Hi Fediverse denizens. I've been working on a project I hope will help Fediverse devs make software that federates across ALL services, not just Mastodon-plus-a-few-others.
-
@puppygirlhornypost2 I might be able to make it work as an opt in relay that DOES work with authorized fetch. We'll see
-
Veronika Cheplyginareplied to Darius Kazemi last edited by
@darius I think I support this but the scrolling thing on the side makes it difficult to read the thing
-
Darius Kazemireplied to Mike [SEC=OFFICIAL] last edited by
@mike sorry, I don't control the lab website and I'm salty about some of our choices. Will pass this on to the people in charge
-
Darius Kazemireplied to Veronika Cheplygina last edited by
@DrVeronikaCH I would like it to go away too. I agree with you
-
@DrVeronikaCH there is a pause button on the lower right of the page that might help?
-
@darius There seems to be an overlap between this and https://funfedi.dev/support_tables/
Perhaps you can contribute to that project? It seems to be privacy-respecting because samples are generated locally
-
@silverpill yes! It came in my radar last week and I hope to contribute to their cc0 data as well
-
@darius What safeguards are there to ensure someone can't maliciously insert code that reveals the contents of posts and other PII? Trust?
-
@fembot yeah I'm running the code and you have to trust that I'm not putting evil stuff into it. Just like any other Fediverse server that way (I'm currently trusting that this message isn't getting used by your server to malicious ends)
-
@darius Thanks, I trust you Darius. I'm wondering about the ability of someone *else* to mess with the code along the way, which I gather is a weak spot of open source in general, trusted coders & servers aside.
-
@firecat I'm seeing posts from Misskey and Pixelfed without any issue. Could you please describe the issue you're referring to?
-
@darius is the idea to post to and read from live ActivityPub servers to analyze whether or not they adhere to specs?
-
@schizanon no, it's just to see what kind of data formats live activitypub servers use. Definitely no posting to servers here
-
@fembot sure - someone could run a separate server of this and make it malicious!
In terms of malicious code getting into this project via open source channels, I guess it's the same risk as any open source project. But it's a pretty small and uncomplex code base so I'm thinking it would be easy to spot that kind of thing
-
@darius how can you know what they use without using them?
-
@schizanon it's to identify problems as a first step prior to further investigation. But I need to know what software to investigate in the first place. I've already done a bunch of investigation myself that has led me to learning about lots of new to me projects and sleuthing in their federation source code
-
@darius so you're actually reading the source code for every AP impl? How will you know if they change?
-
@schizanon there's a whole community of researchers that keep track of source code on all sorts of projects. We work together to keep each other informed and this tool is a piece of that process
-
@schizanon there's a whole community of ActivityPub researchers that keep track of source code on all sorts of projects. We work together to keep each other informed and this tool is a piece of that process
-
@[email protected] Hey just an fyi, I sent an email and it bounced.
We could not deliver the attached mail for the following recipients. [email protected] at remote mailserver smtp.cyber.harvard.edu. (128.103.64.104): SMTPAddressFailedException: 450 4.1.1 <[email protected]>: Recipient address rejected: unverified address: unknown user: "fediverseobservatory" (450)
(this is what my mail provider sent, I am unsure if it's a configuration issue on harvard's side, or if I misspelled the email address)