title: February 16th, 2024 date: 2024-02-16, 17:45:38 -08:00 section: journal link: https://arcanican.is/excerpts/cve-2024-23832/discovery.htm tags:

• opensource
• Mastodon
• security

Great read about the recent Mastodon CVE (which could allow taking over and forging content for remote accounts).

I’m quoting a bit here about open source:

how people seem to only care for the 'gratis' of free software, and seldom the 'libre', and millions of users leaning on the work of primarily a couple developers, assuming they have the attentiveness to catch every mistake themselves alone

There aren’t enough funded people - both teams and individuals - working on Fediverse software, and both the users and the admins seem averse to paying for it.