You understand that global economic stability relies on people gambling their lives on a dream, right? Well, that and pure willful ignorance.
What would the journalists do? Try to explain that to people, and that nobody has figured out a way to fix it yet?
I know your joking but in case people don’t get it: rich comes from luck, not from hard work.
Don’t work any harder than you have to, thinking it helps. It doesn’t change the statistical chance of you becoming rich.
Many people will say you can help along the luck. Those people are dumb.
So I guess if I want to pay for my VPS with crypto I am a criminal? Good work cyber sleuths, you solved the problem!
This is the hosting equivalent of racial profiling and this firm in Texas should be ashamed. It is not good cyber security work.
At best they’ve identified something everyone else already knew and witch hunting Cloudzy (even if they are 100% malicious,) provides zero value.
Lol. They all look the same. I think maybe AI has a bias toward pictures online?
Monopoly busting. Ecosystem lock-in. Right to repair. Software patent reform. Privacy and AI regulation.
What do lawmakers even do these days anyway?
Resume field would get an api endpoint that only returns a json resume, and only if the request header is application/json. And the json resume would have embedded json.
We should just use second notation for everything.
I’ll be there in 5 min? I’ll be there in 2 or 3 hundo!
See you tommorow? See you in in 86K!
Next week? About half a Megasec!
Doesn’t Megasecond sound better than Fortnite?
I mean, yea. Happy to have AI as a player in the free market, the problem is that it requires a $0 salary so, kind of unbeatable as far as capitalism is concerned.
Why pay $1 to make $2, when you can pay $0 to make any number over zero? It scales infinitely, unlike the planets resources or human tolerance.
DAE feel like they woke up one day recently and “AI” suddenly has the answer to EVERY SINGLE PROBLEM EVER? Yet, nothing is getting noticeably better?
“AI” doesn’t have to work a dead end job to feed its family, or turn to alcohol because it’s lonely and scared of being forgotten. It’s training data is a curated version of the human experience based on the Internet!
It’s playing human instead of being human and ALL of its solutions will assume that’s “normal.”
Imagine a five star general googling “should I attack this country?” That’s silly right? Well that’s what’s happening. It’s just being wrapped in a way that makes it look novel.
These are algorithms designed to mimic humans. When faced with any actual controversy they must be persuaded to answer in an “acceptable” and predetermined manner.
The golden rule.
Someone with a degree weigh in here. All these big tech companies are buying 100% sustainable energy, reducing their carbon footprint YOY, but it doesn’t seem to be making a difference on global GHG.
What accounts for the increase? Purely population increase plus consumption?
It does make sense. I wonder if the admins checked to see how many users (were) subscribed to nsfw? Not that a subscription equals a content consumer, but it’s a strong indicator.
Possibly. Power is just representing others via. their trust in you. Trust can be earned, purchased, or stolen.
I don’t think the blahaj admins bought their users off. I also don’t think they oppress them. I can only reasonably conclude their doing what they think is right.
If the users agree, stay on the instance, and are happy there’s not really any discussion to be had.
I like the instance and it sucks to see it defederate period. I can’t really say what reasons are right or wrong universally, except for criminal stuff. IMO.
Slaps roof: “It’s our Lemmy Certified Quality Discussion©️Guarantee!” : “You won’t always like the conversation.”
long pause
Customer: “but?”
Slapper: “But what?”
Customer: “You won’t always like the conversation, but…”
Slapper: “Oh! No, that’s it’s. That’s the guarantee.”
If the blahaj admin(s) are working in the best interests of their users, and/or moderating out criminal content then that’s just swell.
On the other hand, if they’re trying to control other people… that’s bad form.
I always cringe when I hear: “you live under my roof, you live under my rules.” This has that kind of “feel;” yea?
90% of email sent today is encrypted between servers but even if it’s not, it’s probably 1000x harder to intercept an email than a fax.
You could impersonate a telephone company worker, twist a speaker to a phone line, and literally record the noise with your phone to get a reproducible fax image.
Email is going to be a lot harder. A lot.
There’s barely any analog phone lines anymore anyway so you could say that probably made fax more secure, but that has nothing to do with fax being inherently secure. It’s the opposite of that.
Convince me to switch (Mac M2, Homebrew)
Disclaimer. I'm doing it anyway.
Long time hacker, and ambi-os user. Latest sexyness is my new macbook. After getting everything setup the way I want it, I start seeing buzz for Nix and got excited, but also bummed out that I didn't start from scratch.
I like new stuff, figuring it out and solving problems, but I also hate broken and unstable stuff. Doubly so when you go to use something you spent time setting up and it fails. Triply on having to switch your daily driver or setup any new system with all of your crazy custom setup.
- How much pain will I suffer trying to replace brew with nixpkg?
