Asklemmy

44279 readers

1111 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

Can you steal a user's identity if you gain their old domain name? (self.asklemmy)

submitted 2 years ago by maggoats to c/[email protected]

28 comments fedilink hide all child comments

Just a random thought experiment. Let's say I have my account on a lemmy instance: [email protected]. One day I decide to stop paying for the domain and move to [email protected], and someone else gains it and also starts up a lemmy instance.

If they make their own [email protected], how do federated instances distinguish who's who?

Have I misunderstood the role of domain names in this?

you are viewing a single comment's thread
view the rest of the comments

[–] Setarkus 4 points 2 years ago (20 children)

I don't think you have to worry about that since user's data should be stored on the instance they registered on, which means that data should only be stored on those servers (I don't think that kind of data would be federated, correct me if I'm wrong).
So unless someone were to restart those servers with the same domain name and the data intact, it shouldn't happen.

[–] fubo 16 points 2 years ago* (last edited 2 years ago) (19 children)

I've only read the ActivityPub spec; I haven't read the Lemmy code.

With that in mind, my impression is —

The new domain owner — if they set up an ActivityPub server instance (e.g. a Lemmy) and got a list of the old user's post URLs — might be able to delete or edit the old user's posts stored on other instances. That is a vulnerability, albeit a small one.

If the old user was still listed as a moderator of communities hosted on other instances, the new domain owner might be able to take over that moderator role.

One way to fix this would be for instances to issue a public-key cryptographic identity to each user, and distribute users' public keys to other instances. Then activities purporting to be from that user would need to be signed by that user's private key.

Users' private keys would stay local to their home instance, so users don't have to do any key management themselves.

This would mean that if an instance goes away (and its key material is destroyed) then nobody can ever act as any of those users again. A new user created with the same username and domain would be a distinct user for all other instances too.

[–] trachemys 3 points 2 years ago (1 children)

But does ActivityPub actually have public keys? That would need to be in the protocol I think.

[–] fubo 2 points 2 years ago

It would need to be added, but the protocol is extensible ... and in less obnoxious ways than applying PGP to email.

load more comments (17 replies)