- cross-posted to:
- fediverse@lemmy.world
- cross-posted to:
- fediverse@lemmy.world
Thorough report about the recent Fediverse spam.
Related posts:
- We seem to be getting attacked. - https://lemmy.giftedmc.com/post/235816
- Solutions and origins of the spam wave currently hitting the Fediverse - https://feddit.cl/post/1883287
- Mastodon CVE Report - https://hachyderm.io/@maegul/111944073448637061
- Remote User Impersonation and Takeover via Cache Poisoning - https://arcanican.is/excerpts/cve-2024-23832/discovery.htm
- Remote user impersonation and takeover - https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
@nmtake @fediverse >Akkoma is currently leading in this regard with their MRF feature, which allows administrators to write arbitrary polices to rewrite or delete messages
Yeah, bub, about that: https://akkoma.dev/AkkomaGang/akkoma/src/branch/develop/lib/pleroma/web/activity_pub/mrf.ex#L67
You’re not allowed to reject or mangle activities of specific types in your own policies, and said change was introduced for no reason other than spite. Pleroma, which Akkoma rips off, has no such restrictions.