the argument for .ml domain has always been absurd to begin with. So it's free but the price you pay is that it's being run by Mali. I'd just drop 8$/year tbh, that's not a hill you want to die for. Also you harm your project by being SEO punished for using spam-associated TLDs like this. One of the reasons original Lemmy took so long to adopt until Reddit's API drama. Pretty dumb ngl.
If i remember right it was also "free to register but insanely expensive to renew once they start to see traffic"
Renewal costs are my primary consideration when picking domains. Subscription fees is how your money disappears when you're not looking.
Anyone know how companies get the rights to domains to sell in the first place? Do they literally submit a list of all domains to ICANN or something? Sorry if this is a stupid question, I just never understood how any of this really works.
TLD - Top Level Domain (.com .ml .whatever)
Registrar - NameCheap, PorkBun, etc. Submits your domain.TLD request to a Registry
Registry - Maintains the list of domains for a specific TLD and the server infrastructure to run the TLD
ICANN - Decides who can be a Registry and for which TLD. Not involved in the nitty gritty of individual domain names.
This brings a disturbing thought to mind.. if an instance domain name like foo.bar lapses and someone else snaps the domain up (or of it gets stolen) can the new controller plop Lemmy on a server and be instantly federated? If so what kind of damage could they do?
No, the signatures wouldn't match.
That's an assumption that lemmy will quit federating with a server that does not match.
And what signature are we talking about anyway? Is not certificates...
Activitypub signatures that each user and group sends out their messages with.
This is why you don't let your domain registration lapse. It's not the only way computers on the internet verify each other's identity, but a hell of a lot of internet security features are based around domain names, so keeping yours functioning is a very big deal.
Domain registration ≠ internet security. Root of trust is in cryptographic keys, not domains. DNS is not the security cornerstone you make it out to be. PKI says hi!
Consider how many system relies on being able to send you an email for verifying your login and performing password reset. Those who have control over your email address domain can trigger password reset for most of online services out there. Imagine if Google forgot to renew gmail.com and it falls to a wrong hands.
Yes, but it is very quick and cheap to get a domain validated cert from a CA that is generally trusted by most web browsers, so once the bad actor has the domain, the should be able to trick most users, only maybe certificate pinning might help, but that is not widely used.
Email is tied to domains. TLS is tied to domains. CORS is tied to domains. OAuth is tied to domains. Those are just four things I can think of while half asleep. Here's one recent example of how screwing up a domain name is enough by itself to cause a security breach.
Cryptography is not security any more than domain names are; both are facets of how security is implemented but there's no one system that makes the Internet secure.
ICANN has an Expired Registration Recovery Policy (ERRP) that requires your registrar to give your domain a 30-day grace period before deleting the records. ERRP also requires them to shutdown your DNS resolutions 8 days before deletion.
You’d have to be really mismanaging your domain if you miss all the required email reminders and don’t notice your domain has been non functional for a couple of days.
I think Microsoft and Google have both done it, but what do they know? 🤣
Oh really? Haven’t heard that one, back in the day or something?
Yeah some dude bought the google.com domain via some glitch a while back. Here's a story about it.
Using .ml was stupid in the first place. No need to try to be a special snowflake by using a sketchy TLD.
But- But- But the memes of a Marxist-Leninist instance!!1!
Commies punching the air right now
They should check if .cia is open if they're want to switch over to something more fitting.
I wonder if it was done on purpose after it came out that the Pentagon had typo'd ".ml" instead of '.mil' and exposed a lot of sensitive emails...
Highly doubtful much of anything majorly sensitive got leaked. Firstly even unclassified DoD emails are encrypted by default. Secondly anything classified isn't even on a network that can talk to normal email, it's either 100% point to point encrypted or on an airgapped network. If I hopped on SIPR (DoD Secret-level internet) and emailed a normal email address it simply wouldn't work.
That doesn't stop somebody from being an idiot and mentioning something classified in clearnet communications. Never underestimate the power of stupidity.
Ehhhhh, you're missing the human element. Humans do dumb shit all the time. You can't stop someone from reading something with their eyeballs, remembering it in their meat brain, and using their sausage fingers to type it back into something unsecured. Odds are still low of course, but I wouldn't be so confident.
Out of curiosity, other than fmhy.ml, lemmy.ml, and lemmygrad.ml, what other Lemmy instances were using .ml domains? Also, how are the latter two still running but fmhy.ml isn't?
edit: This has triggered a chain of comments I wasn't expecting. I'd appreciate it if someone can answer on a technical level. Is the latter two using a different registrar or name server which is why it still works for them?
Why are so many instances using .ml anyway?
AFAIK, lemmy.ml and lemmygrad.ml use it because the ml can also stand for "Marxist-Leninist", and the two primary maintainers of Lemmy are Marxist-Leninists . Not sure about the others though.
