Mastodon CVE Report
Didn’t expect the mastodon CVE report/account would kinda end up being about platform diversity on the fediverse (TLDR: only mastodon really had the problem, which was huge)
TLDR: only mastodon really had the problem, which was huge
That’s not what the article says:
I kept continuing to test through other fedi software in the meantime, and found a 4th affected product, notified the developer, and got it sorted out there as well.
Looks like 4 pieces of software are affected, but Mastodon is the biggest one and the one that’s making the rounds.
The point though is that not all platforms had the problem, which means platform diversity would have lessened the significance.
That’s fair, and that’s also why companies like Boeing traditionally let two different companies implement the same spec for their planes’ computer systems (the ones with failovers at least); that way, the exact same bug couldn’t knock out the entire system. Well, it did once, but it helped in other cases.
However, based on the statistics I can find, alternative software is rather insignificant in terms of market share. Mastodon has ten times the amount of users its next competitor has. Unless you count Threads, I guess, which still blows the rest of the Fediverse out of the water at the moment.
