Readit News logoReadit News
sloshnmosh commented on A Guide to Push Notifications for Developers   smashingmagazine.com/2022... · Posted by u/fagnerbrack
sloshnmosh · 3 years ago
Just say No to push notifications!

There is a huge problem with spammy push notifications that trick users into accepting push notifications by using fake media players and fake CAPTHAs that if accepted will push all manner of SPAM on victims devices that say they have multiple viruses that pull up Google play store app to some bogus Cleaner/antivirus apps.

The push notifications are hosted on Cloudfront using AdMaven and AdFly and AppNexxus.

I have been trying to report these criminals for a couple of years now with no luck.

Cloudfront refuses to take down the script that AdMaven uses and AdMaven, AdFly, AppNexxus and Proppelerads all ignore multiple attempts to contact.

sloshnmosh commented on Launch HN: Helio Sleep (YC S21) – One-stop portal for sleep apnea   heliosleep.com//... · Posted by u/maxgreenfeld
jpthurman · 3 years ago
It’s good to see someone filling this void. I was diagnosed with sleep apnea when I was leaving the military and have struggled to get it addressed in the transition to civilian life, changing insurance, doctors etc and have basically given up. Having a resource to be able to coordinate the process to finding a solution is really important. The CPAP never worked for me but I know there are other configurations that I never got to.
sloshnmosh · 3 years ago
Have you gone to the VA?

I know our local Vetrans hospital has a small sleep study room for diagnosis and will supply CPAP to those in need.

sloshnmosh commented on Walgreens replaced some fridge doors with screens, and some shoppers hate it   edition.cnn.com/2022/03/1... · Posted by u/tiahura
sloshnmosh · 3 years ago
Walgreens has always tried to harvest every single penny they could squeeze from their customers, mainly by selling the customers PII to anyone and everyone, so this is no big surprise to me.

It reminds me of the obnoxious talking gas pumps that play ads while you’re filling your car.

At first there used to be a “mute” button to where you could silence the crap and all the plastic was worn away from everyone mashing it trying to shut it up.

Now I no longer see any option to mute the ads.

I hate ads with a passion and won’t allow them to run on my devices. Mainly for security and privacy but the aggravation they cause is palpable.

Whenever I work on someone else’s computer and open a web browser I am in shock that people can even concentrate with all the garbage on the screen.

sloshnmosh commented on Newer TP-Link Routers send large volumes of requests to Avira servers   old.reddit.com/r/hardware... · Posted by u/decrypt
Gigachad · 3 years ago
With ublock origin. DNS level ad blocking is rubbish and mostly circumvented by providers now.
sloshnmosh · 3 years ago
I heard that ads were able to circumvent DNS by using canonical names.

But uBlock origin and PiHole both do CNAME inspection to block this.

Is there other ways that ads are circumventing DNS ad-blockers such as PiHole?

sloshnmosh commented on Newer TP-Link Routers send large volumes of requests to Avira servers   old.reddit.com/r/hardware... · Posted by u/decrypt
zinekeller · 3 years ago
Before you say anything about this feature (which is apparently called HomeCare, https://www.tp-link.com/homecare/), you should probably know that Asus also has a AiProtection feature powered by Trend Micro (https://www.asus.com/content/aiprotection/) and D-Link having McAfee Secure Home Platform built-in (https://www.dlink.com/en/latest-news/d-link-introduces-new-e...). Definitely not vindicating TP-Link here (especially the alleged continuous querying despite the feature being off), just noting that this is not exclusive to TP-Link.
sloshnmosh · 3 years ago
I came here to say the same. I even purchased a LAN throwing star to look to see if my Asus router was sending anything to TrendMicro but never did get around to it.

But I will now for sure.

sloshnmosh commented on Malicious app on Google Play drops banking malware on users’ devices   blog.pradeo.com/vultur-ma... · Posted by u/caaqil
lnxg33k1 · 4 years ago
Another question would be: If google gives me an app from their official playstore, on their OS, should they be considered responsible for any loss that it causes to bank accounts, or we have given up accountability for big corps, hope regulators are sleeping well
sloshnmosh · 4 years ago
Google is complicit in this by their refusal to ban larger app developers that create malicious apps. Google may kick the malicious app off the play store for a couple weeks and make the developer remove the malware (or obfuscate it better) but then allows the app(s) back to the play store.

Deleted Comment

sloshnmosh commented on Web Push Notifications in WebKit   bugs.webkit.org/show_bug.... · Posted by u/maxwell
sloshnmosh · 4 years ago
Be VERY careful on accepting push notifications!

There is a huge malvertising campaign targeting mobile users (especially Android) that tricks users into accepting push notifications with fake CAPTCHAs or fake media player buttons that push malicious ads and mobile malware and can even lead to botnet activity.

The risk versus value is too high.

sloshnmosh · 4 years ago
The software being used to push this malware is from Propeller ads and more recently AdMaven but is protected by Russian DDoS services.
sloshnmosh commented on Web Push Notifications in WebKit   bugs.webkit.org/show_bug.... · Posted by u/maxwell
sloshnmosh · 4 years ago
Be VERY careful on accepting push notifications!

There is a huge malvertising campaign targeting mobile users (especially Android) that tricks users into accepting push notifications with fake CAPTCHAs or fake media player buttons that push malicious ads and mobile malware and can even lead to botnet activity.

The risk versus value is too high.

sloshnmosh commented on Xfinity outage leaves tens of thousands in the Bay Area without internet   sfchronicle.com/bayarea/a... · Posted by u/no_wizard
bigmattystyles · 4 years ago
Their twitter feed was hilarious - individuals were reporting outages as part of a collective 'me too' and instead of Comcast saying there's a big issue with our network, they replied (probably with a bot) to every message asking to be be DM'd with the account details so they could look into it. To get to the outage map, the default path from their site (which was also down), you had to sign in to see that your very specific region had an issue. They really didn't want to show that (likely) millions of people were affected.
sloshnmosh · 4 years ago
Hmmm. My tinfoil hat tells me that Comcast may be doing this to tie users Twitter accounts to their real names and addresses.
s

u/sloshnmosh

KarmaCake day593February 18, 2020View Original