076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Alex Gleason (alex@gleasonator.com)'s status on Monday, 05-Feb-2024 23:30:11 JST Alex Gleason Alex Gleason
    • Dan Ramos 🇵🇹🇺🇸 :verified:
    "Mastodon vulnerability allows attackers to take over accounts"

    Snopes: Mixed

    It's a serious vulnerability for sure: "allowing attackers to impersonate users and take over their accounts"

    But while this part is true: "allowing attackers to impersonate users"

    This part is exaggerated: "and take over their accounts"

    Impersonating remote users doesn't allow you to log in as them, change their email or password, etc. It allows people to submit forged posts by them, and "trick" Mastodon servers into accepting it. Either way, interesting that this leaks into the wider web.

    RT: https://noauthority.social/users/Dan_Ramos/statuses/111871157549735051
    In conversation about a year ago from gleasonator.com permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Dan Ramos :verified: (@Dan_Ramos@noauthority.social)
      from Dan Ramos :verified:
      @eriner This seems familiar, eh? 😎 Once again, thank you! Mastodon vulnerability allows attackers to take over accounts https://www.bleepingcomputer.com/news/security/mastodon-vulnerability-allows-attackers-to-take-over-accounts/
    • Token likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.