It can also definitely stand for Machine Learning which is the first thing that comes to my mind
Yes but lemmy has nothing to do with Machine Learning.
Yes, but as discussed several times here and there Lemmy Devs are pro china and anti USA and they admin lemmy.lm. in this case LM stays for Marxism Leninism.
That's not true at all. ML was used as an idiological choice as it's the only free TLD you can get and you should not have to pay for a domain name as per Lemmy's creators ideology.
That’s not true. There are a few other free TLDs. I think five total?
I know a ton about DNS and its technical functionality, not necessarily the regulations guiding registrars, but the technician in me says your TTL (how long other servers wait until asking where xyz.ml points to) hasn’t expired, maybe? Perhaps the government administration process simply hasn’t executed any action against those particular registrars yet?
I never liked TLDs that are from random islands or less than stable countries and there are so many great TLDs available now, I simply don’t see the reason to use such obscure TLDs just for the marketing factor.
Thanks for answering. I figured it was a registrar thing. How bad do you think the situation will be for other .ml domains?
I'm guessing fmhy.ml was using Freenom but lemmy.ml and lemmy.ml were using a different domain registrar, hence the situation right now.
Yeah, not a good situation.
The main story I found seems to indicate that many government communications have been misdirected due to the typo of .ml instead of the intended .mil - reserved for the US military. 🤦♂️ There has been an entrepreneur that holds the contract to manage Mali’s country domain and that’s expiring Monday (24th?). I’m assuming the government is not renewing the contract and will instead be taking over the domains and any related data. He has been collecting some of that data and warning the US government about the issue to no avail…for 10 years.
Control of the .ML domain will revert on Monday from Zuurbier to Mali’s government, which is closely allied with Russia. When Zuurbier’s 10-year management contract expires, Malian authorities will be able to gather the misdirected emails. The Malian government did not respond to requests for comment.
Their contents include X-rays and medical data, identity document information, crew lists for ships, staff lists at bases, maps of installations, photos of bases, naval inspection reports, contracts, criminal complaints against personnel, internal investigations into bullying, official travel itineraries, bookings, and tax and financial records.
ICANN is the body responsible for the gTLD initiative, which gives you names like .social and .world. They are an American non-profit with a multinational committee, handling nearly all of the databases that store our Internet address records, etc., you can be relatively assured that your domain won’t be messed with.
The instances really have no option here than to test out moving their systems to an alternative domain and “bench test” their migration to discover a path that works or a least come to the conclusion to start all over.
Holy shit this is actually kind of a huge story
Totally understandable incompetence from the military.
I think I only have a few original pages from my service. Most just disappear.
Yeah, they should just block ingress/egress to any .ml. Maybe they keep it open for misinformation campaigns.
Lmao if the US military gets phished by a domain typo they deserve it.
I never liked TLDs that are from random islands
I remember reading somewhere that Tuvalu gets like 10% of their entire yearly income from Twitch.
I now pronounce Twitch as Twitch dot Tuvalu, but I get weird "huh?"s when I say it like that.
I for one will now be joining you in this crusade 🫡
You can see all but posts and comments won't be on their server until back online that are a few it went down. So I can visit my communities like https://lemmy.fmhy.ml/c/artwork that I mod. I can see it but nothing will happen until it comes back online. That's what understand at least.
Man, hacking, DDOS and now this. The fediverse just can't catch a break...
Resiliency is the strongpoint.
If Reddit shuts down, all of Reddit dies.
Same with Facebook, YouTube, etc. is that highly unlikely? Well, yeah, but still nonzero. The fediverse offers resiliency in this regard, and no one person has the ability to shut it down. Even if all instances decide to shut down, new instances can still be spun up.
If the communities you like to read and post to are down, then Fediverse is effectively down for you. Thus it doesn't offer any additional resilience, it's not a P2P system.
Stuff like technology has multiple big communities, I can go to the one on .ml .world or beehaw and still get a lot of content
I haven’t learnt all about account federation - through who are you authored to write a comment here with a .ml account? Where are you logged in from?
They're logged in from lemmy.ml, your account is only on the instance you registered with.
Just because anti-lock brakes fail to work in all scenarios doesn't mean they're not still an improvement.
Lemmy is still up for most people. That is resilience. If you are affected by this outage, then it failed for you in this particular case but that doesn't mean the mechanisms don't exist and that they won't work to your advantage in the future.
True but if you have several interests, hopefully spread over several instances, then there is resilience because if one server crashes, you have at least some other things trucking along.
Would help if users spread out over all the running servers because problem is just a few lemmy servers have all the users. For example the instance I run would be a simple proxy to use for all the content and then would mitigate issues when a big server had problems since just parts of the fediverse would be affected from the users pov.
I feel like communities are the bigger problem here. And not one that's easily solved.
