this post was submitted on 04 Jul 2023
108 points (96.6% liked)

Asklemmy

43755 readers
1216 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
mekhos@lemmy.ml
tmpod@lemmy.pt
14specks@lemmy.ml
108
What are the cybersecurity weaknesses of the Fediverse? (waveform.social)
submitted 1 year ago by Scientician@waveform.social to c/asklemmy@lemmy.ml
62 comments fedilink hide all child comments
 

Most of us are Reddit refugees, and probably clicking more random links than we ever did before on websites we've never seen before. This whole experience feels like the old internet, but also throws up insane red flags with a modern internet perspective. What are the cybersecurity weaknesses we should all be looking for, and what are the best practices?

Here's my reason for posting this. As I search for new communities across instances to follow, I sometimes end up clicking a link and I'm no longer logged in. In the corner, that could be a Sign In link or it could be phishing. It's likely due to me not understanding how to properly navigate this system, but there's nothing stopping someone from setting up a sight like this as far as I know.

Thoughts?

you are viewing a single comment's thread
view the rest of the comments
[–] Ziggurat@sh.itjust.works 8 points 1 year ago (2 children)

A big one I see that if you join any instance it's someone else computer. Not different from Meta/Reddit. But the probability that among all the instance there is one imposter who wants to steal your credential is non zero.
As usual don't use the same password everywhere

[–] czarrie@lemmy.world 1 points 1 year ago

Yeah, having big companies run everything was terrible but at least you had like, a team of peeps whose job it was to make sure that the whole company didn't implode due to a breach (because they would at a minimum be out of work or worse never get a job in the field).

[–] stevedidWHAT@lemmy.world 0 points 1 year ago (2 children)

I don’t understand what the point of making more than one account really is if we can view and post to or from any community or instance

[–] anonymoose@lemmy.ca 1 points 1 year ago (1 children)

It's not really required, but does have its uses. For instance, if your instance is down or heavy load, you could log in from another instance. Also, if your home instance has defederated other instances you are interested in, you can log into an alt to view content from it, etc.

[–] Scientician@waveform.social 1 points 1 year ago

If you want to see Beehaw you need a separate account as far as I know since they defederated.

[–] Cethin@lemmy.zip -3 points 1 year ago

They don't mean don't use the same password for other accounts on Lemmy, they mean don't use the same password for other accounts period. Use a password manager or something, and generate a new password for each account. If you use the same one across different services, if one gets hacked they have access to all of them that used the same credentials.