this post was submitted on 26 Dec 2023
66 points (95.8% liked)

Fediverse

20684 readers
103 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
 

Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.

top 11 comments
sorted by: hot top controversial new old
[–] pelespirit@sh.itjust.works 8 points 2 years ago (1 children)

The article doesn't say, did they fix it?

[–] poVoq@slrpnk.net 14 points 2 years ago (1 children)

Why would they fix it?

Fixing this in general is not so easy as ActivityPub wasn't designed to prevent such things and AFAIK without some fundamental changes like proposed in Spritely or implemented in the Zot protocol it can't really prevent this from happening.

[–] pelespirit@sh.itjust.works 6 points 2 years ago (1 children)

Why would you want threads and/or alt right people to be able to get around blocks?

[–] poVoq@slrpnk.net 4 points 2 years ago (1 children)
[–] pelespirit@sh.itjust.works 0 points 2 years ago (2 children)

Why would they fix it?

Isn't that what I'm asking if they fixed, am I not understanding, or are you fucking with me?

[–] linearchaos@lemmy.world 2 points 2 years ago (1 children)

They are assuming that the developers are in on it, you're assuming the developers are not in on it.

Realistically, big breaking changes are a source of serious pain for open networks like these. They're not going to be compelled to fix it until it's an active problem when there are a lot bigger problems sitting around that are easier to fix.

[–] pelespirit@sh.itjust.works 2 points 2 years ago (1 children)

Thank you for explaining it, I think you're right. Not sure why they wouldn't explain it to me, I can't read minds and that's an interesting conversation.

They’re not going to be compelled to fix it until it’s an active problem when there are a lot bigger problems sitting around that are easier to fix.

Which is even more reason for all the big instances to not federate, but it's their choice. All these smaller instance, weekend hobbyists are going to feel the pain. At least meta says they're going to integrate slowly. We'll see.

[–] linearchaos@lemmy.world 1 points 2 years ago

Don't worry, it'll sort itself out when it becomes truly painful.

[–] poVoq@slrpnk.net -3 points 2 years ago

Who is they? From the way you wrote it the only "they" would be the "alt right developers" from the headline.

[–] mindbleach@sh.itjust.works 6 points 2 years ago
[–] ademir@lemmy.eco.br 1 points 2 years ago