Hacker Neue

Preferences
closewith parent
No, it really means nothing. Identity on the internet is not a solved problem.
pferde
You are wrong.

It means that whoever owns the website marked as verified also owns the social account. See https://joinmastodon.org/verification for a quick overview of how it works.

closewith OP
No, it means a certain link exists on the website. On Hacker News of all sites, I would think we should all know that's not sufficient evidence of identity for an update regarding the source of critical software like a terminal.
viraptor
Nobody claimed it validates the identity in any way. It validates that the person at the other website confirms it's their social account and the social account matches the other direction. The real identity is not involved here in any way and never was. You're disagreeing with someone nobody here raises.

But the link validation confirms that if you believed that the original download site belongs to the author, then you would have almost the same guarantee about the social account. (+/- the chances of the putty website being hacked)

closewith OP
Yes, your caveat at the end there is exactly why this method shouldn't be trusted, as it's indistinguishable from an attacker with access to embed a single link.

So it doesn't confirm the account belongs to the author, it confirms the site has a specific link and nothing more.

Ukv
A regular link won't do, since it requires the rel="me" attribute, which is intended for this purpose: https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/...

Adding a <meta> tag or creating a page with certain content are already used even for more impactful verification, like getting issued a certificate for that domain.

If an attacker does have broad access to edit the HTML of your website, I feel that's already the issue and Mastodon verifying that "this person controls this website" isn't even really wrong.

6 More Comments →
account42
If A is saying "I'm also B" an B is saying "I'm also A" then you for most purposes you can trust that A and B are the same person, no?

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal