GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Michał "rysiek" Woźniak · 🇺🇦 (rysiek@mstdn.social)'s status on Thursday, 28-Sep-2023 11:17:18 JST Michał "rysiek" Woźniak · 🇺🇦 Michał "rysiek" Woźniak · 🇺🇦

    So wait building all these "secure" chat apps on a browser engine packaged in a thin layer of UI, with its insane number of dependencies and the gigantic, immense attack surface that this entails, was somehow a bad idea?

    Who knew! Who could have foreseen this! Shocking, really.

    #InfoSec #Electron #WebP

    In conversation Thursday, 28-Sep-2023 11:17:18 JST from mstdn.social permalink
    • Haelwenn /элвэн/ :triskell: repeated this.
    • Embed this notice
      lauren n. liberda (selfisekai@social.hackerspace.pl)'s status on Friday, 29-Sep-2023 21:48:42 JST lauren n. liberda lauren n. liberda
      in reply to

      @rysiek oh hey I wrote a bit about this one. https://liberda.nl/weblog/from-source-or-vulnerable/

      In conversation Friday, 29-Sep-2023 21:48:42 JST permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: liberda.nl
        You are still vulnerable to the WebP exploits, by the way
        Software distribution is broken without maintenance on scale

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.