There's a new feature to sync old messages that seems like it could potentially make that attac...

Austiiiiii • last Wednesday at 9:41 PM • 1 reply • view on HN

There's a new feature to sync old messages that seems like it could potentially make that attack vector ten times worse:

Would a malicious URL be able to activate this feature as part of the request?

inor0gu • last Wednesday at 9:50 PM

Probably not, in any normal case a secondary device shouldn't have that kind of authority to dictate.

It is more concerning if the toggle is on by default and then you carelessly press next (on this or some other kind of phish).

alt Hacker News