Collin ✅ @Collinrm@mastodon.social

best issue so far: https://github.com/tootsuite/mastodon/issues/1002

cc @Mastodon

Mastodon's federation introduces UX challenges.

One that worries me a lot is about message forgery. Anyone can forge a twoot, even cross-server.

Whereas Twitter Inc might be trustworthy enough to not forge transcripts. Anyone can run a Mastodon server and might want to abuse it to influence people (see Russian troll campaigns).

Should Mastodon "home servers" cryptographically sign updates? Should there be end-to-end signatures? Anyone has thoughts on this?

So, we are currently invading mastodon.social on two fronts - French social media, and the migration of #infosec from twitter :P

We should probably make @Gargron 's life easier and help the guy out; https://www.patreon.com/user?u=619786

Please boost! (it's the new RT, right?)

https://googleprojectzero.blogspot.ch/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html - fantastic work by Gal Beniamini.

41,703 accounts
+10,363 in the last day
+18,739 in the last week

Looks like in Amarok for iOS search for users on federation domains not working [yet].
Workaround:
So you may mention the person in your message like (remove+) :
@+name+@+instance
And afterwards click on newly resolved user and follow her.

So, about this Mastodon thing (still learning):
- mastodon.social is to Mastodon what gmail.com is to email,
- like in email @usernames are only unique within a given server,
- MAXLEN=500 here,
- RTFM: https://github.com/tootsuite/mastodon/tree/master/docs
- enough people already asked about end-to-end encrypted DMs. There are no.
- no one asked about e2e signed toots though yet?
- if you believe you're trustworthy enough, consider using the ✅ character to let others know they can trust you.

LIEF - Library to Instrument Executable Formats
A new Quarkslab blogpost to announce the release of LIEF as free software \o/
http://blog.quarkslab.com/lief-library-to-instrument-executable-formats.html https://mastodon.social/media/s6qGHpzmY_3X8j-GHP8