Vlyn

Hey, just a heads-up: You accidentally selected "English" as post language.

Galaxy S22, iPhone is too locked down for me.

I went with the S22 because it's decent and looks great, also one of the smallest high-end phones available.

Samsung sucks though, there is far too much bloat you have to get rid off. The Galaxy store also likes to hijack updates from a few of my apps.

I'd say there still is no perfect phone unfortunately. Maybe a Google Pixel that looks like a S22 and has a more scratch resistant screen. My screen already has two scratches just from being in my pocket. They made the glass more drop resistant, but now it still shatters if you drop it and it scratches more easily :-/

That's why I just use my own KeePass database synced over Dropbox. Zero issues, it's free and nobody is targeting it. Even if someone got access to my Dropbox they'd still have to crack the encryption.

Lemmy just had a massive update today, give it time.

The update fixed my main gripe: Posts continuing to load while I'm reading and being unreliable. That's now gone :)

Performance also got a big jump.

You take away power users and people fed up with Reddit and the casual user who doesn't care is left over.

If you look at blackout votes it was usually around 4 to 1 in favor.

During and shortly after the blackouts there were a ton of upset casual users calling the mods cunts, the blackouts don't help, stop holding other users hostage, give me back my content!!!

Those users don't care about third party apps, mod tooling and so on, they just want to browse the site. These angry users got the loudest while protestors took a break or left for the Fediverse.

Even worse when you browse /r/all, find an interesting post about some topic, join the discussion, type out a long reply, hit send..

And 3 seconds later you get an automod message that your comment was removed. Because you aren't a subscriber to that (default!!!) sub, or you aren't verified, or you used a word they don't like.

And even worse: You join a discussion, got some good points back and forth, everything is great. You try to reply to the latest comment in that chain to keep the conversation up and suddenly your comments get blocked. Because it was a /r/blackpeopletwitter post (you didn't even notice as you found it on /r/all) and at some point they only locked it down for verified black users, kicking you out of the discussion.

I mean sure, have your own space on Reddit (even if it's basically racism), that's fine. But then subs like these shouldn't be default subs on /r/all when they constantly lock down threads.

You can swear here. Try it out: Fucked

But yeah, I'm going to miss RIF, it was the best way to use Reddit on Android :-/

Too lazy to type it myself, so from Google:

The 3-2-1 backup strategy simply states that you should have 3 copies of your data (your production data and 2 backup copies) on two different media (disk and tape) with one copy off-site for disaster recovery.

"Disk and tape" is a bit outdated, but you get the gist. A good strategy could be your main computer, your phone, some cloud drive (so it's in another location).

I mean they have roughly 450 million USD gross revenue per year. They just suck at using it efficiently. Especially when they get 99% of their moderation work and content curation for free.

It absolutely makes sense to secure content and especially moderator positions in other communities by public/private keys.

But look at my replies to /u/Dirk below. If someone actually takes over a domain, sets up a new Lemmy instance and creates the same user again (but without matching keys), how should other instances treat that user? Like a new one? Or block all federation? Do you get warnings interacting with that user (as they could just write another community moderator to invite them "again")?

So the only things you secure are access to existing posts, comments and roles, but without any further checks if this is still the same user, correct?

So if user@lemmy.whatever creates 10 posts, 100 comments and is the moderator of 5 communities (on other instances) then the public key would secure that only that user can interact with that data. Makes sense.

But now the domain gets stolen, a new Lemmy instance is set up, a new user@lemmy.whatever is set up. This user is named user@lemmy.whatever, exactly the same as the original one. They just don't have the right key to interact with their old content.

Now that user wants to moderate one of those communities again, are they treated like a different user (because keys don't match)? Or just locked out (because you can't have two users with the same name as moderator for the community)? Your whole idea makes sense, but when it comes to enforcing those ideas you run into a dozen issues both for federation and when it comes to present the data in the UI.

And you get phishing issues on top. If they are treated as separate users by other instances, they could just write another legitimate moderator "Hey, it's me, user@lemmy.whatever. I got accidentally kicked out of the community, can you re-invite me as moderator please?" so all the work you put in for security is for naught.

You still don't seem to grasp the issue I'm pointing to.

You have instance 1, lemmy.whatever, this instance federated content to lemmy.ml. So now lemmy.ml holds content from lemmy.whatever.

Instance 1 gets nuked. Either because someone stole the domain, or the admin simply lost the private keys and had no backup. Or they had a backup but it's old and half their users got lost. A new Lemmy instance gets set up on lemmy.whatever (with a new key obviously). This is Instance 2.

Now lemmy.whatever starts federating content to lemmy.ml, but from instance 2.

How do you differentiate content and users from instance 1 and instance 2? It's the same domain, but different instances as the keys don't match. Do you block instance 2? Do you delete everything from instance 1 and now instance 2 is the "true" instance for the domain lemmy.whatever? Do you mark all new content from instance 2 as "unverified"?

Sure, with private keys in place a user test@lemmy.whatever from instance 2 can't modify content from the instance 1 user test@lemmy.whatever. But the instance 2 user could create new content under the name of the old user. How is this federated? Do other instances show the guy as test(2)@lemmy.whatever because the keys don't match?