Search

Btw, @[email protected], old.infosec.pub has been inaccessible (502 Bad Gateway) for a while (sorry for not reporting it earlier - I have a lot of things going on right now). I don't know if it's intentionally been taken offline, or if it's merely a little bug that needs fixing?

Here's some of the voter fraud, since the person is squawking at me about what they're doing is "upvoting people I follow", which definitely is not what's happening.

 undefined

    
SELECT p.actor_id, cl.score, cl.comment_id, cl.published FROM person p, comment_like cl WHERE p.name = 'demesisx' AND cl.person_id = p.id ORDER BY published ASC;
              actor_id              | score | comment_id |           published           
------------------------------------+-------+------------+-------------------------------

(some excerpts:)

 https://infosec.pub/u/demesisx     |     1 |    1961075 | 2025-02-22 16:22:56.014731+00
 https://slrpnk.net/u/demesisx      |     1 |    1961075 | 2025-02-22 18:00:51.325286+00
 https://programming.dev/u/demesisx |     1 |    1961075 | 2025-02-22 18:03:18.236992+00

 https://programming.dev/u/demesisx |     1 |    1958485 | 2025-02-22 18:03:19.371003+00
 https://slrpnk.net/u/demesisx      |     1 |    1958485 | 2025-02-22 18:00:50.886344+00
 https://infosec.pub/u/demesisx     |     1 |    1958485 | 2025-02-22 11:23:42.226386+00

 https://programming.dev/u/demesisx |     1 |    1958643 | 2025-02-22 18:03:19.093138+00
 https://slrpnk.net/u/demesisx      |     1 |    1958643 | 2025-02-22 18:00:50.944788+00
 https://infosec.pub/u/demesisx     |     1 |    1958643 | 2025-02-22 11:57:14.571075+00

 https://infosec.pub/u/demesisx     |     1 |    1958775 | 2025-02-22 12:18:29.561662+00
 https://slrpnk.net/u/demesisx      |     1 |    1958775 | 2025-02-22 18:00:51.007097+00
 https://programming.dev/u/demesisx |     1 |    1958775 | 2025-02-22 18:03:19.019653+00

 https://programming.dev/u/demesisx |     1 |    1958789 | 2025-02-22 18:03:18.814704+00
 https://slrpnk.net/u/demesisx      |     1 |    1958789 | 2025-02-22 18:00:51.063719+00
 https://infosec.pub/u/demesisx     |     1 |    1958789 | 2025-02-22 12:20:44.963274+00

 https://slrpnk.net/u/demesisx      |     1 |    1958826 | 2025-02-22 17:59:48.55791+00
 https://programming.dev/u/demesisx |     1 |    1958826 | 2025-02-22 18:02:49.300343+00

 https://slrpnk.net/u/demesisx      |     1 |    1958827 | 2025-02-22 18:00:16.302578+00
 https://programming.dev/u/demesisx |     1 |    1958827 | 2025-02-22 18:03:20.336056+00

 https://slrpnk.net/u/demesisx      |     1 |    1958832 | 2025-02-22 17:59:48.497287+00
 https://programming.dev/u/demesisx |     1 |    1958832 | 2025-02-22 18:02:49.359749+00

 https://programming.dev/u/demesisx |     1 |    1958871 | 2025-02-22 18:02:49.420568+00
 https://slrpnk.net/u/demesisx      |     1 |    1958871 | 2025-02-22 17:59:48.43862+00

 https://slrpnk.net/u/demesisx      |     1 |    1958873 | 2025-02-22 17:59:24.697018+00
 https://programming.dev/u/demesisx |     1 |    1958873 | 2025-02-22 18:04:55.884635+00

 https://programming.dev/u/demesisx |     1 |    1958875 | 2025-02-22 18:04:55.795094+00
 https://slrpnk.net/u/demesisx      |     1 |    1958875 | 2025-02-22 17:59:24.792819+00

 https://slrpnk.net/u/demesisx      |     1 |    1958877 | 2025-02-22 17:59:24.743799+00
 https://programming.dev/u/demesisx |     1 |    1958877 | 2025-02-22 18:04:55.84273+00

 https://slrpnk.net/u/demesisx      |    -1 |    1958982 | 2025-02-22 18:00:51.647423+00
 https://infosec.pub/u/demesisx     |    -1 |    1958982 | 2025-02-22 12:55:05.047563+00

 https://programming.dev/u/demesisx |     1 |    1959091 | 2025-02-22 18:03:18.551263+00
 https://infosec.pub/u/demesisx     |     1 |    1959091 | 2025-02-22 12:55:40.650352+00
 https://slrpnk.net/u/demesisx      |     1 |    1959091 | 2025-02-22 18:00:51.138157+00

  

I added some spacing to make it easier to read. All of those overlapping votes on the same comment_id in a single grouping, from for example, [email protected] and [email protected], that's voter fraud. It's demesisx using their multiple alts to vote simultaneously on the same comments. Often their own comments.

