🤣 Ha ha
The admin of Mastodon Cloud finally, after all these years, upgraded their Mastodon instance — but to version 4.5.9, which contains a known security vulnerability. Version 4.5.10 was released 3 weeks ago, yet they upgraded to the insecure 4.5.9 release instead.
I'm starting to wonder if I shouldn't laugh and instead suspect some form of mental incompetence. Otherwise, it's hard to explain upgrading to a version that was already known to be outdated and vulnerable. 🤦
Mastodon Dot Cloud is once again running outdated software.
They are using Mastodon 4.3.22, which reached end of life last week.
It took over a year for them to upgrade their old site to Mastodon 4.3.22, and instead of continuing the upgrade to the current 4.5.9 release, they remained on a version that was about to expire. It then reached end of life just seven days later.
The administrator appears to be incompetent.
cc: @TheAdmin
As promised, I have implemented the suspension/block on mastodon.cloud. Folks on #SocialBC will not be able to interact with accounts on that server.
This was done due to ongoing issues with spam and un-moderated user additions from that un-regulated and defunct server.
The negative impact should be minimal as very few people followed accounts there or vice versa.
#MastodonCloud #FediBlock #Fediverse #moderation #OpenInstance
The other “interesting” thing is that Mstdn.jp no longer displays the administrator account.
I suspect they’re doing something stupid — wanting everyone to reach them via email only.
If so, they’re creating their own future problem. That’s not how the Fediverse works!
This all seems like a case of a corporation getting involved in something without knowing what it’s doing or how anything in the ecosystem works.
I think what makes Mastodon Dot Cloud so “interesting” is that it’s one of the few Fedi sites owned by a corporation. That same corporation also owns Mstdn Dot JP.
Mstdn.jp had staff — if you reported a problem, someone handled it. You also needed approval to activate an account after registering.
It’s ironic that the corporation managed Mstdn Dot JP fairly well while completely abandoning Mastodon Dot Cloud.
That said, Mstdn.jp is still running out-of-date software.
2 of 2
I’m surprised they’re finally upgrading the site — slowly over days — but that’s part of the problem. It shows the same pattern: no action or long delays.
8 days, and they’re right back where they started with discontinued software.
Mastodon.Cloud has upgraded to 4.3.22, the last 4.3.x release, which will be end of life in 8 days.
4.3.22 also has documented security bugs, so they’re still running a version that isn’t fully secure.
Their lack of communication is one of their biggest problems and why many sites have defederated and disconnected from Mastodon Dot Cloud.
A scammer, troll, or spammer would join your site, people would report the content, and nothing would happen. Worse, it would keep happening. Mastodon Dot Cloud has, for the past year, become known as a revolving door of trash and nonsense, and the whole time there’s been no proof anyone cared.
1 of 2
8 days, and they're right back where they started with discontinued software.
Mastodon Dot Cloud has upgraded to 4.3.22 which is the last 4.3.x branch and will be end of life in 8 days.
4.3.22 also has a few known documented security bugs. So once again, they're still using a version of Mastodon that is not completely secure.
@Linux @housepanther @TheAdmin
I do wish that the admin would communicate *something* about why they are so far behind. I have been procrastinating moving servers, but the non-upgrade (and significant performance degradation) is the push that I needed.
Hoping that our conversation and tags can at least get some attention to the matter
Normally, AWS (Amazon Web Services) is fairly reliable. The issue is not likely their hosting provider, and more likely everything to do with how they've been managing things.
If you follow the hashtag #MastodonCloud you will see a lot of other sites were fed up with how that site was managed. You'll note they had basically abandon that site and the other sites they operated (they owned a few) and were using software from years ago.
Linux Is Best
Chris Alemany
cceddie