Profile overview for OpenSource.
Submission statistics

This user has mostly submitted to the following subverses (showing top 5):

51 submissions to EVE

6 submissions to news

6 submissions to whatever

3 submissions to videos

2 submissions to technology

This user has so far shared a total of 78 links, started a total of 3 discussions and submitted a total of 199 comments.

Voting habits

Submissions: This user has upvoted 48 and downvoted 43 submissions.

Comments: This user has upvoted 176 and downvoted 169 comments.

Submission ratings

5 highest rated submissions:

[Important] Imgur is being used to create a botnet and DDOS 8Chan. Clean browser localstorage if you visit either of this websites., submitted: 9/22/2015 10:23:52 AM, 400 points (+406|-6)

Lenovo caught pre-installing spyware on its laptops yet again, submitted: 9/24/2015 3:01:27 PM, 397 points (+400|-3)

Woman makes app that lets people rate and review you, Yelp-style. Now SHE'S upset people are 'reviewing' her, submitted: 10/2/2015 11:58:30 AM, 381 points (+382|-1)

Wage gap..., submitted: 11/26/2015 5:24:01 PM, 361 points (+366|-5)

/b/ chooses between pretty whale and ugly fit girl, submitted: 10/5/2015 2:24:58 PM, 237 points (+239|-2)

5 lowest rated submissions:

[SiSi] Billboard Advertisements, submitted: 4/15/2016 8:29:12 AM, 1 points (+1|-0)

Fanfest 2016 - Bring On The Wrecking Machine! - Schedule inside , submitted: 4/18/2016 12:08:34 PM, 1 points (+1|-0)

EVE Valkyrie Gameplay Trailer, submitted: 4/19/2016 12:42:07 PM, 1 points (+1|-0)

[EVE News] Get ready for Citadels - Join the mass test April 19 at 17:00, submitted: 4/19/2016 2:38:50 PM, 1 points (+1|-0)

Capital ships will soon be able to run incursions, submitted: 4/20/2016 3:09:12 AM, 1 points (+1|-0)

Comment ratings

3 highest rated comments:

Is Reddit Afraid Of Voat? Domain Name Purchase Suggests It Is... submitted by mschenk to technology

OpenSource 1 points 281 points (+282|-1) ago

I know their subscriber numbers are totally bogus, that's obvious to me. We used to fake those numbers, too, when we were little, so I can't blame them for that."

"We totally cheated on subscribers number but it's ok to do so, so everybody is probably doing it."

What a fucking piece of shit

[Important] Imgur is being used to create a botnet and DDOS 8Chan. Clean browser localstorage if you visit either of this websites. submitted by OpenSource to technology

OpenSource 0 points 81 points (+81|-0) ago

Top comment of this thread :

This isn't a DDOS. It's targeting 8chan users and leaving javascript code in their local storage that causes their browsers ping back to a command and control server each time they hit an 8chan page. Thus far the C&C server hasn't sent out any commands (or stopped issuing commands before this was discovered). Over the evening whoever authored this has been updating and changing their code. It only effects very specific imgur images/pages. Why is not yet known.

Things to take away:

  • If you visit imgur and 8chan you may very well have a big issue. Clear your localstorage (go to 8chan, open your browsers console, type localstorage and see what's there - then type localstorage = [] and hit enter) as well as all browser private information (cookies, passwords, offline storage, etc).

  • Imgur is compromised. This is the big one and should be very worrisome to anyone on this site. There are three possibilities:

1.) There is an exploit in how imgur processes images that allows someone uploading an image to get code injected into the page when someone else loads the image from imgur

2.) Imgur has one or more servers that are compromised

3.) Imgur has a rogue employee injecting malicious code.

In all cases, this is really, really bad. It's very unlikely that a 0day exploit on a site as big as imgur is just being used to go after 8chan (unless it's case 3. and someone has a grudge). This allows whoever knows how to take advantage of the exploit to launch an XSS attack against anyone who visits a malicious page on imgur. And there's no way to tell before visiting the page. Not all pages on imgur are compromised and right now it appears to be a very small number of images that had malicious payloads sitting on their page.

How the attack appears to have worked:

1.) Malicious javascript got onto imgur's server somehow (via one of the three routes outlined above)

2.) This js created iframes and embedded a flash file hosted on 8chan. The iframe was off screen so a user would not notice. Since imgur typically uses flash for parts of its functionality flash asking to run on imgur wouldn't be seen as suspicious.

3.) This flash file injected more javascript into the page (while on the surface looking like an innocuous pikachu animation). This javascript was stored to the user's localstorage (which, since the iframe was pointing at 8chan, allowed the attacker to attach js to 8chan's localstorage). It's functionality is to issue a GET request to (not an 8chan server AFAIK) and then decrypted the response. So far no one has been able to see a response from that web service, meaning it likely wasn't activated yet or has already been deactivated. The outcome is that every time a user visited an 8chan page, it would "phone home" to check for instructions and then execute more javascript code.

I would stress that everyone should disable flash and javascript on imgur for the time being. This attack may not be the only use of this exploit and a lot of very, very bad things could be done through XSS if more people are exploiting this. You should treat the entire site as potentially compromised until imgur addresses this and explains what happened.

Edit: The original thread has been deleted. What the hell. (In fairness this could have been done by the original poster or the mods "for the lulz" since it was in /r/4chan after all).

Edit2: And now it's back

Edit3: localStorage.clear() is all around a better idea

Edit4: More help to clear local storage

Edit5: We're internet famous

Account Deleted By User submitted by Bidoof to news

OpenSource 0 points 67 points (+67|-0) ago

It only gets better when you tell people you never plan to have kids... I know about it.

3 lowest rated comments:

Welcome to Sweden submitted by TREDDITFIRST to news

OpenSource 5 points -5 points (+0|-5) ago

news pl.n. (used with a sing. verb) 1. a. Information about recent events or happenings, especially as reported by means of newspapers, websites, radio, television, and other forms of media.

this is not news, what he describe in this video happened over several years.

Active Shooter - Oregons Umpqua Community College -10 Dead, 20+ Wounded submitted by 9-11 to news

OpenSource 4 points -3 points (+1|-4) ago

The problem is that America have an unsolvable problem now, to stop those shooting, distribution of firearms should have been stopped a long time ago. Now it's just too late and the problem will get from bad to worse...

Obama Talks Earnestly of Simple Laws that Could Have Prevented Oregon Shooting, Names None submitted by FreeSpeachRocks to politics

OpenSource 5 points -3 points (+2|-5) ago

You are so blind you don't even want to recognize facts. France also had 2 wars in the last century and they don't even have close to the same amount of what you guys have. "Homicide by firearm rate per 100,000 pop" clearly state their is 20 time more homicides by firearms (per 100.000 pop) than australia regardless off how much people live in America... you don't need firearms.