Jae's Blog

This Discord exploit will steal your data, kids, and even your job!

Another day, yet another chain message.

This time, it claims that Discord has “partnered with a Generative AI company” that created a bot that they “sneak into every server”, which “scrapes art/images on the server to train their AI”.

Because the primary source of this is chain messages (that are basically chain emails 2.0), the claim is in 99% of cases complete utter bullshit.

“But Jae!”, you tell me, “how was I supposed to know?”. That’s the part where you have to do something hard: actually use your brain.

Disproving the whole scare is extremely difficult, and I’ll show that under your very eyes, right now, exclusively on this blog.

First, go on a search engine, Ecosia for instance.

Let’s see what we want to verify, we see that the company is called “Domo AI”, the platform in question is “Discord” and any kind of partnership for a company that size would be announced on a blog, right? Well, let’s input the terms “domoai discord” to get started simply.

Screenshot of Ecosia showing two search results on top of the list, the first one being an invite to a guild, the second one being a blog post by Domo AI.

Hmm, the first result seems to be an invitation to their Discord, however, would you look at that, the second one seems to be their official website with a blog post. Intriguing, isn’t it? Let’s take the initiative and click on it.

Screenshot of the full blog post by Domo AI.

Oh, wow! This seems to be right on the spot, there are even Discord screenshots, let’s start reading then.

Excerpt of the article saying that Domo was featured in the app directory.

So they got featured in Discord’s app directory huh, must mean they have a partnership. Let’s do CTRL+F and search for “partnership” then, that should pretty much answer it.

Firefox search tool with the term “partnership” highlighted, with no matches found.

Clicking the link on the top saying “Blog” brings us back to a list of posts, confirming this one is the most recent.

Goddamn, fooled again. The Discord blog must surely have something then, let’s go back to our trusty search engine, look for “Discord blog” and go there.

Hmm, I don’t seem any mentions of Domo AI on the front page, maybe if I use the search bar to look for “Domo”, it will yield some results?

Screenshot of the Discord blog showing no partnership either there.

Aw, dangit! No partnership there either.

I think it’s safe to say, concluding from the data we gathered through this very hard experiment that took us a whooping 10 minutes: the things claimed in those chain messages are utter bullshit.

  • Claim: “Discord partnered with a Generative AI company”: bullshit
  • Claim: “Discord will sneak a hidden bot on your server”: bullshit
  • Claim: “The bot will scrape any image sent in a server it’s in to train itself”: bullshit (more on that down below)


Now time for a Q&A:

  • Q: It was that easy?
  • A: Yep, I’m as surprised as you are, chief.

  • Q: So, what is Domo AI exactly if not a hidden bot?
  • A: Domo AI is a Discord app, meaning it’s a bot any user can add to their account. More than that, apps explicitly need an input to work with, they can’t just scrape anything they can. Apps also explicitly show what permissions they need when adding them to your account.
Screenshot of the Discord client showing the “Worlde” app being added and requesting permissions to create commands and send DMs to the user.
For instance, the app Wordle

  • Q: But how do I prevent people in my Discord guild from using AI stuff I don’t want?
  • A: Easy, go in the settings of the guild, to “Roles”, there go to the @everyone role, search for “app” and disable “Use External Apps”.

  • Q: But if it’s misinformation, why did the bot show up when banning it?
  • A: You can ban any bot or user without it being present in the guild. See screenshots below, this test guild is empty, only containing me, yet the ban list can have any bot when banned from a userID.
Screenshot of the Discord client showing an empty guild.
Empty guild
Hidden message from Clyde's, Discord moderation bot, saying Essembot was banned.
Yet, can ban bots from it that aren’t present (sorry Essem, just needed a test).
  • Q: What’s the issue with this? Even if it’s false, it’s better to be careful.
  • A: Here is the whole issue, trusting random sources with information such as this one, even with the best intentions is a terrible practice. All information you see, especially those massively relayed should be verified in some way. Not doing so puts you in a position where you could easily believe disinformation if shared the right way. Even if it “seems real”, take time to search for it, and verify the claims from a direct source, there are a lot of news that “seem real”, but then are completely false, this is how disinformation spreads.

  • Q: But <search engine> is rubbish, and I can’t find anything.
  • A: Scroll up this post and read again, clearly what I did flew on top of your head.

