Was this written by the Meta marketing department?
A new security fund opens up to help protect the fediverse
Submitted 1 month ago by psychothumbs@lemmy.world to fediverse@lemmy.world
https://techcrunch.com/2025/04/02/a-new-security-fund-opens-up-to-help-protect-the-fediverse
Comments
FundMECFSResearch@lemmy.blahaj.zone 1 month ago
PhilipTheBucket@ponder.cat 1 month ago
Yeah, there’s also this:
A more recent issue came about when Pixelfed’s creator, Daniel Supernault made the details of a vulnerability public before server operators had a chance to update, which would have left the fediverse vulnerable to bad actors, she says. (Supernault has already apologized publicly for his handling of the issue that had affected private accounts.)
In the case of the Pixelfed issue, for instance, the Hachyderm Mastodon server, which has over 9,500 members, decided it needed to defederate (or disconnect from) other Pixelfed servers that hadn’t been updated in order to protect their users.
It is weird to spend almost half the words in this, pretending that something in Pixelfed that wasn’t a problem on Pixelfed’s side was. This is the weirdest “vulnerability” in the world to pick if you want to pick one to hold up extensively as an example.
cmgvd3lw@discuss.tchncs.de 1 month ago
I still feel that interoperability between mastadon and Lemmy is kind of messed up. How to browse a Lemmy community through mastodon application?
Irelephant@lemm.ee 1 month ago
You cannot use a mastodon app as a lemmy client, but you can view lemmy communities by opening them as if they are profiles. For example, open @fediverse@lemmy.world and it will show up as a user, but it will be the communitiy’s posts.
You can mention it in a post to forward the post to the community as well.
HootinNHollerin@lemmy.dbzer0.com 1 month ago
It’s terrible
rimu@piefed.social 1 month ago
I can't wait to find out which project has the most security holes 🔥
Any guesses?
unexposedhazard@discuss.tchncs.de 1 month ago
The ones with the most amount of code lines and dependencies probably. More code = more problems.
rimu@piefed.social 1 month ago
IMO poor security is more about a lack of eyes on the code. Projects that have a single developer will be pretty easy money.
DieserTypMatthias@lemmy.ml 1 month ago
…that will pay those who responsibly disclose security vulnerabilities that affect fediverse apps and services.
If it is straight to the project, then I’m all for it. Otherwise, it seems sus.
PhilipTheBucket@ponder.cat 1 month ago
What? It is to the person who discovers the vulnerability. That’s fairly normal for this kind of thing I think. How would giving it to someone else motivate the result they’re trying to get?
Coelacanth@feddit.nu 1 month ago
Mention Lemmy for once 😠
meldrik@lemmy.wtf 1 month ago
LOL
pennomi@lemmy.world 1 month ago
Image
Irelephant@lemm.ee 1 month ago
We are tiny in comparison to the rest of the fediverse.
Image
3dmvr@lemm.ee 1 month ago
But its actually usable, pixelfed sucks, prob way more actual engagement here, pixelfed is hella ppl posting with no likes or views
perishthethought@lemm.ee 1 month ago
Yeah!
I asked here about that and was told there’s not enough of us here. Meh.
Coelacanth@feddit.nu 1 month ago
Funny how that works. Wonder if not mentioning it will help remedy that?
PhilipTheBucket@ponder.cat 1 month ago
Also Lemmy: Here’s a bunch of death threats and pictures of a pig taking a shit because you said democracy was a good idea