So, .zip is so bad that you block the entire domain on your home network yet you’re here commenting?
LMAO
Comment on Welcome to Lemmy.zip
hightrix@lemmy.world 3 weeks ago
Unfortunate that the chosen url is a .zip url.
.zip is ripe for malicious actors. I block access to all .zip TLDs on my home network.
ulu_mulu@lemmy.zip 3 weeks ago
swizzlestick@lemmy.zip 3 weeks ago
It’s a genuine concern, if a bit overkill. On release, .zip domains were quickly seized upon by bad actors land grabbing anything they could roll into a phishing attack. If you’ve got folk on your network that may be prone to that, then blocking the TLD is an effective bludgeon to the problem.
Blocking is unlikely to cause issues for the Average Internet User, due to the lack of popularity in mainstream services that use .zip. There are always ways to make exceptions where needed - a restrictive policy with exceptions is more secure than a permissive policy with selective blocks, as it prevents new malicious .zip domains getting through. It’s a security cat and mouse game otherwise.
As for how they are here - I guess it’s through federation with .world, so they’re not accessing .zip directly.
I also block .zip domains, but at work rather than home. No complaints yet.
dil@lemmy.zip 3 weeks ago
basically a built in stopgap to prevent to many users from joining this one instance lol
possiblylinux127@lemmy.zip 3 weeks ago
It seems more like a issue with applications honestly
DNS shouldn’t be the source of a compromise
swizzlestick@lemmy.zip 3 weeks ago
And a TLD shouldn’t be so easy to mistake for one of the most recognisable filetypes ever, yet here we are. Well made apps discern between a zip file and a zip web address without issue. The problem, as usual, is in the human element:
- Register a zip domain called
holidayphotos2025.zip,2025ProductData.zipor whatever hook you’re going for. - Serve up whatever malicious garbage you like on it. Spoofed login pages, browser exploits, anything goes.
- Email it out from an already compromised account to all account contacts, removing the https component of the link text. Bonus points for imitating how an attachment would look in the target email client.
- Watch the clicks roll in as people try to open the ‘attachment’.
Having .zip in the string and in the link visible on hover could be all that is needed to ‘sell’ it to a user that makes a cursory glance before clicking - nevermind the ones that just click anyway. Plenty of folk have fallen for more obvious traps than that, so it’s a winner for a bad actor. Any trick that lends legitimacy to a scam increases the chance of success. Users savvy enough to check but not enough to spot the discrepancy may also have more data interesting to an attacker.
Blocking .zip TLDs wholesale at DNS level kills this even if the first and hardest hurdle (getting the user to click) is cleared. I’ll concede that it is an edge case in the grand scheme of things, but why leave the hole open when it is so easily plugged?
- Register a zip domain called
ulu_mulu@lemmy.zip 3 weeks ago
Thanks for the detailed explanation.
I understand the technical point of view and yes, they definitively wrote on their lemmy.world “copy” of this thread given how the fediverse work, tho they should be able to see which instance each post originates from.
I most probably worded my answer very poorly, I was at a loss of words, not only because of what I perceived as incoherent behaviour, but also because of the circumstances.
I mean, I’m a lemm.ee “refugee” like many in this thread, I registered here only 2 days ago, still very sad for the loss of .ee, the admins wrote a fantastic welcome post for all of us, and of all the things they could say they come here to remark what they think of the domain? Seriously ?!?
swizzlestick@lemmy.zip 3 weeks ago
Welcome - bumping into a lot of ee folk and it’s great to see you all making new homes. Just a shame about the circumstances.
Sure they were a bit blunt, but some people just are. Bit cheeky of them to drop in from outside and chat shit in our home community though, agreed there 😅
hightrix@lemmy.world 2 weeks ago
I found this post through another instance.
possiblylinux127@lemmy.zip 3 weeks ago
I’m not sure why you are putting this here
hightrix@lemmy.world 2 weeks ago
As a comment on this post.