Search

Dave, 2 years ago (edited 2 years ago) to linux in Linux holds more than 8% market share in India, and it's on the upward trend

I didn’t intend to imply that by using the same username across instances you were breaking some sort of rule. Different instances have different moderation policies, different federation policies, and different intents. Having multiple accounts in good faith should not be an issue and was not what I was trying to imply.

Rather, the intention was to show that we know bad actors do this with nefarious intent. Here’s an example (they show zero comments as they have been banned with content removed - also I think these ones only had posts not comments anyway):

lemmy search showing many search results for the same name across many instances indicating escort services

dan, 2 years ago (edited 2 years ago) to linux in Linux holds more than 8% market share in India, and it's on the upward trend

there are no protections against creating multiple accounts to upvote your own posts

They don’t even have to be real accounts. Lemmy uses the ActivityPub protocol, and nothing’s stopping someone from creating an ActivityPub server that federates with a Lemmy instance and spams upvotes from randomly-generated usernames. The server could just pretend that every username is a valid one.

Of course, I think something like that would be defederated pretty quickly.

Anbalsilfer, 2 years ago to linux in Linux holds more than 8% market share in India, and it's on the upward trend

We very often see the same username created across many instances

Guilty as charged. I’ll say though, there are several legitimate reasons why one might want to do this. I personally use it as a substitute for Reddit’s multireddit feature, by grouping community subscriptions across different instances by theme. As long as users use the same username across instances I don’t think this practice should be automatically regarded as an attempt to sockpuppet. It that was the goal, the accounts would definitely not be using the same username across all the instances.

Dave, 2 years ago to linux in Linux holds more than 8% market share in India, and it's on the upward trend

We very often see the same username created across many instances, it’s very easy to do and Lemmy has no protections against it. Plus, there are no protections against creating multiple accounts to upvote your own posts (don’t get any ideas 😆). IP blocks wouldn’t work as instances are entirely independent, so there is no sharing of IP info across different instances.

Currently there is at least some level of coordination across instances, though, such as Lemmy.world’s Defense HQ, where instance admins can share info about spammers/trolls so we don’t have to wait for a report from one of our own users. There’s also Fediseer, but this protects against spam instances not spam accounts on mainstream instances.

samsy, 2 years ago to memes in rules for thee, but not for me

Simply browse to your instance, go to moderations-log search your username and you find the reason.

_dev_null, 2 years ago to piracy in What VPN do you use and why?

and a private telecommunications company can read absolutely all your digital communication

Well maybe. It’s one of the reasons e2e encryption is so imperative to online privacy. For instance, turning on https everywhere, then your isp can only see which servers you’re connecting to, not what’s in your traffic to them.

And to point it out up front, yeah the distant end’s servers likely have some for of that traffic captured, but now law enforcement has to dig up every company that they’re trying to pull info from. Which is significantly more difficult than just relying on a one stop shop arrangement.

And for the best privacy, like security, a multi-layered approach is better. So throw in a VPN, throw in something like a mullvad browser, throw in pseudonymous accounts, throw in different usernames + passwords across accounts, throw in…

Kichae, 2 years ago to asklemmy in How can we improve Lemmy’s SEO so we can google “(question) lemmy” instead of relying on “(question) reddit”

I'm not sure how lemmy or kbin handle instance-hosted media links -- whether they import the media and redirect the link, or whether they point to the original media object -- but otherwise, yes.

There are ways to access other websites directly from within a given website -- iframes and the like -- but that's not what happens here. Each website is independent of each other, and all text is locally hosted in your instance's database.

There are also (limited) copies of user profiles all over the place -- if you click on my username, for instance, you'll be taken to lemmy.world/u/Kichae@kbin.social. That's a local lemmy.world user address, even though I'm not on lemmy.world. I can't login to that account -- it's either credentialless, or has randomized credentials -- but it exists. And by going there, you get to see what lemmy.world knows about my activity across the fediverse. Without ever leaving lemmy.world.

1984, 2 years ago (edited 2 years ago) to privacy in Most private app for Lemmy

Sync is the absolute best app but I think privacy is probably not great.

But this is Lemmy so you don’t even need to use an email address if you don’t want. You can be semi anonymous and change username often if you want, and change between apps or instances also.

Data is never gone but it’s also not tied to anything real about you.

