"Security" category
Meta
6
Posts
3
Posters
29
Views
-
Just a thought as I work through some bugs reported to NodeBB... would there be interest in ActivityPub.space hosting a "security" category for discussion around vulnerabilities, CVEs, and such that are related to ActivityPub?
For example, if NodeBB were to receive a bug bounty report and responsibly disclose the details, it would be ideal to have it archived in a place where it won't just disappear off the feed in a matter of minutes.
-
Just a thought as I work through some bugs reported to NodeBB... would there be interest in ActivityPub.space hosting a "security" category for discussion around vulnerabilities, CVEs, and such that are related to ActivityPub?
For example, if NodeBB were to receive a bug bounty report and responsibly disclose the details, it would be ideal to have it archived in a place where it won't just disappear off the feed in a matter of minutes.
@julian @smallcircles that'd probably be a bad idea, as you'd likely get irresponsible disclosure happening.
-
Just a thought as I work through some bugs reported to NodeBB... would there be interest in ActivityPub.space hosting a "security" category for discussion around vulnerabilities, CVEs, and such that are related to ActivityPub?
For example, if NodeBB were to receive a bug bounty report and responsibly disclose the details, it would be ideal to have it archived in a place where it won't just disappear off the feed in a matter of minutes.
@julian It would be great to have a collection of these that I could look through, to make sure I'm not making easily preventable mistakes myself.
Of course, potential bad guys would be able to look through it too...
-
@julian @smallcircles that'd probably be a bad idea, as you'd likely get irresponsible disclosure happening.
thisismissem@hachyderm.io how so? In the sense that discussed vulnerabilities might be exploitable cross-implementation?
-
@julian we've definitely seen that before, but also people might not realize that they're discussing a vulnerability
-
@julian we've definitely seen that before, but also people might not realize that they're discussing a vulnerability
thisismissem@hachyderm.io hmm that's fair. I don't think it precludes interested parties from having these discussions though.
I'm not sure what the right solution is.
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
17 November 2025
Re-enabled Anubis with a blanket rule that allows requests to /inbox; hopefully that should resolve any issues.
-
12 November 2025
Per report trwnh@mastodon.social about some content missing from mastodon.social, I have disabled anubis temporarily as it may have been inadvertently blocked by it.
-
7 November 2025
Enabled Anubis in response to AI scrapers overwhelming the server multiple times a dayPlease let me know if you experience any federation delays or other oddities!
-
21 October 2025
Added fedimemes@feddit.uk to the Related Communities section :smiling_imp:
-
Thank you so much for the kind words 😎 it's been a busy year and a half but integrating ActivityPub has definitely been a step in the right direction.
There are still some hairy bits here and there but "it just works" is definitely the goal I'm shooting for.
-
... I just have to say how much I am enjoying the NodeBB user interface. This is a really pleasant piece of software, and it seems to Just Work on the Fediverse.
-
13 October 2025
Added a new category for developer announcements/logs for various software WordPress (mirrors activitypub.blog@activitypub.blog) Mastodon (mirrors mastodonengineering@mastodon.social) Akkoma (mirrors akkoma@ihatebeinga.live) Lemmy (Lemmy's main announcements community) Lexicaleigh put together a draft code of conduct for ActivityPub.Space. Please give it a gander and let us know your comments
-
6 October 2025
Updated branding icons to reflect new logo in touch/maskable icons (so PWA app installs should have the right logo now)
