Mastodawn

If you're running a Mastodon server, you might want to activate the "authorized fetch" option (also known as "secure mode").

Having this switched on makes your server-level blocks work much more effectively, and helps to protect your server's members from abuse.

It's extremely easy to activate, step-by-step instructions and lots of questions answered at:

🌱 https://fedi.tips/authorized-fetch

#MastoAdmin #AuthorizedFetch #SecureMode #UserSafety #Mastodon

Adding user safety through Authorized Fetch on Mastodon | Fedi.Tips – An Unofficial Guide to Mastodon and the Fediverse

An unofficial guide to using Mastodon and the Fediverse

Mima-sama Apr 12, 2024

@BeAware Uhh I think you've gotten it fundamentally wrong here

Whether your instance's posts appear on the blocked instance or not doesn't depend on the blocked having #AuthorizedFetch, but rather your instance having AF. That instance can still fetch your posts because your instance doesn't check if the request is signed (so an instance can sign all their fetching but still not enable AF, which is what vanilla #Misskey currently does) and from which instance the fetch request is coming from (hence the "authorized").

Threads already defederates from instances that don't sign their fetching (by design because they've enabled AF), but they don't care if an instance has enabled AF (it's that instance's problem to deal with posts still appearing in Threads).

The problem (I have) with AF is that it's pretty much just #securitytheater. The documentation doesn't seem to account for this possibility, but if your adversary has enough money for some cheap domains and is well-versed in how #ActivityPub works nowadays, then it's trivial for them to forge signatures to look like their fetches come from an innocent server, therefore effectively bypassing the check and allowing the blocked to get your posts into their instance. This is already being done in the wild (with the #Soapbox developer doing this to bypass Threads' fediblock being the most infamous recently).

It also complicates AP implementations because now you have to deal with more cryptography with all that signing and verifying of requests. And signing alone does have a significant impact on performance. It's impossible to create a 100% compatible AP implementation from the spec alone without looking at Mastodon's implementation. That's where the #EmbraceExtendExtinguish or #EEE comes to play.

So overall it's the overeagerness of #MastoAdmins in adopting AF or #SecureMode without understanding the compatibility and performance implications that brought us to this mess today.

Nelson Dec 12, 2022

Does suspending an instance prevent them from seeing public posts on your #Mastodon instance?

My understanding is it does not by default, based on this discussion about "secure mode", which is an option that does require instances to be authorized to fetch posts from your server: https://github.com/mastodon/mastodon/issues/18353

Does #suspension (without secure mode) do anything from the #suspended instance's perspective, or does it only prevent your users from seeing it?

#MastoAdmin #SecureMode #AuthorizedFetch

Enable secure mode by default · Issue #18353 · mastodon/mastodon

Pitch It has been almost 5 years since authorized fetch was first introduced to the fediverse (late 2018). It seems like it would be reasonable to reevaluate enabling it by default at this point. M...

GitHub

jansegers Dec 10, 2020

@brave

Unbelievable ... Windows 10 now has a Secure Mode which only allow for the installation of approved Microsoft Appstore stuff ...

No possibility to install #Brave without leaving secure mode (and if you ever do, you can't go back to Secure Mode)

Firefox idem ditto, as well as Opera but there is a Operamatic sort of browser with only one tab window available ...

Chromatic is a bit better ... no trusted other browser in -matic version to be found.

#Window10 #SecureMode #Browsers