@thisismissem @arcanicanis money quote:
>
But yet, Mozilla paid for a formal security audit of the Mastodon codebase, missed this, and yet this just tumbles into my lap. Great, I just resent the typical nature of the 'security consultancy' industry even more,