|
|
|
|
|
|
by d110af5ccf
1356 days ago
|
|
|
Even then, you can never be certain that a service isn't providing you with a URL for something that is unique to you. For example, if HN wanted to go evil there's no reason it couldn't hand out a unique URL to every single visitor for every single page visited and invisibly map them to the appropriate resource on the backend. And they could even perform a redirect to a different unique URL each time one was loaded to reduce overlap between different parties (since most people wouldn't bother to counteract the redirect when resharing something). And it's not even resource intensive to do something like this. It can all be done in a purely stateless manner by concatenating an internal ID with a counter and encrypting it to derive the URL that gets served to the user. The moral of the story is, you should really download and share things yourself. |
|
|