Search

cyborganism, 1 year ago to memes in Lies

Set it to view communities from all instances. That’s how I get fresh content.

duck1e, 1 year ago (edited 11 months ago) to lemmy_support in Quick And Easy To Host Lemmy And Other Federated Communities

this is early testing phase. I have created and deployed a lemmy server and mattermost modules successfully and it works great.

technical details: all this works via cloud instances kinda like architecture, i create a instance (container or vm based on software req) and launch automated scripts to setup everything so people don’t have to mess up working with insecure configurations. The backend api is golang and frontend is vuejs. I also have a WAF and security protocols to mitigate basic security flaws and botnet attacks. I need feedback on what our oss community surfers the most when hosting federated communities.

business side: I dont intend to charge for things in testing phase cause all i need is good feedback but as the server demands grows i’ll be working with whatever you’ll be paying for private instance (idk like $2 a month ?).

motivation: people use proprietary products cause they are already hosted and just avaiable. If we make this with oss products people will start using it. Making lemmy easy to setup will boost more community interaction and make lifes of current community mods easier :)

bjoern_tantau, 1 year ago to asklemmy in Thoughts on reddit reposter bots?

I like it to keep track of communities that don’t have enough members here to be very active. I don’t participate in the discussions, but it’s good in case some news come out that I would miss otherwise.

Lemmit.online is also good, because it actually lets you know that it’s mirroring reddit. There was another instance that was mirroring reddit including comments, without any indication. I started “participating” in the discussions until I caught on to the fact that I wasn’t getting any answers or up- or downvotes because it was just full of bots. It soon landed on my blacklist.

Rentlar, 1 year ago to asklemmy in Thoughts on reddit reposter bots?

There are certain niches where automated mirroring is a little useful.

Game day threads, part sales (where people need to be quick) are a couple examples.

I have most post bots blocked though (lemmit, alien, lululemon, etc.).

Like others said the downsides are that they drown out original posts and discussions with authors that never respond to comments. Consequently, the not-logged-in experience on instances that “leave it up to users to block” will appear messy and full of garbage.

I think they have their place but those automated should be contained to communities that want them, easily identified, easy to block and post rate limited to reasonable levels.

A yet to be developed feature in Lemmy would be the ability to somehow “opt-in follow” automated bot posts rather than the current “opt-out” model.

xigoi, 1 year ago (edited 11 months ago) to asklemmy in Thoughts on reddit reposter bots?

They only post in their own communities on their own instance. You will only see their posts if you’re subscribed to those communities or browse All Why would you consider that spam?

whereBeWaldo, 1 year ago to lemmyshitpost in Lemmy: fails the vibe check

Man I can really sympathize with you, It feels pretty bad to see your OC memes doing bad.

I checked the aforementioned 3 posts (I am talking about the “ass eating”, “crypto” and the “eye contact” meme just so that we are on the same page) and I often consider myself having opposed opinions than the general audience of those instances. I can see why people would downvote them since they are pretty much the opposite of the “popular belief” of the communities. But I have to say I wouldn’t upvote them either since they aren’t really that funny in my opinion (unrelated to any political opinions etc that I have).

The eye contact one is a really outdated format imo, the ones I find funny nowadays with this format usually have a very bizzare image that makes the meme funny by itself. People probably downvoted it because they found it misogynistic

The crypto one is basically just a rant so I really don’t think it has any comedic value tbh. This one probably got downvoted since it speaks positively of crypto.

The ass eating one was I believe the funniest one but I guess it just didn’t click with me. I don’t really have any mentions of race in memes but its probably the reason why it got downvoted. In my experience mentioning a (minority) race and not outright praising it usually causes people to downvote instantly.

Would I be able to make better memes with the same topics? Absolutely not. I just wanted to give my 2 cents about why the memes may not have done as well as you hoped.

jack23, 1 year ago to privacy in One of the Most Controversial US Spy Programs Just Got Quietly Renewed

**The article:**On December 22, President Joe Biden signed a $886 billion defense bill that renewed one of the US government’s most controversial spy programs. Tucked in the 3,000-page legislation is an extension of the administration’s power to warrantlessly surveil foreigners overseas, and snoop on Americans in the process.

The authority, known as Section 702 of the Foreign Intelligence and Surveillance Act (FISA), has been the subject of intense scrutiny over the past few months. Set to expire on December 31, in the weeks leading up to that date, lawmakers were still in heated debates over whether and how to allow it to continue. But these conversations were halted after Congress and the Biden administration squeezed a short-term extension of the spy program through the annual defense bill, potentially keeping it in effect until 2025.

