Was this written by the Meta marketing department?
A new security fund opens up to help protect the fediverse
Submitted 1 day ago by psychothumbs@lemmy.world to fediverse@lemmy.world
https://techcrunch.com/2025/04/02/a-new-security-fund-opens-up-to-help-protect-the-fediverse
Comments
FundMECFSResearch@lemmy.blahaj.zone 1 day ago
PhilipTheBucket@ponder.cat 1 day ago
Yeah, there’s also this:
A more recent issue came about when Pixelfed’s creator, Daniel Supernault made the details of a vulnerability public before server operators had a chance to update, which would have left the fediverse vulnerable to bad actors, she says. (Supernault has already apologized publicly for his handling of the issue that had affected private accounts.)
In the case of the Pixelfed issue, for instance, the Hachyderm Mastodon server, which has over 9,500 members, decided it needed to defederate (or disconnect from) other Pixelfed servers that hadn’t been updated in order to protect their users.
It is weird to spend almost half the words in this, pretending that something in Pixelfed that wasn’t a problem on Pixelfed’s side was. This is the weirdest “vulnerability” in the world to pick if you want to pick one to hold up extensively as an example.
cmgvd3lw@discuss.tchncs.de 1 day ago
I still feel that interoperability between mastadon and Lemmy is kind of messed up. How to browse a Lemmy community through mastodon application?
Irelephant@lemm.ee 1 day ago
You cannot use a mastodon app as a lemmy client, but you can view lemmy communities by opening them as if they are profiles. For example, open @fediverse@lemmy.world and it will show up as a user, but it will be the communitiy’s posts.
You can mention it in a post to forward the post to the community as well.
HootinNHollerin@lemmy.dbzer0.com 1 day ago
It’s terrible
rimu@piefed.social 1 day ago
I can't wait to find out which project has the most security holes 🔥
Any guesses?
unexposedhazard@discuss.tchncs.de 1 day ago
The ones with the most amount of code lines and dependencies probably. More code = more problems.
rimu@piefed.social 1 day ago
IMO poor security is more about a lack of eyes on the code. Projects that have a single developer will be pretty easy money.
DieserTypMatthias@lemmy.ml 1 day ago
…that will pay those who responsibly disclose security vulnerabilities that affect fediverse apps and services.
If it is straight to the project, then I’m all for it. Otherwise, it seems sus.
PhilipTheBucket@ponder.cat 1 day ago
What? It is to the person who discovers the vulnerability. That’s fairly normal for this kind of thing I think. How would giving it to someone else motivate the result they’re trying to get?
Coelacanth@feddit.nu 1 day ago
Mention Lemmy for once 😠
meldrik@lemmy.wtf 1 day ago
LOL
pennomi@lemmy.world 1 day ago
Image
Irelephant@lemm.ee 1 day ago
We are tiny in comparison to the rest of the fediverse.
Image
3dmvr@lemm.ee 1 day ago
But its actually usable, pixelfed sucks, prob way more actual engagement here, pixelfed is hella ppl posting with no likes or views
perishthethought@lemm.ee 1 day ago
Yeah!
I asked here about that and was told there’s not enough of us here. Meh.
Coelacanth@feddit.nu 1 day ago
Funny how that works. Wonder if not mentioning it will help remedy that?
PhilipTheBucket@ponder.cat 1 day ago
Also Lemmy: Here’s a bunch of death threats and pictures of a pig taking a shit because you said democracy was a good idea