So like this comment they upvoted from three of their own alts. There are also some other overlapping votes with the same username from various instances on that comment, too, it wasn't just demesisx.

It's actually not always some kind of heated debate. Sometimes it's just something innocuous which for whatever reason they're upvoting from an additional one of their alts after they post it.

It looks like there are other accounts on @infosec.pub and other instances involved, but I'm not quite sure what the line is in terms of publishing people's private voting information. If the admins feel like weighing in on what's acceptable (maybe just sending the evidence to them in DMs), I can say more and call out some of the other accounts involved.

Why there is such significant overlap between "I make fake votes" and "I hate the Democrats all good leftists like me don't support Democrats," I guess is left as an exercise for the reader.

The account is @[email protected]

Shortly after I moved from x/shitter to Mastodon and migrated as many followers that said they were moving as well, I subscribed to an art-focused mastondon instance. It was absolutely lovely to see impressionist paintings and other great art from museums in my daily feed. Then the site closed down. The admin running it decided he'd had enough.

I still found art, but now it's local artists posting their work. It's lovely, but in a different way. AND I can buy copies of the art if I want. So, I guess change is inevitable. In the real world, I'm sorta glad the Cheesecake Factory and Roundtable Pizza places closed leaving places for local restaurants to take their place.

Why do I hate Cheesecake Factory so much?

Their food is terrible. And the portions are so small.

[yes, that's a Woody Allen joke]

Awesome, thanks jerry!

Welcome to the party @[email protected] - glad you want to take care of [email protected]! I hope you'll be able to convince a decent chunk of your community to come with. :)

Perhaps look into finding a decent cross-post tool, and start cross-posting any posts made on /r/crypto to /c/crypto. Well, I suppose you should give OP a short amount of time to also post here, in case they already have an account, but otherwise, you should do it. No one will migrate, or start being active here, if there isn't already some activity.

I think you would be a most perfect fit here. I think a lot of people on this instance would be excited to have a vibrant crypto community here.

The crypto community we have here isn't so much "lower quality" as it is just dead. There's been just three posts there in the last year. I was going to suggest you ask the owner of it if you could take over, but it looks like they haven't been active for two years.

I think you should just ask @[email protected] or @[email protected] if you can take over. There's no reason to have two crypto communities, if one of them is dead; you get to keep your old identity of being called "crypto", instead of "cryptography", or something else; and there are presumably a lot of the subscribers of /c/crypto that would very much like to have an active crypto community show up in their feed.

Welcome to Lemmy, and to Infosec.pub - I hope to be able to say the same to your community!

The article mentions they suspect being disconnected from the network causes the reboot. That's a great idea. That should be implemented as well on gos.

@return2ozma This ships don’t work and are being decommissioned. Most of the time they are in a port being repaired. You can’t blame them wanting a connection to the world.

https://www.propublica.org/article/how-navy-spent-billions-littoral-combat-ship

You might prefer smaller instances; … This part of it is clearly not a bug, however you put it. It is a difference of preference.

My personal preference happens to align with fedi principles. Don’t let that consistency fool you. I’m not advocating for what’s best for me. I am saying the list should be ordered in a way that’s healthy for the fedi based on the federation’s purpose and mission.

Showing the biggest communities on top may be your personal preference, but that is not healthy for the federation.

I myself am on an instance that’s almost identical in size to yours.

FYI, aussie.zone is centralized on a US tech giant (Cloudflare) and thus contrary to fedi principles. Though it’s not the worst manifestation of Cloudflare because they have whitelisted Tor. But there are still many other demographics of people likely being excluded from aussie.zone.

