Trusting Trust in the Fediverse
A very long blog post about the various "safety and privacy" features that got added over the years to ActivityPub and how useless they can be in the eyes of users unaware of the inner workings.
There's nothing really new I talk about, but it is a long explanation of my reasoning behind why I don't take "features" such as signed fetches and interaction consent seriously. What can be considered "new" to most, is the last section of bypassing signed fetch enforcement without impersonation, which I talked about probably twice over the years.
https://evilmaid.net/blog/trusting-trust-fediverse/index.html
(If there are styling issue, tell me. I've written the CSS from scratch, and I suck at it.)
A very long blog post about the various "safety and privacy" features that got added over the years to ActivityPub and how useless they can be in the eyes of users unaware of the inner workings.
There's nothing really new I talk about, but it is a long explanation of my reasoning behind why I don't take "features" such as signed fetches and interaction consent seriously. What can be considered "new" to most, is the last section of bypassing signed fetch enforcement without impersonation, which I talked about probably twice over the years.
https://evilmaid.net/blog/trusting-trust-fediverse/index.html
(If there are styling issue, tell me. I've written the CSS from scratch, and I suck at it.)