Yep.

There are two big end-user security decisions that are totally mystifying to me about Lemmy. One is automatically embedding images in comments without rehosting the images, and the other is failing to warn people that their upvotes and downvotes are not actually private.

I’m not trying to sit in judgement of someone who’s writing free software but to me those are both negligent software design from an end-user privacy perspective.

Of note about this is that image links in comments aren’t rehosted by Lemmy. That means it would be possible to flood a community with images hosted by a friendly or compromised server, and gather a lot of information about who was reading that community (how many people, and all their IP address and browser fingerprint information, to start with) by what image requests were coming in kicked off by people seeing your spam.

I didn’t look at the image spam in detail, but if I’m remembering right the little bit of it I looked at, it had images hosted by lemmygrad.ml (which makes sense) and czchan.org (which makes less sense). It could be that after uploading the first two images to Lemmygrad they realized they could just type the Markdown for the original hosting source for the remaining three, of course.

It would also be possible to use this type of flood posting as a smokescreen for a more targeted plan of sending malware-infected images, or more specifically targeted let’s-track-who-requests-this-image-file images, to a more limited set of recipients.

Just my paranoid thoughts on the situation.

Not a map, but things I’ve seen on the roads in Boston:

• Left turn only from left lane, straight or left from 2nd lane, straight or left from 3rd lane
• Green light and perpendicular traffic coming to me on the cross street, also going, because they also have a green light
• Two lanes, surprise! Lane markers go away it’s one lane, not defined who yields, you guys can work it out

Andy Weir’s stuff, The Martian and Project Hail Mary

Brother don’t make me upvote this 😥

This is a long time coming TBH. It hasn’t made sense for at least 10-15 years for Microsoft to still be trying to “win” against Linux. To me when I see it it seems weird. It’s like your old grandpa who still talks about the “japs” when he sees someone driving a Toyota.

Linux runs most of the smartphones in the world, and a BSD fork runs the rest. It’s done. No one is going to deploy Windows Server 2023 edition to run their web services unless something’s gone pretty badly wrong. We’re all focused on AI and cloud computing now, and have been for some time.

The most critical thing a business can do to remain successful is recognize and adapt to the new reality.

Ah yah makes sense 👍🏻

Hm, you might have to take specific steps to get subscribed to stuff you want to see. Personally I find browsing ‘ALL’ to be a pretty unproductive experience… what I might do instead is just navigate to a couple of the likely-seeming instances (roughly in order of “big -> good”: lemmy.world, lemmy.ml, sh.itjust.works, kbin.social, sopuli.xyz, lemmy.blahaj.zone, mander.xyz) (also beehaw), pop up their big community lists, and do some copy-pasting into your own instance’s search bar so you can subscribe to a bunch of the stuff from everywhere that you want to see. I’ve done that one time from a smaller instance and it seemed like worked out pretty well for me (in terms of the time investment being worth it for setting up a feed that I wanted to see.)

This is just me, but I just sort by “new” and make a particular effort to unsubscribe from stuff that’s cluttering the feed, and that seems to give me a pretty good mix of content.

Great stuff. Do yrself a favor and check out Butterfingers as well.

1. Settings & Beta -> Data controls -> Export data
2. Unzip

Python 3.11.3 (main, Apr 21 2023, 11:54:59) [Clang 14.0.0 (clang-1400.0.29.202)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import json
>>> with open('conversations.json') as infile:
...     convos = json.load(infile)
... 
>>> for convo in convos:
...     for key, value in convo['mapping'].items():
...         message = value.get("message", None)
...         if message:
...             parts = message.get("content", {}).get("parts", [])
...             for part in parts:
...                 if 'text to search' in part:
...                     print(part)

4. Customize to taste

So, as weird as this is to say after I joined with others in telling you your question was bad / unfair, I actually think pretty similarly to you in terms of the value of free speech. I have an instance set up which I’ve been neglecting as I work on some other projects, but once I get time to get back around to it, I plan to operate it as a semi-production server, and to federate with some of the “banned” right-wing instances mostly out of curiosity to see what’s on them.

