top | item 26312446

(no title)

_e21c | 5 years ago

I believe they had to release their source code in order to comply with the AGPL, because they forked off mastodon right? I’m not sure if they decided to go with mastodon as the basis for their codebase in the beginning or if that was a later decision.

discuss

asabjorn|5 years ago

Thats a good point. And because of this they are limited in their mitigation strategies.

busrf|5 years ago

I just looked it up and the history is that they did it so that users could access the site using fediverse clients, because their own clients were getting pulled from app stores.

https://www.theverge.com/2019/7/12/20691957/mastodon-decentr...

ofc there is that whole discussion about whether open sourcing actually affects application security, having your security model assume that attackers already have access to the source code, etc. Not to mention it looks like they did make quite extensive modifications on top of the mastodon code. Some of the code that people have discovered lying around in the gab codebase is really embarrassing.