Many civil liberties advocates are criticizing the extension, saying that it skirts a rare, bipartisan push to protect Americans’ privacy. This stopgap measure, they argue, kicks a crucial debate on government spying into the new year—or beyond. In the meantime, it allows federal authorities to hold onto a power that they’ve routinely abused.

“It’s tragic,” says Elizabeth Goitein, senior director of the Brennan Center for Justice’s Liberty and National Security program. “Abuses and civil liberties violations are going to continue at a completely unacceptable rate,” she adds. “For every day, every week, every month that Section 702 continues without reform, that is what’s happening.”

Under Section 702 of FISA, federal investigators do not need a warrant to tap the phone calls, texts, and emails of foreigners outside of the country. But a loophole also lets them access messages that Americans exchange with targets abroad. These communications are funneled into a database that investigators can later search, again without a warrant. Numerous reports have documented the FBI’s “persistent and widespread” misuse of this authority to spy on Americans, running unauthorized searches on Black Lives Matter protesters, for instance, or January 6 rioters, and even a US senator.

In 2021, the FBI conducted about 3 million so-called “backdoor searches” on US residents. Last year, amid pressure from lawmakers and advocates to curb warrantless spying on Americans, that number dropped to about 119,000.

Still, the extent of this intrusion was troubling enough to spark a reform push from Republicans and Democrats. Earlier this month, Rep. Andy Biggs (R-Ariz.) introduced a bipartisan bill to renew a version of Section 702 with key changes, including a warrant requirement for law enforcement to pull Americans’ communications. It sailed through the notoriously divided House Judiciary Committee with support from both sides of the aisle.

Before leaving for winter recess, the House was set to vote between advancing Rep. Biggs’ proposal or a competing bipartisan effort sponsored by Rep. Mike Turner (R-Ohio), which experts said would broaden Section 702 surveillance powers. But many lawmakers didn’t want to rush the vote. Instead, they opted to temporarily extend the spy program through the 2024 National Defense Authorization Act, an annual measure that sets funding and policy priorities for the Pentagon. According to House Speaker Mike Johnson (R-La.), who had tacked the extension onto the NDAA in the first place, this move buys “necessary time to facilitate the reform process.”

The short-term extension officially stretches the spy program for four months, into April 2024. But under a little-known provision of the FISA law, a special court that oversees the program has the power to let it run for an additional year, until April 2025.

It’s a win for the Biden administration, which had been cranking up the pressure on Congress to keep the surveillance authority intact. In a House Homeland Security hearing last month, FBI director Christopher Wray acknowledged that the bureau had misused its Section 702 power in the past, but assured lawmakers that the agency was now operating with more restraint. Wray also warned that now was no time to strip the FBI of any authorities. Since Hamas’ October 7 attack on Israel, he said, a “rogue’s gallery” of groups have called for violence against the US. “702 is critical to protecting Americans from foreign terrorist threats,” he urged. “Please don’t throw the baby out with the bathwater.”

“Do not let it expire,” echoed Rep. Jim Himes (D-Conn.) on the House floor during its vote on the defense bill. “If it expires, Americans and allies will die.”

But many advocates say that by failing to add a warrant requirement and other key changes to Section 702, lawmakers had fumbled a chance to protect both Americans’ safety—and their rights. “It’s extremely disappointing,” says Sumayyah Waheed, a senior policy counsel with the civil rights group Muslim Advocates. There were bills introduced “to actually make the reforms that we desperately need in Section 702.” But “instead of allowing that debate to continue, this was kind of shoved through in a ‘must-pass’ piece of legislation.”

“There were a lot of opportunities for Congress to get this right,” says Andy Wong, advocacy director of Stop AAPI Hate, an organization for advancing the rights of Asian Americans and Pacific Islanders. “They sort of dodged the responsibility here.”

Wong says that leaving such a sweeping surveillance power in the government’s hands puts communities at risk. He points to the wrongful arrest of Professor Xiaoxing Xi, a Temple University physicist who was accused of espionage after the FBI misread emails he wrote to his Chinese colleagues—emails obtained in part under Section 702. Asian Americans and other communities of color often “face heightened scrutiny and suspicion,” he explains. “Really innocuous behaviors may be misinterpreted or viewed through a biased lens and lead to a lot of unwarranted suspicion and potential harm.”