Dave, 2 years ago to asklemmy in So how does lemmy make money?

Servers are independent. You can only create the same username if it's not already taken. dave@gmail.com and dave@hotmail.com are the same username but different servers. You don't get dave@gmail.com reserved just because you have dave@hotmail.com, but if it's available you can register both.

Is there a way to have that account scrape whatever data you want to back up, saved posts etc from your ‘ghost account’ or your original account on the other server?

Lemmy is pretty young and there aren't a lot of tools. Most likely in future there will be an ability to transfer you account to another server, notifying other instances of the change. But this would require the home server to be available for approving the transfer otherwise you would have people stealing other people's accounts.

Mastodon (a twitter-like federated site) has an option to migrate an account, but as I understand it, that's more about moving your followers to your new account. I don't think the posts move. This page claims there it's a technical reason so perhaps we wouldn't have that on Lemmy either - but Mastodon does re-direct accounts, so perhaps on Lemmy in the future your posts might still point to the old user but if someone clicks on it then it will take them to your new account.

None of this is sorted yet so ideas will probably change over time.

Redhotkurt, 2 years ago to comicstrips in Executive Dysfunction [ADHDinos]

Same here, it hasn't gotten old for me yet! Hahah, I'm sure you get this a lot, but I saw your username and assumed I was looking at a Risa post (or at least a post in the startrek.website instance), hence the Trek reference.

Thx for posting this comic, it's nice to be reminded you're not the only one, ya know?

user224, 2 years ago to asklemmy in What's the deal with the suspicious usernames on youtube?

user224 in here. I just made a mistake.
Firstly, I only wanted to test out SDF.org without wasting my username, but somebody decided to verify me out of their good heart. Then SDF.org announced their Lemmy instance. I didn’t know what Lemmy is, so I used my SDF username.
I can’t change it now.

empireOfLove, 2 years ago to piracy in Critical support for the Lemmy world peeps in their fight against pro-intellectual property nerds

Ayo I’m in the screenshot letsa fucking GOOOOOOOOOO-

For context, Bungiefan_ak has no fewer than 4 alts that I’ve seen (all on different instances with the same username) and has spent his time on !memes continuously spamming heavily transphobic, homophobic, and objectifying sexist “memes”. Just about every one of his alts is now banned but I’m sure more will pop up.

Now, why the fuck he cares so much about pirates at this point, I haven’t a clue…

UlyssesT, 2 years ago to piracy in Critical support for the Lemmy world peeps in their fight against pro-intellectual property nerds

For context, Bungiefan_ak has no fewer than 4 alts that I’ve seen (all on different instances with the same username)

Spending that much money and time stanning for fucking Bungie of all decaying and bloated and corrupt treat companies is really something. pathetic

and has spent his time on !memes continuously spamming heavily transphobic, homophobic, and objectifying sexist “memes”.

OF FUCKING COURSE. bridget-pride-stay-mad

kaseijin, 2 years ago to asklemmy in What are the cybersecurity weaknesses of the Fediverse?

Third party apps present a username and password field to log into a Lemmy instance. They can easily just steal your credentials. There are standard auth flows to solve this problem. The fact that Lemmy devs have willfully ignored this issue for years, and that they aren’t warning users not to trust third party apps, lead me to believe they don’t really care about security, which is the biggest red flag. There’s finally an open github issue that seems to be acknowledged, but it’ll be some time before this feature (if ever) ever gets implemented.

-Posted from a third-party app; yea, i gave them my password blindly.

TWeaK, 2 years ago to asklemmy in banned from c/memes

Nah you didn’t even get banned. Worse you’ve done is show that your alt is linked with some other alt on another instance.

I’m sure you didn’t use the same username across multiple instances. That would be silly. Ahem.

fubo, 2 years ago to asklemmy in Can you steal a user's identity if you gain their old domain name?

I've only read the ActivityPub spec; I haven't read the Lemmy code.

With that in mind, my impression is —

The new domain owner — if they set up an ActivityPub server instance (e.g. a Lemmy) and got a list of the old user's post URLs — might be able to delete or edit the old user's posts stored on other instances. That is a vulnerability, albeit a small one.

If the old user was still listed as a moderator of communities hosted on other instances, the new domain owner might be able to take over that moderator role.