If users from multiple instances come together in communities, those communities are still centralized on a single server. So if something happens to that server, or if your instance defederates with it, the whole community goes with it.
The alternative would be to have tons of duplicate communities spread over many instances, but that's a bad user experience.
I think it can continue even without the source server? Like, once I press the Reply button on this comment, it gets saved to my instance (lemmings.world) then it lets all the other instances know, including lemmy.world (where the community is hosted) and slrpnk.net where you are registered.
Now let's say lemmy.world stops existing, my instance still would let all the other instances it federates with know, meaning you could read my reply on a community that basically no longer exists. Though I'm pretty sure there are downsides to that (like, what if all the mods were from lemmy.world? There's no admin who can add a new mod).
At least that's what I think it works like.
meaning you could read my reply on a community that basically no longer exists
oh really? does it actually work this way? if lemmy.world dies, can all its communities continue to live on as long as there are lemmy instances out there federated and subscribed?
No. You would only ever be interacting with a snapshot-at-the-time-of-death of the community on your local instance only. It is the home instance of the community that federates all events, not the instance of the originating post/comment/vote/whathaveyou.
Ah, ok. So if lemmy.world dies, but !somecommunity@lemmy.world was federated to 2 different other instances, those instances wouldn't be able to "talk to each other"? They'd just have snapshots that they could locally interact with, but never see anything else? So is the fate of the Lemmyverse a graveyard of communities from dead instances?
Yep, without the source instance, you can’t communicate with other instances.
Pretty much. I wouldn't pay much attention to that, though - the absolute majority of the internet that has ever existed is a graveyard.
I wonder about this as well -- because communities are tied to a specific home instance, that instance going down affects that community, potentially killing it. Something more akin to hashtags/tags/labels wouldn't be tied to an instance so they would be more robust, though you'd lose the moderation of a community and just have a firehose of posts/comments...
Wow, you're right. We really need to bring back something like USENET, where newsgroups (their "communities") weren't tied to a specific server. We could almost just resurrect NNTP, although the handling of images (and binary data more generally) probably needs some tweaking.
Jesum Crow... Tags aren't a new concept. Just group communities with a tag... is that incredibly complicated to implement or something?
There needs to be a way for a person or group to essentially own a tag to enable moderation. It might be one of those rare problems for which a block chain is a good solution, because there would need to be a public ledger showing who is a moderator for a tag at any given moment.
There is no need to own a tag, nor to tack blockchain into a problem to try and sell a solution. Ever.
You seem confused about what block chains actually are. I'm not suggesting anyone sell anything.
And if you think moderation isn't needed for healthy online communities, I invite you to visit Twitter.
Moderation like you are proposing in no way requires someone to "own a tag".
Anyone can use #CocaCola. Coca Cola Company does not get to dictate, audit or execute how people use the tag, nor should anyone else.
At this stage in the game, I'm not even sure how to evaluate the trustworthiness of instances. Which also applies to the one I'm currently on. I'd like to assume everything is good, but admins do have power that can be abused, like visibility of IP addresses, access to accounts, access to passwords (reusing passwords is bad but especially don't do it here and certainly don't use the same password for your email associated with your account).
Facebook abused those powers (zuck even bragged about being able to see everyone's passwords, emails, private messages, pictures), so did Reddit (though more with shadow banning or quietly removing/restoring posts).
Fediverse instances are just run by random people as far as I can tell. I'm sure there's some that should absolutely be avoided and I'm sure that there's some that are perfectly fine. But I don't have a clue how to determine which list about specific instance is in, otherwise I'd love to join someone's small instance.
Edit: oh and that only goes into whether the admin is acting in good faith or intends to be abusive. Then there's the question of whether the admin is competent enough to run a server without it getting pwnt and giving others access to that same information and capabilities.
You are correct. A lot of the internet is built on trust. This is no exception. I suggest having an account in more than one instance so that you are not too vested into 1 place.
the problem is most users fear that if they choose a small instance, that it goes down random more likely and their account and everything else is gone. if you choose a bigger instance it feels less likely that the admin of the instance just says fuck it and kills the server random for whatever reason.
as long accounts can't be easy transfered and are maybe even safe somehow without their instance, people will choose the instance that feels the most secure to them. and when i looked at the available instances.. most looked not really long term secure. most did look like they are random ideas of people and they could vanish any second into the void. so i as an example did choose lemmy.world. seemed the most safe option with the best features (nsfw allowed, a lot of users and a big instance)
I understand the logic but its actually backwards. A small instance like mine is easily paid for totally out my own pocket and requires no outside funding or maintenance because I can do everything. If too few people donate to major instances then the costs starts to run away from the owners. In some ways becoming too large is a problem.
