nostr:npub1928dk5lxa593deemd405jwfc6my94xrtk0dp9ppcc482dq55gddqmy42ll its not. sorry to burst your bubble

if you asked me I wouldn't even know where to begin. besides focusing on security, the most important thing I did this week was evaluating my position on my CloudFlare alternative to poast for the first time since may. most productive thing I am doing today is moving our invidious to more resilient and unmetered hardware 👾

we won't have downtime sonignroenthe last two sentences thank you friend

nostr:npub1hmpg4eqf45gl65x8wmascsdy27yahe0jd272485f63jj9swavxwsucaqt3 nostr:npub12e2f9ntqu3f49q0wv84pmqv6u587k77ah9gulc8pzhn834dam65s8s56j9 nostr:npub10kjd2jcmz0rz890pd6g82nsn6aq8xqs5psm755qyv6c5nz6w0mjqw25eqd sorry hotep friend, he will be able to post fat anime girls tonight

I dont think there are a lot of changes, but you can reverse migrations to the database using postgresql rollback. the downside to this is it will rollback any new data too

nostr:npub1qeznrn98rtwhdt0kkh0acw5pvkcm54n0ke2ev0fwyavjr79ufwpqjtkasy since you are the only person i remember who actually uses the invidious, it turns out they terminated the server 3-4 days into the month because of bandwidth overages? so I'll move it today

nostr:npub10fas8wpvwjejhhu5f3t7sz97kqvz0ywx0dj7j97yyvz8qhysx9cspdqg2x funny thing about this is the exploit uses json files to escape the current directory

nostr:npub1f7ac9g0lzeajxad3y076hvck3lffx7k875qhw6kzm4rpd70ruwzs6q9ksa we aren't going to be offline. you do not have to worry about this

this fix is in poast but we were not susceptible to this particular exploit. there's an ongoing security assessment going on with poast, so you will probably see a few more of these in the coming days or weeks. if you aren't, consider using rebased instead because it gets much, much faster fixes and will in future

nostr:note1ch09jq7ywc26h8jdprrd3k67ufllqy7fm5t3qd2lxeud9kvtrwnsc7p442

nostr:npub1y6tk68elxfcrz8yx5kf32agav67hwz4rt2ff22f8rl98yxh7uxhsx69wl9 nostr:npub1ux2crkcx39gllak7tj5302uf5u4j4ger5p3eyl56dtv4qr44v97s6d5jws ACK-koma was just as vulnerable and they will be just as vulnerable to anything else we find

nostr:npub19rzrt0kc537x22lyea636us4rh85lr7qetnkg3hyyt7pz0su3fes7v2xdt i dont know man im not the one responsible for it. ask nostr:npub13wtj2jsqv2vkxzyftytg4yxkzvapxtshyavertdnmfyrft0z9mqss5r3xd

you can use his fork of pleroma without actually using soapbox you know. at least then you would have our fixes long before anybody else is worried about them

there has never been a time in poast history where a move has put us down more than an hour. if you can't go an hour you have something wrong in ur brain

nostr:npub1ux2crkcx39gllak7tj5302uf5u4j4ger5p3eyl56dtv4qr44v97s6d5jws i'd like to point out within 1-2 minutes of pointing it out to him there was a fix created and in place in the most populated servers. if it had not been for alex, this wouldn't have been in place nearly immediately

poa.st/@lain@pleroma.soykaf.com/posts/AYNxpvNIMW2lJpu6nw

nostr:npub1ux2crkcx39gllak7tj5302uf5u4j4ger5p3eyl56dtv4qr44v97s6d5jws actually i brought that vulnerability to alex's attention immediately because he's the only one who does any kind of work on pleroma

when you load one remote instance and hold the page down button til it stops? yeah that's a lot of data

not true. you aren't a large instance so it doesn't make sense to you but poast/baest have a handful of people who all they do is use our mediaproxy to scrape other instances porn bots. that actually made up almost 50% of our database usage in sept 2022. one guy on the page down button. never underestimate coomers

me hosting pleroma in a secure fashion to literally anyone

pete rate limits everyone including us