Just to reiterate in relation to Gab getting hacked,...

Just to reiterate in relation to Gab getting hacked, I’m not aware of any vulnerabilities in Mastodon at the moment and based on what I have seen in their code modifications the vulnerabilities they have are the ones they themselves introduced (along with never porting security patches from us)

Like 2 Mar 2021 at 10:10 | Open on mastodon.social

12 comments

Ben Verret

@Gargron Double yikes.

2 Mar 2021 at 10:26 | Open on himk.am

McEvnon

@Gargron Nazis and incompetence always goes hand in hand with.

2 Mar 2021 at 10:36 | Open on mastodon.social

Dag Ågren ↙︎↙︎↙︎

@Gargron The vulnerabilities they introduced are just amazingly bad as well. Just stunning incompetence.

I mean, if they were smart they wouldn't be nazis, but still, stunning.

2 Mar 2021 at 10:39 | Open on mastodon.social

Bálint Szilakszi

@Gargron security patches are for cucks apparently

2 Mar 2021 at 13:04 | Open on x0r.be

Marcus

@Gargron I was not aware Gab was Mastodon. Is it federated or did they just use it as a jumping off point to make their own thing?

2 Mar 2021 at 17:02 | Open on mastodon.social

DELETED

@gerowen @Gargron both, it supports the activitypub protocol as many other mastodon forks do, but introducing its own code.

But it's widely blocked by the og instances so you will not see gab users going around the Fediverse.

2 Mar 2021 at 19:29 | Open on floss.social

Eugen Rochko

@lorabe @gerowen No, Gab doesn't federate anymore

2 Mar 2021 at 19:29 | Open on mastodon.social

DELETED

@Gargron @gerowen ohh I didn't know. Well that's good.

2 Mar 2021 at 19:31 | Open on floss.social

stn 🇺🇦

@Gargron Ars just did a pretty even-handed write-up
https://arstechnica.com/gadgets/2021/03/rookie-coding-mistake-prior-to-gab-hack-came-from-sites-cto/
Unsurprisingly, they're just dumb and shitty coders.

2 Mar 2021 at 19:48 | Open on straylight.expectnomore.net

Dmitry Borodaenko

@Gargron Are you in touch with @conservancy or other free software organizations about Gab violating AGPL by taking their Git repo down yesterday? (Arguably the violation goes further than that because they've not even been linking to that repo from their main site.)

Context: https://mastodon.social/@angdraug/105822631688097080

2 Mar 2021 at 22:52 | Open on mastodon.social

DuHuPr0 (d/p) :arch:🇳🇴🍺

@Gargron

Would you mind giving a heads up should you be able to point out the introduced vulnerabilities?

3 Mar 2021 at 3:48 | Open on mastodon.stembod.net

DuHuPr0 (d/p) :arch:🇳🇴🍺

@Gargron

Would you mind giving a heads up should you be able to point out the introduced vulnerabilities?

#Mastodon #Gab

3 Mar 2021 at 3:50 | Open on mastodon.stembod.net