Jonkman Microblog
  • Login
Show Navigation
  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Notices by :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site), page 37

  1. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Friday, 19-Jul-2019 13:06:20 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    in reply to
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    (don't take that as an endorsement of support for either of those websites, but there is something to be said about adversarial security models, and in that role, they are doing a service by motivating people to care about the security of the ecosystem as much as I do)
    In conversation Friday, 19-Jul-2019 13:06:20 EDT from pleroma.site permalink
  2. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Friday, 19-Jul-2019 13:03:58 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    in reply to
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    personally i think that Gab and KiwiFarms and all of them being here and the ecosystem being able to react to them however they wish is indicative of the system working as designed. there are flaws, but i believe it will lead to better security hygiene in the long term.
    In conversation Friday, 19-Jul-2019 13:03:58 EDT from pleroma.site permalink
  3. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Friday, 19-Jul-2019 13:02:52 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    i wonder if the true lesson of these 'evil instances' appearing on the fediverse isn't the one i have been teaching all along -- safety is better accomplished through small communities (less than 100 active users) than having large silos?
    In conversation Friday, 19-Jul-2019 13:02:52 EDT from pleroma.site permalink
  4. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Friday, 19-Jul-2019 12:30:28 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    @shpuld i guess that's one way of solving the problem
    In conversation Friday, 19-Jul-2019 12:30:28 EDT from pleroma.site permalink
  5. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Friday, 19-Jul-2019 08:53:36 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • cj 🇺🇸🇨🇭
    • ben
    @ben @cj soon (maybe tonight)
    In conversation Friday, 19-Jul-2019 08:53:36 EDT from pleroma.site permalink
  6. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Friday, 19-Jul-2019 08:28:16 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Beep Boop が :logo: :MexChen:
    @nik @dirb @karolat

    that's not a solution under the current security model. why do you think I keep complaining about it? and besides Pleroma can already be configured to not federate blocks if you don't want the side effects to distribute through the network.
    In conversation Friday, 19-Jul-2019 08:28:16 EDT from pleroma.site permalink
  7. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 21:14:25 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    @karolat I do t know what it's called, and no quarantine doesn't effect blocks. we will need to look into that (perhaps sending Reject Follow instead)
    In conversation Thursday, 18-Jul-2019 21:14:25 EDT from pleroma.site permalink
  8. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 21:02:19 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    @karolat @nik all MRFs are listed in nodeinfo
    In conversation Thursday, 18-Jul-2019 21:02:19 EDT from pleroma.site permalink
  9. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 20:49:05 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • The roundest orc
    @dzuk he has a FSE account and he couldn't explain how UBI wouldn't cause inflation to me (just muttering about how he would tax Amazon to pay for it). landlords ain't Amazon.
    In conversation Thursday, 18-Jul-2019 20:49:05 EDT from pleroma.site permalink
  10. banana (banana@mastodon.art)'s status on Sunday, 14-Jul-2019 23:32:14 EDT banana banana
    • banana

    BUNS BUNS BUNS BUNS

    In conversation Sunday, 14-Jul-2019 23:32:14 EDT from mastodon.art permalink Repeated by kaniini
  11. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 20:42:44 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Christine Lemmer-Webber
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Yet Another AP Server
    @macgirvin @cwebber @yaaps

    with all due respect, if Gab used Zot, how would it be resolved there?
    In conversation Thursday, 18-Jul-2019 20:42:44 EDT from pleroma.site permalink
  12. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 18:55:35 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Christine Lemmer-Webber
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Yet Another AP Server
    @macgirvin @cwebber @yaaps

    How is it any more 'security through obscurity' than the tokens used by OWA?
    In conversation Thursday, 18-Jul-2019 18:55:35 EDT from pleroma.site permalink
  13. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 16:08:05 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • INTENSE SUCC
    @succfemboi @fluffy

    then i will literally be too drunk partying in celebration of the first telecom regulation that actually did any good
    In conversation Thursday, 18-Jul-2019 16:08:05 EDT from pleroma.site permalink
  14. Christine Lemmer-Webber (cwebber@octodon.social)'s status on Thursday, 18-Jul-2019 12:44:54 EDT Christine Lemmer-Webber Christine Lemmer-Webber
    • Christine Lemmer-Webber
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Yet Another AP Server

    @yaaps @kaniini Nope! The ONLY thing that bearcaps require is that you check the Authorization field. The bearer token is an opaque value. The only thing you need is an http request parsing library, that's it.

    In conversation Thursday, 18-Jul-2019 12:44:54 EDT from octodon.social permalink Repeated by kaniini
  15. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 12:58:07 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Christine Lemmer-Webber
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Yet Another AP Server
    @cwebber @yaaps

    indeed, the only interesting part here about OAuth is that if you already implement OAuth, you basically get bearcaps for free.
    In conversation Thursday, 18-Jul-2019 12:58:07 EDT from pleroma.site permalink
  16. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 12:37:06 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Christine Lemmer-Webber
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Yet Another AP Server
    @yaaps @cwebber

    it's not really that much of a rush, and i believe the ultimate destination is basically the same. problem is, we have to get there incrementally, because breaking the fediverse in the meantime is bad.

    so, the response path of fediverse implementations is essentially

    signatures (in the case of Pleroma, mapping them to inferred capabilities for futureproofing) -> instance-wide bearcaps -> user-specific bearcaps
    In conversation Thursday, 18-Jul-2019 12:37:06 EDT from pleroma.site permalink
  17. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 11:43:16 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • Yet Another AP Server
    @yaaps

    delegation doesn't require signatures, because the only identity aspect we care about is who initially caused the token to be issued to begin with.

    the mapped identity stuff is only really in the context of compatibility, and will eventually be purged from Pleroma, being 100% based on granted capabilities instead
    In conversation Thursday, 18-Jul-2019 11:43:16 EDT from pleroma.site permalink
  18. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 11:01:34 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    @fluffy yeah, unfortunately BCP38 depends on ISPs filtering their own customers' traffic (to drop spoofed packets) to work, and many choose not to.
    In conversation Thursday, 18-Jul-2019 11:01:34 EDT from pleroma.site permalink
  19. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 10:57:06 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • ben
    @ben i'm talking about the hosting providers mostly. the ones with servers that have gig-e and 10gig-e and so on for rent and don't bother to implement BCP38.
    In conversation Thursday, 18-Jul-2019 10:57:06 EDT from pleroma.site permalink
  20. :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: (kaniini@pleroma.site)'s status on Thursday, 18-Jul-2019 10:50:24 EDT :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy: :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • :abunhdhappyhop: :abunhdhappy: :abunhdhop: :abunhd: :abunhdhappyhop: :abunhdhappy:
    • ben
    @ben most attacks are still amplification based on spoofing. BCP38 if it were implemented everywhere stops that dead in it's tracks.
    In conversation Thursday, 18-Jul-2019 10:50:24 EDT from pleroma.site permalink
  • After
  • Before
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.