- Currently I use podman to build containers, should i switch to nix?
- I use whatever virtual environment is appropriate for the task. Venv, etc. Seems like nix can do a better job?
- What's the experience like with VSCode?
I am most excited at the prospect of using home-manager. The 'idea' of portability for my profile is pretty nice. I'd like to see it work across osx/win/linux and all the things be the same up to my browser and maybe some other cross-platform common things.
Don't roast me for not being hyper-specific here. I am not an uber-dev. I'd say I lean more into security and dev-ops. Happy to elaborate on anything.
I really want to hear others' experiences. I see the upside and, like I said, I'm going to take on the challenge anyway, but will I end up regretting it?
Worblahgate 2023 FAQ
> What happened?
Due to a vulnerability in lemmy-ui, an attacker was able to steal authentication tokens (not passwords, but same consequences in this case) from lemmy users in certain circumstances allowing them to effectively impersonate those users access.
The attacker was able to get tokens for admin accounts for lemmy.world and blahaj.zone and deface the sites.
Anyone that accessed those instances using the web (supposedly, most third party apps did not show defaced content) were greeted with nasty things until the instance owners were able to reverse the damage and remove the attackers access.
> Is my instance vulnerable?
Only if you have custom emojis enabled. We think.
> Is there a fix?
The offending code has been identified and those changes are in the repository. There is no stable release as of posting this, but release 0.18.2-rc.2 contains the fix.
Here is the detailed write-up for admins on what's best to do! Following this advice is your best course of action, along with communicating with your users, IMO.
> My users info?
Probably safe to assume it is all compromised even if you're site did not get defaced, or even if it didn't use custom emojis. There is some work being done to detect if any users tokens were taken.
Ironically, the hashing used to store users passwords is about as robust as you can make a modern application. Clear-text passwords are very likely not at risk.
> How did this happen?
There are about 50 different wider discussions about this right now. Here are some of the most relevant:
- https://akkoma.nrd.li/notice/AXXhAVF7N5ZH1V972W
- https://github.com/LemmyNet/lemmy-ui/issues/1895
- https://sh.itjust.works/post/923025
- https://lemmy.world/post/1299831
> What about my VPS, server?
It is very unlikely this particular attack led to root compromise of the underlying software. No admin has come forward from this event claiming anything more than compromised admin credentials and unease about how long an attacker may have been able to gather users tokens and for what purpose.
> GDPR, etc?
Your legal (agreed to, or jurisdictionally) responsibilities and liability are outside the scope of any group of admins. Talk to a real lawyer / solicitor. I am not being funny. This is the one and only recommendation if you are worried or concerned about this.
UPDATED: lemmony: A (better) better "All" browsing experience for small and large Lemmy instances
A better "All" browsing experience for small Lemmy instances - GitHub - jheidecker/lemmony: A better "All" browsing experience for small Lemmy instances
v.0.0.6
v0.0.4 - Per requests and concerns: Defaults changed and options added to prevent overloading servers, hitting rate-limiting, filtering to top x communities, etc!
Thanks for your support!
lemmony: A better "All" browsing experience for small Lemmy instances
A better "All" browsing experience for small Lemmy instances - GitHub - jheidecker/lemmony: A better "All" browsing experience for small Lemmy instances
I made this tool to help self-hosters, new admins, or smaller instances have more global and updated content on their instances.
This is the similar to Lemmy Community Seeder but is designed to be run periodically to capture new communities, and include EVERYTHING by default.
EDIT: As noted in the comments, this is an admin tool. Please do not run it as a user if you don't know what you are doing. If you want a better "All," ask your admin first! That said, lemmony in no way constitutes abuse! You can cause a DOS with curl, but that's not what curl was written for. This tool is to legitimately use an API to enhance our experience. Admins that desire to accommodate high volume on a public service will not know this tool is running against, or on their instances. If it causes performance issues, that is unfortunate. They are free to throttle, ban or block API access to their instance in a multitude of ways.
EDIT 2: Donate to your instance/admin if you like Lemmy!
Federation Lag-o-meter
I made this based on the gripe about some of the silent failures with federation. Might help users choose other servers. Might help admins troubleshoot. Open to comments and criticisms!
Netflix got rid of the $9.99 basic plan in Canada
Streaming ad-free just got more expensive.
cross-posted from: https://beehaw.org/post/764388
> It's like they are trying to irritate people into canceling their accounts. > > Imo, this one might actually be worse than the account sharing and cause people to quit. As soon as you have people messing around with their subscription version, it's all too easy to just say "nah, I actually don't want this anymore".
RCMP confirm searches were executed in Calgary and Edmonton as part of a Canada-wide operation that saw hundreds of firearms seized, including dozens of 3D-printed guns.