Especially dangerous when combined with this http://dinaburg.org/bitsquatting.html
I wonder if it is. bitsquatting seems to mostly only be a viable technique because of sheer volume of requests meaning a small percentage of errors is a large number of hits in absolute terms. The number of requests you get for a given package is going to be many orders of magnitude smaller than the number of DNS requests.
This is a repost: https://lobste.rs/s/qtipck/typosquatting_programming_language
i thought lobste.rs was deduplicating things already…?
That’s a manual process. :) It’s really meant for when the two conversations are in close temporal proximity, but I’ve merged these ones anyway; we might as well keep discussion together.