this post was submitted on 27 Nov 2023
9 points (90.9% liked)

Lemmy Support

4651 readers
4 users here now

Support / questions about Lemmy.

Matrix Space: #lemmy-space

founded 5 years ago
MODERATORS
 

When I visit this post:

https://jlai.lu/post/2250911

the embedded short abstract intro to the article is “403 Blocked www.lecho.be” When I try visiting the link directly I get “403 bot detection”. This suggests that everyone who opens that thread independently visits that webpage by way of some javascript that’s not under the user’s control. If 1000 people open that thread, then 1000 separate fetches are made. That’s a poor design. The server could do that job just once and the results would be more reliable. As opposed to everyone getting different results.

This is also a #privacy #security bug. Someone who opens a thread does not necessarily intend to fetch the linked article. Non-tor users are under surveillance in some countries (e.g. the US, where Trump enacted law s.t. ISPs can collect data on users without consent). So they should have control over what sites they visit. Merely opening a thread is an abuse because it makes users actions instantly trackable. IOW, users share information with their ISP without their knowledge or control.

Note that the example thread shows the full text of the article because the author was diligent about copying it. But that’s not the general case.

#bug #lemmyBug

all 4 comments
sorted by: hot top controversial new old
[–] nutomic@lemmy.ml 4 points 11 months ago (1 children)

Previews are already generated on the server side.

[–] soloActivist@links.hackliberty.org 1 points 11 months ago (1 children)

So does that mean jlai.lu is blocked by lecho.be? I figured it was more likely that lecho.be was blocking Tor, thus blocking my connection.

[–] nutomic@lemmy.ml 2 points 11 months ago

Maybe its both. For me lecho.be only shows a message that it requires a subscription.