New GitHub user and extension developer claims Twitch’s website has malware - eviltoast

https://github.com/uBlockOrigin/uAssets/issues/5184#issuecomment-1829172308

Twitch is a dangerous website, the extension probably won’t be back. They could still easily target you at any time and you are just lucky they are sending ads. After some time of using the extension twitch will react and become even more toxic.

Twitch even has a network sniffer in its source code (among other things), its so much worse than just ads, some of these experiments are basically malware/pup that no-one would install on their device willingly, these instances aren’t just left over code from some library they are deliberately crafted experiments that are present in the active code path.

  • testfactor@lemmy.world
    link
    fedilink
    English
    arrow-up
    103
    ·
    1 year ago

    Forgive me if I wait for more concrete evidence than the word of a guy who refuses to cite his sources because he thinks Twitch is in collusion with the US Government and he may be thrown in jail or disappeared for doing a write up on some publicly available source code.

  • orhtej2
    link
    fedilink
    English
    arrow-up
    53
    ·
    1 year ago

    The duck did I just read, some AI is attempting SEO or something?

    What an absolute garbage statement devoid of any proof nor tbh technical possibility to implement.

  • FishFace@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    1 year ago

    network sniffing

    This is only worth paying attention to if someone can say how they not only escaped the browser sandbox but then called native, privileged code. Javascript running in the browser cannot just do that.

  • redditReallySucks@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    If this was true, we would have much bigger problems than twitch. The dude determined twitch was spying on you based on function names (allegedly)

  • kpw@kbin.social
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    What network requests can it sniff? Shouldn’t this be a browser security bug?

  • thelastknowngod@lemm.ee
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    8
    ·
    1 year ago

    This is what it feels like to interact with the Linux/opensource/selfhost people sometimes.

    “bUt ThEy CaN wAtCh YoU!!1!”

    • Prater@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      1 year ago

      I mean they can watch and monitor your activity on their website, and are probably partnered with many other websites to collate data on your interests and beliefs to feed into a chunky advertising algorithm sooooo…

      But you didn’t want to hear that, did you?

      • essteeyou@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        We all know that to a degree, but do you really think they’re in collusion with the US government to jail anyone who mentions it?

        I also don’t think the dude gave anywhere near enough information to explain why search engines and browsers should be blocking access to Twitch. They made a lot of claims, but no proof.

        • Prater@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Yeah. Just to clarify, I didn’t mean to try to validate conspiracy theories like these and wasn’t suggesting that this guy is right, but that it’s wrong to ignore the large amount of data that closed source applications oftentimes do collect on you.