New GitHub user and extension developer claims Twitch’s website has malware

Aatube@kbin.social to Technology@lemmy.world – 38 points –
github.com

https://github.com/uBlockOrigin/uAssets/issues/5184#issuecomment-1829172308

Twitch is a dangerous website, the extension probably won't be back. They could still easily target you at any time and you are just lucky they are sending ads. After some time of using the extension twitch will react and become even more toxic.

Twitch even has a network sniffer in its source code (among other things), its so much worse than just ads, some of these experiments are basically malware/pup that no-one would install on their device willingly, these instances aren't just left over code from some library they are deliberately crafted experiments that are present in the active code path.

35

Forgive me if I wait for more concrete evidence than the word of a guy who refuses to cite his sources because he thinks Twitch is in collusion with the US Government and he may be thrown in jail or disappeared for doing a write up on some publicly available source code.

The duck did I just read, some AI is attempting SEO or something?

What an absolute garbage statement devoid of any proof nor tbh technical possibility to implement.

based on the randomly inserted code block that isn't even syntax-correct, to say nothing about how it doesn't even make sense, seems to be a tell tale sign of either 1.) AI generated or 2.) schizophrenic generated

hmm, which parts of it aren't syntax correct? see below, they made an extension before pulling it

I don't see an issue in these two lines.

The only thing is that they are most likely not actually successive lines (because otherwise that code would be pretty weird).

I think that the point of the code is only to show the function names.

MostlyJustBored's account 3 weeks old with no history. We should take whatever that guy says with a grain of salt.

Agreed.

Maybe you should update your post to reflect that, because right now it's kinda clickbaity

Is “new” good enough?

No

Suggestions?

Take down the unhinged ramblings?

It’s interesting

Watching others suffer from mental illness isn't "interesting."

Nothing’s confirmed yet, plus I posted this with the interest of having someone knowledgeable try and verify the accusations.

Oh! Good news: it's total lunacy, as also indicated by others.

But if that was really your intent, maybe the title should be "Is this real or not?" instead of some clickbaity junk

4 more...
4 more...
4 more...
4 more...
4 more...
4 more...
4 more...
5 more...
5 more...
5 more...
5 more...

I doubt it’s just SEO… The fact that his first attempt at the comment was deleted by uBlock’s team and that his claim to be the developer of a now pulled Twitch adblock extension makes this interesting

5 more...

deleted

That is, they claim to be. While I don’t know much JavaScript, someone below claims it’s not valid JavaScript

network sniffing

This is only worth paying attention to if someone can say how they not only escaped the browser sandbox but then called native, privileged code. Javascript running in the browser cannot just do that.

If this was true, we would have much bigger problems than twitch. The dude determined twitch was spying on you based on function names (allegedly)

What network requests can it sniff? Shouldn't this be a browser security bug?

This is what it feels like to interact with the Linux/opensource/selfhost people sometimes.

"bUt ThEy CaN wAtCh YoU!!1!"

I mean they can watch and monitor your activity on their website, and are probably partnered with many other websites to collate data on your interests and beliefs to feed into a chunky advertising algorithm sooooo...

But you didn't want to hear that, did you?

We all know that to a degree, but do you really think they're in collusion with the US government to jail anyone who mentions it?

I also don't think the dude gave anywhere near enough information to explain why search engines and browsers should be blocking access to Twitch. They made a lot of claims, but no proof.

Yeah. Just to clarify, I didn't mean to try to validate conspiracy theories like these and wasn't suggesting that this guy is right, but that it's wrong to ignore the large amount of data that closed source applications oftentimes do collect on you.