Honeypot.net Profile Photo

Honeypot.net

Extracting chaos from order

china

    Polyfill supply chain attack hits 100K+ sites:

    The polyfill.js is a popular open source library to support older browsers. 100K+ sites embed it using the cdn.polyfill.io domain. Notable users are JSTOR, Intuit and World Economic Forum. However, in February this year, a Chinese company bought the domain and the Github account. Since then, this domain was caught injecting malware on mobile devices via any site that embeds cdn.polyfill.io.

    This is fine.

    Bing is censoring Tank Man search results

    Bing is censoring images of the Tiananmen Square “tank man” image. DuckDuckGo, who uses Bing’s search backend, is too.

    Here’s the result of a Bing search for “tank man” with safe search on the default “moderate” setting:

    Bing's "safe search: moderate" result for "tank man"

    Perhaps the image is too graphic and safe search is hiding the results? No. Turning safe search off gives the same answer:

    Bing's "safe search: off" result for "tank man"

    At first, DuckDuckGo was returning 4 images of men next to tanks:

    DDG's first "safe search: moderate" result for "tank man"

    Shortly afterward, it was updated so that the exact same search settings didn’t return anything at all:

    DDG's later "safe search: moderate" result for "tank man"

    DuckDuckGo’s “safe search: off” results were empty from the start:

    DDG's "safe search: off" result for "tank man"

    Full credit to Google here who returns a long list of images:

    Google's default settings search result for "tank man"

    Shame on you, Microsoft, for censoring this important historical record.