rimu

This video demonstrates the process of adding a passkey to your PieFed account and then using the passkey to log in securely and quickly.

Firefox's support for passkeys is a bit lacking, especially on Linux, so this seems to work best on Chrome(ium) at the moment.

What are passkeys? Read on...

Passkeys are a passwordless authentication method for logging into websites and apps. Traditional username and password logins are vulnerable to phishing, reuse, and data breaches. Even two-factor authentication (2FA), which often relies on insecure or inconvenient methods like SMS codes or ever-changing numbers has its flaws. Passkeys eliminate these issues by removing the need to remember or type passwords altogether.

Passkeys are stored securely on your device and verified using biometrics or a device PIN, making them both more user-friendly and significantly more resistant to phishing, credential stuffing, and other common attacks. This makes passkeys a safer and more seamless alternative to traditional login systems. On Mac and Windows passkeys can be synched via the cloud, making logging in from multiple devices easier.

PieFed uses PDQ hashing to generate a fingerprint of an image and can use that fingerprint to detect other posts that use the same or fairly similar images, for moderation purposes. Hashes are added to a block list which stops the image from being re-posted in future. Demo

PieFed does not generate PDQ hashes itself - it uses a separate service to do it. Several different instances could be using the same hashing service which will be more efficient than everyone running their own. When an image is being federated around the URL of it will be sent to the hashing service by multiple different fedi instances and only the first will be slow as all the subsequent requests will be served from a cache.

Get the code from https://github.com/rimu/pdqhash-python

By doing a GET request for https://yourdomain.tld/pdq-hash?image_url=url_to_image_to_hash you will receive JSON like this:

{
"pdq_hash_binary": "100100100011...",
"quality": 100
}

The quality score (0–100) indicates how well the image content supports a reliable perceptual hash.

Higher scores mean better contrast, edges, and texture in the image. PieFed accepts anything > 70.

Spammers, trolls, and ban evaders often use temporary email addresses. PieFed now checks a list of known temporary email providers and displays a warning icon next to registrations that use such services.

If registration mode is set to "Open" (no approval needed) then the site admin(s) receive a notification instead.

A throwaway email address isn't always a bad thing but it's one factor that admins might want to take into account.

Sometimes there are people keen to help run an instance but you don't know them well enough to give them ALL the keys. PieFed lets you control which parts of the admin area you want a 'Staff' role to have access to and then assign accounts to that role.

For now there are just two roles but it would be trivial to add more if there is demand for it (and pretty easy to make a UI to let an admin define as many custom roles as they want). For example, a "Super moderator" might have the "administer all communities" permission only. Can you think of any other variations of the Staff role?

The latest data, for the first quarter of 2025, shows that China’s CO2 emissions have now been stable or falling for more than a year, as shown in the figure below.

However, with emissions remaining just 1% below the recent peak, it remains possible that they could jump once again to a new record high.

Outside of the power sector, emissions increased 3.5%, with the largest rises in the use of coal in the metals and chemicals industries.

Sector-by-sector analysis suggests that, in addition to the power sector, emissions have likely also peaked in the building materials and steel sectors, as well as oil products consumption.

PieFed uses PDQ hashing to generate a fingerprint of an image and can use that fingerprint to detect other posts that use the same or fairly similar images, for moderation purposes. Hashes are added to a block list which stops the image from being re-posted in future.

Currently each instance maintains their own list of hashes. But in the near future it will be possible to share them so that if I see something horrific & ban it then the ban will be automatically applied to your instance too and then you won't need to see the image at all.

On the surface flair on PieFed functions very similar to how it does on Reddit – on posts they’re community-specific tags that can be used to filter posts in a community. People can also add flair to themselves which is just a piece of text that appears next to their name whenever they make posts or comments in the community. This can be helpful for giving a hint about someone’s background, interests or expertise.

However PieFed is federated and there are copies of the communities on multiple servers (instances). The way to use ActivityPub to create and maintain those copies is described in FEP 1b12 which makes no mention of flair. I have made some minimal additions to that FEP, described in the link.

It's the pesticides in the grass...

Instances that are not trying to attract a new audience might want to turn on the new Private Instance setting, which makes everything private. The home page, posts, communities, etc will all require a login to view. Bots and scrapers won't be able to get anything useful from your instance and will stop trying.

Also if a single-user instance is subscribed to mostly NSFW communities, maybe they don't want everyone to be able to see which communities are listed at /communities.

Or it could be used temporarily when a biiig flood of scrapers turn up, then turn it back off when they go away.

Edit: Federation is unaffected by this. For logged-in users everything continues as before.