Tehehehe. Some Brave user reported my maze to Hetzner. :P

@buherator It crashed their browser. Which is fair, it does that (I serve Brash to Chrome-derived browser that enter the maze), because crashing the chinese Chromes is fun, and a great defense mechanism.

Not sure what their goal is though, because even if I remove Brash, they'll still remain in the maze.

@algernon
does Hetzner have any demands?
@buherator

@wolf480pl @buherator They want to know whether there's really something fishy going on (and if so, for me to stop doing that), or if the abuse report is inaccurate.

@algernon @wolf480pl @buherator Hope you might share your response, and theirs. I'd imagine you might say, "I host a site that is designed to not work in certain browsers, as a political statement, but there is no possibility of harm, and no security risk to visitors." 🍿

@sanityinc @wolf480pl @buherator It's a bit more complicated than that, because the garbage I serve does crash Brave. That's a little bit harsher than simply not working under Brave.

I explained the situation, what it is, why I am serving it, and what I gained from it (Huawei Chromes virtually disappearing).

Since I wanted to stop serving Brash for Brave users anyway (serving them garbage is enough, I gain nothing from serving them Brash too), I obliged, and no longer serve it (for Brave). Also added a test case to Nam-Shub of Enki to make sure I continue not serving it for Brave, and explained this in detail to Hetzner.

The Brave user will continue being trapped in the maze.

New Nam-Shub of Enki deployed, it no longer serves Brash for Brave users. Also contacted Hetzner to let them know about this, and explained why it was there in the first place.

If all goes well, this'll be case closed.

Funnily, the abuse report contains the exact URLs to fetch, to show the sample of "abusive" code. There are exactly two IP addresses that fetched said resource in the past ~3 days.

Both of them Brave users, both hitting the same URL originally. I suspect it's the same person.

Thank you for entering a statement for this abuse ticket. Your statement will be checked by the abuse team. We will contact you again if the issue has not been solved. Otherwise, the ticket will be closed.

So says Hetzner. Lets see if I get a followup (I doubt it)!

@algernon aw.
Tbh I doubt they will do anything if you leave it crashing brave, but just reply that it's not a substantial issue

@Ember Nah, I wanted to stop crashing Brave anyway.

I had someone on Fedi reach out to me to report it as a bug, because it crashed their Brave on Android so hard they had to clear its entire cache and data, and everything.

This person was nice enough to reach out, and have switched to Vivaldi since. I promised them I'll stop serving Brash to Brave, so now I did. :)

@algernon what kind of shit did you serve Brave users?

@tante I was serving them Brash. A wonderful little exploit that crashes Chrome & Chrome derived browsers. An issue known for years (iirc), exploit available for months, still not fixed. It's kind of hilarious.

It's also incredibly effective! Huawei's Chrome-using crawlers pretty much disappeared when I deployed it against them. ;)

Big question is: will the reporter continue reporting me for serving them garbage?

Part of me hopes they do, because serving garbage is not abuse, and I'd love to have the satisfaction of Hetzner telling them to fuck off.

@algernon I'm not following why this would be worth reporting much less a ToS violation. They requested a page and you served a page.

@arichtman Yeah, but the page served crashed Brave. That's a hostile move, they're right about that.

I think it was justified (especially if the reporter is who I think it is), but Hetzner may not think so. Hence, I removed the crashy part. Kept the garbage tho.

@algernon @wolf480pl @buherator right, yep, kudos if their support folks can handle that