- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.
Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.
Stop asking for pseuso-privacy features. The Fediverse is public by nature. Any “measures” to control access to the public posts on it are just lying to users.
Server owners should be able to control who can access their servers - but that is NOT - and should NOT be - treated as a privacy feature.