Flipboard<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@nivenly" class="u-url mention">@<span>nivenly</span></a></span>, an organization that supports open-source services and projects, has launched the Fediverse Security Fund. This member-supported program will pay people who identify and fix security vulnerabilities that might affect fediverse services and apps. “Part of the program is…education for project leads, helping them understand why responsible disclosure practices for security vulnerabilities are important,” open source contributor <span class="h-card" translate="no"><a href="https://hachyderm.io/@thisismissem" class="u-url mention">@<span>thisismissem</span></a></span> told <span class="h-card" translate="no"><a href="https://mastodon.social/@Sarahp" class="u-url mention">@<span>Sarahp</span></a></span>. Here's her story for <span class="h-card" translate="no"><a href="https://mstdn.social/@TechCrunch" class="u-url mention">@<span>TechCrunch</span></a></span> </p><p><a href="https://flip.it/B-cWKk" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">flip.it/B-cWKk</span><span class="invisible"></span></a></p><p><a href="https://flipboard.social/tags/Fediverse" class="mention hashtag" rel="tag">#<span>Fediverse</span></a> <a href="https://flipboard.social/tags/OpenSource" class="mention hashtag" rel="tag">#<span>OpenSource</span></a> <a href="https://flipboard.social/tags/OpenSocialWeb" class="mention hashtag" rel="tag">#<span>OpenSocialWeb</span></a> <a href="https://flipboard.social/tags/NivenlyFoundation" class="mention hashtag" rel="tag">#<span>NivenlyFoundation</span></a> <a href="https://flipboard.social/tags/FediverseSecurityFund" class="mention hashtag" rel="tag">#<span>FediverseSecurityFund</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
flipboard.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Welcome to Flipboard on Mastodon. A place for our community of curators and enthusiasts to inform and inspire each other.
If you'd like to join please request an invitation via the sign-up page.
Administered by:
Server stats:
1.2Kactive users
flipboard.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#fediversesecurityfund
0 posts · 0 participants · 0 posts today
Emelia 👸🏻<p>This is a program that I've been championing within <span class="h-card" translate="no"><a href="https://hachyderm.io/@nivenly" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nivenly</span></a></span> over the past year, after we noticed that security vulnerabilities weren't being disclosed responsibly, and not enough research was going into the security of Fediverse software.</p><p>You might remember my Pixelfed vulnerability from last year, where OAuth scopes weren't checked allowing for privilege escalation via the API (CVE-2024-25108), that was our very first test-case of this program. </p><p>I'm incredibly proud to be involved in launching the Fediverse Security Fund from Nivenly Foundation (a 501(c)4 not-for-profit cooperative)</p><p><a href="https://hachyderm.io/tags/fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fediverse</span></a> <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://hachyderm.io/tags/nivenly" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nivenly</span></a> <a href="https://hachyderm.io/tags/FediverseSecurityFund" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FediverseSecurityFund</span></a></p><p>RE: <a href="https://hachyderm.io/@nivenly/114268491892140498" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hachyderm.io/@nivenly/11426849</span><span class="invisible">1892140498</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload