Kbin's UI is just better. I realize both can be customized, but I'd prefer not to mess around with any of that yet. Plus I know people on mastadon, so that sealed it for me.
but that’s not the fault of the UI, that’s the fault of the server and/or operator for allowing something like that to be even theoretically possible in the first place.
This is why you place UIs on separate domains from the servers, and always treat user input like it’s radioactive AND toxic.
The custom emoji’s was a developed feature of Lemmy pushed out in their UI code. Even the project mainters instance was affected. Its why 0.18.2 was released.
Thats not on server/infra operators. It was a vuln in the core UI code. Some operators DID patch it themselves (i think Beehaw is one), others were less affected (ie: My instance is closed and i dont use custom emjis anyhow), but those are features introduced by the maintainers and some of the bigger instances would get requests for them anyhow. So it was a problem.
but the fundamental vulnerability is not in the UI, by that logic you could just run your own UI and get into servers without issue, the vulnerability is always in either the server software or in the specific deployment.
Kbin has a way better UI, but it needs better servers and having apps for Lemmy like liftoff makes me wait to get something similar before switching back to kbin.
I have a kbin account which I switch to everytime lemmy.world goes down and the only real advantages I see are the better UI and the integrated microblog thing. It’s basically Lemmy and Mastodon wrapped up in a single piece of software.
Add comment