What I find strange how this is presented as an either-or option between banning and not banning. You can also have an intermediate warning page. YouTube does this to any third-party website for example. Something like "Warning: JSFiddle has been abused by spammers to run crypto mining scripts. We recommend that you that you do not continue to this JSFiddle page unless you trust the source of the link" should work just fine, no?
Twitter doesn't exactly target the kind of demographic that understands what "to run crypto mining scripts" even means, let alone how to assess whether they "trust the source". I mean, it was retweeted by someone I follow and it has a funny picture of Trump with a dancing turd emoji on his head, what's there not to trust?
It's extremely hard to coach non-technical users into making the right call when presented with a security warning box.
That said, if Twitter can assess whether a posted video contains "sensitive material" (i.e. exposed body parts), they can also assess whether a jsfiddle link (or any link, really) likely contains crypto miners.
It's not about whether it's Twitter's job to "train" them, a warning page before continuing a link is hardly that.
It's about whether they should trust their users and believe that the latter can take responsibility for their own choices, and figure these things out themselves.
> It's about whether they should trust their users and believe that the latter can take responsibility for their own choices, and figure these things out themselves.
You're just begging the question. Why should they do that?
Not really, this is turning into the equivalent of a six year old replying with "why?" to every answer, except you're adults pretending to be oblivious.
You're free not to reply, but I'm not sure why you're calling me childish to ask for an actual reason you think it makes sense for Twitter to do all these things you're asking them to do.
Enlighten me. I could assume the worst of your intentions as you've done, but I'm honestly interested in why you think it makes sense for Twitter to "trust their users" to "take responsibility for their own choices".
The companies don't want that, because they are afraid of losing control over their "users" as the latter become more technologically literate and realise there are better alternatives.
You can already see some of this in things like DRM and adblocking, and of course the various walled gardens.
Mainstream software is all about keeping users blissfully ignorant and consuming.
I do agree that there is a UX problem and that it matters a lot how this is presented, bu I'm not sure if I agree that it's a real problem here. The question is basically "do you know if you can trust this source?", which means it should "round down" to no.
> Never enter your Steam password on an untrusted website. Any login form on an official Steam site will display "Valve Corp." in green with a padlock icon in your browser’s address bar, as shown below:
> This link has been flagged as potentially malicious.
> https://anyURL%3Ch1%3E has been flagged as being potentially malicious. For your safety, Steam will not open this URL in your web browser. The site could contain malicious content or be known for stealing user credentials.
> Never enter your Steam password on an untrusted website. Any login form on an official Steam site will display "Valve Corp." in green with a padlock icon in your browser’s address bar, as shown below:
This isn't even true anymore, though. Chrome doesn't display TLS as green, and I believe EV certs are on the way out. (Because anyone can register a company called "Valve Corp." and be issued an EV certificate.)
Thanks for clarifying that you misread, but please keep the text or at least enough contextual information so we know what the replies to you are talking about. Which link did you edit out? Because I missed it.
Per the text, the screenshot you are seeing is what happens when someone links to a jsfiddle using a url shortner but posts linking directly to jsfiddle are rejected.
>Twitter is rejecting posts with JSFiddle URL inside.
>If a URL shortener is used the unsafe page warning is displayed[1]
