Please add a toggle to enable/disable warning for external websites in the chat. I can see with my eyes that the URL isn’t teamspeak.com site. That is completely unnecessary warning and only hurts user experience.
Well since TeamSpeak supports effectively masked links through BBCode and Markdown you only see the real link when hovering and even then homograph attacks are still hard to spot.
But TeamSpeak also added a mechanism to warn about known phishing domains.
When you select the Always trust links from it will not ask again for the same domain. Personally I feel this is good enough. I am a bit undecided whether having another option to fully disable this warning for not-evil domains would be a good idea.
6 Likes
- Warning for every website just seems excessive and feels like a dark pattern, trying to prevent users leaving from your service.
- Excessive warnings can lead to Alarm fatigue. When user expects a warning for every website, it becomes a automatic pattern to continue to the site without looking the warning. This may result malicious domain warning go unnoticed.
From what I can observe here this is a feature request that is not really backed by other users and would lean towards leaving it as it is right now.
However I’ll forward this to the team for further discussion to see if we can find a middle ground.
3 Likes
Thank you.
Perhaps good middle ground could be Discord-style warning;
If you click the actual URL in the chat, it doesn’t show a warning. However if you click link preview/embed link/markdown, where you cannot see the URL, it warns you and shows the URL in the popup.
—————————
First, I didn’t understand why you would implement such a popup. I’ve been using Teamspeak for 15 years and there has never been that kind of warning. Whatsapp, Teams and many other platforms don’t do that. It just seemed unnecessary popup and I hate how nowadays every website has a million popup screens; accept cookies, subscribe to newsletter, chatbot… I just wish Teamspeak doesn’t turn into that.
However when I was researching how e.g. Discord handles this, I stumbled into Discord scams where you middle click an image, it takes you to a malicious site without showing the URL. Teamspeak on the other hand always shows the URL next to the image unlike Discord, so Teamspeak isn’t so vulnerable to such attacks. But I can see now where you are coming from.
But I still believe giving a user freedom of choice. If one wants to disable warnings, it is his choice and responsibility. I would even prefer not to have warnings for phishing sites, because I don’t know how you upkeep that list and can false positives occur, but maybe that is too much to ask 
2 Likes
Thanks for the feedback, to add a bit of background information:
We’ve had the warning for links for a long time in the client now, but you we’re previously able to disable the link warning fully.
With the latest update we’ve revamped the dialog as well as implementing the warning for maliciously flagged sites, that’s why they are now always shown when not added to the trusted sites.
Like said earlier I’ve forwarded it to the team for discussion and have provided a possible middle ground to accommodate safety and user experience.
3 Likes