They’re just making shit up. In their mind I guess Javascript that is intentionally included by an admin to customize their instance counts as ACE. In that sense any webserver you ever browse to is capable of ACE.
They’re just making shit up. In their mind I guess Javascript that is intentionally included by an admin to customize their instance counts as ACE. In that sense any webserver you ever browse to is capable of ACE.
fiat_lux@lemmy.world 2 days ago
Any webserver you browse is possibly capable of ACE depending on the implementation. When it starts to hold user data is when that starts to be a concern. The more points of entry. The more that needs to be secured.
I don’t have any experience with piefed admin, or any opinion on piefed itself. just too many years of web admin experience. And as soon as I see intentionally made doors that allow code input, I start to worry about how much experience the devs who made it have with web admin.
lambalicious@lemmy.sdf.org 2 days ago
Booo. Here I was hoping for something serious to spice up the news and it just turns out it’s “it runs on a browser”.
Grail@multiverse.soulism.net 2 days ago
Sorry, pal. It’s a good software.
fiat_lux@lemmy.world 2 days ago
I’m not a spice merchant, and most exploits rarely involve a single step. This screenshot is just a system design red flag.
You’re free to examine the repo yourself and find your own spice, my 5 min look tells me that piefed needs to expend a significant amount of effort on infosec to maintain user trust in the longer term.