1. I create a well crafted post to a normal site that gets 10.000 upvotes.

  2. I change the URL to a malicious site.

  3. ???

  4. Profit

  • CoderKat
    link
    fedilink
    3
    edit-2
    2 years ago

    Titles being editable is really useful. So many posts have misleading titles, causing posts to have to either get removed or flaired (I don’t think we have an equivalent of flairing yet).

    Plus, unless we’re prohibiting editing the body or even comments within posts, it has similar risks to editing the title or URL. Though the post URL is the one most likely to get clicked and thus is the highest risk.

    It is something tooling could help detect. Moderator tools could detect posts changing the URL and flag the post for review. The general idea of spam filters apply well here. Spam filters aren’t just for completely preventing spam, but also for flagging potential spam. We could train spam filters on diffs of comments so that they can recognize when posts seemed to have completely changed in a way that we’d classify as spam.

    • @T156
      link
      12 years ago

      But at the same time, letting the title be edited can also cause problems later on, especially if it’s something that can be used to feign support, or something along those lines, on something a bit more malicious.