this post was submitted on 10 Jul 2023
169 points (100.0% liked)
Beehaw Support
2794 readers
1 users here now
Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.
A brief FAQ for lurkers and new users can be found here.
Our September 2024 financial update is here.
For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You are already defederated from them...
Read the post again. It was specifically mentioning viewing lemmy.world communities, which is not possible through beehaw.org due to defederation. All you would see is the content before defederation.
Not possible with a beehaw account. But we know many of us may have accounts elsewhere.
It's also possible that Beehaw's instance is vulnerable to the same XSS attack.
No user data like credentials gets transfered. Everything between instances is done with bot like helpers that do the data transfers.
That would require your device to get hacked, not just the server.
As for privacy... there is really little of that on Lemmy or the fediverse as a whole.
Why would a "foreign" instance need to know my credentials from my local instance just to allow me to browse that foreign instance?
Ah, didn't realize they were already defederated. Still, admins should be on the lookout for an attack on Beehaw.
But I'm not. I'm federated with both Beehaw and lemmy.world.
The post was posted in [email protected] by
beehaw.org
user.People have multiple accounts - maybe even specifically to view .world, or on .world, and this PSA is what made them think twice before switching to it. I mean, you’re here reading and commenting on this post, and you’re not a beehaw.org user. But you could also have a beehaw account if you wanted. If you did, maybe you’d have been on it browsing local when you saw this.
Not sure why this post is a problem. It’s a good PSA.
It's not a bad post. It's a multi-part post and I only responted to part of it. And it was informative too https://beehaw.org/comment/628677
Well I'm seeing it from my instance.
Main concern would be for people browsing lemmy.world in another tab while logged into beehaw. It could potentially steal your Beehaw session cookie even if not logged into lemmy.world.