i understand that, but think about it - its a random instance from a random stranger on the internet. you don't know that person, and don't know if he is actually serious interested in that project of running that instance.. or if he will shut it down maybe a few day, weeks or months in the future.
and you can't really backup your account and load it somewhere else, so if this happens everything you saved and do is GONE. thats a huge risk if you value your account and contribution to communitys.
so it doesn't really matters to me if smaller instances are not expensive etc.. thats not what fears people (there are still ways to spread users along more instances but more even). its the suddenly vanishing without warning that scares people.
i had this often enough with similiar other projects where i created a account on such a small community / instance, was really active.. and suddenly it was just gone from one second to the next without warning. everything gone. admin didn't told anyone about it.. was just gone into thin air.
so it feels safer to go to instances who are more "trustworthy" in the longterm security of a stable operation.
if lemmy would support export of accounts maybe ever month once or something.. that would change things. also allow spoofing of stuff, but it would help with vanishing instances and people would feel safer on smaller more unknown instances.
“i understand that, but think about it - its a random instance from a random stranger on the internet. you don’t know that person, and don’t know if he is actually serious interested in that project of running that instance… or if he will shut it down maybe a few day, weeks or months in the future.”
Have to be honest with you, that is how all yhe instances started including lemmy.world.
“so it feels safer to go to instances who are more “trustworthy” in the longterm security of a stable operation.”
There is no metric by which to know this yet as lemmy is new. Its not like there are 5 servers that are 10 years old and al the rest are just starting up. Just how it is.
Does that really scale though? The load on a server is not dependent on the number of users, but on the number of communities from other server that the sum of user is subscribing to.
Which means if you have a server for 100 users, you still need to pay for the 1000s giant communities that those users are subscribing to, as they are being copied over in your server.
So if you have a few mega server like Lemmy.world, they each pay say 10000£ in hosting a month (number taken out of my hat), which is fine because they have as many users that can contribute to it financially ( via donations, ads etc.). But small servers won't be able to support that load and will ultimately close.
That sounds like a design flaw if you ask me but i did not see anyone mentioning it so maybe i'm misunderstanding.
No its not really as bad as that at all. The disk space is linear in that way but disk space is cheap. All the rest is not taxed heavily by federation. Do the big costs like CPU dont scale up like that.
Hi, professional DNS engineer here! if anyone has any questions about the inner workings of DNS or top level domains, ask away! (THIS IS MY MOMENT)
Why is it always DNS?
Because its always DNS
Because DNS is the user-facing part of the whole system. There is plenty of trouble with everything else, but you usually don't see that as a user. Also it's a hierarchical system with big providers/governments giving and taking names as they see fit, so there is always the possibility to get screwed.
Because it's the least-likely position to be staffed by a company. It's the "least important" person to have.... until it breaks. Often a company relies on routing-switching engineers to do DNS instead of hiring a dedicated DDI engineer (DNS, DHCP, IPAM). It saves money in the short term, but when shit hits the fan... no one knows how to fix it because DNS is really easy until it's not. DNS is super simple at a basic level. But it goes way deeper than most people realize.
Well that sounds like my dream job, unfortunately this issue in particular is more of a Lemmy problem, not a DNS problem. See: https://lemmy.nrd.li/comment/190200 for the explanation of why you cant just transfer domains with Lemmy.
Also, if you're genuinely interested in this field, first you should enter the world of enterprise network engineering. Get Security +, CCNA, and PCNSA. With those certs in hand (and knowledge in your brain), apply to jobs as a network support engineer. Do the work for a few years. Learn BIND. Learn Infoblox. Focus on learning DHCP and subnetting. Learn DNSSEC & IPv6. Experiment with a Pi Hole. Set up a home lab. Apply to jobs with DNS. Start living the good life. This takes about 10 years if you learn fast and are good at interviews.
When I was talking my cyber security / ethical hacking class, we learned how to do zone transfer. The concept never stuck and I basically "copy" from my friend. So what exactly is a DNS Zone Transfer?
Friday I was doing a zone transfer! What are the odds?
A zone transfer is like moving houses, except for an authoritative zone.
In DNS, we have what's called an authoritative zone. That means the device hosting the "resource records" (all the data that DNS passes around) is the "ultimate" answer. I.e, it's not cached data. It's not a hosts file. It's not a recursive answer. It's the real deal.
When you want to move the authoritative zone to another server, you do a "zone transfer" that means the new server will copy all the resource records over TCP from current authoritative zone. The reason you may want to do this instead of manually hand-jamming it is that many large organizations have, sometimes, hundreds of resource records (last month I coordinated a zone transfer that was over 1000 records!).
What's the point of alternative DNS roots? Can they be a thing to mitigate DNS related failures (though lemmy.ml is back online, so I guess that wasn't it)?
