gnyman's avatargnyman's Twitter Archive—№ 1,157

  1. Hey, @teemuylhaisi, the warning messages about phishing from @OP_Ryhma could be improved a bit don't you agree? First, "Check certificate"? For what? I don't think we can expect people to be able to tell a valid TLS cert from a LetsEncrypt one?
    oh my god twitter doesn’t include alt text from images in their API
    1. …in reply to @gnyman
      "Do not give any information to fraudsters" - Well... If I knew it was a fraudster theI wouldn't be giving information would I? How do I know it's a fraudster?
      1. …in reply to @gnyman
        Always "check the address". Same as #1. Check for what? Why not tell them to check for op.fi? Could it be common thing that @OP_Ryhma sometimes uses 3rd party services (hosted on another domain) for valid services? I know at least pohjola.fi is used
        1. …in reply to @gnyman
          And in an attempt to be constructive, here is my quick attempt at a rewrite. 1. Don't mention certificate, nobody knows what that is 2. Remove the truism 2. Always use op.fi so people can check that 3. Give people permission to always call if unsure
          oh my god twitter doesn’t include alt text from images in their API
          1. …in reply to @gnyman
            The longer version on the website is better, but still room for similar improvements. I'll leave that as an exercise for the reader though. op.fi/-/huijaustekstiviesteja-ja-sahkoposteja-op-n-nimissa
            1. …in reply to @gnyman
              Following up on this, @Saastopankki just did a much better version. Good clear examples, stating what a correct url looks like and also a lot of example of actual phish/spam so people can recognise it when they get it. saastopankki.fi/fi-fi/saastopankkiryhma/saastopankkikeskus/saastopankkiliitto/ajankohtaista/tietoturvapaallikon-vinkit-turvalliseen-asiointiin
              1. …in reply to @gnyman
                Not sure if @VesaPyyluoma is on twitter anymore or if it's the right Vesa. But if it is, good job!