One way to fix this would be for instances to issue a public-key cryptographic identity to each user, and distribute users' public keys to other instances. Then activities purporting to be from that user would need to be signed by that user's private key.

Users' private keys would stay local to their home instance, so users don't have to do any key management themselves.

This would mean that if an instance goes away (and its key material is destroyed) then nobody can ever act as any of those users again. A new user created with the same username and domain would be a distinct user for all other instances too.

RandomVideos, 2 years ago to memes in Have you heard of our lord and savor Federation?

Lemmy is a selfhosted, federated social link aggregation and discussion forum. It consists of many different communities which are focused on different topics. Users can post text, links or images and discuss it with others. Voting helps to bring the most interesting items to the top. There are strong moderation tools to keep out spam and trolls. All this is completely free and open, not controlled by any company. This means that there is no advertising, tracking, or secret algorithms.

Federation is a form of decentralization. Instead of a single central service that everyone uses, there are multiple services that any number of people can use.

A Lemmy website can operate alone. Just like a traditional website, people sign up on it, post messages, upload pictures and talk to each other. Unlike a traditional website, Lemmy instances can interoperate, letting their users communicate with each other; just like you can send an email from your Gmail account to someone from Outlook, Fastmail, Proton Mail, or any other email provider, as long as you know their email address, you can mention or message anyone on any website using their address.

Lemmy uses a standardized, open protocol to implement federation which is called ActivityPub. Any software that likewise implements federation via ActivityPub can seamlessly communicate with Lemmy, just like Lemmy instances communicate with one another.

The fediverse (“federated universe”) is the name for all instances that can communicate with each other over ActivityPub and the World Wide Web. That includes all Lemmy servers, but also other implementations:

<span style="color:#323232;">Mastodon (microblogging)
</span><span style="color:#323232;">PeerTube (videos)
</span><span style="color:#323232;">Friendica (multi-purpose)
</span><span style="color:#323232;">and many more!
</span>

In practical terms: Imagine if you could follow a Facebook group from your Reddit account and comment on its posts without leaving your account. If Facebook and Reddit were federated services that used the same protocol, that would be possible. With a Lemmy account, you can communicate with any other compatible instance, even if it is not running on Lemmy. All that is necessary is that the software support the same subset of the ActivityPub protocol.

Unlike proprietary services, anyone has the complete freedom to run, examine, inspect, copy, modify, distribute, and reuse the Lemmy source code. Just like how users of Lemmy can choose their service provider, you as an individual are free to contribute features to Lemmy or publish a modified version of Lemmy that includes different features. These modified versions, also known as software forks, are required to also uphold the same freedoms as the original Lemmy project. Because Lemmy is libre software that respects your freedom, personalizations are not only allowed but encouraged.

Choosing an instance

If you are used to sites like Reddit, then Lemmy works in a fundamentally different way. Instead of a single website like reddit.com, there are many different websites (called instances). These are operated by different people, have different topics and rules. Nevertheless, posts created in one instance can directly be seen by users who are registered on another. Its basically like email, but for social media.

This means before using Lemmy and registering an account, you need to pick an instance. For this you can browse the instance list and look for one that matches your topics of interest. You can also see if the rules match your expectations, and how many users there are. It is better to avoid very big or very small instances. But don’t worry too much about this choice, you can always create another account on a different instance later.

[instance list screenshot] Registration

Once you choose an instance, it’s time to create your account. To do this, click sign up in the top right of the page, or click the top right button on mobile to open a menu with sign up link.

[registration page screenshot]

On the signup page you need to enter a few things:

<span style="color:#323232;">Username: How do you want to be called? This name can not be changed and is unique within an instance. Later you can also set a displayname which can be freely changed. If your desired username is taken, consider choosing a different instance where it is still available.
</span><span style="color:#323232;">Email: Your email address. This is used for password resets and notifications (if enabled). Providing an email address is usually optional, but admins may choose to make it mandatory. In this case you will have to wait for a confirmation mail and click the link after completing this form.
</span><span style="color:#323232;">Password: The password for logging in to your account. Make sure to choose a long and unique password which isn't used on any other website.
</span><span style="color:#323232;">Verify password: Repeat the same password from above to ensure that it was entered correctly.
</span>

There are also a few optional fields, which you may need to fill in depending on the instance configuration:

