An external image showing your user-agent and the total "hit count"

  • pivot_root@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    1 year ago

    1: DM all admins a spy pixel.

    2: Coordinate a mass effort to spam rule-breaking posts and comments at some day.

    3: Distributed denial of service attack on all admin IPs on that day.

    Profit?

    • TheEntity@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      I’m on kbin, so tell me: do the images open on their own on Lemmy? If not, then it works like any link one might send, image or not image. The server always can see the IP address, as it was never meant to be secret. This also assumes the admins always use a single network with a single static IP address.

      • pivot_root@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Embeds are fetched and displayed without user interaction.

        This also assumes the admins always use a single network with a single static IP address.

        Not really. Send a DM to every single admin of an instance and wait until you get enough collected IP addresses. Pay someone running a botnet to flood those addresses for an hour or two.

        Even with a dynamic IP address, you’re still stuck with it for a while. If you’re lucky, power cycling will get a new one immediately. If you’re not you get to enjoy waiting for a day or sitting on hold with your ISP’s support number, running through their scripted support process until you finally get to someone capable of helping.