little do they know nobody is going to type out those urls by hand...
She should have merch.
this post was submitted on 22 Mar 2025
254 points (96.0% liked)
Nicoled
329 readers
6 users here now
Hi, I'm Nicole! But you can call me the Fediverse Chick :D
For when you or others get nicoled.
founded 3 weeks ago
MODERATORS
Friend of Nicole
Nicole Cage top
Thank god phones let you easily copy these links from the image. I was worried I'd have to type them in.
Edited to not rankle people.
Lol are you a Google rep?
load more comments
(5 replies)
So admins have to do ocr on every pic now?
It might be more effective to penalize instances with open sign ups that the bots are using, to pressure such instances to use bot-filtering tactics on their sign up pages.
Rate limiting, blocking DMs, or defederating (perhaps graduated after a warning) from minor instances that can't control bots sounds like a reasonable admin action.
I think the most effective would be to add a step so you could only write a message to people when both parties have consented or something like that.
poor girl is trying so hard to make friends
As an American, I'm voting for her next election.
Cute, you still think you'll get elections
I get the joke, but that thinking brought us our current admin.
She doesnt fit the requirements to be able to become a candidate in the united states of america unfortunately
We can rig it.
I just got this exact same message. Different account tho. Couldn't report it for some reason even though the account isn't banned yet.
It seems like the theory of deanonymizing users using images makes more sense with this
Not really. The messages always had pictures. That hasn't changed. This is to bypass text filters.
If this entity just wanted to deanonymize users, a transparent GIF pixel would work even better. Then you wouldn't even be aware there was an image. And then you could vary the text sent to each person to avoid filters and avoid suspicion.
The message itself could just be a single word like "a". Something you can't reasonably filter. There wouldn't need to be a meaningful message at all if you're just trying to determine the IP of users.
Nah... The point of these messages has always been to get people to go to these URLs. This is probably classic catfishing.
Besides, are the image URLs even unique? Or include the name of the user they're sent to? If not, then it's useless as a deanonymization mechanism.
Fair, I'll take your point as it does sounds reasonable to me as well. But I don't believe the point is to get people to visit the links, the vast majority aren't and those who did report there is nothing on the other end. So, go figure.
As for obtaining IP- I've no idea on how that works, so I can't present you with a counterargument. There are posts discussing that already, has anyone brought that up there?
If the image in the message is hosted on a server operated by the one sending the message, then the sender's server will have a log showing the IP address of the person viewing the image. Just by opening the message, the sender will know the IP of the person reading it.
However, hundreds of people received the message. So in order to tell which IP comes from which user, the URL of the image sent to each person needs to be unique. It can be as simple as putting their mame in the querystring, like http://image.server/girl.jpg?u=CrayonRosary%40lemmy.world
The web log will show that specific URL being requested by my IP address. Every user will receive an image with a URL unique to them.
It could also be more subtle like using a random looking ID and saving username/ID pairs in a table. Like http://image.server/girl.jpg?27639927. And then some table has that number associated to my username. The attacker builds the table as they send each message.
I got one of these messages. I should check if the URL is something like this.
Luckily the attacker can't get my personal IP address because I use NordVPN, the sponsor of this comment. Whether I’m browsing on public Wi-Fi, or trying to avoid deanonymization attacks like this one, NordVPN ensures my personal data stays private and secure. So if you want to stay safe online, go to NordVPN.com/MyTotallyRealPromoCode and get an exclusive deal today!
/s But I do use a VPN. 😄
(I must have deleted the message. I can't find it.)
Since you have a VPN I nominate you to engage with her and find out what she wants.
Ironically, the one time I tried Matrix, I was immediately banned after sending my first message, presumably because I'm on a VPN.
load more comments
(1 replies)
Lemmy supports proxying images though. I read the release notes for the feature and its supposed to work on all image urls:
The setting works by rewriting links in new posts, comments and other places when they are inserted in the database. source
what's this?
The Friendica link has a work address. I wonder, now, if it's the address of a person or company they're trying to harm. No way it's actually her real work address.
Turns out it's a grocery store.
Someone should ask on the Google maps Q&A section, "Does Nicole, A.K.A Fediverse Chick, work there?" 😄
Someone should ask on the Google maps Q&A section, "Does Nicole, A.K.A Fediverse Chick, work there?" 😄
Assuming this is actually a harassment campaign (which seems likely tbh) that would be the worst thing you could do.
I could think of a hundred worse things! My idea was a benign question.
Fun fact: her matrix server is a cesspool of racist garbage
little do they know nobody is going to type out those urls by hand...
Never underestimate the lengths that thirsty bois will go.
And most OSs provide OCR.
Bois+ bots
Am I the only one who hasn’t gotten one of her messages?
you probs missed it, the admin of SJW auto deletes the spam messages when caught
What is that font up there?
i installed it from my phone's personalization app but it doesn't seem like a commercial font or anything (no results from google). i just feel like it helps my dyslexia idk
What's the name of that app?
its just the built in theme manager for xiaomi
It looks like a dialogue tree from the 16bit Fallout games.
brb, off to get a GECK from Poland.
Were there 16 bit Fallout games? Was Fallout 1 that early on Windows?
It was a crude way to express an "era" for when it was released, because I couldn't be arsed googling for a release date.
It appears as though Fallout is an early 1997 game. Windows 3.x seemed to still be the dominant OS (or at least MS-DOS) at 52% of the market with Win95 accounting for 32%, so I would imagine that the game would still be built with 16-bit architectures in mind.
Does it? I'm not a font guy but to me it looks more like comic sans.
It's not
I was wondering what happened. I haven't heard any updates on her recently.
How is there not a bot that auto reports her yet?
What are "pre-health" sciences anyway?
IDK. But If I had a gun to my head, I would say a category of undergraduate major before going into a doctoral or a graduate in the medical field.
I figure it's like pre bio chem.
Something like that yes
view more: next ›