• 0 Posts
  • 44 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle

  • Melmi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldZeroTrust Your Home
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    2 months ago

    When done correctly, the banner is actually a consent banner. It’s a legal thing, not necessarily trying to discourage criminals. It’s informing users that all use will be monitored and it implies their consent to the technology policies of the organization. It’s more for regular users than criminals.

    When it’s just “unauthorized access is prohibited”, though, especially on a single-user server? Not really any point. But since this article was based on compliance guidelines that aren’t all relevant to the homelab, I can see how it got warped into the empty “you no hack” banner.


  • But how will you get a “universal” view of the fediverse? No single authoritative view exists.

    You yourself acknowledge that this is complicated, but I honestly don’t understand what appeal a hacked together fake centralized system would have for people if they don’t care about decentralization in the first place. Any such solution is almost inevitably gonna end up being janky and hacked together just to present a façade of worse Reddit.

    Lemmy’s strength is its decentralization and federation. It’s not a problem to be solved, it’s a feature that’s attractive in its own right. It doesn’t need mass appeal, it’s a niche project and probably always will be. I don’t think papering over the fundamental design of the software will make it meaningfully more attractive to the non-technically minded.


  • Yes, but only if your firewall is set to reject instead of drop. The documentation you linked mentions this; that’s why open ports are listed as open|filtered because any port that’s “open” might actually be being filtered (dropped).

    On a modern firewall, an nmap scan will show every port as open|filtered, regardless of whether it’s open or not.

    Edit: Here’s the relevant bit from the documentation:

    The most curious element of this table may be the open|filtered state. It is a symptom of the biggest challenges with UDP scanning: open ports rarely respond to empty probes. Those ports for which Nmap has a protocol-specific payload are more likely to get a response and be marked open, but for the rest, the target TCP/IP stack simply passes the empty packet up to a listening application, which usually discards it immediately as invalid. If ports in all other states would respond, then open ports could all be deduced by elimination. Unfortunately, firewalls and filtering devices are also known to drop packets without responding. So when Nmap receives no response after several attempts, it cannot determine whether the port is open or filtered. When Nmap was released, filtering devices were rare enough that Nmap could (and did) simply assume that the port was open. The Internet is better guarded now, so Nmap changed in 2004 (version 3.70) to report non-responsive UDP ports as open|filtered instead.




  • Melmi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldReverse proxy
    link
    fedilink
    English
    arrow-up
    5
    ·
    6 months ago

    It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.


  • I just don’t understand why you want to copy-paste ChatGPT. Surely the parent commenter could access ChatGPT if they wanted, so you’re not bringing a new perspective. If “content” is all that matters, you could generate a thousand different ChatGPT responses and reply to their comment with each one, but that’s not acceptable. Why not?

    People come here for a conversation with other people, and copy-paste ChatGPT responses don’t actually contribute to that. If all they want is information/content, there are better places to find it. They could use ChatGPT, sure, but they could also use Wikipedia or even an economics textbook. It’s up to them. Even if they use ChatGPT, they’d probably prompt it a few times in a few different ways to get the best info for them.

    If you really want to use ChatGPT in your responses, why not add your own voice? When I suggested commentary I don’t mean that you should just prompt ChatGPT into pretending to be a human, I mean that you should add your own perspective. Editorialize. Pull out the good bits.





  • Most things should be behind Authelia. It’s hard to know how to help without knowing what exactly you’re doing with it but generally speaking Authelia means you can have SSO+2FA for every app, even apps that don’t provide it by default.

    It also means that if you have users, you don’t need them to store a bunch of passwords.

    One big thing to keep in mind is that anything with its own login system may be more involved to get working behind Authelia, like Nextcloud.


  • That’s I guess why CSEM is used, because if the images are being shared around exploitation has clearly occurred. I can see where you’re coming from though.

    What I will say is that there are some weird laws around it, and there have even been cases where kids have been convicted of producing child pornography… of themselves. It’s a bizarre situation. If anything, seems like abuse of the court system at that point.

    Luckily a lot of places have been patching the holes in their laws.



  • This is certainly an interesting topic. There are men who are comfortable wearing dresses and wearing makeup and all that, just as there are women who are comfortable with cutting their hair short and wearing baggy clothes and all that. It’s also true that those people are sometimes harassed and called “eggs” by people who are ostensibly trans-friendly (especially fem-presenting guys).

