With so many variations of Lemmy and fediverse instances, are there any defenses against a malicious server running altered code? Is there a way to prove what code is supposed to be running on each instance?
There isn’t. However, Lemmy or other Fediverse applications are no different from any other website in that respect. The main difference is that the bit
One of the most significant dangers of watering hole attacks is that they are executed via legitimate websites that are unable to be easily blacklisted
is not really true in the Fediverse. You could easily block a single infected instance once it is detected that your employees are attacked via malware on that instance.
I don’t think anything particularly interesting will happen except an admin will notice and the slam the unfederate button.
You mean for users of that instance or for other instances?