An alternative DNS root is where someone other than IANA sets up a root zone. At the end of the day, root zone authority is technically not "hard coded". It's a terrible idea to set up an alt root or to use one for these reasons:
Security. This is the biggest one. DNSSEC works via setting up Trust Anchors with the root zone and chaining down the tree all the way to the recursive DNS server. DNSSEC doesn't work if anyone in there doesn't have a trust anchor for the root zone. Additionally, if that root zone is untrustworthy, you can effectively have DNS poisoning happen at the root level. Imagine having two google.com's based on which root zone (and therefore walking two separate trees) you ask.
It encourages dividing the internet. The two largest Alt zones are Russia's (RNDNS) and China's (.chn). RNDNS exists as a continuity plan in case the rest of the world decides to cut them off of the internet. China's is part of a hare-brained plan to "reinvent the internet under IPv9" (an idiotic plan that sounds even more crazy than Iran's supposed "quantum computer")
Pointing to a different root zone can cause a lot of headaches for diagnosing DNS issues when they aren't coming down from the same root zone. It can cause different answers (and a parallel tree).
To answer your second question, they are not good for acting as a way to mitigate DNS failures. No domain servers are going to be asking them in the first place, meaning no one can get there even if it does have the "correct" answer. If all 13 root servers went down simultaneously, the results would be catastrophic. But that's also why they're physically located around the world in many different countries in heavily secure facilities with many High-Availability servers (clone servers that instantly take over if there's a failure, the ultimate "hot" server)
You wouldn't want to have a DNS server ask two root zones anyway. If it can't reach the root zones, then that needs to be addressed. You can't just ask a "less secure" server in case the primary doesn't work. That's just begging for a security breach via cutting off access to the primary root zones so that they "fail over" to the less secure ones.
Thank you for such a detailed and instructive answer!
Woot we're saved.
Could users set a temporary entry in their hosts file pointing the .ml domains to public IPs in order to regain access to their account if they needed to?
Can Lemmy federate to an IP address directly or will the settings only accept an fqdn?
Will a Lemmy instance work behind a reverse proxy.
Thanks for taking the time to answer questions.
There are several problem with this including total lack of SSL without the proper cert for that other domain, also Lemmy.ml's IP seems to be running a reverse proxy so the internal IP that we would want to connect to is not visible to the world this is common for web security, the owners must set allowed domains and ports in their config file.
Yes. Unless there's some kind of crazy domain-level hi-jinks involved with Lemmy (I am not versed in Lemmy), pointing directly to the IP will work if you bypass it by spoofing your DNS (Hosts file, for example).
I don't know how Lemmy federation works, sorry :(
See #2
Sorry that I couldn't answer more of your questions.
Why is it always dns
So, how some companies get right to sell TLDs? Can I start selling TLDs nowdays? It's just that they were there first and get all top level domains and now we have to pay for it?
So why do we need the .com or .org or whatever at all? And the www. as well?
I remember when I had to type the whole http://www.cakefarts.com and now just cakefarts.com works. What changed? And what's next?
The ".com" and ".org" and all other Top Level Domains are owned/controlled by some organization.
Com and org are your original TLDs, so since they were around first you see them everywhere. At some point countries got their own TLDs so Mali got "ml" for example but Tuvalu got "tv". (Yes, technically ".tv" has nothing to do with television.) And a few years back there was open bidding for a bunch of new TLDs which is where ".sport" or ".dentist" come from.
Anyone some entity owns/controls them and then can sell any word or domain under it. So if you want "greatgatsby.com" you have to talk to the ".com" owners. If you want "greatgatsby.sport" you talk to the ".sport" owners. Usually there is another company or agreement that groups these together so you can manage all your domains in one place.
So anyways now you own a domain like "greatgatsby.sport", what do you want to host? Mail at "mail.greatgatsby.sport"? A website at world wide web aka "www.greatgatsby.sport"? Up to you.
Over time, largely by convention "www" became where you put your website.
So say I want a ".travel", who actually makes and sells these? Is it a private company? A country? An independent entity who's sole purpose it is to keep domains and the interwebs alive?
To answer your other question: most likely, www.cakefarts.com is now accessible from cakefarts.com for one of three reasons:
Your web browser automatically checks the A record "www" if "cakefarts.com" doesn't have an A record. A records are the records in a DNS server that says "this domain goes here"
The site cakefarts.com put their website on cakefarts.com and placed a CNAME record called "www" that points to cakefarts.com
For the 'record', www is just a really common record name. There's nothing special about it. You could have dudebro.cakefarts.com or wwwwwww.cakefarts.com. It's up to the domain owner.
Hi! When DNS servers are launched, they have to be purchased, correct? So in this case, did Mali file for the domain to be reclaimed somehow? Do you have an idea how that might work?
