itsYaBoyNoodles

  • 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: June 4th, 2023

help-circle




  • BECAUSE I understand it more now, I’m left feeling VERY uncomfortable about my data security. If this is going to become a mainstream thing, as it reaches and before it gets to that critical mass of users, there’s going to be SO. MANY. SECURITY ISSUES. There’s no 2fa at all, hacking and user-account hacking is just going to run rampant, and I’m left wondering ‘Where is my username and password actually stored?’. The answer, sadly, is wherever the dude who’s running the instance/server is.

    I wonder if IPFS would be better suited for the fediverse for this reason? You’ve brought up some solid points here and if history is anything to go by, it’s likely already seeing some exploitation in the wild. I think there’s likely to be a lot of work needed here. For example: Your cookies store JWTs in base85. Nice!