There have been several VERY NASTY CVEs since I set up matapacos in 2022.
Remote code execution: https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm A.K.A. “Toot Root”
Hijacking user accounts: https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
Among others (there was at least one more really bad one)
someone smarter than me has the chance to do something extremely funny
deleted by creator
I would be hilarious if someone hijacked Trump’s account using that vuln
I want to go on record that if Trump suddenly says “I AM YOUR LORD AND SAVIOR OUR BIG WET BOY!” - I had nothing to do with it.
It would be a shame if… you know the thing.
haha jk fbi haha
gaining a web shell on truth.social and using it to run a minecraft server
We’re gonna build a big beautiful realm and make the Cheeto pay for it
I meant it would be a shame if Biden used the computer. Because he’s old and you know the thing. I don’t want to say it because it could be misconstrued.
I was gonna say, there are probably some spicy remote code execution bugs still alive in there.
This is gonna be another Gab lmao
Gab also is just a de-branded Mastodon fork.
Thank you for maintaining that instance btw
you run matapacos? I’ve been meaning to join, but haven’t bc of the email address requirement. Is there a way around that?
You can just use a disposable email address like I did for my account
Yeah. Email is baked into the software so a throwaway is needed for technical reasons, but only for registration and password recovery. I don’t have any e-mail services blocked. You are encouraged to use a throwaway e-mail service unless you want password recovery and (optional) email notifications to work.
Recently we added manual account activation due to a spam wave. You don’t have to write an essay outlining your ideological beliefs or anything. It is strictly an anti-bot measure.
This seems to have been known since Oct. 2021: Mastodon’s Founder Says Trump’s New Social Network Is Just Mastodon
Weren’t they also forced to admit that and/or publish their code because of a potential GPL conflict?
yeah, they published their code, but in an inconvenient manner. They also updated it once every few months (and then stopped after a year).
It’s hilarious that they haven’t gone after his IPO. He has an outdated mastodon clone with 1m active monthly “users”, $3.4m in 2023 revenue, and $49m in 2023 expenses. That’s such a shitty penny stock of a company and yet he made
$5B$3B from that.Holy shit that’s a good grift, I had no idea
“A fool and their money are soon parted.”
-Dr. John Bridges
“There are a disproportionately large number of fools in the Trump-supporting population.”
- MeetInPotatoes
Trump made 5 BILLION off Truth Social??
Correction: https://twitter.com/NYDailyNews/status/1772686796817666098
The soaring stock price, which climbed by more than 30% Monday, would value the company at more than $5 billion, which could give Trump an eye-popping personal windfall of about $3 billion for the 79 million shares he owns.
The former president is barred from selling the shares for six months, although the company could tweak those restrictions.
The board is stacked by him so they’ll likely approve an early sale for $3B± whatever the stock price reaches by then, at which point it will probably be a pump and dump.
Yeah he’s got a deal going where they IPO it and fleece the hogs and he gets a big pile of stock. It’s what he should have done with that dumb casino company he put together back in the 90s, but he just used that to offload his bad debts instead, while having it pay him for his own jet travel and stuff like that to make a few million here and there on the side.
it’s hilarious that they haven’t gone after his IPO.
Billionaires can do what they want
Yeah Trump started it when The_Donald was banned from reddit. He named it after the podcast.
Some clever entrepreneurial software types could definitely have fun with this
Sure, why not? I can’t think of a reason for it not to be that.
Is this a bounty program?
Taking $1,000 per shilly tweet ;)
deleted by creator
