QuentinCallaghanA to Technology@lemmy.ml · 4 years agoGab data breach may include 70GB of data on 15,000 users | Engadgetarchive.isexternal-linkmessage-square14fedilinkarrow-up135arrow-down10
arrow-up135arrow-down1external-linkGab data breach may include 70GB of data on 15,000 users | Engadgetarchive.isQuentinCallaghanA to Technology@lemmy.ml · 4 years agomessage-square14fedilink
minus-squareTheConquestOfBed@lemmy.mllinkfedilinkarrow-up2·4 years agoDoes this also apply to postgresql? That’s the default recommended for vanilla masto.
minus-squareEphera@lemmy.mllinkfedilinkarrow-up5·4 years agoThere’s basically no details on the SQL injection attack, so it’s hard to tell. SQL injection attacks in general can occur independent of the database, but yeah, we don’t even know if it even applies to Mastodon.
minus-squareMiscreantMuse@lemmy.mllinkfedilinkarrow-up5·4 years agoFWIW, some of the people involved have suggested that Gab introduced vulnerabilities while modifying the Mastodon code. See here.
minus-squareWynnstan@lemmy.mllinkfedilinkarrow-up4·4 years agoArstechnica has some more details. https://arstechnica.com/gadgets/2021/03/rookie-coding-mistake-prior-to-gab-hack-came-from-sites-cto/
minus-squareEphera@lemmy.mllinkfedilinkarrow-up2·4 years agoOh boy, that’s a lot of hand-written SQL, and they even just commented out the old code.
Does this also apply to postgresql? That’s the default recommended for vanilla masto.
There’s basically no details on the SQL injection attack, so it’s hard to tell. SQL injection attacks in general can occur independent of the database, but yeah, we don’t even know if it even applies to Mastodon.
FWIW, some of the people involved have suggested that Gab introduced vulnerabilities while modifying the Mastodon code.
See here.
Arstechnica has some more details. https://arstechnica.com/gadgets/2021/03/rookie-coding-mistake-prior-to-gab-hack-came-from-sites-cto/
Oh boy, that’s a lot of hand-written SQL, and they even just commented out the old code.
No idea, sorry.