🌺 Revya Centauros 🌸 @Xkeeper@icosahedron.website

📌 pinned toot 📌

hi. i'm 🌸xkeeper🌸 (aka "x" / "revya"). i'm ... me. i make a lot of bad jokes, so be ready for that if you follow me

i run https://jul.rustedlogic.net , a cool forum you should definitely join

i am on a lot of other places on the ~fediverse~

main: 📍 you're here!
lewd: @X
programs: @Xkeeper

headmate: @Knives
headspace misc.: @beach_haus

love 2 get banned from my own website for the crime of using hexadecimal numbers in my url

mod_security blows. hopefully dreamhost's timeout is still an hour like i remember or this is gonna suck

it would be nice if there weren't horrible people so we didn't have to worry about this sort of thing. that's my thought.

with a centralized system like twitter, you don't have this problem as much; you can still scrape timelines, sure, but you can't totally pretend to be someone else barring goofy tricks with handles and avatars, and there's no concept of "private post but unlocked account" (so you can't just follow and magically see things that are otherwise hidden) ... hmm

i would say there's a decent amount of value in "black hat thinking" like this; trying to figure out how one would attack people (without necessarily doing it) and the potential effects of such

you can't really stop this kind of attack outside of doing e.g. awoo space's whitelisted federation, and even then i don't know if that blocks /anything/ or just the "federated" timeline(s)

depending on how much the system trusts the results from an api, you can make a follower bot that pretends to be a human, has several posts of "recent" activity (could just be faked), fooling people into allowing it to follow them and/or approving following requests ...

it's interesting to think about

idk. still weird to think that, while open source / federation is cool and all, all it takes is one rogue node and all your public shit (or even private stuff, in some cases) could be out there in the open, and there's not much you or anyone can do until it's too late

mastodon should probably have a 'defcon' mode where all of your posts are temporarily set to 'locked' and/or "deletion" of them is federated out. destructive, but could be useful in some cases

i am super ultra tired today and mostly want to do a sleep

someone please take the computer away from me

in a public forum like this, with no ability to separate things into different conversations or threads, no content is too important for a cw.

just do it.

(note that this does not mean everything /needs/ one, just that "too important" is no excuse.)

lol another person who had their code lifted w/o attribution
https://twitter.com/vahnj/status/1012439493515796480

lmao i wonder what caused this

🔽
🗑