You react to choices the specific way you do because of experiences you've had previously.
Reverse time without changing anything, you'll always make the same choices because you're having the same thoughts each time every time, because you've been conditioned the way you are.
The universe doesn't "know" where it's going, but the plan is already in action. You can choose whatever you want to do, but if you were the same person in the same circumstance, you would and will always make the same decision.
Both of them identify users by URL, there is no numeric ID, UUID, or public key.
Using IDs or UUIDs would not be secure since the imposter could just copy the ID from the previous user as well as the username and domain name.
Verifying identity would necessitate the user having a public key as their unique identifier, and federated servers performing a challenge-response that requires the user to have the corresponding private key for that public key.
In conclusion, it certainly seems like you could take over someone else's domain name, and I suspect that public key cryptography is the only way to avoid this.
(edited to add: expired domains aren't the only attack surface here, domain takeover is also a thing, either by transferring the domain or simply changing the DNS records.)
A lot of interesting perceptions on the upvote system here.
It's another form of user moderation. Is the content relevant to the community you're in? Upvote it. Did it help you? Was it a thought-provoking comment chain? Upvote it, it might help others!
Is is irrelevant, such as a dog photo in a cat community for example? Downvote it! Rude comment or flamewar? Downvote it! If you still want to see it, now it's easily sorted at the bottom. :)
A lot of areas of this site, such as the comment section here, can be organized by these votes for your convenience and sanity. You can also identify potentially malicious links/suggestions based off the like/dislike ratio on a comment. A helpful tip is to hover over the number beside a comments time-stamp near the top of a comment. It'll display the full ratio!
The idea is to gauge community interest/relevance and facilitate content discovery. I feel it is becoming a bit dated method of accomplishing this and easily gamed.
Dated, but has anyone come up with a better way? Outside of having another human carefully curate your shit, or some kind of Zuckerbot doing it, you need some way to filter out bullshit or any community will be overwhelmed with spam and trolls
You're right, there is only up/down vote systems with a user base that is in no way verified or otherwise restricted to a single vote/real person, or corporate algos.
There are plenty of different models. Do I fault the Lemmy devs for using it? No. Is it ideal for content discovery? Not really.
No need for sarcasm -- I was ASKING if there were other ways outside of up/downvotes, AI moderation, manual/human curation, or no moderation. Hence question mark.
Clumsy Vision. You shoot rays out of your eyes that make the person mildly clumsy for a few minutes. Not like Slapstick Comedy levels of clumsiness, but just like tripping over their shoelaces or looking back and running into a pole clumsy.
You've won a few battles (like that time the purse thief mistook you for an A lister superhero, ran away, tripped over their own feet, and twisted their ankle), but you're mostly useful for anything other than occasionally stopping petty criminal behavior.
I don't think you have to worry about that since user's data should be stored on the instance they registered on, which means that data should only be stored on those servers (I don't think that kind of data would be federated, correct me if I'm wrong).
So unless someone were to restart those servers with the same domain name and the data intact, it shouldn't happen.
The new domain owner — if they set up an ActivityPub server instance (e.g. a Lemmy) and got a list of the old user's post URLs — might be able to delete or edit the old user's posts stored on other instances. That is a vulnerability, albeit a small one.
If the old user was still listed as a moderator of communities hosted on other instances, the new domain owner might be able to take over that moderator role.
One way to fix this would be for instances to issue a public-key cryptographic identity to each user, and distribute users' public keys to other instances. Then activities purporting to be from that user would need to be signed by that user's private key.
Users' private keys would stay local to their home instance, so users don't have to do any key management themselves.
This would mean that if an instance goes away (and its key material is destroyed) then nobody can ever act as any of those users again. A new user created with the same username and domain would be a distinct user for all other instances too.
Kbin and Lemmy and Mastadon (and others) can all federate with each other, so posts and comments are all shared. They all speak the same underlying protocol -- ActivityPub.
asklemmy
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.