Follow
fuchsiaaaaaaaaaaaaaaaaa
@forteller@octodon.social @thibaultamartin Let me find the writeup for that, it wasn't "hacked" per se, and an error in code specific to the french deployment
@forteller@octodon.social @thibaultamartin Let me find the writeup for that, it wasn't "hacked" per se, and an error in code specific to the french deployment
@forteller@octodon.social @thibaultamartin the details are on https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2
It allowed someone to sign up on an instance that was set to only allow sign-ups from specific email-addresses. It did not give access to any existing accounts or communications.
as a sidenote, the Ars Technica article about this has some factual errors, the matrix.org tweet linked refers to a different incident, which was unrelated to Matrix/Synapse