Infinite growth is not a good thing, numbers rise and fall just let it do it’s own thing. That being said, maybe if the Lemmy instances would stop defederating like children snatching toys from one another at a daycare it would get more engagement.
Read the comments thread of ANY of the “we defederated from” posts and it’s always the same “They were annoying tankies” shit. It isn’t a matter of abusive users, they have tools for that. They just want to allow fash shit to fester unopposed by the people capable of disarming it.
Just look at any instance that has hexbear and lemmygrad blocked. Their culture is already starting to decay into becoming reddit nazi bars.
I’m here because reddit is fuck and my favorite reddit app converted to Lemmy, and I’m certain that was a bigger reason for lemmy’s popularity growth than instances ever was
No it got popular because Reddit pissed a lot of people off temporarily. The only thing segregated instances does is confuse and upset the average person. Hell I host like 10 different alternative open source front ends for various websites and I fucking hate Lemmy instances. It makes Discovery new content unbelievably tedious.
What if I just want to browse communities? I can only do that on a per instant spaces, I have to go to that instance go to its communities tabs to browse and then if I find something I want I have to take its address and then go back to my own instance so I can subscribe to it with my account. That pisses me off and makes me not want to bother with it let alone the average user.
The sad state of reality is that centralized systems will always eventually get turned into corporate greed money machines but decentralized instances are by their very nature just shit and hard to work with and no one wants to put up with them.
Agreed, it was a steep learning curve just to even figure out how to use it. The concept of Lemmy is amazing but like you said, finding content is very unintuitive.
I think if there was some kind of database or reference for instances and the communities they have, it would be way easier to find what you’re into. Somebody way smarter than me should look into that ;)
If it wasn’t for instances, lemmy would just be lemmy.ml, filled with tankies, and unable to handle more than 10K people. You would never have joined.
The reddit exodus only caused people to leave reddit, not join lemmy. There have been dozens of reddit alternatives over the years and many of them were around at the time of the reddit exodus. Why do you think they all failed?
That sentence makes no sense. That’s like saying “this ‘website’-shit isn’t helping the internet grow tbh.”
Instances are Lemmy. They’re all seperate platforms that just so happen to share stuff and use mostly the same code. It’s just people hosting their own social media sites.
The main reason lemmy isn’t growing is because of the userbase. Alot of the things I say are opinions. But this is just a fact the userbase is incredibly toxic. Especially folk from lemmygrad and prehaps lemmyml lemmyworld instances as well. A good marjority of 4channers are less toxic than a good chunk of lemmy users I would say
I often wonder about this. Does capitalism impose so much emotional freight that it makes coding intimidating? Does having it attached to ideas about working hard and getting a job drain the fun out of it?
I’m beginning to think that I would actually get more coding done if I abandoned it as a career path.
I was happy running my own successful website - did full stack, had a visual designer but I did everything technical from maintaining the webserver to the database to all the html, css, sql, python, PHP and JavaScript… but in retrospect it was a ridiculous amount of work for what I got paid, compared to what most people make for a tech job. I got burnt out and went back to an art career, but that wasn’t very profitable or easy. At this point I wish I maintained my tech skills but fuck, being an electrician or something would probably be way more lucrative and not more difficult.
Probably. I hate coding now. I abandoned all my passion projects and can hardly even play video games now. I’m so sick of sitting in front of a computer all day every day.
Makes sense. When I was starting up, you couldn’t keep me from it. I just hacked for the joy of making things and seeing what would happen. But now it’s all tied up in work, performance, marketability, ROI, etc.
Even when I think about doing some hobby video game dev, there’s a voice at the back of my head telling me it would be more profitable to brush up on OpenTofu or whatever.
Whenever I meet another web dev, they either have a job as a web dev, they’re looking for a job as a web dev, or they’re trying to create a startup. There are no hobbyists.
I actually know one web dev (experienced, front-end) who has two kids and is transitioning to driving truck after getting laid off earlier in the year.
He’s got his straight-body license, and is working up to tractor-trailer. He just fixes things under the table and drives around, plows snow, etc. I’ve never seen him happier.
I understand that antivirus software is necessary on Windows, but I’ll never understand the existence of Windows Defender. If Microsoft knows enough to prevent a virus that exploits something in windows, why are they putting their effort into an antivirus program, and not fixing ththe problem in Windows? If someone has a good explanation for this, I’d love to hear it.
Because… They are? Whenever there is a problem in Windows itself, they release an update to fix that ASAP.
Defender doesn’t just work against viruses that exploit weaknesses in Windows. It also works against viruses in programs the user installs. The purpose of Defender is the same as any other antivirus software, to detect known virus signatures in downloaded software, as well as attempt to detect programs that display virus-like behaviour. It also attempts to ensure that users only install software from sources they trust. For these purposes, Windows Defender is at least as good as most other antivirus software on the market.
I would also generally recommend using an antivirus program on a Linux/OSX machine, unless you really know the risk you’re accepting by not using one. Even then, I recommend occasionally running ClamAV or a Malwarebytes scan. There is a misconception of “there are no viruses for non-Windows platforms”, but the thing is that a lot of viruses these days are cross-platform compatible, and all it takes is one program or dependency becoming an infection vector. Keep yourselves safe, people!
