Sucky! sucky! five dolla!

https://sh.itjust.works/post/35485725

This is you right now. Most of us have no idea what Misskey is.

I think this post would have been a lot more enlightening had it gone into what exactly *key instances are.

Not me who downvoted you, FYI.

To me, a vulnerability is something unforeseen, that allows bad actors to exploit the system in an unintended manner. In this case, the system is working perfectly as designed. Just because another system decided to implement a new feature without consulting anybody else, does not make it a vulnerability. Or perhaps it does, but with the vulnerability on the side of Mastodon, since they’re the ones telling their users their post is private when it is actually nothing of the sort.

What would I call it? An unsupported feature. One that Mastodon forced everybody else to implement without asking or any respect.

I’m not sure you can make that conclusion. This isn’t a real vulnerability, and this isn’t a surprise to anybody who knows how the AP protocol works. Dansup didn’t reveal anything that was previously unknown, the blog author just has an axe to grind. It’s unfair to assume that an actual 0 day vulnerability would have been treated the same way.

more people will know and exploit the vulnerability

It’s not even a vulnerability, it’s how AP works by design, is the issue at hand here. Mastodon decided they wanted to implement something not supported by AP, and everybody else had to take the heat for not ‘doing it right’.

To keep it secure from the servers themself would require users to handle the encryption. See PGP for an idea of how much uptake that’s likely to get. If you mean for the servers to handle the encryption, that’s already the case, and the issue right now is that servers are privy to what users do, and by nature are a 3rd party in the convo.

Defaulting to not federating is what the major email providers currently do, and is why email has now become a centralised service that you cannot practically self host.

Look, the little gal is obviously happier out there in the wild, you spent a week trying to catch her in person and she wouldn’t come back to you. Maybe just let her be?

I do basically that for free. Like others said, join a club!

Lucky you. I’ve never found a date willing to wrap herself in bacon

Does modding work across PF - Lemmy?

Post pinning is also pretty wonky.

Love how I came here to comment about Anna’s Archive and every other comment is already the same answer!

We’re taking a free ride on the Finns. [email protected]

Why so? It’s easy to block bots that have their accounts tagged as such. I block them myself, but I have no problem with them existing.

Go back to sleep, sheeple!

Man, I don’t think I’ve EVER seen sheeple used unironically in the wild. (2nd person perspective)

There’s a difference between “works for me”, and “it’s you”.

Given the way federating works, just because you’re seeing something doesn’t mean everybody else is seeing the same thing you do.