Dr. Xi’s story may be among the more extreme, notes Goitein of the Brennan Center, but there may be other harms that are less obvious but also serious, largely because of the government’s extreme secrecy concerning its use of Section 702. “People can be subject to tax audits, be denied public benefits or public jobs,” she says. “There are any number of ways in which people’s lives might be affected by these searches, and they would never know it.”

When Congress returns in 2024, lawmakers will be expected to take up the reform effort once again. According to Majority Leader Steve Scalise (R-La.), leadership is trying to figure out a “fair process” for ironing out differences in the House proposals. Senate leaders Chuck Schumer (D-N.Y.) and Mitch McConnell (R-Ky.) also have pledged to work with the House on a bill that can be passed “early next year.”

Some experts are stressing the need to make sure the Biden administration acts swiftly since it now has room to drag its feet. “Even if Congress manages to pass a strong reform bill in the spring,” argues Goitein, “the administration has no real incentive to sign it because they know that they can continue surveillance until April 2025.”

Waheed from Muslim Advocates acknowledges their disappointment in what she described as “this setback,” but says, “We look forward to continuing the fight next year.”

KazuyaDarklight, 1 year ago to asklemmy in How does federation actually work?

If you’re replying to a community on your home server, all actions should be similar levels of responsiveness, I think replying to another servers community may involve “some” active communication with the instance? Simple way to test this, if you are replying a lot on to another servers community, since you are browsing anyway, would be to just open the server/community directly and click around, if it’s feels a bit slow, then that server is overloaded by a bit and that’s probably the source of your issue. Otherwise we need someone with deeper knowledge in this thread.

hal_5700X, 1 year ago (edited 1 year ago) to asklemmy in What if reddit joins race of services joing fediverse?

Seeing how some communities have bots. Who post Reddit content on to Lemmy. Also since the 0.19 update, users can block instances. So nothing will happen. If Reddit does that.

EDIT People wanted the Fediverse to get more popular. So more popular it gets, more big companies and an like will join the Fediverse. So mission accomplished, everyone. 🥳

willya, 1 year ago (edited 1 year ago) to lemmy_support in Question about the federation system

What’s the instance and community you’re having problems with and I’ll tell you what’s going on. You would know you were banned by viewing your profile on that instance. You can find reasons in the modlog too if they added any.

BlueEther, 1 year ago to selfhosted in No posts when surfing through my i stance

Most of yhe subscribed communities seem to be working on your instance. When did you subscribe to permacomputing@lemmy.sdf.org? was it after the upgrade to 0.19.x?

empireOfLove2, 1 year ago to asklemmy in Corporate Censorship Bring You Here?

My personal experience so far is that the Lemmy community is significantly more responsive in getting rid of spam bots. I’ve definitely seen a few but they disappear in less than a day, and lately the amount of spam has been extremely minimal, almost nonexistent on my instance’s all page. Compare to Reddit, where spam bots might get banned from a few subs immediately but would often take weeks to get sitebanned, if ever.

Most serious Lemmy instances require user approval to join via the short application, which means they have no bots at all. And the big key is that lemmy admins are quite active and talk amongst themselves; if an instance with open no-approval signups gets abused by bots, other admins will talk to that instance about it, and most of the time it seems to get fixed pretty quick. And if they don’t… well, you defed them until they do. It’s pretty pog.

MSgtRedFox, 1 year ago to asklemmy in Corporate Censorship Bring You Here?

The not saying why they were banned is what inspired my question.

I was afraid those people would just come here, but the moderation based on instance and community seems to be working so far. I’m curious how’s that’s going to scale.

kuberoot, 1 year ago to memes in I might move again. (Or not)

I don’t think that’d work, with Lemmy being a federated model, not a fully decentralized one.

How do you handle the actual login? Does that mean every server has access to your password hash? Or do you overhaul the account system to use something like a private and public key, with the user needing to store and transfer the private key to every device they use?

And what happens if two people register with the same username on two instances that aren’t federating? Do they somehow need to still communicate with all other instances in the network they operate in, to prevent that from happening? Because the alternative I see is the login being random in some way or tied to the instance, in which case you still lose the impression of a single service.

If I’m not mistaken, right now anybody could host a non-federating Lemmy instance, if they just wanted a small private community in this style. To my understanding, that’s the idea behind federation, and a founding concept of Lemmy - it’s not a giant service distributed across trusted servers, but a network of smaller communities that communicate with limited trust.

