connor sheri shaw

@Sheri

its worth fighting for 🌷

they/them 💕 27
sherishaw.net/

Writer of word both truth and tale. Video producer, editor, artist, still human. Hire me?

Check #writeup for The Good Posts.
—

Slowly making a visual novel called We Will Not See Heaven, demo is free. Sometimes I stream, or post adult things. Boys' love novel enthusiast. Take care, yeah?

💟💟💟
TECH CAN ONLY BE AS KIND TO US AS WE ARE TO ONE ANOTHER.

📼 youtube

www.youtube.com/ConnorShawVA

🖥️ blog

sherishaw.net/blog

📉 tips?

ko-fi.com/connorshawva

connor sheri shaw @Sheri9/4/2023, 10:53 PM

noted ear-haver @rachelmae

noted ear-haver @rachelmae9/4/2023, 10:49 PM

it boggles my mind that a company that is constantly under fire for scams and phishing and a host of other security issues would just casually drop masked links and make the problem worse. someone already abused this on the TCRF server to hide a link to some bitcoin bullshit and i am fucking seething.

Discord is, first and foremost, a chat program. it does not need full markdown support. i don't care if it pops up a confirmation dialog asking if you really want to go to the linked website; that is not enough, that has never been enough. they need to nuke this feature from orbit and maybe seriously consider going out of business because they have proven time and time again that they are absolutely not fit to run this service.

#discord sucks #FUCK DISCORD

You must log in to comment.

in reply to @rachelmae's post:

Annie D @ann-arcana9/4/2023, 10:55 PM

So I fucked about with this and they did do some sanity checking, in that it won't convert the link if the link text is also a url. ie. you can't do [https://www.hotelfsex.com](http://this.linkishax.io) etc.

X @xkeeper9/4/2023, 11:14 PM

don't worry, unicode fixes this

AquamarinePlasma @AquamarinePlasma10/3/2023, 11:59 AM

You can also combine it with another bug to have a link which appears to point to site a and has an embed from site a, but actually points toward site b:

noted ear-haver @rachelmae9/4/2023, 11:14 PM

that's good, but someone pointed out that you can leave off the https:// in the link text and it will go through just fine

Annie D @ann-arcana9/4/2023, 11:20 PM

uuuugh wow nm that's dumb as shit

hecko @hecko9/5/2023, 9:35 AM

yeah and they foresaw some tricks but not enough:

xkeeper showed one
the character ⫽ is only a little bit off
and i just realized one can just split it into 2 links: [h](https://google.com/#)[ttps://blah.blah](https://google.com/)
- the hash is because the embed parser would otherwise see it as https://google.com/https://google.com/ and thus fail, great coding

𝐚𝐝𝐝𝐢𝐞 (train enjoyer)@trainsfemme9/4/2023, 10:57 PM

i would agree but on the other hand i like full markdown support and as long as you are somewhat sane and check links before mindlessly clickingon them (if you hover over a link it shows you a true URL), and have to go through a popup telling you what website you're going to, AND there's an embed showing the true contents of the website - I really don't think it's that big of a problem.

X @xkeeper9/4/2023, 11:15 PM

you can trivially disable the embed by surrounding the url in <angle brackets> and nobody heeds security warnings

noted ear-haver @rachelmae9/4/2023, 11:17 PM

we may be smart/battle-scarred enough to know this, but a lot of people are not, and that is the problem

hecko @hecko9/5/2023, 9:23 AM

thing is the popup now shows up for every link clicked, not just masked ones, so people will tune it out
and embeds are just opengraph so they can be copy-pasted and nobody will be able to tell (unless it's something special like youtube or twitter); heck there are websites for making links with custom embeds that redirect to whatever without writing a gram of html

Internet Janitor @internet-janitor9/4/2023, 11:38 PM

All the reasons for markdown support that I can think of are in service of using Discord as a repository for information. Since Discord isn't indexed by search engines and you generally can't even read-only access a discord server without publicly announcing yourself and surrendering personal information, those use-cases are inherently terrible. What a fine mess we're in.

X @xkeeper9/4/2023, 11:59 PM

lmao i was just thinking about how enabling all markdown in all messages (like headers and the like) is explicitly getting ready to really turn them into private little wikis of future lost information, it rules. we're fucked

Internet Janitor @internet-janitor9/5/2023, 12:40 AM

It's even more glorious when you remember that Discord, like every other shitty tech company, is flirting with LLM (Ludicrous Liar Machine) technology.

Not only will the little faux-wikis be inaccessible to actual people, they will be hoarded and resold to institutional customers that wish to produce wiki-shaped spam.

Plum @plumpan9/4/2023, 11:38 PM

It's ok! Discord has a little pop up that says WHOA THAT'S AN EXTERNAL LINK ARE YOU SURE YOU WANT TO GO THERE? On every single URL, which means it's safe to do dumb shit like this! They even WON'T LET YOU MIDDLE CLICK TO OPEN IN NEW TAB WITHOUT THE CLICKTHROUGH ANYMORE THEY'RE SERIOUS ABOUT SECURITY

Plum @plumpan9/4/2023, 11:40 PM

HERE AT DISCORD UNIVERSITY WE'RE SERIOUS ABOUT SECURITY. I HAD A CHOICE, BUT A TRADITIONAL CHAT PROGRAM JUST WASN'T FOR ME. WE LEARN HANDS ON USING TODAY'S MARKDOWN AND BOT TOOLS. MY SERVER POPULARITY IS LOOKING GOOD THANKS TO DISCORD. I WAS PART OF THE CHAT AT DISCORD.

X @xkeeper9/4/2023, 11:58 PM

seeing that stupid popup so many times for clearly normal and regular domains that you just click yes every time, truly secure, thanks discord

Internet Janitor @internet-janitor9/5/2023, 12:31 AM

"for security purposes, please enable your webcam and microphone, raise your arms above your head and say 'i love mcdonalds whoppers' to open this link"

🍬@Bonbon9/5/2023, 2:08 AM

having to invest in better lighting in order to open a link on the internet

Internet Janitor @internet-janitor9/5/2023, 3:37 AM

a flaming hoop is technically a ring-light.

🍬@Bonbon9/5/2023, 9:13 PM

this is fine.
(provides a nice ambience.)

Andrew @vavassor9/5/2023, 5:22 AM

I don't know the motivation from discord's side. But for websites this is commonly an accessibility recommendation. It's more understandable for screen readers to read "Discord needs to go away" than to try and read this aloud "https://cohost.org/rachelmae/post/2732761-discord-needs-to-go".

Pinned Tags