The difference is that if GitHub is found distributing malware on GitHub pages, ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ncruces on Sept 6, 2023 \| parent \| context \| favorite \| on: Show HN: Host a Website in the URL The difference is that if GitHub is found distributing malware on GitHub pages, you can notify them, they verify it, take it down, and open a process to eventually ban the offender. They expend enough effort in this as to ensure the vast majority of content on GitHub pages is not malware, and avoid getting blankedly flagged as such. It's not clear if smolsite.zip can successfully set up a similar process, given that they'll serve just any zip that's in the URL, and they won't have the manpower to verify takedown requests.

anamexis on Sept 6, 2023 [–]

If your security model relies on arbitrary hosts on the internet proactively taking down malicious URLs, you're in for a bad time.

ncruces on Sept 8, 2023 | [–]

My security model is not going to do smolsite.zip any good when quad9, 1.1.1.2, et al. decide to outright block the domain.

Also, cookies.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact