It is probably best to think nothing on Lemmy is private. Any instance with at least one user subscribed to a community will receive updates (messages and votes) on the community. Instance admin can go into the database to see any private message between any user on that instance.
Their grievances with the Lemmy dev team is pretty universal. I can’t wait for Sublinks to become the mature release.
For projects, where they have their community presence also speaks to their ideology. Those projects’ communities chose to move off of Reddit, and be on Lemmy; those projects’ communities chose the instance they’re on.
One may plea ignorance in the early days of Lemmy, that they’re misguided by the instance description; but now a year later after all the drama, their decision to remain there will start to influence who will be able to interact with their community.
I have no sympathy for communities that chose to remain on CSAM infested instances that got defederated, and I will have no sympathy for project communities that continues to associate with ideologies by the ml admins.
Rather !announcements@lemmy.openmw.org, !general@lemmy.openmw.org, !bugs@lemmy.openmw.org, … etc.
So much more flexibility for organizations to build structured communities!
My understanding is that the “host” instance of the community is responsible in sending things out to the subscribers. As such, when users from B post on a community on C, C will broadcast the activity of user from B to instance A’s federated copy of community on C, and users on A will see the post from the user from B. They should also be able reply to each other’s comments on the community on C.
Fortunately, you’d be very hard pressed to find bandwidth pricing from 18 years ago.
The point is the claimed issue is really a non issue, and there are much more effective ways to stress websites without needing the intermediary of fediverse.
AWS charges $0.09/GB. Even assuming zero caching and always dynamically requested content, you’d need 100x this “attack” to rack up $1 in bandwidth fees. There are way faster ways to rack up bandwidth fees. I remember the days where I paid $1/GB of egress on overage, and even then, this 100MB would’ve only set me back $0.15 at worst.
Also worth noting that those who’d host on AWS isn’t going to blink at $1 in bandwidth fees; they’d be hosting else where that offers cheaper egress (I.e. billed by megabits or some generous fixed allocation); those that are more sane would be serving behind CDNs that’d be even cheaper.
This is a non-issue written by someone who clearly doesn’t know what they’re talking about, likely intended to drum up traffic to their site.
If you’ve skimmed over the original publication, it is actually worse: it is a non problem. Other users have pointed out already: ~100MB served over 5 minutes period is quite literally nothing for even one small VPS serving the content independently, let alone a site with CloudFlare in front like they claim to have.
Or 4) Ignore noise and do nothing; this is a case of user talking about things they don’t understand at best, or a blog intentionally misleading others to drum up traffic for themselves at worst. This is literally not a problem. Serving that kind of traffic can be done on a single server without any CDN and they’ve got a CDN already.
I think this might work, I haven’t done it for too long to know for certain if two same plain text encrypted with two same public key would yield two identical encrypted blobs.
I’ve self replied another possible implementation, that I’m pretty proud of figuring out literally 1AM. If you have time, please do give it a glance and see if you can spot any weakness.
Aha! Something just clicked — been thinking continuously since before the original reply. The answer is … more signing and maybe even more keys!
A message would be signed multiple times.
If Bob wants to send Alice “Hello, how are you?” the plain text would be signed with Bob’s general private key that could be verified with Bob’s general public key. This would allow Alice to forward this message to anyone while they could still verify it did indeed came from Bob.
The plain text and signature is then encrypted with one of Alice’s public keys, so only Alice could decrypt it to see the message and signature. This may be a thread specific key pair for Alice so they’re not re-using same keys between different threads.
The encrypted message is then again signed by Bob, using one of Bob’s private key, so that Alice can know the encrypted message has not been altered. This here could also be the thread specific key as noted above.
If Alice were to report Bob, Alice will need to include both the plaintext and the internal signature. This way the internally signed message could be reviewed if the plaintext and signature were forwarded to moderation for review by Charlie (just need to verify the signature against plaintext with Bob’s public key), while the exchange should be secure to only Alice and Bob.
Et voila!
Been forever since I did any work with cryptography, but if my memory is correct:
Alice needs Bob’s public key to verify a signed message from Bob haven’t been altered;
Bob needs Alice’s public key to encrypt a message that can only be decrypted by Alice;
If Bob sends Alice a message encrypted with Alice’s public key, signed with Bob’s private key, containing “Hello, how are you?” ; this message could be verified as authentic by Charlie using Bob’s public key but Charlie cannot see the contents of the message as Charlie does not have Alice’s private key.
Without Alice disclosing their private key, how can Charlie review the content of a reported message from Alice claiming Bob sent them something inappropriate?
I.e. how can Charlie be certain if Alice claims Bob sent “cats are evil” when Charlie cannot decrypt the original message, only verify the original message have not been altered via Bob’s public key.