We had a situation at a shared space here where an OpenWRT client device accidentally somehow managed to announce itself into the network in a way that its v6 local link address (fe80::) got inserted into /etc/resolv.conf as a third DNS option (with the first two being the ones from DHCP) and then served incorrect records when queried. What mechanism is that and were the engineers who designed that feature on drugs? Also, how can I tell my Linux system to not accept such announcements?
Screenshots of text are not the way. The crappy “hey, a text thing I want to share, let me take an accessibility-poisoning screenshot and upload that graphic file like a psychopath instead of just copy/pasting either the link to the text or the text itself like a decent human being” routine needs to die with Reddit, we have to be better than that here.
Screenshots of text preserve the state of the text at the time it was seen...
Yes, it's not good for accessibility but it's a good way to quickly capture a moment in time.
(I would recommend perhaps also copy/pasting a synopsis for people who might be vision impaired etc)
So copy/paste the text for your snapshot, and link to the original.
That's kinda what I was saying? Include the snapshot but also the original text body as a copy/paste for those using screen-readers or other such tools
At the least, put the screenshot and the link in the post. We can do both, people.
Yeah, this is the correct way, because posts often become inaccessible.
Screenshots stay with time, I hate it when I arrive a bit later and the link is already dead and I have no idea what it said.
..except when the image hoster suddenly dies and 10000s of Screenshots suddenly vanish from the internet and all howto's etc are killed by it
That's why you shouldn't use external image hosters but embed the picture the normal way. Then if the lemmy instance dies then the screenshot dies with it but not seperatelly.
well, often webprojects don't have that much money and hosting communitys who post a lot of images, videos etc. costs a lot of money. because that a lot of users use imagehosters to bypass this issue.
If you can post an image, you can post text, right?
Image in the post, text+link in the description, everyone happy.
Copy/pasted text stays with time too and doesn't have the issues that pictures of text do. Also hosted images disappear all the time.
I did share it. It's in the comments.
Yeah, it's 2023, just take a video of your screen and upload that like the kids all do now.
And then play that video on your screen, take a video of that screen with your phone while shaking the phone around and mumbling over the audio, and upload that phone video to TikTok.
It's called a single-point of failure in Engineering.
Funny enough it wasn't even a technical one but a contractual one.
Maybe there is some kind of lesson here on the risk of delegating critical structural elements to 3rd parties that rent rather than own that which they're selling ...
Unfortunately that has always been the nature of TLDs
It’s less sketchy if you pay for a domain through a reputable registrar
The issue here isn't the registrar though right? It's that the TLD is being repossessed by the government of the country it's meant to be associated with.
I think the point is that a reputable registrar wouldn't sell domains like these in the first place... But I'm not saying that's actually the case :/
Governments are unpredictable. It's not the registrar's job to mitigate that unpredictability to their customers.
Idk, I feel like we're only saying this because it's Mali... If it were .US or .CN people would be like "well, duh"
Every country gets to decide how tight of a grip they have on their TLD. Some sell it for some extra income (like Tuvalu) while others hang onto it for government or domestic use only
Yeah, and I'd say going with any of the ones that sell it or leave it free is a risk because you never know when their regime might change and the new one might want more of an official internet presence. Unless there's a 2nd level domain it's all under (like co.uk), you should assume they'll want it back at some point. This could apply more to popular domains that some governments could see as free traffic if they reclaim them.
Not really. When you pay for .us domain you have it for a certain number of years. If the US tried to suddenly yank those back and violate the outstanding contracts for x number of years, there would most likely be lawsuits and an injunction from a federal judge blocking the action until there are hearings, etc. It would be a whole thing. If you simply couldn't renew your .us domain anymore, that's something you would know ahead of time and could plan for. It wouldn't just vanish one day.
That second link is less relevant but interesting.
Why is Meta suing Freenom?
Why is Meta suing Freenom?
Freenom gives away domains, many of which are used by phishers and other bad actors. Meta is suing them for not being responsive to their complaints about this. And I guess the injury inflicted on their users by phishers.
Wait, is it actually Feeenom's fault? Isn't it from whatever the server the malicious actions comes from?
For example I use one of their domains along with a Digital Ocean droplet, and I used it briefly to increase my seeding ratio by portforwarding my Qbittorrent port, after several months I got a letter from DO (which is amusing because my country couldn't care less about torrenting lol) which I think is correct, I don't think this is Feeenom's fault.
I'm assuming they've run afoul of something similar to the DMCA safe harbor provisions. Basically under the DMCA a hosting provider isn't responsible for violations due to user submitted content as long as they're responsive to notifications and remove the content quickly when notified.
Now that applies to copyright not domain names, but I'm assuming there's some kind of similar law at play. Meta has said that Freenom has been ignoring complaints about domains registered with them that are being used for phishing attacks. It could also be a DMCA issue because I think it does have some anti-domainsquating provisions in it that prevent you from E.G. registering say cocacola.ml as you aren't the holder of that trademark.
