Categories
Uncategorized

A Canned Response to My Viral Tweet

This is a bit different from my usual blog post, insofar as I don’t have much of a point except that I’m tired of repeating myself.

The other day, I was frustrated about Pinterest clogging up the Google Image Search results and tweeted a really simple and well-known life-hack to counteract their search engine manipulation.

Unfortunately, Twitter’s UX is a dumpster fire, so a lot of people tried to share the same advice, not realizing that I was already aware of it (despite my repeat acknowledgement in replies):

Yikes. Twitter really needs an edit button–or, failing that, a way to “pin” a reply so everyone who sees your tweet also sees that as the guaranteed follow-up.

There was another response that repeated a lot, and that’s what I’d like to focus on more: People were requesting or recommending a browser extension to dork your searches automatically.

While I totally get the desire to use a browser extension to make Pinterest disappear from your search results once and for all, I’m very hesitant to recommend most browser extensions (exceptions: HTTPS Everywhere, Privacy Badger, uBlock Origin), for one simple reason with historical precedent:

Extension developers tend to sell their accounts to malware authors.

I spent half my previous blog post about search engine dorking talking about how incentives shape most people’s and companies’ decisions.

Encouraging more people to install an unprofitable browser extension will only serve to amplify the blast radius if this attack vector gets repeated. Worse: Anyone who recommends the extension will also be personally responsible for the resulting malware infections. (And these days, you can expect more crypto-miners and keyloggers than adware.)

So, for everyone who keeps responding in nearly-identical ways to that tweet:

  1. Yes, I’m aware of the wildcard TLD filter (appending -site:pinterest.* instead of -site:pinterest.com).
  2. No, I don’t recommend Unpinterested, because I do not know and trust the author of the extension to never sell out and put you at risk.

Thank you for your time this page (hopefully) saves us both.

By Soatok

Security engineer with a fursona. Ask me about dholes or Diffie-Hellman!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s