Doesn’t dread’s captcha force you to check the url? Afaik it makes you fill in specific parts of the url, so that you check that the url you are using is the same one they are using. Curious how the mirror was able to bypass that.
Regardless I just spent some initial investment saving the pgp public keys and making sure they are legit, so that I can use them to verify dread’s mirrors.txt whenever needed. Faster than walking out to the street imo
I tried looking at dreadforum to see how markets work nowadays and found out in a minute I was viewing a mirror that was injecting links
I think I’ll just ask a dude on the street at this point
But then again I am in a country where that would work with 0 negative consequences for me as the user
Doesn’t dread’s captcha force you to check the url? Afaik it makes you fill in specific parts of the url, so that you check that the url you are using is the same one they are using. Curious how the mirror was able to bypass that.
Regardless I just spent some initial investment saving the pgp public keys and making sure they are legit, so that I can use them to verify dread’s mirrors.txt whenever needed. Faster than walking out to the street imo