  • Q: You should be less aggressive about this.
  • A: No.

  • Q: You should STOP trying to prevent me from spreading MISINFORMATION!!! You are ANNOYING and GAY!11!!
  • A: OK.

Addendum: looking at it again, the blog post from DomoAI is dated from last September. Looking on Archive.org, there hasn’t been any other blog post since, meaning someone went back on the blog, read it, and either completely misunderstood what was written or decided to willingly spread disinformation.

So many drafts

I have at least 10 posts for this blog in the pipeline, all of which are blocked at the draft stage right now.

So, that’s what it’s like to have writer’s block huh.

New backpack!

Recently, I needed to purchase a new backpack because my old one, some Lenovo one, seriously started tearing and having other issues.

I scoured the web for a bit until I realized HELLOTUX, the ones behind the official Fedora merch, also conveniently make a backpack.

Shipping went really well, it took around a week for the package to arrive to Finland (shipped from Hungary).

Overall, the quality of the backpack is great, and I recommend to anyone wanting to get cool stuff from your favourite distro to get it from HELLOTUX.

As for me, I can finally put the old one to rest, I might have done some horrible things to that poor thing, namely accidentally pouring Pho on it once.

If you’re a Fedora fan, remember that the code FEDORA5 allows you to get €5 off any Fedora item in the basket.

Fine, I’ll do it again

It’s no surprise that I hate how search engines have evolved over the years. Going back 10–15 years, those were really useful and gave you the information you wanted, when you wanted.

Nowadays, results are only slop and ads, which completely defeats the purpose of a search engine.

Well, time to change this. Back a few years ago, I made a small search engine PoC. It never really worked, and the only part that was well-made was the front-end, which someone else made.

I’ve started drafting for a new search engine, that will not be reliant on other indexes, no AI slop, and fully EU-based.

I’ll keep you peeps posted at milestones of development. Expect a proper announcement later, when it is started properly.

The Helsinki airport is more active than I thought

I live near the Helsinki airport and can spot planes arriving from the west fairly easily through my window. What I never noticed before is how many planes are arriving during the weekend.

Screenshot of a map showing a bunch of planes with a large concentration on the Helsinki airport.
Screenshot from ADS-B Exchange

Starting from 06:00 and happening every few hours or so, there’s a whole ballet of planes landing and taking of, way more than I anticipated.

That also means the airband is very active, so that keeps me busy listening to it.

Let me access content dammit

I hang out quite a lot in Bellingcat‘s Discord, mainly because there’s cool research being done in there, and being in there is also a good way to stay informed.

Of course, as with any Discord guild, it is inaccessible to anyone without an account, however that’s no the subject of this post.

If you remember a year or two ago, during the slow destruction of Twitter, people flocked en masse to Bluesky, which marketed itself as a better alternative. This is more than ever present in OSINT communities like Bellingcat’s where Bluesky has largely replaced Twitter links.

Fast track to today and Bluesky is owned by cryptobros, cuddles up to dictators to silence political opposition, and has login screens on half the posts (and yes, I know, those are the users selecting the option). Great strides in making content accessible to everybody, right? Nothing is more frustrating than hurting a login wall after seeing a working embed displaying the content of the post.

I’d go as far as to say the “logged in only” setting for a place as public as Bluesky makes no sense at all. If you don’t want people to see your post, then don’t post it or post it in private, not half public, as simple as that.

Time to say “no”

So, why has this blog been more active than usual lately? Well, simple, as previously mentioned, I swapped blog engines to make it easier for me to write. No need to sync a Git repo any more, I can just log in and start writing.

I also recently made some changes in how I use the internet, and decided to stop using some things altogether. Yup, that means completely blocking YouTube, social media in general (where my presence was already reduced) and going back to a simpler train of life, sort to speak.

In this context, “simpler” doesn’t mean throwing my computer out of the window, quite the contrary, just being smarter about the general use I have of it.

If you’ve known me for a while, you are aware that I’m constantly tired. In fact, I’m more likely to answer “tired” to “how are you doing today?” than anything else. This whole thing in part pushed me of getting rid of stuff I don’t need, such as YouTube, where I was wasting a ton of time, doing basically nothing (and ultimately delaying my sleeping times).

