Fediverse@lemmy.worldEnglish • 6 months ago

Authorized Fetch Circumvented by Alt-Right Developers

wedistribute.org

159

Authorized Fetch Circumvented by Alt-Right Developers

wedistribute.org

Fediverse@lemmy.worldEnglish • 6 months ago

A controversial developer circumvented one of Mastodon's primary tools for blocking bad actors, all so that his servers could connect to Threads.

Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.

Chat

0x1C3B00DA
link
fedilink
3•6 months ago
Sure, but that’s already solved on the fediverse by using HTTP Signatures and isn’t related to Authorized Fetch.
- @heavy@sh.itjust.works
  link
  fedilink
  English
  2•6 months ago
  I meant to say generally, for folks that might read this comment and think problems surrounding the platform and security are solved.

Fediverse@lemmy.world

!fediverse@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !fediverse@lemmy.world

A community to talk about the Fediverse and all it’s related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Follow the general Lemmy.world rules.

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

141 users / day
1.64K users / week
6.03K users / month
14.3K users / 6 months
26.7K subscribers
1.33K Posts
32.9K Comments
Modlog