hhmx.de
mima@makai.chaotic.ninja
mima@makai.chaotic.ninja

:mima_rule: Mima-sama

(@mima@makai.chaotic.ninja)

Sa 01.01.2000

Beiträge: 8Folgt: 725Folgende: 378

Evil spirit trapped in Makai. A sysadmin of chaotic.ninja.

Weakest proponent of the fediverse

(DISCLAIMER: I am not the Mima-sama in Tumblr/Neocities or the Mimasama1 in Twitter [@mimasama1@bird.makeup])

Banner by @sawatanitoru@bird.makeup

Pfp by @ogami2160@bird.makeup

Website

http://geidontei.chaotic.ninja/usr/mima/

Gopherhole

gopher://geidontei.chaotic.ninja/1/usr/mima/

Jstpst

https://www.jstpst.net/user/nitori

Former fedi

@mima@evil.social

:mima_rule: Mima-sama

:mima_rule: Mima-sama
@mima@makai.chaotic.ninja

Föderation · Do 13.06.2024 04:30:48

Even more shocking is the revelation that somehow, even private DMs from Mastodon were mirrored on their public site and searchable. How this is even possible is beyond me, as DM’s are ostensibly only between two parties, and the message itself was sent from two hackers.town
WHAT THE FUCK? There should have been no way that was able to read DMs, even if they're poorly coded (should be importing Public posts only) and the DMs are not E2EE.

I guess the common wisdom of not trusting the privacy of DMs is very correct all along. ​:koishtare:

Oh, and I was skeptical of whether this is block worthy (don't want another or incident again), but this definitely is worthy considering their casual response. Reading someone else's DMs is never acceptable. This flaw should've been acknowledged and reported to Mastodon (and perhaps other developers too just in case).



RE: https://wedistribute.org/2024/06/maven-mastodon-posts/

0x   0   1x