chapotraphouse

13446 readers

743 users here now

Banned? DM Wmill to appeal.

No anti-nautilism posts. See: Eco-fascism Primer

Vaush posts go in the_dunk_tank

Dunk posts in general go in the_dunk_tank, not here

Don't post low-hanging fruit here after it gets removed from the_dunk_tank

founded 3 years ago

MODERATORS

[email protected]

172

Truth Social is just a masked defederated Mastodon instance. (hexbear.net)

submitted 5 months ago by [email protected] to c/[email protected]

30 comments fedilink hide all child comments

https://bsky.app/profile/nih-llamas.bsky.social/post/3komzcim76p26

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 79 points 5 months ago* (last edited 5 months ago) (7 children)

There have been several VERY NASTY CVEs since I set up matapacos in 2022.

Remote code execution: https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm A.K.A. "Toot Root"

Hijacking user accounts: https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw

Among others (there was at least one more really bad one)

[–] [email protected] 61 points 5 months ago (1 children)

someone smarter than me has the chance to do something extremely funny

[–] [email protected] 55 points 5 months ago (1 children)

I would be hilarious if someone hijacked Trump's account using that vuln

[–] [email protected] 43 points 5 months ago

I want to go on record that if Trump suddenly says "I AM YOUR LORD AND SAVIOR OUR BIG WET BOY!" - I had nothing to do with it.

[–] [email protected] 45 points 5 months ago (1 children)

It would be a shame if... you know the thing.

[–] [email protected] 23 points 5 months ago (2 children)

haha jk fbi haha

[–] [email protected] 27 points 5 months ago (1 children)

gaining a web shell on truth.social and using it to run a minecraft server

[–] [email protected] 15 points 5 months ago

We’re gonna build a big beautiful realm and make the Cheeto pay for it

[–] [email protected] 15 points 5 months ago

I meant it would be a shame if Biden used the computer. Because he's old and you know the thing. I don't want to say it because it could be misconstrued.

[–] [email protected] 35 points 5 months ago

I was gonna say, there are probably some spicy remote code execution bugs still alive in there.

[–] [email protected] 30 points 5 months ago (1 children)

This is gonna be another Gab lmao

[–] [email protected] 45 points 5 months ago* (last edited 5 months ago)

Gab also is just a de-branded Mastodon fork.

[–] [email protected] 19 points 5 months ago

Thank you for maintaining that instance btw

[–] [email protected] 10 points 5 months ago (1 children)

you run matapacos? I've been meaning to join, but haven't bc of the email address requirement. Is there a way around that?

[–] [email protected] 11 points 5 months ago (1 children)

You can just use a disposable email address like I did for my account

[–] [email protected] 8 points 5 months ago* (last edited 5 months ago)

Yeah. Email is baked into the software so a throwaway is needed for technical reasons, but only for registration and password recovery. I don't have any e-mail services blocked. You are encouraged to use a throwaway e-mail service unless you want password recovery and (optional) email notifications to work.

Recently we added manual account activation due to a spam wave. You don't have to write an essay outlining your ideological beliefs or anything. It is strictly an anti-bot measure.