Conversation
Notices
-
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:21:47 JST :blobcathug: :ablobcatsweatsip: im worried, if pleroma/akkoma have a security issue it would be bad -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:26:23 JST :blobcathug: @lanodan @rick because of the poast and baest leak... -
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 26-May-2023 05:26:25 JST Haelwenn /элвэн/ :triskell: @Jain Eh, why? -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:29:04 JST :blobcathug: @eri @rick @lanodan social engineering? Nah dont belive so... Also oauth token theft seems unlikely to me since the leak might contains mails... Im worried that every instance has a security issue rn -
Embed this notice
eri :vlpn_smol::therian: (eri@moth.zone)'s status on Friday, 26-May-2023 05:29:07 JST eri :vlpn_smol::therian: @Jain @rick @lanodan if it's only poast and baest i wouldn't worry too much yet. could have been social engineering of admins or something -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:29:51 JST :blobcathug: @lanodan @rick thats what i thought too -
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 26-May-2023 05:29:54 JST Haelwenn /элвэн/ :triskell: @Jain @rick I guess sjw or pete would have pinged pleroma if that was the case.
At least given how close those two are, I wouldn't blame the software yet. -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:30:24 JST :blobcathug: @lanodan @rick but p is in hospital and is not in the leak so i guess you are right -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:36:20 JST :blobcathug: @eri @rick @lanodan that might be a good point... Looking up if they both use rebased tho -
Embed this notice
eri :vlpn_smol::therian: (eri@moth.zone)'s status on Friday, 26-May-2023 05:36:21 JST eri :vlpn_smol::therian: @Jain @rick @lanodan also worth noting both instances had soapbox so it could be related to that. knowing gleason's coding skills i would not be surprised -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:38:56 JST :blobcathug: @rick @eri @lanodan well tbh, im more worried about everyone else than myself -
Embed this notice
rick (rick@a.n0id.space)'s status on Friday, 26-May-2023 05:38:58 JST rick @eri @Jain @lanodan well either way, i luckily post only stuff on fedi that can/is public. for every other stuff i would switch to a secure messenger :renge_shrug: -
Embed this notice
anime graf mays ?️? (graf@poa.st)'s status on Friday, 26-May-2023 05:43:14 JST anime graf mays ?️? @Jain @rick @eri @lanodan soapbox has a list of emails in the dashboard, the exact one posted, for 'newsletter' purposes. you just click download. there was no infra access -
Embed this notice
:blobcathug: (jain@blob.cat)'s status on Friday, 26-May-2023 05:43:14 JST :blobcathug: @graf @rick @eri @lanodan oh i see... So that makes a oauth leak more realistic... -
Embed this notice
anime graf mays ?️? (graf@poa.st)'s status on Friday, 26-May-2023 05:44:31 JST anime graf mays ?️? @Jain @rick @eri @lanodan they pulled all of the chats via the admin api using a script :blobcathug: likes this.
-
Embed this notice