I recently came across this debunkism.com. It's actually a clone of DEV Community. Everything is the same. It copies all our Blog posts, accounts etc.
What is it?
I recently came across this debunkism.com. It's actually a clone of DEV Community. Everything is the same. It copies all our Blog posts, accounts etc.
What is it?
For further actions, you may consider blocking this person and/or reporting abuse
Ethan Lee -
Hana Sato -
Evotik -
Sukhpinder Singh -
Top comments (6)
Hi all, the Forem team is aware of this issue and actively working as fast as we can to get the site taken down. Thanks for the heads up!
I believe it's actually a proxy server, not a clone. The one thing that is worrying me a bit is their login form. Username and password would go through their server and we have to assume that the credentials are logged there.
They also proxy another login security mechanism for generating a random
authenticity_token
that seems to be used for 3rd party sign-in. I'm not sure if it would be possible to hijack or pin user sessions by intercepting that endpoint. Sign-in protocols and flows like OAuth should make it impossible or extremely hard to pull that off, since the login service provided by GitHub or Twitter would only redirect with an authorization code response to dev.to, theoretically ruling debunkism out as a "man in the middle".Literally copied this post (down to the path): debunkism.com/siddharthshyniben/wh...
Yep. Even the comment. This one too
It's literally instantaneous
Looking at the network-dev-console, the requests are actually to dev.to. So any content appears instantly as it is from dev.to. I'm not willing to try a login though.