Categories
(Anti-)Social Media Badness

A Canned Response to My Viral Tweet

This is a bit different from my usual blog post, insofar as I don’t have much of a point except that I’m tired of repeating myself.

The other day, I was frustrated about Pinterest clogging up the Google Image Search results and tweeted a really simple and well-known life-hack to counteract their search engine manipulation.

Unfortunately, Twitter’s UX is a dumpster fire, so a lot of people tried to share the same advice, not realizing that I was already aware of it (despite my repeat acknowledgement in replies):

https://twitter.com/cnrm_/status/1285564594623324161

https://twitter.com/vhgalvao/status/1285884281978605568

Yikes. Twitter really needs an edit button–or, failing that, a way to “pin” a reply so everyone who sees your tweet also sees that as the guaranteed follow-up.

There was another response that repeated a lot, and that’s what I’d like to focus on more: People were requesting or recommending a browser extension to dork your searches automatically.

https://twitter.com/zymbaluk/status/1285328804487954432

https://twitter.com/shpwreckedbones/status/1285484497534881792

While I totally get the desire to use a browser extension to make Pinterest disappear from your search results once and for all, I’m very hesitant to recommend most browser extensions (exceptions: HTTPS Everywhere, Privacy Badger, uBlock Origin), for one simple reason with historical precedent:

Extension developers tend to sell their accounts to malware authors.

I spent half my previous blog post about search engine dorking talking about how incentives shape most people’s and companies’ decisions.

Encouraging more people to install an unprofitable browser extension will only serve to amplify the blast radius if this attack vector gets repeated. Worse: Anyone who recommends the extension will also be personally responsible for the resulting malware infections. (And these days, you can expect more crypto-miners and keyloggers than adware.)

So, for everyone who keeps responding in nearly-identical ways to that tweet:

  1. Yes, I’m aware of the wildcard TLD filter (appending -site:pinterest.* instead of -site:pinterest.com).
  2. No, I don’t recommend Unpinterested, because I do not know and trust the author of the extension to never sell out and put you at risk.

Thank you for your time this page (hopefully) saves us both.

By Soatok

Security engineer with a fursona. Ask me about dholes or Diffie-Hellman!

Bark My Way

This site uses Akismet to reduce spam. Learn how your comment data is processed.