Does the fediverse have defense against watering hole attacks?
en.wikipedia.org
With so many variations of Lemmy and fediverse instances, are there any defenses against a malicious server running altered code? Is there a way to prove what code is supposed to be running on each instance?
You are viewing a single comment
Either or. Would be more nefarious to have users sign up for a malicious instance unknowingly and then federate with non malicious instances
Something to consider would be to compare this to the walled gardens, say Facebook. Is that a malicious 'instance'?
And then what is the chance to register on a malicious one in the fediverse?
I think the chances are high since the domains are supposed to be novel, compared to Facebook which is a worldwide known domain and chances of impersonating it are slim or would require a client side hack