Nowadays, instead of watching videos all day after work, I log on here, and start writing, read books using my e-reader, listen to some web radios.

I’ve also taken upon myself to socialise more while AFK, joining a local radio club, which has been great so far.

Honestly, this has been quite good so far. It feels like I have more time and that everything is more chill. Of course, doing this isolates me a bit more than previously, this blog being my main platform of expression. But that’s alright, I’ve mainly been a hermit for as long as I’ve used the internet, preferring my own stuff than large silos.

I genuinely enjoy creating and using my own creations (that’s called selfdogfooding btw). For instance, the theme you are seeing when loading this website through a web browser was made by myself a few days ago to replace my old one.

So yeah, sometimes it’s good to step back, and say “no”. Overall, I’m returning to a simpler web use, using simpler software, doing simple things, such as blogging. No “AI”, no trackers, no bullshit, only me, my thoughts, and any poor soul who happens to stumble upon this blog.

Free and DRM-Free books

One of the best things I’ve ever bought is my PocketBook Touch Lux 5. It’s a small, yet quite powerful e-ink book reader. It has quite modest specs with 8Gb of internal storage, though extendable via a micro SD card.

You can even make the reader itself better by replacing the default one with KoReader, an Open-Source one having a tad more features.

So, in this day and age, where do you find books? Well, thanks to the power of the internet, this is easier than ever, and with an added bonus, every single entry in this list is completely DRM-free.

  • Project Gutenberg: probably the most well-known online library. It has thousands upon thousands of books over a great variety of subjects. Lots of the books loaded on my e-reader are from there.
  • HumbleBundle: yup, the same ones that usually do games. Though the offers rotate periodically, it is a good source of books. Usual subjects are software development and other technical subjects.
  • StoryBundle: one I wasn’t familiar with at the time of writing this post. A bit like HumbleBundle, StoryBundle offers curated e-books packages at a really decent price. If you pay over a certain price (20USD for instance), you’ll even get bonus books. Given most of the money goes back to the writers, this is an excellent way of getting books.
  • Anna’s Archive: probably the largest aggregator of shadow libraries. Sadly downloads are really slow if you don’t pay, so I’d recommend going for shadow libraries directly. Though this aggregator is really useful when needed to find some exotic stuff.

Do note that some options listed above might not be available in your country. For instance, Anna’s Archive is being actively blocked in Italy, the Netherlands, and the UK.

In any case, I hope you’re having as much fun as I do reading books. At some point, I’ll look into either swapping the current micro-USB port of my reader for a USB-C one, or try to find a completely Open-Source e-ink reader.

Micro-USB in this day and age is kinda annoying to use given it’s not as common as 10 years ago.

Free.fr wins again

Recently, the French ISP Bouygues decided to add a €5 fee to cancel your landline. Free.fr, another major ISP in France decided “well, we’re going to pay for that if you move to us”:

On a dedicated page, the ISP says that “the cancelling fees of your old provider will be taken care of up to €10 (including tracked letters) when subscribing to a Free subscription.”

Free.fr was already one of the best ISPs around given they generally offer hardware better than the others (in the sense that it’s not as restrictive as others), and have been supporting IPv6 since 2006!!

On another note, the ZDNET article (in French) in which I saw this calls the new fee “innovation”. “Parasitic rent seeking” would probably be a fairer assessment.

The IRC client I wish existed earlier

Back before discovering Matrix, I mainly used IRC to talk with friends. Those were simple times, mainly spent using either mIRC or WeeChat.

Recently, I needed some help getting BIRD working on the latest version, which meant I had to go on Libera Chat, and ask there. I then searched “IRC” in my Flatpak browser and found out about Halloy.

Halloy is a free and Open-Source IRC client created in 2022, with its first version being released in june 2023, written in Rust and licensed under the GPLv3.0 licence.

So far, using this client has been a breeze. It looks good by default, has support for IRCv3 features, and receives updates really frequently (about once a month at the time of writing). Early on, I had some questions about configuring some aspects of Halloy and the people in the Libera Chat channel (including the main developer) were quick and really helpful.

If you still use IRC for whatever, consider giving Halloy a try, it works nicely.

Older Posts
Jae 2012-2025, CC BY-SA 4.0 unless stated otherwise.