See Here, Here and Here for information about the current situation and the exploits being used.

— UPDATE

Lemm.ee Admin @sunarus responded Here, TLDR is that Lemm.ee isn’t vulnerable, would advise reading the message if you’re still concerned.

  • sunaurus@lemm.eeM
    link
    fedilink
    arrow-up
    84
    ·
    edit-2
    1 year ago

    Hey folks! I have spent this morning helping lemmy.world mitigate the issue. I have also sent out mitigation instructions to other admins as well.

    For the particular exploit that was used on lemmy.world:

    1. It does not spread through federation
    2. lemm.ee was not vulnerable in the first place
    3. As mentioned above, it has already been mitigated on lemmy.world

    So there should not be any reason to defederate. I will continue monitoring and investigating, if further vulnerabilities pop up then I will adjust accordingly.

    • eee@lemm.ee
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      Thank you for being a valuable resource for the lemmyverse as a whole!

    • aCosmicWave@lemm.ee
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      You rock! Sorry if this is a stupid question, but if both instances are running the same version of Lemmy, why would lemmy.world be affected but not lemm.ee?

      • TWeaK@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        It should be said that the version number is more of an indication than anything specific. I don’t think it would be hard for an instance to spoof its version number.

        Also, lemm.ee in particular has a few mods and tricks that might not be in the lemmy codebase yet - @sunaurus@lemm.ee has previously included new code he has pushed to the main stack before it has been accepted. This allowed us to have working versions of things before other instances.

        Point being, two instances with the same version can have different code and implementations.

    • Deez@lemm.ee
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Perfect! Thanks for all of your work to keep the Fediverse functioning. We appreciate you!

    • Navarian@lemm.eeOP
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      Appreciate the response and explanation, I have ammended post and title to reflect that.

    • kobra@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Thinking about things in the future, if something were to happen to lemm.ee, how could users stay up to date with you and the other admins? do you have a mastodon account to follow or maybe matrix? for things like maintenance, emergencies, etc.

      • sunaurus@lemm.eeM
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        I’m thinking about doing some emergency updates on a Discord server - it seems like a huge amount of users have Discord anyway, so it might be the most convenient way. I’ll probably make a post about it soon!

  • Deez@lemm.ee
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    I don’t know enough to agree/disagree, but upvoted for raising the point, and to give it attention.

  • zoe@lemm.ee
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    1 year ago

    this instance is really reliable. there is no shaking it! really glad to be here.

  • eee@lemm.ee
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    How would a compromised instance affect us? The worst they can do is send spam posts.

    • ugh@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      They’re posting links that redirect to NSFW sites, and possibly Not Safe For Your Browser sites, as well. There could be phising links sent out next.

    • Navarian@lemm.eeOP
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Indeed though it’s still a bit up in the air who exactly has control of the instances, so they may come back online still compromised.

    • ugh@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      .world has already been down, back up, and down again. It might be smart until everything is resolved.

  • ugh@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I agree. The NSFW instance already did this. We don’t know the full extent of the breech or when it will end. .world already reopened once while still compromised.

    I think defederation until we get an all clear from the admins of those instances would be a good measure to protect our users.