lainoid the omniscient's wall

lainoid the omniscient

Like 11 Sep 2023 at 21:46 | Open on lain.com

lainoid the omniscient

90s fridey

Like 4 Aug 2023 at 18:44 | Open on lain.com

lainoid the omniscient

A new Pleroma security release is out that you should install immediately. If you can not do so for some reason, activate filename anonymization.

Thanks to @feld and @lanodan for handling this so quickly!

https://pleroma.social/announcements/2023/08/04/pleroma-security-release-2.5.3/

Like 4 Aug 2023 at 11:20 | Open on lain.com

lainoid the omniscient

Me eating a pizza in front of my gluten + lactose intolerant wife

Like 14 Jul 2023 at 18:55 | Open on lain.com

Evv1L :blobcatlaptop:

@lain :blobfox3cevil:

16 Jul 2023 at 12:30 | Open on mastodon.ml

lainoid the omniscient

Like 14 Jul 2023 at 9:17 | Open on lain.com

lainoid the omniscient

Like 12 Jul 2023 at 22:33 | Open on lain.com

lainoid the omniscient

Like 20 Jun 2023 at 8:24 | Open on lain.com

lainoid the omniscient

Like 17 Jun 2023 at 19:38 | Open on lain.com

lainoid the omniscient

PLEROMA ADMINS READ THIS, AKKOMA TOO

Another important pleroma security post: @alex and @graf found ANOTHER injection bug, and this one was probably used for the attack. I think that single user instances are probably not affected, but I wouldn't want to risk it. Move your media and proxy to a subdomain as alex initially recommended, it's not complicated and takes 15 minutes, and eliminates this whole class of bugs.

Fix is being worked on, but just do the media/proxy thing now so you'll never have to worry about this again.

https://webb.spiderden.org/2023/05/26/pleroma-mitigation/

PLEROMA ADMINS READ THIS, AKKOMA TOO

Another important pleroma security post: @alex and @graf found ANOTHER injection bug, and this one was probably used for the attack. I think that single user instances are probably not affected, but I wouldn't want to risk it. Move your media and proxy to a subdomain as alex initially recommended, it's not complicated and takes 15 minutes, and eliminates this...

Expand text...

Like 2 29 May 2023 at 9:28 | Open on lain.com

lainoid the omniscient

Like 27 May 2023 at 1:05 | Open on lain.com

lainoid the omniscient

Just to be clear, if you run a pleroma server, it’s a very good idea to add this to your nginx config immediately:

location ~ ^/(media|proxy) {
        add_header Content-Security-Policy "sandbox;";

Most people will already not be vulnerable to this for a variety of reasons, but this will absolutely stop it.

Like 1 26 May 2023 at 9:35 | Open on lain.com

lainoid the omniscient

Like 18 May 2023 at 20:30 | Open on lain.com

lainoid the omniscient

Like 18 May 2023 at 20:21 | Open on lain.com

lainoid the omniscient

Like 1 17 May 2023 at 6:41 | Open on lain.com

lainoid the omniscient

Like 1 10 May 2023 at 9:57 | Open on lain.com

lainoid the omniscient

Like 8 May 2023 at 18:24 | Open on lain.com

lainoid the omniscient

Like 4 7 May 2023 at 6:30 | Open on lain.com

lainoid the omniscient

Like 6 May 2023 at 21:08 | Open on lain.com

lainoid the omniscient

ITT: you get your shit together

Like 5 May 2023 at 19:31 | Open on lain.com

lainoid the omniscient

SD thread, post your images

Like 25 Apr 2023 at 18:28 | Open on lain.com

Show previous comments

lainoid the omniscient

25 Apr 2023 at 18:35 | Open on lain.com

TSource Engine Query

@lain not my image sorry

1 25 Apr 2023 at 18:36 | Open on suya.place

Tired Bunny :bunhdcomfysleep:

@lain

1 25 Apr 2023 at 18:43 | Open on udongein.xyz