Are they just an issue with wefwef or trying to use an exploit

  • Snipe_AT@lemmy.atay.dev
    link
    fedilink
    arrow-up
    2
    arrow-down
    18
    ·
    1 year ago

    sorry i’m missing it. why this specific TLD? can’t they just use any TLD for this and achieve the same thing? is there something special with .mov?

    • Thassar@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      It’s because it can cause confusion. The only difference between example.com/file.zip and example.com.file.zip is one uses a . and the other a / but both are valid domains. If somebody isn’t paying much attention or they don’t know much about domain names, they could click thinking to get a zip file from a legitimate site and end up going somewhere malicious instead. No other TLDs have this issue (well, I guess .com technically has it but who the hell is downloading and running com files these days) and they’re pretty much exclusively used for this reason so it’s a good idea to block them just to be safe.

    • assa123@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      since .zip and .mov are recognizable file extensions, a url of the form google.com.docs.zelensky.zip could make people think that the domain is google.com pointing to a zip instead of the true domain, zelensky (dot) zip which probably would serve malicious content under that subdomain.