1. 35
  1. 2

    Especially dangerous when combined with this http://dinaburg.org/bitsquatting.html

    1. 3

      I wonder if it is. bitsquatting seems to mostly only be a viable technique because of sheer volume of requests meaning a small percentage of errors is a large number of hits in absolute terms. The number of requests you get for a given package is going to be many orders of magnitude smaller than the number of DNS requests.

      1. 2

        i thought lobste.rs was deduplicating things already…?

        1. 1

          That’s a manual process. :) It’s really meant for when the two conversations are in close temporal proximity, but I’ve merged these ones anyway; we might as well keep discussion together.