If you’re interested in an account on my instance, send me a DM and let’s talk, as I do somewhat support your mission. Just I would repeat that as far as I can tell, defederating in practice has not a lot to do with “free speech” and more just with operational sustainability (choosing who to federate with not because you object to what’s being said on certain servers, but just as a matter of keeping illegal or clearly destructive behavior off your instance so that it can continue to function well.)

I’ve argued with tankies at length on lemmy.ml, and just this morning I posted this, and I’ve never had any kind of problem with being banned or having posts or comments removed. I had my posts removed from both the right and the left on reddit, which pissed me off in both instances, but I’ve literally never seen it happen yet on lemmy.world.

I suspect that what you want is not “free speech,” because as far as I can tell, that already exists here to a pretty firm degree. If you really want to federate with everyone, you can run your own instance. If you want someone else to do the work of running the instance, but for them not to be able to defederate to protect themselves from abuse or illegality, I’m not sure what to tell you other than good luck with that.

It’s a fascinating topic, but my dude is holding up people making $2k per month as examples of how you can make real money writing poop songs. In “dubiously-earned income doing weird things on the internet” terms, that’s a lot more of a mostly-unsmoked cigarette you found in the ashtray than it is a goldrush.

That’s awesome, this is exactly what I was looking for (or a start towards it at least).

Yah dude. I am a super newcomer to Lemmy, but when I started up it was refreshing that it was cerebral and different and marched to its own beat. I never even really noticed how much image / meme content had taken over reddit, until I saw a place without it. I didn’t agree with the tankies. But, there are tankies! This place is great. It’s different and authentic. I like it. And now, over the last couple of months I’ve been carefully attempting to keep my subscriptions on Lemmy to the factual stuff and eliminate from the feed stuff that’s memes or “Hold my whatever, I’m going in!” just kind of time-wasting.

And yet, even in the “good” parts I’ve been seeing this takeover of people who are… I don’t even know what they’re doing. I think it’s just sort of this dopamine loop that they want to come on and yammer. I’m sort of assuming that this is maybe a problem only on the big instances, that may be better on Mastadon or on more form-a-community type of instances? Maybe? I hope so.

Naturally, the operator called in the operating-system developers. They found the bandit ghost jobs running, and X’ed them… and were once again surprised. When Robin Hood was X’ed, the following sequence of events took place:

  !X id1

  id1:   Friar Tuck... I am under attack!  Pray save me!  (Robin Hood)
  id1: Off (aborted)

  id2: Fear not, friend Robin!  I shall rout the Sheriff of Nottingham's men!

  id3: Thank you, my good fellow! (Robin)

Each ghost-job would detect the fact that the other had been killed, and would start a new copy of the recently-slain program within a few milliseconds. The only way to kill both ghosts was to kill them simultaneously (very difficult) or to deliberately crash the system.

Finally, the system programmers did the latter… only to find that the bandits appeared once again when the system rebooted!

-Classic hacker bedtime story

Yep. Also, IDK if this is universal but I used to deliberately set an alarm for 4 AM, and when I turned it off and went back to sleep I would usually remember my dreams between 4 AM and when I actually had to get up.

The town was infested with some sort of radioactivity from underground that was hurting people. I had to crawl underground, through these super-tight tunnels deep under the earth with things getting more and more evil as I went, until I was able to track the source of the radioactivity to a giant monster that lived back up on the surface (via the tunnels) in an abandoned barn. I had to fight the monster, but I could fly inside the barn. I ripped its head off, but every time I did, it was just like a big rubbery mask and a new head grew back, until I figured out how to do it fast enough that it wouldn’t have time to pop a new head out. When I did that, the real head came out: Tux the Linux Penguin.

That broke the immersion enough that I woke up, all amped up from adrenaline from fighting the monster.