Hot take: It is bad that #ActivityPub software implements #AUTHORIZED_FETCH, also known as secure mode, because, contrary to its name, it does not actually contribute to security and instead gives a false sense of security.
-
洪 民憙(ホン・ミンヒ)replied to 洪 民憙 (Hong Minhee) on last edited by
所信発言:ActivityPubのソフトウェアがAUTHORIZED_FETCH、通称セキュアモード(secure mode)を実装するのは、名前と違って実際にセキュリティに貢献しないし、むしろ安全だという錯覚(false sense of security)を与えるので悪いと思う。
-
洪 民憙 (Hong Minhee)replied to 洪 民憙 (Hong Minhee) on last edited by
As proof, #ActivityPub objects that require #AUTHORIZED_FETCH can be easily looked up with the `fedify lookup -a` command.
fedify: CLI toolchain | Fedify
The fedify command is a CLI toolchain for Fedify and debugging ActivityPub-enabled federated server apps. This section explains the key features of the fedify command.
(fedify.dev)
-
@hongminhee 일단 이 기능 조차 없으면 followers only 같은 기능은 사실 의미가 없는 기능일 수도 있겠네요.
-
洪 民憙 (Hong Minhee)replied to 洪 民憙 (Hong Minhee) on last edited by
그 證據로, AUTHORIZED_FETCH를 要求하는 #ActivityPub 오브젝트는 `fedify lookup -a` 커맨드로 아주 쉽게 照會할 수 있다.
fedify: CLI toolchain | Fedify
The fedify command is a CLI toolchain for Fedify and debugging ActivityPub-enabled federated server apps. This section explains the key features of the fedify command.
(fedify.dev)
-
@galadbran 아무래도 좀 그렇죠.
-
その証拠に、AUTHORIZED_FETCHを要求するActivityPubオブジェクトは単純に`fedify lookup -a`コマンドで簡単に照会する事が出来る。
fedify: CLI toolchain | Fedify
The fedify command is a CLI toolchain for Fedify and debugging ActivityPub-enabled federated server apps. This section explains the key features of the fedify command.
(fedify.dev)
-
@[email protected] calling it secure mode is a misnomer, but that's a Mastodon issue isn't it?
-
@julian @hongminhee I think "secure mode" was a legacy name for it: https://github.com/mastodon/mastodon/commit/5bf67ca91350e40e6f329271d3ca2bdcba87ab64
And yes, authorized fetch being ridiculously easy to circumvent is a problem/limitation with it, but for now there isn't a better approach forwards (object signatures allow untrusted forwarding) — maybe ocaps can better secure activitypub, I'm not sure.
-
@julian @hongminhee on more closed off servers, I'd honestly expect them to be blocking those local tunnel type services with a wide domain block, also glitch and other "temporary" hosts for instances.
-
Markus Unterwaditzerreplied to Emelia 👸🏻 on last edited by
@thisismissem @julian @hongminhee my understanding is that it really only makes sense with a federation allowlist?