I generally stay away from being in between people and money because sadly people change their mind and the money could be reversed after it leaves my hand. Doesn’t mean you shouldn’t push this idea further, but please do make sure you setup reserves and buy yourself enough time to protect yourself.
At least from the nerd side of Lemmy, communities pertaining to technology, self-hosting, etc. — which I’d imagine to be the larger drivers due to how complicated it is to join compared to a traditional centralized setup (see also same hurdle for mastodon vs Twitter; which doesn’t gain adoption until Thread and BlueSky started to attract the less technical users), I’m seeing troubling signs of slowing down and shrinking.
If people actually want Lemmy in these areas to grow, it is important to be a lot more inclusive, and understand when to not participate in order to foster better community growth.
What I mean on the inclusive side is those FOSS advocates need to back off with the “You don’t understand FOSS, and go make your own instance” comments so other users don’t just bounce right off and leave after being bored with nothing to interact with.
What I mean by understand when not to participate is literally don’t participate in niche communities that doesn’t apply to you. So many Android users commenting irrelevant anti-Apple sentiments in Apple Enthusiasts community, for example. This is driving away actual users who are interested in discussions.
The charts don’t lie. Lemmy is shrinking, not growing. After getting a new lease on life with 0.19 due to what is essentially clever accounting, the community is still slowing down/shrinking. And for the nerdier side of the userbase, unless the community by and large start to interact more inclusively, the whole thing is sadly going to be just a small blip that’ll soon fizzle out.
0.19 counts active users differently; prior to 0.19, the count is only if the user posted, after 0.19, all interactions results in the user being counted as an active user. This inflated the active users hugely as all lurkers are counted.
The active users is dwindling. You can see the steep drop off prior to the change and a slow but continued decline after the update.
I do not know the reason for the number of posts falling off, but that doesn’t look healthy either to be honest.
One potential downside to this on the posts/comment front is that if the thread in question is not in a community your instance is federated with, any form of local redirect would yield just an empty post with no comments. Lenny’s current federation is primarily push driven, so when requesting a post from an unknown community will yield no historical comments, as your instance have never subscribed to the community and thus never received the push notifications. Whereas getting sent to the original instance, you’d be able to see the full interaction history and have a better picture of the intended discussion.
Filled it!
I understand your experiment is already under way, so it is unlikely that you’d be able to change your methodologies at this point. One small feedback on the questions, however. As presented (to me, maybe the system is randomized, I don’t know) the questions felt leaning towards difficult/complex to use, which may lead the user skewing their responses negatively. While this may be counterweighted by the fact that you’re asking a niche community using these systems already to complete the survey, it may still be a good idea to ask more neutral questions and allowing the users to select from a spectrum instead.
For example; instead of “I find the system unnecessarily complex; Strongly Disagree… Strongly Agree”, it may potentially be better to ask “How do you find the system? Very Straightforward … Very Complex”. Your score for each of the selection would be consistent (1 is less complex while 5 is more complex), but you’re not impressing a negative sentiment on the user.
Anyway, good luck with your study! Looking forward to your published results!
I don’t know about other platforms, but YouTube membership is totally implementable on any other platform.
The workflow anyone need to implement is the same flow Discord has implemented:
mine filter on channels.list end point. This way the service can know SomeOneWatching is owner of channel UC1234ABCDfilterByMemberChannelId on the same members.list end point.Source: I’ve worked in YouTube adjacent company using all of their public and several proprietary APIs for around 10 years now. I’m fairly familiar with their API offerings.
On a lot of the image boards described by OP, tagging is managed by the users collectively. That is, almost everyone could not only add but also remove tags from content, as well as collectively maintain wiki on what the individual tags mean. When multiple similar tags meaning same thing come up, they’d alias to one central one; when different usages of same tag come up, they’d take a Wikipedia-esque approach to differentiate them; some even go as far as creating categories for tags so similar concepts can be grouped together. Trouble makers (people who repeatedly use tags incorrectly) lose their tagging privileges and so problem is kind of managed at bay.
There’s also the problem that sadly Lemmy is filled with vocal users with skewed view of the world, and they tend to be extreme polarizing. The “if you’re not one of us, who firmly believes the world should work a certain way, and if you’re not willing to shoot yourself in the foot with a shotgun to prove it as a point, then you’re one of them; you should get the eff off of Lemmy and crawl back to Reddit” kind of way. They’re so scared of losing that pedestal that they’re going to go out of their way to alienate anyone who doesn’t drink their koolaid and push them off the platform so they can remain dominant. Sadly, these people also never really learned much of the real world, so those that are more experienced / educated gets pushed off the platform, and we end up with a bunch of weird superstonk culty kind of vibe everywhere.
I find myself more and more just make a comment and don’t look back. It’s quite literally futile and pointless trying to expect any discussion of any actual sustenance. You wonder why it’s just shitposting… well this is why.