Linus Willner linuswillner

Keybase proof

I hereby claim:

I am linuswillner on github.
I am linuswillner (https://keybase.io/linuswillner) on keybase.
I have a public key ASAhr-f3AlTRksBDK0-7cQZwsyUzVHM5OkFkTLmjBWgoDQo

To claim this, I am signing this object:

Public service announcement from The Coding Den staff regarding Upwork account sharing scams on Discord

Recently, we, members of staff in The Coding Den, have seen an upsurge in scamming attempts surrounding the freelancing platform Upwork. We want to issue this public service announcement with the intent of reaching as many people as possible, in order to help people stay safe and safeguarding them from potentially losing access to their accounts, or worse, becoming victims of identity theft.

The scammers seem to mainly be targeting programming communities in our experience, but we are not ruling out the possibility that they are targeting other types of communities too. This public service announcement represents what we have seen, and accordingly may use technical terminology for exemplification that may be beyond the comprehension of certain audiences. However, the general theme of the scams should be easy to digest regardless, and this announcement has been written

Today, on the 27th of March 2021, The Coding Den was subjected to a social engineering attack that lead to a brief hostile takeover of the server before the situation was brought under control by staff. We are sharing this statement as a public service announcement on the methodology used in the scam and possible remediations to prevent it, in order to help other staff teams avoid becoming victims of it.

Methodology

The attack proliferates as follows:

The attacker will look for a staff member who is presently offline. This will ensure that it appears as if the staff member's account was globally banned and forcefully booted offline.
It is within the attacker's interest to choose a target with the highest possible privileges (to do the maximum amount of damage), meaning that they will likely prefer administrators over moderators and so forth.
The attacker will create a new Discord account with the same name and profile picture as the target.
The attacker will approach a staff member, claiming

Full Supreme Court opinion:
https://www.supremecourt.gov/opinions/20pdf/18-956_d18f.pdf

Previous CNBC articles on the matter:
https://www.cnbc.com/2021/04/05/supreme-court-rules-in-googles-favor-in-copyright-dispute-with-oracle-over-android-software.html
https://www.cnbc.com/2020/10/07/supreme-court-hears-google-v-oracle-software-copyright-case.html

Previous ArsTechnica article on the matter:
https://arstechnica.com/tech-policy/2012/04/oracles-ip-war-against-google-finally-going-to-trial-whats-at-stake/

	#!/bin/bash
	sudo apt install neofetch
	sudo cp motd.sh /etc/profile.d/motd.sh
	sudo chmod +x /etc/profile.d/motd.sh

	<!DOCTYPE html>
	<head>
	<meta charset="utf-8">
	<meta content="IE=Edge" http-equiv="X-UA-Compatible">
	<title>HTML Math Notes</title>
	<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=0">
	</head>
	<body>
	<!-- Content goes here, example: -->
	<h2>Welcome to HTML Math Notes!</h2>

	#!/bin/bash

	# Generate a vibrating Discord emoji from a PNG file

	set -euo pipefail

	# Number of frames of shaking
	count=10
	# Max pixels to move while shaking
	delta=4

	// This file was initially generated by Windows Terminal 1.0.1401.0
	// It should still be usable in newer versions, but newer versions might have additional
	// settings, help text, or changes that you will not see unless you clear this file
	// and let us generate a new one for you.

	// To view the default settings, hold "alt" while clicking on the "Settings" button.
	// For documentation on these settings, see: https://aka.ms/terminal-documentation
	{
	"$schema": "https://aka.ms/terminal-profiles-schema",