I do not see the value in smaller communities being prioritised when they each cover the same topic. If there’s [email protected] with 10,000 subscribers and [email protected] with me and my twelve mates, lemmy.world is the one the app should show people first. It wouldn’t matter to me whether that 10,000 is on lemmy.world or midwest.social, it makes sense to show users the place they’re likely to have the most interaction.

That is not healthy for the federation. That imbalance is a problem that Lemmy has failed to control. The disproportionately large communities need no promotion. Too many people know about them already. They should either not be listed at all or be pushed lower on the list. It’s an extra slap in the face and injustice that these are exclusive Cloudflare instances that are getting prioritized. These are instances without self-control on their growth and power.

It’s not instance-related at all.

It is instance related. If you search for Android on other instances you will get different lists. Users on infosec.pub have subscribed to every Android community in existence which makes the manifestation of the problem unique to infosec.pub. The [email protected] community is also federated to infosec.pub by way of my subscription. It is true to fedi principles of inclusion and decentralization, unlike those that get listed on the top. So it’s an unhealthy sequence.

It could even be one user account that caused this. The activism.openworlds.info Mastodon instance was getting hammered with traffic. After investigation, they discovered that one user was following a shit ton of other accounts. All those follows were responsible for the admins struggling to cope with all the traffic. That instance eventually went under because it could not cope with the bandwidth demands.

This belongs in discussion around lemmy-ui, the various Lemmy apps & alternative front-ends, or in Lemmy itself with what gets returned by its search API.

The software part of the problem is specifically in the stock Lemmy web client. The bug tracker for the Lemmy web client is jailed in MS Github’s walled garden, hence why it was originally posted in [email protected]. There may be a configuration element to this, which is why it’s posted in this infosec.pub community. If there is an inactive account with all these android subscriptions, that can be remedied on the instance.

order should be descending order of size.

If bigger is better, why are you here instead of Facebook and Twitter? Fedi principles and philosophy have completely escaped you. In the fedi, we consider power imbalances, privacy abuses, and exclusivity resulting from centralization to not only worsen UX but to be an injustice. Encouraging disproportionate growth in the fedi is to advocate the destruction of what brings us here.

Unfortunately they seem not to be active on Lemmy anymore. The other admin, @[email protected] is though, so maybe they have some idea?

You might have to @[email protected] if there isn't notes on why listed. Sometimes instances get compromised and flood bad stuff. Maybe the instance can be enabled if there's no other reason to keep it disabled.

@[email protected] Would you share any of the following, I'm just curious:

• what's rough user count
• what's average instance CPU, memory, bandwidth use
• database and file storage
• cost
• time commitment
• Colo, business, residential

[edited this report to update with correct info] My workflow is I click on create post, post the URL of the media, upload a small image of the logo, add the body text with links to the conference information and meda.

The issue is that when I add the image, the URL of the image gets put into the URL field of the create post page.

Previously the URL in the create post page could be directly to the YouTube video. For example https://infosec.pub/post/3334303 worked fine.

Oh yes the colloquial usage of the term is even more subjective than @[email protected] usage of it. The amphibious one at least attempts to provide a rubric for the definition of bigotry.

@mwguy @fr0g Now, many apply the term bigot to anyone who makes moral judgments concerning behavior that are different than the moral judgments they make. In that context the term is entirely subjective. It's no more than name-calling.

@CoderKat

I guess you define “safe” as “never being exposed to an opinion that offends you”. Good luck with that standard. It seems entirely subjective.

cc: @jonne @fr0g

@LostDeer

Fyi exploding-heads shut down near the end of last month. The principals did not think it was worth the bother, given the evident general proclivity toward leftist censorship in Lemmy.

cc: @fr0g

even when: @jerry and @shellSharks are working on the servers. and I have nothing but praise for them.

I also think there should be some (small) group of people able to help & assist with the task of maintenance and support of the backend.

(and i don't mean getting root access to anyone's hardware, especially not without vetting)

and I would also think it would be a good idea to have some (open) scenario / manual / strategies for different standard actions, preferably with a script to also fix the issue.

(just some ideas running through my brain)

First of all thanks for the very detailed response. I have a few questions.

1. Like you said, why not use public key cryptography? Why is it not well supported for web-apps?
2. Why not use something like Diffie-Hellman algorithm to share the password? Signal protocol uses ECDHE so I am assuming that it's safe against mitm which the base Diffie-Hellman is vulnerable to (I might be wrong. I couldn't find if it waa vulnerable or not).