the guy that was attacking me attempted to dox me, so I shut down all non-essential accounts to prevent anything similar happening in the future
yeah that's what I'm using I also pull-requested a user agent anonymisation setting (pleroma.http.user_agent) to make this better
I'm not too bothered about correcting it, just thought it good to note
hey, OP here I'm no longer on keybase, deleted it a few days ago - but I'm more than happy to share what I found if you want pretty sure it's nothing groundbreaking though other contact methods are listed on my profile…
oh, i found out where the leak was it's right at the end of the article - the attacker was abusing the "create a preview card of any posted URL" feature - he'd post a link, wait for pleroma to go and grab the url to…
yep, i had the same thought which is what led me to block all other IPs - it's not the hardest thing to just make an openssl req and get the common names of the certificate returned especially if you know the hosting…
hey, i'm the author of the article really... surprised it got submitted here incidentally i'm running pleroma, not mastodon. minor detail but you know
the guy that was attacking me attempted to dox me, so I shut down all non-essential accounts to prevent anything similar happening in the future
yeah that's what I'm using I also pull-requested a user agent anonymisation setting (pleroma.http.user_agent) to make this better
I'm not too bothered about correcting it, just thought it good to note
hey, OP here I'm no longer on keybase, deleted it a few days ago - but I'm more than happy to share what I found if you want pretty sure it's nothing groundbreaking though other contact methods are listed on my profile…
oh, i found out where the leak was it's right at the end of the article - the attacker was abusing the "create a preview card of any posted URL" feature - he'd post a link, wait for pleroma to go and grab the url to…
yep, i had the same thought which is what led me to block all other IPs - it's not the hardest thing to just make an openssl req and get the common names of the certificate returned especially if you know the hosting…
hey, i'm the author of the article really... surprised it got submitted here incidentally i'm running pleroma, not mastodon. minor detail but you know