Show newer

@effy i run a single tab of the mobile web client of glitchsoc

i assume part of it is because things are busy around here, but it's grimmly hilarious to get rate limited every time i type a character.

i mean it only lasted a minute, but it did make me wonder...

I got rate limited in the middle of typing a toot. how hard does the masto web client hit the network for something like that?

Twitter apocalypse 

Possibly the most embarrassing security failure I've ever seen from a corporation was when Twitter admitted in 2018 they had found a "bug" that was writing every password from every login *in plaintext* to a log somewhere, before it got encrypted like passwords are supposed to when you store them. cnet.com/tech/tech-industry/tw

Twitter never disclosed how long this had been going on, but they recommended EVERY Twitter user change their passwords, so potentially it went back to 2006.

Show thread

FRIEND: It's called cauliflower. It's not ghost broccoli.

ME: [taking a long drag on my cigarette] Listen kid, I know what I saw.

"mastodon vulnerability", clarification 

the vulnerability that's making the rounds is only applicable to glitch-soc. it does not affect mainline mastodon

it only affects you as a user if you are using a password manager that automatically fills your password without any action on your part. and if you have 2FA off

here's the link, which states all of those things portswigger.net/research/steal

Show thread

Twitter apocalypse 

I've seen a lot of people talking what-ifs of, with the new owner firing people at random and unplugging things without first finding out what they do, we might have a major event where Twitter goes down completely for days or something.

But what I haven't seen as much thought about is, what if during this same chaotic period, there is a major security incident? What makes that possibility alarming is *if it happens, we might never know about it*.

Twitter apocalypse 

Twitter is high-profile enough that its threat model is not just "somebody publishes an exploit and teenagers wreak havoc for a day or two". Twitter is used by activists, journalists and governments, and the threat model includes "a nation-state penetrates the intranet and hijacks a legitimate employee's credentials". What worries me is a targeted attack, say, scraping a bunch of DMs by local dissidents, who all get mysteriously arrested in two weeks. Chaos makes that easier.

Show thread

meds 

pretty sure i'm experiencing cymbalta withdrawal. yuck.

@siege everyone seems to be gritting their teath on this. i think we're still on 3.x here.

meta, hashtags, #FediHelp 

how do i see what #hashtags i've followed? #FediHelp

Show older
Awoo Space

Awoo.space is a Mastodon instance where members can rely on a team of moderators to help resolve conflict, and limits federation with other instances using a specific access list to minimize abuse.

While mature content is allowed here, we strongly believe in being able to choose to engage with content on your own terms, so please make sure to put mature and potentially sensitive content behind the CW feature with enough description that people know what it's about.

Before signing up, please read our community guidelines. While it's a very broad swath of topics it covers, please do your best! We believe that as long as you're putting forth genuine effort to limit harm you might cause – even if you haven't read the document – you'll be okay!