Hexbear.net is probably going to be sold to a complete stranger, and this is a big OpSec issue because there will be rare visitors who can be honeypotted into a malicious Hexbear clone. I think we need to request all mobile Lemmy apps to ban hexbear on the client code side. Or at least add the code to alert anyone connecting to Hexbear.net that it is not safe to visit this domain anymore

  • Justice@lemmygrad.mlEnglish
    10·
    1 day ago

    TL;DR unless the shitlib did a Mission Impossible style heist, all the registration data is just on someone’s server, likely in a massive data center wherever they were paying to host the site from. It’s probably encrypted (well, it should be) and effectively inaccessible to anyone without the proper keys to access it.

    The domain name is just the domain name

    When you type in a domain name your DNS resolves that name to an IP address

    Without dragging this out overly much, it’s like someone stole your phone number. Not your phone.

    When people call your stolen number they expect that Illuminati answers. The thief could fake being you, if they were good enough and wanted to.

    But they don’t have your data. That resides on your phone. The server(s) that were being used to host hexbear, to leave the analogy behind.

    There’s currently nothing to worry about data theft side of things.

    However, with minimum due respect, whoever managed to let the domain registration expire is a top tier… dingus. I honestly don’t even know how they let that happen. 🤷‍♂️

      • Justice@lemmygrad.mlEnglish
        12·
        24 hours ago

        Sure. Although that means very little considering most people have dynamic IPs. You also can’t do anything with an IP… not much anyway. Assuming they even grab a long term dynamic IP (some ISPs rarely change the IP, this is true) it only gives them your generalized geolocation which is often off by hundreds of miles. And your ISP, although that isn’t always clear either. It’s not like an ip tracing to your home directly. That would make literally every single connection you make to any website a security risk. My point being, if your personal security risk levels prohibits connections to websites… this is just another drop in a bucket.

        I’m not trying to be flippant here or overly dismissive. I just think this isn’t as big of a concern as some are imagining. I agree generally something should be done to alert users that the website is no longer “safe” or “genuine.” Beyond that, barring a lemmy decision about how to handle expired/stolen domains, not much else can be done. 🤷‍♂️

        Maybe see if someone can add it to a large Adblock list so that ublock, etc. pick it up as “potentially dangerous.”

        That’s assuming the hexbear admin team isn’t able to snag it. Last I saw it’s like ~$700. There’s absolutely some IT nerd with a bunch of cash who might buy it from the auction and gift it to hexbear. Who knows. There’s many more shitty NATO IT libs who would buy it and sit on it for years just to pretend they “owned the tankies.”

        Ultimately I find it hard to not find a lot of fault in the admins of hexbear for letting this go for months and months. They should’ve begun migration to a new domain as soon as the old admin/owner disappeared.

      • IHave69XiBucks@lemmygrad.ml
        3·
        19 hours ago

        Honestly if your using a heavily commie site and not taking opsec precautions to hide your real IP then they already know it.