DISCORD PSA:
-
DISCORD PSA:
So there's a neat new spam technique that Discord stupidly enabled by failing to do any risk analysis on new features. Discord has a feature called "apps" (which are different than bots, I guess) that a user can use on any server (by default; there's a permission setting for it but the admins have to manually turn it off), which let the user invoke them with limited permissions anywhere with a / command.
Yesterday someone joined the mGBA discord, used it to post cryptocurrency spam with a bot I couldn't remove, then deleted the original message so I couldn't even see who invoked them, much less ban them. Supposedly you can check message interactions to find out who posted them, but a mod deleted all of them last time after that came to light and before I was able to verify.
Great ideas all around from the company that lets you pay for effects that make bios unreadable for several seconds, started a game store no one asked for before shutting it down and rendering all the purchases unavailable less than a year later, and forcing everyone to rename their accounts, forcing a massive landgrab for those who didn't want to be impersonated.
Discord is shit, by the way.
-
-
@Kuniti_shino @endrift sounds like that app is a security risk then
-
-
@Kuniti_shino @endrift eh seems easier just to disable all apps idk
