Norwegian. In UK.

  • 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 22nd, 2023

help-circle

  • In theory if there are no security holes, a user account can only mess up its own account.

    Note that what steps you want to take will really depend on who these users are and what you want to achieve. There’s a vast chasm between allowing in, say, friends or colleagues, vs. letting random people on the internet access it. The latter will mean someone will intentionally look for exploits, which means e.g. regularly applying security updates becomes far more pressing.

    If you are letting in random strangers, I’d look into only giving them access within a separate container or ideally virtual machine per user as an extra precaution unless what you’re making available is very stripped down.





  • Just a few years back, Vernor Vinge’s scifi novels still seemed reasonably futuristic in dealing with the issue of fakes well by including several bits where the resolution of imagery was a factor in being able to analyze with sufficient certainty that you were talking to the right person, and now that notion already seems dated, and certainly not enough for a setting far into the future.

    (at least they don’t still seem as dated as Johnny Mnemonic’s plot of erasing a chunk of your memories to transport an amount of data that would be easier and less painful to fit in your head by stuffing a microsd card up your nose)




  • It’s stupid that it’s not there, though, and I suspect it will get fixed at some point. Basically, some concerns were raised about people using it to doctor timelines (but they can already do that by setting up a single-person instance and messing with the database), and the new instance can validate the signatures of the posts anyway, so they’re no less secure than posts from other accounts received via federation. If anyone is really concerned they could slap an “imported from …” banner on old/migrated posts so people are aware they were not originally posted there.