- cross-posted to:
- privacy@lemmy.ml
- fediverse@lemmy.world
- cross-posted to:
- privacy@lemmy.ml
- fediverse@lemmy.world
Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.
The article doesn’t say, did they fix it?
Why would they fix it?
Fixing this in general is not so easy as ActivityPub wasn’t designed to prevent such things and AFAIK without some fundamental changes like proposed in Spritely or implemented in the Zot protocol it can’t really prevent this from happening.
Why would you want threads and/or alt right people to be able to get around blocks?
I don’t.
Why would they fix it?
Isn’t that what I’m asking if they fixed, am I not understanding, or are you fucking with me?
Who is they? From the way you wrote it the only “they” would be the “alt right developers” from the headline.