• 2 Posts
  • 7 Comments
Joined 3Y ago
cake
Cake day: Jan 20, 2021
help-circle
rss
@Zalamander@lemmy.mltoAnnouncements@lemmy.mlLemmy Release v0.17.0
link
fedilink
11Y

You need to fetch the profile’s URL (https://group.lt/u/yuu) through mastodon

link
fedilink
@Zalamander@lemmy.mltoAnnouncements@lemmy.mlLemmy is growing!
link
fedilink
22Y

You can take a look at the lemmymap: https://lemmymap.feddit.de/

Click on “instance 30d” or “growth” so that the size of the points is proportional to their users or growth.

Originally posted here: https://feddit.de/post/184

link
fedilink
@Zalamander@lemmy.mltoLate Stage Capitalism@lemmygrad.mlMy career of treating patients has ended - r/QAnonCasualties
link
fedilink
1
edit-2
2Y

There is a small chance that the poster is really a concerned physician who really enjoys posting to Anti-QAnon subreddits during their free time, but looking at the user’s posting history, I highly doubt it.

  • Began posting around March, posts often, and almost exclusively about the vaccine.
  • Claims to be a doctor/physician in a very large number of posts.
  • Gives out medical advice over the internet.
  • Gets wrong basic details, such as claiming that an mRNA vaccine contains proteins.
  • It is quite a coincidence that such a dramatic event occured to someone who spends such a large amount of time writing on reddit about the anti-vax.

I think that this is a character that someone made up.

The deleted comments from this account also show that in the past the user would “speak with doctors” instead of claiming to be one.

https://camas.github.io/reddit-search/#{"author":"thanosrain","resultSize":100}

link
fedilink
@Zalamander@lemmy.mltoLemmy@lemmy.mlWhat are your most wanted Lemmy features?
link
fedilink
12Y

That’s very nice. Thank you for your hard work! I am curious about oauth. I did not know that 3 rd party clients needed to know the password, I will look into that!

link
fedilink
@Zalamander@lemmy.mltoLemmy@lemmy.mlWhat are your most wanted Lemmy features?
link
fedilink
22Y

This protects the database from a breach, but someone can set up an instance and collect the passwords from the logs:

As far as I can tell with my very limited experience, back-end encryption is the standard. One trusts the host not to steal their passwords from the logs, so protecting the data in the case of a breach is good enough. I think that it would make sense for the standard in the Fediverse to be different. Passwords should be encrypted by the client by default, and then re-hashed back-end.

It is also possible that what I am saying does not make sense in practical grounds - this is just something that surprised me while looking through the logs. I was under the wrong impression that plain text passwords were never accessible before looking into this topic.

link
fedilink
@Zalamander@lemmy.mltoPrivacy@lemmy.mlReddit is making verifying emails to post semi-mandatory. It will be harder to use throwaway accounts for privacy on reddit and might cause a small privacy migration away from reddit.
link
fedilink
62Y
@Zalamander@lemmy.mltoLemmy@lemmy.mlWhat are your most wanted Lemmy features?
link
fedilink
22Y

I would be happy to see client-side password hashing implemented.

I understand that responsibility of using unique passwords falls on the user, and maybe a truly malicious instance would be able to remove the hashing (although I think that it would be possible to check if non-hashed passwords leave the client). However, the reality is that many people still re-use their password for many websites and do not use 2FA when not required. Password hashing would reduce the level of trust required of the instance makers.

On a similar vein, it would be nice to anonymize the ip addresses that are printed to the docker logs if possible, similar to the nginx logs. I think that this would be easier to undo for a malicious instance, but at least they would need to have a bit more technical knowledge to get to this information.

link
fedilink
Resurrecting an instance and Federation
I have an instance (mander.xyz) for which the database was deleted, and I have set up a fresh new instance at the same domain. Federation appears to still be enabled with lemmy.ml, but I am having general issues fetching and interacting. For example, if I try to access https://mander.xyz/c/linux@lemmy.ml, the error log shows: 2021-12-11T17:53:52.201426Z ERROR lemmy_websocket::handlers: Error during message handling error sending request for url (https://lemmy.ml/.well-known/webfinger?resource=acct:linux@lemmy.ml): error trying to connect: dns error: failed to lookup address information: Try again I [posted a somewhat related issue on GitHub ](https://github.com/LemmyNet/lemmy/issues/1986), and it was pointed out by dessalines that "An activitypub actor id must be unique, and you recreated one with new public and private keys". It is not clear to me whether these ids apply only to specific usernames, or if the actor is a more general concept (community, post, instance as a whole) to the point that federation is irreversibly broken. Are there steps I can take to fix the federation? Or is starting a new instance using a different domain the only way forward to re-enable federation? I do want to point out that during certain periods of the day federation suddenly appears to work just fine for a few minutes. Thank you!
fedilink
6
Resurrecting an instance and Federation
fedilink
New instance! (Mander)
Hello! I have decided self-host an instance as a little side project because I really like the concept of lemmy. I am a scientist by profession and a naturalist basically since birth, so I have decided nature and science to be the focus of my instance. The website is https://mander.xyz I have enabled open federation, so if anyone wants to federate, let's do it! The more the merrier :-) EDIT: I decided today to rent a small VM server to host the instance, rather than hosting it from my home computer. So it should remain stable.
fedilink
0
New instance! (Mander)
fedilink