Was this written by the Meta marketing department?
A new security fund opens up to help protect the fediverse
Submitted 3 weeks ago by psychothumbs@lemmy.world to fediverse@lemmy.world
https://techcrunch.com/2025/04/02/a-new-security-fund-opens-up-to-help-protect-the-fediverse
Comments
FundMECFSResearch@lemmy.blahaj.zone 3 weeks ago
PhilipTheBucket@ponder.cat 3 weeks ago
Yeah, there’s also this:
A more recent issue came about when Pixelfed’s creator, Daniel Supernault made the details of a vulnerability public before server operators had a chance to update, which would have left the fediverse vulnerable to bad actors, she says. (Supernault has already apologized publicly for his handling of the issue that had affected private accounts.)
In the case of the Pixelfed issue, for instance, the Hachyderm Mastodon server, which has over 9,500 members, decided it needed to defederate (or disconnect from) other Pixelfed servers that hadn’t been updated in order to protect their users.
It is weird to spend almost half the words in this, pretending that something in Pixelfed that wasn’t a problem on Pixelfed’s side was. This is the weirdest “vulnerability” in the world to pick if you want to pick one to hold up extensively as an example.
cmgvd3lw@discuss.tchncs.de 3 weeks ago
I still feel that interoperability between mastadon and Lemmy is kind of messed up. How to browse a Lemmy community through mastodon application?
Irelephant@lemm.ee 3 weeks ago
You cannot use a mastodon app as a lemmy client, but you can view lemmy communities by opening them as if they are profiles. For example, open @fediverse@lemmy.world and it will show up as a user, but it will be the communitiy’s posts.
You can mention it in a post to forward the post to the community as well.
HootinNHollerin@lemmy.dbzer0.com 3 weeks ago
It’s terrible
rimu@piefed.social 3 weeks ago
I can't wait to find out which project has the most security holes 🔥
Any guesses?
unexposedhazard@discuss.tchncs.de 3 weeks ago
The ones with the most amount of code lines and dependencies probably. More code = more problems.
rimu@piefed.social 3 weeks ago
IMO poor security is more about a lack of eyes on the code. Projects that have a single developer will be pretty easy money.
DieserTypMatthias@lemmy.ml 3 weeks ago
…that will pay those who responsibly disclose security vulnerabilities that affect fediverse apps and services.
If it is straight to the project, then I’m all for it. Otherwise, it seems sus.
PhilipTheBucket@ponder.cat 3 weeks ago
What? It is to the person who discovers the vulnerability. That’s fairly normal for this kind of thing I think. How would giving it to someone else motivate the result they’re trying to get?
Coelacanth@feddit.nu 3 weeks ago
Mention Lemmy for once 😠
meldrik@lemmy.wtf 3 weeks ago
LOL
pennomi@lemmy.world 3 weeks ago
Image
Irelephant@lemm.ee 3 weeks ago
We are tiny in comparison to the rest of the fediverse.
Image
3dmvr@lemm.ee 3 weeks ago
But its actually usable, pixelfed sucks, prob way more actual engagement here, pixelfed is hella ppl posting with no likes or views
perishthethought@lemm.ee 3 weeks ago
Yeah!
I asked here about that and was told there’s not enough of us here. Meh.
Coelacanth@feddit.nu 3 weeks ago
Funny how that works. Wonder if not mentioning it will help remedy that?
PhilipTheBucket@ponder.cat 3 weeks ago
Also Lemmy: Here’s a bunch of death threats and pictures of a pig taking a shit because you said democracy was a good idea