Kecessa, 1 year ago (edited 1 year ago) to memes in I might move again. (Or not)

There are no instances anymore with this system, it’s the data hosting that’s decentralized, the front-end looks like a centralized website so you would go to Lemmy.com instead of whatever instance you signed up on.

Imagine Reddit but there’s no central authority and instead of using a service like AWS it’s just people providing storage space and bandwidth and they can decide not to host content from certain communities on their server, but from the user’s point of view they wouldn’t know where they’re pulling the data from.

So no, you couldn’t have two users with the same username. The user database could easily be shared by all storage providers or the database could be randomly split and you would have to mention what part of the database your info is stored on when logging in. When creating your account (where it checks for doubles on the whole username list hosted on all servers) you’re given a random third credential that you need to mention when logging in so the service knows which servers host that part of the user database (all info including the database would have triple redundancy).

Right now a website’s data might not be stored on a single server so that’s already how things work, the difference is that all the different servers are owned by the same company (like Amazon or Google). In the backend the servers communicate together to provide the data to the users so it feels like everything is hosted in the same place.

TL;DR: The best way to fix things is to make it work like it does for any other websites but to only decentralize the hosting instead of also decentralizing the communities.

kuberoot, 1 year ago to memes in I might move again. (Or not)

Sounds like what you want basically is not Lemmy.

It also raises some pretty big issues, like who gets to moderate communities? Right now you make a community on a specific instance, you follow that instance’s rules, so the instance host has authority over the community. If you disagree with the instance’s rules, or with the way the community is ran, you can make a community on another instance, or even make your own instance with your own rules.

And from the other side, there need to be people with the authority to remove communities, and remove people/posts across different communities. Right now that’s the responsibility of the instance hosts, to my understanding - content is hosted on a primary instance, and stored through federating instances, so the primary instance has a responsibility to keep it clean of illegal material. Who would have this power and responsibility if instances aren’t differentiated? Sounds like the best case is giving trustworthy people an excessive amount of power, and the worst case is the entire network being shut down due to distributing illegal content and being effectively impossible to moderate.

You also didn’t address the issue of passwords - currently it’s a pretty big deal when hashed+salted passwords leak, considering those passwords compromised… The comparison with AWS is flawed - when using AWS, you’re trusting them, because it’s a big company with a reputation to keep. The situation seems very different when it’s random enthusiasts with highly differing views, and without a central authority to verify them (though there are probably too many to verify anyways)

And you propose that anybody can join the network and receive users’ passwords? On top of that, you’re proposing that you need to also know the “server” your data is stored on and supply that with logging in? Sounds like a really annoying friction point for the user.

I really feel like you’re approaching this from the wrong direction, suggesting Lemmy should abolish the very structure it’s built on for one you’d like more, but I think it could be possible to make the experience nicer without going to those extremes.

Maybe it’d be possible to let multiple instances have authority over an account, without changing its home instance, so that if your original instance goes down, you can keep the same account. And to reduce friction from communities being made across multiple instances, some way for communities themselves to federate/combine would be nice, and is probably being considered by people smarter than me.

Kecessa, 1 year ago (edited 1 year ago) to memes in I might move again. (Or not)

I know it’s not how Lemmy works, what I’m saying is “There’s a big issue with how Lemmy works, here’s how I think decentralization should be approached instead.” Having terabytes of information possibly disappearing because one person gets in a car accident on their way to work isn’t an improvement vs a centralized system hosted on AWS.

Communities would be moderated by their creator, server admins could decide not to host content from any communities they don’t want to host, if no server admin wants to host your community then you’re free to host it on your own server or to fix the problems with it.

There’s illegal content on Lemmy right now, even instances that don’t want to host it need to clean up their images folder because of it, so it’s not as if the way it works right now is any better for that and it’s not as if there’s no instance admin ready to host that content.

User credentials can be stored securely. Do you think your instance admin has a text file with your password written in plain characters?

The third credential I was suggesting is just one solution so not all servers have to have a “master database” with all user info stored, split the database and let the users know they need to remember they confirm their login through database X or Y. I’m sure much more intelligent people could come up with another solution.

AteshgaRubyTeeth, 1 year ago to memes in I might move again. (Or not)

So this would mean I wouldn’t see some piracy related content? Because I’m subscribed to some piracy communities and I think I can see the content.

