A controversial developer circumvented one of Mastodon's primary tools for blocking bad actors, all so that his servers could connect to Threads.

Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.

  • @lily33@lemm.eeEnglish
    36 months ago

    Stop asking for pseuso-privacy features. The Fediverse is public by nature. Any “measures” to control access to the public posts on it are just lying to users.

    Server owners should be able to control who can access their servers - but that is NOT - and should NOT be - treated as a privacy feature.