nice write up in #TheCrux thanks @daedalus  👏

"​Federated social media software #Mastodon had an impersonation vulnerability that was patched last week. More than half the instance admins patched it in less than 24 hours. I enjoyed the comment from Elliott Wilkes, chief technology officer at Advanced Cyber Defence Systems, saying “there's just not the same investment in security because there's not massive revenue supporting the platform, and each owner of an instance has to perform security management on their own” as I look wistfully in the direction of Microsoft and its massively lucrative portfolio of security binfires."
Bugs were reported by German #pentesting outfit #Cure53 during a #Mozilla-requested audit.
https://www.theregister.com/2024/02/02/critical_vulnerability_in_mastodon_is/ #fediverse #socksup