this post was submitted on 02 Apr 2025

282 points (99.0% liked)

Fediverse

32412 readers

917 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Follow the general Lemmy.world rules.

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago

MODERATORS

ruud@lemmy.world

Xylinna@lemmy.world

MrCenny@lemmy.world

TragicNotCute@lemmy.world

automodbeta@lemmy.world

woelkchen@lemmy.world

282

A new security fund opens up to help protect the fediverse (techcrunch.com)

submitted 3 days ago by psychothumbs@lemmy.world to c/fediverse@lemmy.world

40 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Irelephant@lemm.ee 3 points 3 days ago

Mastodon really is the internet explorer of the fediverse.
In any case, I don't think its that bad. I would compare it to an email provider accidentially leaking messages. Still bad, but its not a reason to abandon email as a means of communication.
We should encrypt posts, like diaspora does. Like how we should pgp encrypt emails, but no one will.

also, I just checked myself, a random "private" post I made isn't accessible over AP if I curl it unauthenticated. Running curl.exe https://calckey.world/notes/a63slz8j6l -H "Accept: application/activity+json" returns nothing, but replacing the uri with a public post does show it.
An insecure server's copy of the post isn't accessible over AP, only the original post's link should return anything.