With so many variations of Lemmy and fediverse instances, are there any defenses against a malicious server running altered code? Is there a way to prove what code is supposed to be running on each instance?

  • taladar@sh.itjust.works
    link
    fedilink
    arrow-up
    19
    ·
    8 months ago

    There isn’t. However, Lemmy or other Fediverse applications are no different from any other website in that respect. The main difference is that the bit

    One of the most significant dangers of watering hole attacks is that they are executed via legitimate websites that are unable to be easily blacklisted

    is not really true in the Fediverse. You could easily block a single infected instance once it is detected that your employees are attacked via malware on that instance.

      • taladar@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        I am not talking about defederation, just straight blocking of that website in a corporate or similar network if it is used to target your employees which is what watering hole attacks are all about.

        • dislocate_expansion@reddthat.comOPB
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          Yeah, but the average internet users doesn’t understand these concepts. And with the use of “random-lemmy.random” it seems like it might be an easy attack to fall for

    • dislocate_expansion@reddthat.comOPB
      link
      fedilink
      arrow-up
      2
      ·
      8 months ago

      Either or. Would be more nefarious to have users sign up for a malicious instance unknowingly and then federate with non malicious instances

      • Elise@beehaw.org
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        Something to consider would be to compare this to the walled gardens, say Facebook. Is that a malicious ‘instance’?

        And then what is the chance to register on a malicious one in the fediverse?

        • dislocate_expansion@reddthat.comOPB
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          I think the chances are high since the domains are supposed to be novel, compared to Facebook which is a worldwide known domain and chances of impersonating it are slim or would require a client side hack

            • dislocate_expansion@reddthat.comOPB
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              8 months ago

              That’s a different conversation. I’m talking about an adversary who just creates a Lemmy instance and has malicious code embedded in the images, videos and text

              What does that have to do with any corporation? Facebook specifically is already in a lawsuit this last month about installing malicious Root Certificates and performing man in the middle attacks against Amazon and Google, so I’m not sure what you’re asking