Bookmarks tagged hacking and atproto

22 Nov www.da.vidbuchanan.co.uk (Archive)
"If you don't live under a rock, you might've heard of Bluesky, a decentralised social microblogging app built on top of the AT Protocol. In early June 2023, I identified a vulnerability in Bluesky's core user identity mechanism, did:plc, which allowed me to modify the identity information associated with any* account. I tested my hypothesis by changing the handle of the official @bsky.app account."