The only caveat I’ll add is that because of the way package managers work in Linux, it’s much less likely someone will be running something from an untrusted source. It’s less true these days with snap and flatpak but those are at least sandboxed.
It’s not that common these days for Linux users to be downloading random binaries and running them.
I never got where the misconception of “*nix doesn’t have malware” came from. Maybe from the 2k era where “malware” was anything that was slowing down your PC (I also don’t get why a malware would slow down your PC, unless it’s a ransomware)?
I remember the c99.php shell from way back which is an amazing example of cross-platform (PHP can run anywhere) “virus” and it was considered a golden standard (2010 era?)
There’s also the kind of malware that uses your PC to mine crypto without you knowing. And especially back in the day there were plenty of trolls just infecting computers with malware to slow them down for fun. And since malware is just software, it’s all gonna be made differently so there probably plenty that just has bad code.
All OSes have vulnerabilities, and the thing is MS Defender is a working solution that prevents many attacks. Microsoft also has to provide some nominal support to enterprise apps that are 30 years old, because that’s a significant amount of what keeps them in business. Patching actual root causes would often mean changing the way things work at a fundamental level in the OS, and would break apps for a lot of their users. This could create a big problem for a lot of people.
Don’t worry about it too much, this meme is just garbage and basically everything it asserts is wrong or inaccurate. The other person who replied to you was just being a condescending smuglord because you asked reasonable questions instead of participating in the “Windows Bad” circlejerk.
ok so let’s start with the exploits. Exploit is a bug (problem) in a piece of software that when… umm… “abused” (well the word is just exploited) it allows you to do stuff that you shouldn’t. An exploit could be live from your browser to the program you use to zip files. The top 2 reasons to use an exploit is to either get initial foothold on a machine (e.g. an exploit in a browser that would allow an attacker to execute arbitrary code when you visit their page or an exploit in winrar that when you open a zip file executes code)
From the attackers perspective, you got in, nice. Mind you you got in through means that have nothing to do with windows (and that’s true most times, especially on desktops). but now? what?
You hacked into the machine for a reason! You might wanna grab the browser cookies (giving you direct access to the accounts that the victim is logged into), grab some files, screenshots, passwords
That’s where the AV kicks in. After the initial exploit the malware behaves like a normal program. But not completely. Assuming that the AV hasn’t seen the same exact malware before (which would an insta kick ban) it’s going to see a random process accessing files in chrome’s directory. HUH. ISNT THAT SOMETHING. quarantined.
Wanna start listening to each and every keystroke? quarantined
Meanwhile the way that the exe ended up in your system was not through an installer, you don’t provide an uninstaller and it was downloaded from www.xXxveryNicEsiteyou.got. HUUUUUUUH
the whole process is a bit simplified of course, but it captures the general idea
So why does linux not have an AV? FUCK IF I KNOW! It would be very, VERY useful. Writing malware that bypasses AV is an art of its own. Can be done for sure, but it’s an extra step and it’s not fun
background: used to get paid to do shit like that (legally, pentest) and it’s a fun hobby (writing code around it, not hacking people)
I’ve never even considered ClamAV. I have the idea that it’s just a malware signature DB (changing the signature of a binary is almost as simple as recompiling it with a bit different variables)
Am I incorrect? does it have heruistics/active scanning?
It is pretty exclusively a file scanner, but that, combined with Linux’s privilege separation, any decent firewall and not willfully executing untrusted files is enough for most cases, I would say.
what kind of privilege separation? you’re talking about containers/namespaces?
cause as it is linux desktop has 1 unprivileged user and that’s it. from an attackers perspective privilege escalation is irrelevant - you have access to the screen, keyboard, browser, files. there really is nothing left to gain from gaining root
and if you have any reason to gain root, it’s super easy by just replacing sudo with an alias in .bashrc you’ve got the user’s password
We REALLY need sandboxing and soon, that’s why I want to give fedora silverblue a try but my hopes are quite low
btw windows is in a bit of a better place and M1 mac is in much better place
I’ve not looked into fire jail in depth but I’ve read lots and lots of bad takes on it
What we need is docker with a better graphics integration, in terms of both ease of use and security. maybe wayland can help in that (cause with X you just forward the whole management socket and that’s it, anyone can draw anything)
There’s a chance that snap has done it right (I know that everyone hates it but there’s a CHNACE that they got it right in terms of security and ease of use)
flatpak “is not enough” since the controls it gives you are not enough. first you need flatseal to disable stuff per application and the defaults aren’t good enough and steam for example REQUIRES access to the whole home folder which defeats the whole purpose
Makes sense! I guess without an antivirus there’s no way of distinguishing legitimate activity from illegitimate activity at the system level when dealing with downloaded programs. Also, my Voyager app decided that your “link” was actually a link and tried to make an embed lol
because that isn’t really how these things work. It doesn’t matter how secure your operating system is, it can still get infected with malware if you let the user download and install arbitrary software. every modern desktop operating system that allows this has this hole.
features that pop up warnings when running code not signed by the OS vendor (like Windows SmartScreen or macOS Gatekeeper) help to an extent, but are not magic bullets since users can still override them.
at the end of the day, the best defense is to make sure you actually trust any software you download before running it.
For me it’s 7am-3:30pm and I do all my work between 7am and the daily at 9:30am. After that it’s just meetings and bullshitting on the internet. Everyone is satisfied with my work.
memes
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.