Follow

Mastodon's security model is broken.
In other news: Water is wet.

@BluRaf in what way? Is there a source to attribute to this?

@ndegruchy tl;dr: Mastodon, when blocking some user on other instance, is trying to "gaslight" the blocked user that blocking user simply does not exist. That requires other instance's software to cooperate by receiving "Block" activity and playing nice.

What happens if you simply block processing "Block" activities? You can normally browse public posts and receive new (in some other ways).

Also, you can still simply browse profile unlogged, like on Twitter.

pleroma.site/notice/9lpIkAgivt

@BluRaf I wouldn't really call this a failure of a security model. This is just how federation works. You ingest what other instances output, and process as you see fit. The individual instances are required to ensure consistency is maintained (blocked people don't show up on your timeline, etc). Nothing here seems out of order...

Sign in to participate in the conversation
Mastodon @ SDF

"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko