“More than half of the websites in the study accepted passwords with six characters or less, with 75% failing to require the recommended eight-character minimum. Around 12% of had no length requirements, and 30% did not support spaces or special characters.”
A recent PG forum thread is discussing it. PG deemed it not secure enough almost three years ago, based on solid reasoning.
However, that was three years ago and the product has altered dramatically. I just don’t think it’s been resuggested/evaluated since then.
PG forum users (and PG itself) are pretty inconsistent with how they judge stuff. Not trusting one company (Filen) because there were issues three years ago (and are now, as I understand it, fully addressed) but totally trusting another company (Brave browser) despite repeated actions that erode trust is odd behaviour.
I’m a filen user myself, just in the interests of full disclosure.
Disclaimer: not a security expert at all, just a working knowledge. However, what I read 18 months or so after reading that github thread was enough to reassure me.
I may be being overly pedantic here but that statement, whilst I don’t doubt its good intent, always reads to me like a bit of a get out of jail free card.
I’m not sure how much weight you can place on a recommendation when the full criteria isn’t know and can be changed on a whim. And yes, I’m aware I can browse the forum, ask and see for myself but I’m not sure your average user is going to feel confident enough to do that.
Like Reddit, KBin and Lemmy are 'link aggregators’
This means, in subject driven Communities (sub-reddits), people post links or images or their thoughts and others comment on them
Reddit is software that’s installed in one central location (server). This means it is owned and controlled by one single commercial entity.
Kbin and Lemmy are both software that are installed in multiple locations (servers), owned and controlled by multiple people and can be installed by anyone. This means no one can ever own or control the entirety of Lemmy.
Reddit, KBin and Lemmy can be accessed by users via websites or apps.
Reddit is centralised. If it disappeared tomorrow, it would be completely gone.
KBin and Lemmy are federated. If one instance (server) disappeared tomorrow, all the others would be unaffected and carry on as normal.
All instances of KBin and Lemmy can talk to all other instances of KBin and Lemmy, as long as they are federated.
Rule breaking and/or toxic instances/servers can be defederated by other servers/instances.
Reddit, KBin and Lemmy are all free to use. However, with Reddit you must contend with invasive privacy and advertising. The way to support KBin and Lemmy is to donate to the development team and the server/instance your account is on.
If you get kicked from an instance, upon joining a new instance, make your first post a furious comment on the admins/mods/hivemind of the instance that kicked you, completely forgetting we can all see the modlog.
“I’ll be interviewing Andy Yen, the CEO of #Proton in early December, and I’d like to ask them the questions YOU have about Proton Mail, Drive, Calendar or VPN, or security and privacy in general.”...
I thought you people had stayed on Reddit. Y’know, the people who live to say shitty things to people and then sulk when they get edited/removed/banned and blame it all on ‘the hive mind’ or ‘group think’ or some other sneering put down when the reality is simply that most people don’t like shitty people saying shitty things.
I totally applaud your efforts to find a solution to this issue but I don’t think this is practicable, at least in it’s current form. I get the underlying idea that changes to the extension will have to be continually adapted to by the scrapers but that’ll slow them down for a negligible amount of time.
I don’t mean to sound negative and I really do thank you for your efforts but I can’t see how this could be effective.
Does anyone of you know filen.io? Do you trust it? The Pricing is so attractive and I never heard of that company before, so it seems a bit too good to be true. What do you think?
Been using it for over a year now. The clients were a bit ropey for awhile but they’re great now.
As for trust, only you can really answer that, but they tick all the right boxes for me - I can pay in a way that preserves my privacy, everythings open source and E2EE, they have good policies.
Privacy is not just an illusion; it’s a delusion. Things like privacy statements and permission to use cookies are little more than sophisticated propaganda. If you think for a moment the Overlords cannot prepare a dossier on you within minutes that would make your mother faint and your father die of shame, you’re living in...
Well, Mastodon has been around since 2016 IIRC which is nearly 8 years and it’s still growing and expanding. There’s no reason to suppose Lemmy will be any different.
A large part of the issue of sustainability is intent. Meta, Twitter, Microsoft, Google etc are profit driven. By that standard, no fediverse software is sustainable because for-profits only care about continual growth leading to continual profit.
Lemmy is open source. No one who develops it or hosts an instance really cares about it being financially profitable so there’s not that motivation. The motivation is more akin to doing something positive for people and at the same time, indulge in a hobby/interest they have. If the people who benefit from it (you and me, the users) recognise that benefit I would hope they donate to its development and the instance they’re on. This in turn enables the users who can’t afford to donate to still be able to participate in a system where profit is not King.
So sustainability in the fediverse really means ‘can I afford to keep doing something I enjoy doing?’ As long as they can, it’s sustainable.
I wouldn’t have an issue with this either - within reason. But I suspect making an instance a de facto business from which an admin draws a wage would raise so many issues about a whole raft of things it probably wouldn’t be worth it.
You’re right, all any of us do, all day, non stop is gripe or insult American culture. Why only the other day, I was in the shop and when I got to the till to pay, all me and the cashier could talk about was America. “That’ll be £44.99 please love and did you see the latest data about gun deaths in America?” God, we’re so insecure.
I have quite a lot of faith, but I think the majority of my faith is that whilst you’re right that abuses can happen because some people are cunts, there seems to be a groundswell of willingness to react to that possibility and tackle it.
The relatively recent CSAM attack on .world Communities is a prime example of that. Code was written and systems put into place (not by the lead developers it has to be said but by @db0 and others) to tackle that threat.
Well, call me old fashioned but as my friend is a fan of American bourbon, I thought asking American’s what American bourbon they recommended might be the best idea.
Police across Britain equipped with live facial recognition bodycams (inews.co.uk)
cross-posted from: lemmy.nz/post/3829409
Largest Study of its Kind Shows Outdated Password Practices are Widespread (www.cc.gatech.edu)
“More than half of the websites in the study accepted passwords with six characters or less, with 75% failing to require the recommended eight-character minimum. Around 12% of had no length requirements, and 30% did not support spaces or special characters.”
Filen.io not on the list privacyguides.org
I’m just wondering why Filen.io isn’t included in the privacyguides.org. It’s great cloud service with execlent privacy and good pricing too.
How would you explain Lemmy/Kbin to a Reddit person or to a social media person?
Trying to "recruit" more folks in Kbin but I think I lack enough information to describe Kbin effectively....
What are Lemmy's unwritten rules?
I’ll start. Non serious answers also welcome...
Nick from The Linux Experiment will soon be interviewing Proton CEO Andy Yen And Wants Your Questions For him (mastodon.social)
“I’ll be interviewing Andy Yen, the CEO of #Proton in early December, and I’d like to ask them the questions YOU have about Proton Mail, Drive, Calendar or VPN, or security and privacy in general.”...
Why Bluesky over sth like Activitypub? (slrpnk.net)
Is it really decentralized and private?
Are there any free sites that can check other sites for trackers?
If you know such services, please share the links.
̶P̶r̶o̶t̶e̶c̶t̶ Obfuscate your content from bots and AIs (lemmy.ml)
Hey everyone, so for the past few month I have been working on this project and I’d love to have your feedback on it....
Can I trust filen.io? (filen.io)
Does anyone of you know filen.io? Do you trust it? The Pricing is so attractive and I never heard of that company before, so it seems a bit too good to be true. What do you think?
Anonymous phone number
Can you recommend me some anonymous phone number services to use when creating account that requiring phone number verification?
SimpleX Self-Host Script, Tutorial, on Monero Provider (monero.town)
cross-posted from: monero.town/post/1084048...
Privacy is not just an illusion; it’s a delusion
Privacy is not just an illusion; it’s a delusion. Things like privacy statements and permission to use cookies are little more than sophisticated propaganda. If you think for a moment the Overlords cannot prepare a dossier on you within minutes that would make your mother faint and your father die of shame, you’re living in...
Is Lemmy as a platform sustainable?
I’m wondering how are all those different Lemmy instances financed? I know some rely on donations, but is that all and is that sustainable?
It hurts all over
🙃...
Excluding the obvious ones such as politics, what topics can't you stand listening to people talk about?
For me it’s detailed describtions about people’s dreams....
How are "We" to place trust in the fediverse?
I came here for the same reasons as most of you and chiefly among them was to escape the corporate embrace of common social media platforms....
Mullvad Convert Encrypted DNS Servers To Run From RAM (mullvad.net)
“We recently announced the completion of our migration to remove all traces of disks in use on our VPN infrastructure.”...
Meta payment message (iusearchlinux.fyi)
So I got the message from instagram about either paying or using it free (at the cost personalised ads) just now....
Americans - I Need Help Choosing A Bourbon
I’ve got a mate whos a big fan of Bourbon. He’s tried all the standard brands like Buffalo Trace, JD, Jim Beam and Wild Turkey....