<span style="color:#323232;">Question/Answer: Instance admins can set an arbitrary question which needs to be answered in order to create an account. This is often used to prevent spam bots from signing up. After submitting the form, you will need to wait for some time until the answer is approved manually before you can login.
</span><span style="color:#323232;">Code: A captcha which is easy to solve for humans but hard for bots. Enter the letters and numbers that you see in the text box, ignoring uppercase or lowercase. Click the refresh button if you are unable to read a character. The play button plays an audio version of the captcha.
</span><span style="color:#323232;">Show NSFW content: Here you can choose if content that is "not safe for work" (or adult-only) should be shown.
</span>

When you are done, press the sign up button.

It depends on the instance configuration when you can login and start using the account. In case the email is mandatory, you need to wait for the confirmation email and click the link first. In case “Question/Answer” is present, you need to wait for an admin to manually review and approve your registration. If you have problems with the registration, try to get in contact with the admin for support. You can also choose a different instance to sign up if your primary choice does not work. Following communities

After logging in to your new account, its time to follow communities that you are interested in. For this you can click on the communities link at the top of the page (on mobile, you need to click the menu icon on the top right first). You will see a list of communities which can be filtered by subscribed, local or all. Local communities are those which are hosted on the same site where you are signed in, while all also contains federated communities from other instances. In any case you can directly subscribe to communities with the right-hand subscribe link. Or click on the community name to browse the community first, see what its posted and what the rules are before subscribing.

Another way to find communities to subscribe to is by going to the front page and browsing the posts. If there is something that interests you, click on the post title to see more details and comments. Here you can subscribe to the community in the right-hand sidebar, or by clicking the “sidebar” button on mobile.

These previous ways will only show communities that are already known to the instance. Especially if you joined a small or inactive Lemmy instance, there will be few communities to discover. You can find more communities by browsing different Lemmy instances, or using the Lemmy Community Browser. When you found a community that you want to follow, enter its URL (e.g. feddit.de/c/main) or the identifier (e.g. !main) into the search field of your own Lemmy instance. Lemmy will then fetch the community from its original instance, and allow you to interact with it. The same method also works to fetch users, posts or comments from other instances. Setting up your profile

Before you start posting, its a good idea to provide some details about yourself. Open the top-right menu and go to “settings”. Here the following settings are available for your public profile:

<span style="color:#323232;">Displayname: An alternative username which can be changed at any time
</span><span style="color:#323232;">Bio: Long description of yourself, can be formatted with Markdown
</span><span style="color:#323232;">Matrix User: Your username on the decentralized Matrix chat
</span><span style="color:#323232;">Avatar: Profile picture that is shown next to all your posts
</span><span style="color:#323232;">Banner: A header image for your profile page
</span>

On this page you can also change the email and password. Additionally there are many other settings available, which allow customizing of your browsing experience:

<span style="color:#323232;">Blocks (tab at top of the page): Here you can block users and communities, so that their posts will be hidden.
</span><span style="color:#323232;">Interface language: Which language the user interface should use.
</span><span style="color:#323232;">Languages: Select the languages that you speak to see only content in these languages. This is a new feature and many posts don't specify a language yet, so be sure to select "Undetermined" to see them.
</span><span style="color:#323232;">Theme: You can choose between different color themes for the user interface. Instance admins can add more themes.
</span><span style="color:#323232;">Type: Which timeline you want to see by default on the frontpage; only posts from communities that you subscribe to, posts in local communities, or all posts including federated.
</span><span style="color:#323232;">Sort type: How posts and comments should be sorted by default. See Votes and Ranking for details.
</span><span style="color:#323232;">Show NSFW content: Whether or not you want to see content that is "not safe for work" (or adult-only).
</span><span style="color:#323232;">Show Scores: Whether the number of upvotes and downvotes should be visible.
</span><span style="color:#323232;">Show Avatars: Whether profile pictures of other users should be shown.
</span><span style="color:#323232;">Bot Account: Enable this if you are using a script or program to create posts automatically
</span><span style="color:#323232;">Show Bot Accounts: Disable this to hide posts that were created by bot accounts.
</span><span style="color:#323232;">Show Read Posts: If this is disabled, posts that you already viewed are not shown in listings anymore. Useful if you want to find
</span>

Source