Was this written by the Meta marketing department?
A new security fund opens up to help protect the fediverse
Submitted 2 months ago by psychothumbs@lemmy.world to fediverse@lemmy.world
https://techcrunch.com/2025/04/02/a-new-security-fund-opens-up-to-help-protect-the-fediverse
Comments
FundMECFSResearch@lemmy.blahaj.zone 2 months ago
PhilipTheBucket@ponder.cat 2 months ago
Yeah, there’s also this:
A more recent issue came about when Pixelfed’s creator, Daniel Supernault made the details of a vulnerability public before server operators had a chance to update, which would have left the fediverse vulnerable to bad actors, she says. (Supernault has already apologized publicly for his handling of the issue that had affected private accounts.)
In the case of the Pixelfed issue, for instance, the Hachyderm Mastodon server, which has over 9,500 members, decided it needed to defederate (or disconnect from) other Pixelfed servers that hadn’t been updated in order to protect their users.
It is weird to spend almost half the words in this, pretending that something in Pixelfed that wasn’t a problem on Pixelfed’s side was. This is the weirdest “vulnerability” in the world to pick if you want to pick one to hold up extensively as an example.
cmgvd3lw@discuss.tchncs.de 2 months ago
I still feel that interoperability between mastadon and Lemmy is kind of messed up. How to browse a Lemmy community through mastodon application?
Irelephant@lemm.ee 2 months ago
You cannot use a mastodon app as a lemmy client, but you can view lemmy communities by opening them as if they are profiles. For example, open @fediverse@lemmy.world and it will show up as a user, but it will be the communitiy’s posts.
You can mention it in a post to forward the post to the community as well.
HootinNHollerin@lemmy.dbzer0.com 2 months ago
It’s terrible
rimu@piefed.social 2 months ago
I can't wait to find out which project has the most security holes 🔥
Any guesses?
unexposedhazard@discuss.tchncs.de 2 months ago
The ones with the most amount of code lines and dependencies probably. More code = more problems.
rimu@piefed.social 2 months ago
IMO poor security is more about a lack of eyes on the code. Projects that have a single developer will be pretty easy money.
DieserTypMatthias@lemmy.ml 2 months ago
…that will pay those who responsibly disclose security vulnerabilities that affect fediverse apps and services.
If it is straight to the project, then I’m all for it. Otherwise, it seems sus.
PhilipTheBucket@ponder.cat 2 months ago
What? It is to the person who discovers the vulnerability. That’s fairly normal for this kind of thing I think. How would giving it to someone else motivate the result they’re trying to get?
Coelacanth@feddit.nu 2 months ago
Mention Lemmy for once 😠
meldrik@lemmy.wtf 2 months ago
LOL
pennomi@lemmy.world 2 months ago
Image
Irelephant@lemm.ee 2 months ago
We are tiny in comparison to the rest of the fediverse.
Image
3dmvr@lemm.ee 2 months ago
But its actually usable, pixelfed sucks, prob way more actual engagement here, pixelfed is hella ppl posting with no likes or views
perishthethought@lemm.ee 2 months ago
Yeah!
I asked here about that and was told there’s not enough of us here. Meh.
Coelacanth@feddit.nu 2 months ago
Funny how that works. Wonder if not mentioning it will help remedy that?
PhilipTheBucket@ponder.cat 2 months ago
Also Lemmy: Here’s a bunch of death threats and pictures of a pig taking a shit because you said democracy was a good idea