The change for EEA users doesn’t even work currently, so no one actually knows. I have a $50 bounty out though to figure out what’s needed once it does work though.
The change for EEA users doesn’t even work currently, so no one actually knows. I have a $50 bounty out though to figure out what’s needed once it does work though.
This doesn’t even work currently. Despite them saying that those in the EEA won’t have to deal with Edge. I’m sure it’ll work eventually, just not right now.
As @Starbuck@lemmy.world stated. They’re still valid image files, they just have extra data.
Hi db0, if I could make an additional suggestion.
Add detection of additional content appended or attached to media files. Pict-rs does not reprocess all media types on upload and it’s not hard to attach an entire .zip file or other media within an image (https://wiki.linuxquestions.org/wiki/Embed_a_zip_file_into_an_image)
Nah, you’re good. Lemmy is still new stuff. 👍
One of the ones marked as sus, yes
Non-textual content (media, and icons I believe) is still served from the other instance to prevent all federated instances from exploding in size.
Additionally, some browsers will preload/prefetch links to “improve the browsing experience”
Content is up but users are down. Take that as you will.
Launchdarkly is likely a culprit as well. Just doing a background search reveals that the service allows dev teams to do A/B testing, enable new features without releasing a new version, and various other “dynamic” functions.
OP is on the wrong side of Occam’s razor
Ads & Analytics, like most things.
https://developers.facebook.com/docs/graph-api/overview/
Wouldn’t surprise me if there’s an in-app ad / self promotion / community announcements / et al that is managed via FB’s Graph API
I’ve ruled out a good amount of leads but I have not had contact with the admin yet :(
deleted by creator
These aren’t demands, but I can definitely see how they can come off that way. These are industry standard post cybersecurity incident review questions by defined by NIST (NIST SP 800-61 Rev 2 Section 3.4.1) slightly rephrased.
To add context to this. What I’ve been told is that a community running on a lemmy fork with 5 digit users had used this code for a while and backported(?) the code upstream when they federated back. I guessing there was an assumption of safety as they had been using the custom emojis code for quite a while without it being exploited.
While this is definitely a discussion to be had (I’ve created a few accounts on different instances). Posting that here is just adding onto the drama.
Yeah, specifically why I mentioned “affordable”.
They recently blocked a single instance due to the other instance breaking the law in the country vlemmy is hosted. I’m hoping all of this is just a database cleanup gone awry, I would have hoped @pyarra@vlemmy.net would have made a comment SOMEWHERE.
For a second I got this project confused with pingfs
https://github.com/yarrick/pingfs