Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
tech.lgbt is one of the many independent Mastodon servers you can use to participate in the fediverse.
We welcome all marginalized identities. This Mastodon instance is generally for folks who are LGBTQIA+ and Allies with an interest in tech work, academics, or technology in general.

Administered by:

Server stats:

2.9K
active users

tech.lgbt: AboutStatusProfiles directoryPrivacy policyTerms of service

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-alpha.4+glitch

Public

I accidentally found another security vulnerability in fdroidserver whilst working on something related to IzzyOnDroid.

We warned them months ago but were ignored *sigh*

"Another fdroidserver AllowedAPKSigningKeys certificate pinning bypass"

openwall.com/lists/oss-securit

www.openwall.comoss-security - Another fdroidserver AllowedAPKSigningKeys certificate pinning bypass
#IzzyOnDroid#Security

@obfusk it boggles my mind how fdroid is so respected and glorified when its just horribly ran and has massive issues they gloss over then patch later on and attack people who criticize them personally but dont respond to the actual points

Jan 03, 2025, 05:35 PM·Public
1boost·3favorites
Explore
About