    But I don’t think that that is equivalent to the trans experience. I assume you’re not trans, correct me if I’m wrong, but dysphoria is a real thing that for many people is very deeply related to physical body parts, and your theory just doesn’t account for that at all. I don’t think that your average fem-presenting guy wants to take HRT to get breasts, let alone go to the extra length of getting bottom surgery and get vaginoplasty. There’s clearly something more about dysphoria than it just being a matter of what they like differing from what’s socially acceptable, unless you broaden it so wide as “liking having breasts or a vagina” or “liking having a penis”, and even that is a stretch because dysphoria is a very visceral sense of wrongness in one’s body that goes much deeper than just preferring a different body part.

    Not all dysphoria is physical, either. It can relate to misgendering, or any number of societal things that aren’t necessarily related to just what we’re “allowed” to do. Frankly, unless gender is outright abolished and there are no longer distinctions between genders or even societal differentiation between sexes, I don’t see it going away. And even in a post-gender world, I imagine there would still be trans people (perhaps by another name) who experienced physical dysphoria.

    Your theory also doesn’t account for trans people who present as would be socially acceptable for their assigned gender at birth, and have interests that are similar to their AGAB, but still identify as trans and even may experience dysphoria.

    All in all, while I appreciate your conclusion to support trans people, I disagree with your reasoning. I don’t think that being trans is merely a result of one’s likes not being in line with societal norms. I think it goes much deeper than that, and can’t be reduced to such a simple cause.


  • Why would a random browser extension take it upon itself to snoop on your traffic to ensure that the websites you’re using can’t be used for illegal things, and then intentionally break it if it detects something it thinks it’s illegitimate? That’s a huge breach of privacy. It’s just malware at that point. It’s not like a court of law would hold your browser extensions responsible for your piracy. That’s like blaming a cup holder because the car was used in a robbery.

    No, I think this is just a bug. Especially since people have reported that the extension breaks other websites too.


  • For it to be called bad implies any sort of intentionality at all, I think.

    Reality just sort of is. Games are attractive because they have rules, they make sense. They’re designed to be fun. The universe isn’t failing at accomplishing those goals, it just never had those goals to begin with.

    You can learn to master the rules of D&D. It’s designed to be understood and played. Whereas reality is emergent, built up from so many nested systems that we don’t even understand how they all fit together yet. We’re all just trying to get by within it.


  • The microblog side of the fediverse is really hostile to scraping or indexing of any kind. On the one hand, I get the idea of safe spaces and not wanting your data to be public, but then why are you on an instance that federates openly?

    It seems to me that anything that’s being federated out by ActivityPub is public by nature. If you don’t want it to be public, you should use an allowlist, or just don’t post publicly.

    I guess I just assume that everything I’m posting is being scraped and archived forever, because there’s no way to ensure it’s not. It’s ironic that the fediverse is so hostile to this fundamental fact of the internet when ActivityPub is basically designed to just hand out information to whoever asks. It seems like there’s a conflict between the protocol and the culture.



  • Harry Potter spaces are not unique in creating structure. There are tons of fandoms, with millions of members. It’s not the first modern fandom by any means either. It’s not like if HP suddenly disappeared there wouldn’t be any fandoms of equivalent or larger size to provide “structure” to vulnerable people. Lots of them have more queer people in them too, and less transphobia.

    I’m not sure what makes Harry Potter uniquely digital in your mind either. I’m sure you can interpret it as being about that, but I don’t think that’s the interpretation most people walk away with. Even if it really is a lens some people use to understand the Internet or whatnot, I certainly don’t think it’s the first story to be used in that way… There are a lot of stories that can claim that title that far predate Harry Potter, many of which have fandoms of their own.

    I just don’t think HP is an essential backbone of culture. It’s important to a lot of people, for sure. And I can’t imagine what it’s like to realize that the creator of a work that’s so important to you is a terrible person. That has got to be a really shitty situation to be in. But there are other fandoms out there. There’s other great fiction, written by authors who won’t weaponize your consumption against minorities. It’s not a dichotomy of either you embrace Harry Potter or you must write your own.