I’m not really up to date with how the links between the different Lemmy instances work

kuberoot, 1 year ago to memes in I might move again. (Or not)

“There’s a big issue with how Lemmy works, here’s how I think decentralization should be approached instead.”

Again, I feel like you’re making the wrong point in the wrong place. My understanding is that you came to a project designed with the ideals of federation, and you complain that it shouldn’t be federated. That should probably be done as a fork of Lemmy, or an independent competitor.

It seems to me like you’re in ideological conflict with Lemmy’s developers, where you see no value in what Lemmy seeks to create. That’s completely fine, of course, but I really feel like you’re making your case in the wrong place.

Having terabytes of information possibly disappearing because one person gets in a car accident on their way to work isn’t an improvement vs a centralized system hosted on AWS.

Federation does not mean terabytes of information disappearing - to my understanding, posts, comments and votes are already duplicated across the instances. What would be lost is ownership of communities/posts, and accounts created on that instance, as well as things like image posts where the images are stored on one instance.

However, if images weren’t stored as links in those posts, accounts could be fully migrated, and communities could be migrated or even just federated with other communities, nothing would have to be lost.

Communities would be moderated by their creator, server admins could decide not to host content from any communities they don’t want to host, if no server admin wants to host your community then you’re free to host it on your own server or to fix the problems with it.

I feel like that structure wouldn’t work, just looking at how much defederation is happening, server owners wouldn’t want to be affiliated with certain content at all. It did also remind me of the fact that ActivityPub is not just Lemmy - you can also interact with mastodon and kbin on Lemmy, which is rooted in the federated approach.

There’s illegal content on Lemmy right now, even instances that don’t want to host it need to clean up their images folder because of it, so it’s not as if the way it works right now is any better for that and it’s not as if there’s no instance admin ready to host that content.

True, I feel like the issue only gets worse as you blur the line between different instances more, but I have no data to back that up.

User credentials can be stored securely. Do you think your instance admin has a text file with your password written in plain characters?

I feel like you failed to address my point, that with the current security standard, data leaks are still considered a threat to your password security. Even in the best case, getting access to hashed passwords means being able to brute force it without any rate limits. Maybe I’m wrong, but you’d need to either prove that password hashes leaking are not an issue at all, or figure out a way to provide trusted decentralized authentication server architecture, or figure out a way to store the passwords where leaks are not an issue… Or give up on using passwords and require a different authentication method, like public key authentication.

The third credential I was suggesting is just one solution […]. I’m sure much more intelligent people could come up with another solution.

It’s a bit hypocritical of me, since I mentioned smarter people than me working on something, but I feel like if you’re strongly suggesting Lemmy should be majorly reworked in this way, there’s some expectation for you to provide a solution, not just say that somebody will figure it out.

Kecessa, 1 year ago to memes in I might move again. (Or not)

How does what I’m talking about prevents federation? Lemmy is federated with kbin and mastodon even though they don’t work the same way…

I never said I see no value in what Lemmy created, I’m saying that the way they went about it might not have been the right one because now that there’s a lot of users and many instances were created, we can see that one major flaw in the system is that the instance’s admin can just decide they’re done with Lemmy and all content hosted on their instance just vanishes.

If your instance crashed I wouldn’t be able to see your messages until your instance was back online, that’s why when you copy a permalink to a comment it’s the address of their instance that you see, instances host the content posted by their own user no matter where it’s posted, instances communicate between themselves to share that info so their users see what other instances users post, that’s also why you might still see posts on communities of instances you’re defederated from, they’re posts by people from your own instance.

On the password thing, it’s no worse than what’s going with the current system, you’re trusting the instance admins not to leak anything… Heck, splitting up the lists could be even more secure since it could be equally divided between hosts instead of having a couple of instances hosting what amounts to over 50% of all credentials… What happens if lemmy.world’s admin leaks everything?

And I’m suggesting solutions, I don’t have the expertise to implement them. Do you believe that all tech is developed by the person who came up with an idea? Because I sure would love to meet the person that developed my cars seats, computer, engine and suspension, that single person must be one hell of a genius!

trafficnab, 1 year ago to memes in I might move again. (Or not)

You can always look into hosting your own personal instance, then you choose the communities you see content from

mexicancartel, 1 year ago to linuxmemes in Linux too mainstream for some 🤷

Because you are tagging a community on your own instance. It doesnt work for people on other instances