• Pamasich@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I don’t know why your browser treats this as a download, seems to be incredibly insecure.

    If I didn’t know others already confirmed it to be a video, I’d assume this was a scam website, distributing a virus disguised as a video. The actual url is encrypted so you can’t tell what it actually points to, while the file extension is mentioned in the url parameters to give the impression it’s a video file when it could really be anything. And it’s being downloaded from Russia.

    I think it was definitely a good idea to post this. You should probably look for a better browser that doesn’t treat every shady url as a download. One misclick and you can get a virus on your phone like this.

    As for kbin, I recommend making an issue about this on the codeberg repository. That’s the best way to get kbin to actually do something about this.

    • Teppic@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Browsers usually offer to download files with extensions they don’t recognise, basically it’s the browser saying “I can’t display this, do you want to download it?”. In this case the file appears to have no extension as observed by OP.
      I think kbin is working fine, the preview did as expected and shared the URL of a video file (but unclear why OP doesn’t see this as an mp4 video file).
      My guess is OP will get the same popup if in navigates to the page with the video as he did from kbin. This issue is (I think) the video file’s URL, not kbin.
      Nothing at this point makes me think kbin could or would have included anything it shouldn’t have in the preview.

      All of that said - Would I be cautious if I saw the pop-up OP shows, yes absolutely. And while what I can see isn’t hostile that doesn’t 100% mean the website isn’t convertly doing something on occasion, or for a subset of users. It is entirely possible to make a website show different people different things.

      • Pamasich@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I agree, I also think kbin isn’t doing anything wrong here. But it might still be able to take actions to prevent or mitigate this, so that’s why I suggested posting about it to the codeberg repository.

  • mihnt@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Running Linux Mint, Flatpak Firefox.

    I can see it connecting to that same domain, but I am not getting prompted nor is it downloading anything.

  • Teppic@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Humm. Well I’ve not seen it but…
    Do you have auto media preview turned on?
    …and if so I suspect it would be helpful if you can establish which post caused it because that really shouldn’t happen.

  • CarlsIII@kbin.socialOP
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    This prompt appeared for me while browsing all, and appeared again when I refreshed the page.

  • Salamander@mander.xyz
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I can’t reproduce that. And I don’t see any indication of any connection to yandex through the inspector when I go to kbin.social.

    Could it be that you have some malware installed in your PC? Have you seen this or similar download pop-ups in other sites?

        • CarlsIII@kbin.socialOP
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          That’s not the pop up I saw. It looked exactly like my screenshot, and appeared at the bottom of my screen.

          • Salamander@mander.xyz
            link
            fedilink
            arrow-up
            0
            ·
            1 year ago

            But did you also see this pop-up? What I am thinking is that maybe your phone processed it diferently

            • CarlsIII@kbin.socialOP
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              No, I have never seen that pop up. Should I be seeing it? It looks like an ad for an unnamed app that is also showing a random kbin thread