and harder to follow on Insta. The login walls got progressively stronger (it feels like) and now it's just hard blocked
Sorry, Zuck. Not signing up for Insta, though you probably made a shadow profile of me
...and that shady "AI cleaner" is STILL on App Store? with 4.4 rating?
should App Store platform fees fund getting this stuff banned?
I want to thank you dear poster and author, I feel genuinely refreshed reading a short interesting post sans status quo topic.
Waiting for the next part!