Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. D Dino (garbados@toot.cat)'s status on Saturday, 05-Oct-2019 20:46:34 EDT D Dino D Dino

    somebody tell me about the activitypub threat model for when a server's domain name expires and years later is bought by a malicious party in order to assume the role or rights of a specific actor

    In conversation Saturday, 05-Oct-2019 20:46:34 EDT from toot.cat permalink
    1. Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Saturday, 05-Oct-2019 22:54:08 EDT Haelwenn /элвэн/ :triskell: Haelwenn /элвэн/ :triskell:
      in reply to
      @garbados Practically, same as with basically any kind of federated system: The identity is the address (user@host for email/XMPP/webfinger, URL for ActivityPub) and the protocol tends to leak the social graph/contact list over time.
      And well email is very slow&inefficient at it (but OpenPGP leaks it securly :D), XMPP is almost instant at it and you can recover it fully, and I think current ActivityPub is basically fast email.
      I think we could make it better but making it good would require crypto and you need to be really careful with it.
      In conversation Saturday, 05-Oct-2019 22:54:08 EDT from queer.hacktivis.me permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.