With almost 40k subscribers on Reddit, r/ScamNumbers is one of the most useful online databases for tracking down scam phone numbers. Some use the information for awareness, while others take advantage by prank calling scammers to waste their time.

Whatever the case may be, we have a zero-tolerance policy towards personal phone numbers. We have enforced this rule severely on Reddit and will do the same here.

We also have a Matrix space!

  • Krafty Kactus@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    10 months ago

    But why is it hosted on a .zip domain? Edit: for clarification, I don’t have anything against having different instances. I’m just wary of anything using the .zip tld.

    • DripGeronimo@lemmy.zipOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 months ago

      I’ve switched instances from lemmy.world to lemmy.zip as .world was very slow with updating their server

      • ZeroCool@slrpnk.net
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        10 months ago

        It’s for the best anyway. It’s better for the health of the fediverse when communities are spread out across a wide array of instances. The consolidation of communities on lemmy.world is not ideal. Good luck with the community!

        • 418teapot@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          3 months ago

          I hate that Google is exerting even more control on the internet with their TLD, but I don’t really think this attack is made all that much worse with .zip TLD. I can already bury a .com in a long URL and end it in .zip just fine like so:

          https://github.com∕foo∕bar∕baz@example.com/foo/bar/baz.zip

          Or even use a subdomain to remove the @:

          https://github.com∕foo∕bar∕baz.example.com/foo/bar/baz.zip

          The truth is most people don’t look much at URLs outside of a domain to verify its authenticity, at which point the .zip TLD does not do much more harm than existing domains do.

          For mitigation, Firefox already doesn’t display the username portion of the URL on hover of a link and URL-encodes it if copy-pasted into the url bar. It also displays the punycode representation when hovering or navigating to the second example.

          Edit: looks like lemmy now replaces 0x2215 which is a character that looks like forward slash with an actual forward slash, so my comment is a bit more confusing. For clarity, the slashes before example.com in the above urls were 0x2215 and not “/”.