So it turns out the geniuses over at Bluesky trust the client app to fetch, and honestly report, webpage metadata for preview cards, so with a little tinkering in the debug tools you can post whatever news stories you like and they look exactly the same as real ones.
I mean that client is just sending arbitrary posts as well and you could just send wrong URLs that don't fit the text.
idk why you would ever do it that way, but i've seen worse.
- replies
- 2
- announces
- 0
- likes
- 1
@dat I mean it's minor inasmuch as like it only lets you include arbitrary content in *your own* posts. But given how much power social media has to shape things like elections, and how often people read thumbnails and never click through, the potential effects of this kind of thing are pretty serious.
That fake BBC link points to a 404 page, for example — if I post some fake news this way, all I need to do is reply with "oh my god they deleted it" and that's pretty convincing.
Or find a real story and edit something incriminating into it — if I link to a report of some horrific crime and edit into it that the criminal is in some minority group I don't like, even if anyone clicks through, there's a pretty good chance they'll reply "the cowards edited it to not say they're [whatever]" because "journalists censor news to suit woke agenda" is part of the average right-winger's mental model of the world and "website has exploit that lets you fake news thumbnails" is not
@andrewt And this is why Fediverse servers continue to fetch article previews on their own, even though this induces a bit of load on the linked-to servers.
@schmittlauch @andrewt on fedi the linked pages can serve different content based on the user agent. Which could lead to fake previews being displayed
@ikeacurtains @dat it could, but it sounds like bluesky don't want to do that kind of solution because "the server" could be anyone. you know, because bluesky is """decentralised"""