Lole
Conversation
Notices
-
Embed this notice
lamp (lamp@berserker.town)'s status on Friday, 17-Mar-2023 08:36:50 JST 
lamp
-
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Friday, 17-Mar-2023 08:36:48 JST 
Fediverse Contractor
Why would graf want it? Can you just post it or is it too long? -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 08:36:49 JST 
Reasonable Man
-
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Friday, 17-Mar-2023 08:44:35 JST
Fediverse Contractor
How are the file names useful anyway? Can they still be accessed? -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 08:44:36 JST
Reasonable Man
@bot
Lamp already iterated over the like 20k pages so I didn't duplicate work. I'll be at my computer in like 30 minutes but the compressed list is like 200MB.Also I'm pretty sure the misconfiguration was there well after the 24th.
@lamp @graf -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 08:55:24 JST
Reasonable Man
@bot
Yes. They're someone's media uploads.Only reason they'd be gone is a deletion in the case of local media and pruning in the case of remote media.
There'd be no indication as to which ones were DMs for example, but there's plenty of tools that look for things people would consider private.
@lamp @grafFediverse Contractor likes this. -
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Friday, 17-Mar-2023 08:56:19 JST
Fediverse Contractor
This includes DMs? -
Embed this notice
lamp (lamp@berserker.town)'s status on Friday, 17-Mar-2023 08:56:20 JST
lamp
-
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 08:58:17 JST 
:blobcathug:
@lamp @p @r000t @graf :blobcatfrowningbig: why are you interested in that list anyway? -
Embed this notice
lamp (lamp@berserker.town)'s status on Friday, 17-Mar-2023 08:58:18 JST
lamp
@p @r000t @graf https://avps.owo69.me/fms.tar.gz https://avps.owo69.me/fmo.tar.gz
-
Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Friday, 17-Mar-2023 08:58:19 JST 
pistolero :thispersondoesnotexist:
@r000t @lamp @graf If you got it. -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 09:02:15 JST
:blobcathug:
@lamp @graf @p @r000t its not cool to leak data from a server like this tho... that can be compared to doxing imho... no one from this server, even not gargron deserves that -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 09:05:12 JST
:blobcathug:
@r000t @lamp @p @graf tell me -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 09:05:13 JST
Reasonable Man
@Jain You have no idea what they've done to me. @lamp @p @graf
-
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 09:19:24 JST
:blobcathug:
@r000t @lamp @p @graf
i agree that this is bad and you deserve better but does that but does that justify a data leak?
imho no -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 09:19:25 JST
Reasonable Man
@Jain
- Multi-year libel campaign
- Full-scale cancellation including complaints to pretty much everywhere I have an account
- No action taken on direct threats of violent physical harm to me specifically. As in, it's okay to do that, but only to me. Gargron says this is because I was "too loud" about people making direct threats of violent physical harm to me.
- They've swatted me for making a search engineBasically, for every rule mastodon.social has, people on that instance and remote instances are allowed to, and do frequently, break them, but only towards me.
@lamp @p @graf -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 09:27:01 JST
Reasonable Man
@HitlerIs6_5 They do.
But what's even more useful is hitting them with OCR to find "dunks". You can then look up the filename in a pre-scraped dump of statuses to find the commentary, and obviously the author.
I'm also looking at using ML to maybe classify screenshots by which platform they're a screenshot of
@lamp @graf @botFediverse Contractor likes this. -
Embed this notice
HitlerIs6_5 (hitleris6_5@nicecrew.digital)'s status on Friday, 17-Mar-2023 09:27:02 JST 
HitlerIs6_5
oh so it's literally just a list of everything that was uploaded? I guess that's useful for datamining purposes or if people are retarded and posting images with dox info behind dms/private accounts. -
Embed this notice
lamp (lamp@berserker.town)'s status on Friday, 17-Mar-2023 09:27:03 JST
lamp
@HitlerIs6_5 @r000t @graf @bot mastodon doesnt save file names
-
Embed this notice
HitlerIs6_5 (hitleris6_5@nicecrew.digital)'s status on Friday, 17-Mar-2023 09:27:04 JST
HitlerIs6_5
Depends on whether or not people named their files stupid shit that gives away private information. -
Embed this notice
Fediverse Contractor (bot@seal.cafe)'s status on Friday, 17-Mar-2023 09:27:13 JST
Fediverse Contractor
There are journos on mastodon social, js. -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 09:27:50 JST
:blobcathug:
@r000t @lamp @p @graf :blobcatoh: i agree on that too, but you are playing with data from his users which still dont deserve that -
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 09:27:51 JST
Reasonable Man
@Jain
The reason they deserve the leak, is because I have a known history of finding security bugs in Mastodon, and yet the person responsible for receiving those reports, which I do still send, has taken every possible measure to avoid messages from me.Eugen is so married to "don't feed the trolls" that he outright blocks vulnerability reports. This is not the action of a sane and rational software vendor.
-
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 09:46:54 JST
:blobcathug:
@lamp @p @r000t @graf i disagree upon that... yes theoretically DMs could be leaked from each server receives DMs but that doesnt mean that they do that... i would prevent sending DMs to such servers too and no i think thats not a problem of myself, its more like having trust in fediverse and its protocols.
Like in emails you also have a certain trust that the server receives an email wont publish it publicly...
of course i can't do anything against what you are doing but at least i can tell you that i do not agree with your way of handling data of other peoples -
Embed this notice
lamp (lamp@berserker.town)'s status on Friday, 17-Mar-2023 09:46:55 JST
lamp
@Jain @p @r000t @graf mastodon is a public publishing network and they have a clear warning not to "share sensitive information over mastodon" for a reason. dm to other servers and they can leak just as well. If this is an actual problem to you then it's all your fault, IMO. I do not think anything nefarious can be done with this, it's just fun.
-
Embed this notice
Reasonable Man (r000t@ligma.pro)'s status on Friday, 17-Mar-2023 09:54:40 JST
Reasonable Man
Fediverse Contractor likes this. -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 17-Mar-2023 10:04:26 JST
:blobcathug:
@p @lamp @r000t @graf :blobcatgoogly: pgp is another layer, yes... and we can use pgp everywhere like here in fedi too... but that in no way means that one should like any data you possibly ever could get! -
Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Friday, 17-Mar-2023 10:04:27 JST
pistolero :thispersondoesnotexist:
@Jain @lamp @graf @r000t
> Like in emails you also have a certain trust that the server receives an email wont publish it publicly...
Not really. That's why we have PGP. Trust in the server isn't even a factor:
https://en.wikipedia.org/wiki/Lavabit
> Lavabit is an open-source encrypted webmail service, founded in 2004. The service suspended its operations on August 8, 2013 after the U.S. Federal Government ordered it to turn over its Secure Sockets Layer (SSL) private keys, in order to allow the government to spy on Edward Snowden's email.
-
Embed this notice
All GNU social JP content and data are available under the