In theory depending on where Freenom is run out of they might be able to just ignore the lawsuit, but it's probable that doing so will get them blocked by various ISPs and organizations.
Registrars not only have rights, but also responsibilities. They physically own the domain names and bear responsibility to ensure their domain names follow international rules.
Which is good because phishing sites suck especially when they start hitting high up on google searches
A lot of people should be concerned about this for .me domains as well (Montenegro)
I think that's different because the .ml domain apparently was being given away for free by a registrar that wasn't responding to abuse complaints, and thus was being heavily abused.
...but if not, then holy shit what a mistake it was to register firstname@lastname.me as my primary email address.
I was using .ml domains for my selfhosted services, since it was just an hobby and I didn't wanted to invest money on it.
Apart from Freenom website being pretty unusable since I have memory, I've already had troubles renewing them last year and now they stopped working without any notice nor update from Freenom itself.
Finally I decided to move to a payed domain from Infomaniak, since it's been more than a year I've been selfhosting and $10/year is a fair price for me.
But still without those free domains I wouldn't probably ever started selfhosting, and I guess a lot of other people like me wouldn't have experimented or spin up their projects if they had to pay for a domain from the beginning.
So despite my hate for Freenom I guess I have to thank them and hope someone else (maybe a bit more "professional") will take its place in the future
The lawsuit points to a 2021 study (PDF) on the abuse of domains conducted by Interisle Consulting Group, which discovered that those ccTLDs operated by Freenom made up five of the Top Ten TLDs most abused by phishers.
Umm... Can we talk about how a private company is suing another private company over something that should be in the interest of the government/general public? Where are our agencies, where is Interpol/Europol or ENISA?
Why was .ml selected to begin with?
.ml stands for Marxist/Leninist apparently. Communists try not to let idealism get in the
way of practicality challenge(impossible)
To be fair this is a pretty crazy black swan event they couldn’t have possibly seen coming. But yeah, this is why novelty domain suffixes are novelties.
It was totally possible to see coming. The .ml domain deal and its expiration was known far in advance and I've been seeing posts about it for months.
This is 100% incompetence on whoever set up the site.
Lemmy was started in 2019. And before the Reddit meltdown, it was more a bunch of very nerdy friends for whom a server going down was Tuesday.
Interesting ... I always wondered why the .ml. In my trade ML is mostly used to mean "machine learning", aka AI, but it didn't seem fitting here.
No that's not true.. .ml is the TLD for Mali and lemmy.ml selected it because it was free.... This claim you're making is like people claiming AC/DC stands for anti-christ devil-child. No, it's electrical currents, hence the lightning bolt...
With that said, they did censor anti-china rhetoric, had many pro-china trolls/brainwashed users, and started censoring words, including "bitch." So I'm not defending the instance. But this claim about what .ml means is just blatantly false! It's a country's TLD!
FYI I have made a tool that can backup / copy your account settings, subscriptions, and blocks to a new account: https://github.com/CMahaff/lasim
There are others out there as well if you look.
Obviously the loss of .ml communities would still be catastrophic to Lemmy, but at least your new account won't start from ground-zero, and you can be less effected by downtime by having 2 accounts with the same subscriptions.
Yeah this sucks for my small but growing community. Ive created an alternative instance elsewhere (on .world) but hopefully .ml doesnt go down forever.
I can understand why refederation needs to be done manually, but I'm confused as to why transferring users and histories is a maybe. Web and database hosting are mutually exclusive from domain hosting/registration.
With ActivityPub all of the primary ids contain the domain of the hosting server. So if you lose your domain none of the other instances know that you're the authority on those communities, posts, comments or users. So essentially federation breaks with all of the old data.
That seems really dumb given the technical aspects as well as the purpose of domains.
Just like email right?
Same issue is why mastodon needs your origin server to be online to migrate to a new server. In both cases, federating a public key for the server or accounts would allow either to pop up at a new domain and prove it has the authority to migrate links to the new location.
The domain bs is a interesting case of scummy practices in general, .tv was missused in a similar way with awful contracts, essentially scamming a already increadably poor country!
Didn't Tuvalu massively benefit from being assigned a TLD that is popular? I read they were able to build an airport with .tv money
Yea, they managed to get it back at some point but it was under external control with close to no benefit for them for a long time!
They reclaimed many domain rights and are now renting them out for big money, yeah. They were still scammed off by many.
There is also .io for the Indian Ocean territories. They seem to be fine with it. It is interesting they have problem with it. I wonder what the actual motivation is, because it can't be due to a lack of viable domain for businesses.
The US and UK build a military base and established it with that ages ago so I am not surprised the current population is fine with it but they expelled the original population to do so! :/
TLDs are a non-tangible arrangement of characters that are defined by a committee at a whim. The countries they are given to have not contributed anything to make them worth more. I don't see how that can be seen as a scam when they don't get free money based on a random decision by someone outside of their country.
That's not actually true, the guy who made them originally was from the west and those countries didn't contribute because they had no chance of any digital infrastructure yet but top level country domains use caracters from the correspinding countries name and those are all determind in the same way so you essentially use their name without their permission or based on scetchy and scummy legally binding agreements!
.ml was a terrible name anyways. People just kept saying everyone was a tannkie whether or not true. Not the image that's going to help you grow or your ideological goals imo
Umm with no warning whatsoever?? That's quite insane.
A week ago I literally read articles about how .ml was switching to the (Russian-influenced) Mali government in a week, and did not even think about how lemmy.ml would be affected
This is why I have a .org.
this is why instances should be abstracted away as underlying infrastructure and the users don't have to think about "instances". accounts and communities are replicated across servers.
This is not the solution! Being able to pick a server to trust your data and content moderation with is a feature, not a bug.
What we do have to do is make this feature more resilient and easier to use. Like adding the ability to easily transfer accounts and communities between instances, or even change the domain name of an entire instance.
There are a few technical problems with that.
First of all, the cost of each instance would become quickly unbearable since everyone has all the duplicated data.
Second problem, a malign entity could just come, create its own instance, spam everything and everyone with ads or whatever and suddenly every instance is full of that stuff.
Also, how do you handle defederating in that case?
What has been proposed before instead was to make some kind of mega communities that gather all posts from communities with the same name across instances
I don't want to share an instance with the nutballs on the tankie instance or the nutballs on the fascist instance.
to expound:
the tankie instance or the nutballs on the fascist instance
here you reveal a conceptual misunderstanding, or rather, a part of the lemmy architecture which i disagree with. there shouldn't be a concept of a "interest X instance" etc. it should be similar to a distributed storage model. so the concept of a community is not per-instance, it's just an abstract thing that exists in conceptual space.
you already share water with them though. how is this any different?
more seriously though, you already share internet infrastructure with them. the packets you just sent to make that comment could have been sandwiched between a "tankie" and a "fascist nutball". that's just the way it is man, there have always been crazy humans.
This was my thought as well. Before learning more about the fediverse, I thought things are distributed and are replicated across servers (much like how distributed storage and computing works). But apparently they're not. You still have to choose which instance you want to use as your "home", and your data and your contents stays in your home. Others get to look at your profile and contents thanks to ActivityPub.
I understand the needs for multiple instances (i.e., preferences for moderating concents, governance, etc.) But shouldn't the users and the user generated contents (arguably fediverse's valuable resources) should be safe-guarded by having redundancies in place across multiple instances?
I wouldn't be surprised. That was a pretty major mistake, so I was already kind of expecting there to be some changes with the .ml TLD. Didn't expect this, though.
The Mali government taking control of the .ml tld probably has something to do with the fact that hundreds of thousands of US military emails have been accidentally sent to Mali by users who type .ml instead of .mil in the address field.
It's just that the Fediverse now has enough global attention being paid to it that they're probably actually cracking down on enforcement. Probably something under the "Insults" or "Racism" content policy, since those are the most vague and poorly defined and highly likely to be "obvious" primarily to the country who is operating them, Mali.
fmhy had pornography, which is banned for .ml domains.
Are .ml accounts going to disappear? Is .world "safer" (if you don't count the day accounts were compromised, because an exploit?).
Go with a .com ?
I think any non-regional and non-special TLD is fine. Some have rules associated. I thought .movie had special rules about only lasting for a specific amount of time but it looks like I may have been wrong (not sure where I got the idea and I can't find anything to back that up). .us you have to be a US citizen for. .dev has the "rule" that it is HTTPS only because *.dev is in the HSTS always-on list by default but that's not related to the domain itself.
Speaking of which... anyone want to register Appleinvoice.zip? Haha
Even better, join a smaller one to spread out and make use of the federated nature. Right now imagine lemmy.ml and lemmy.world for whatever reason go down. Basically whole Lemmy is kinda fucked because it's extremely centralized, even though decentralization is one of the points of Lemmy.
We need a better way to advertise what servers to direct people to. Would be nice to circle through a big list of instances to evenly direct new users to
People couldn't care less if it's centralized or not. People come for the community, not the tech behind it. Also people are lazy, they will use the easiest thing that comes up. Why should one go to another instance, if the one they are right now works great?
I am not saying that this system is bad. I am just saying that people will always take the easiest option there is.
Well, I'm not blaming the people, really. This is a communication issue, it should be well advertised to do it "correctly" and it should actually be the easiest option.
How I see it is that every decentralized system with people is going to form some sort of centralization unless you actively fight against it.
In Lemmy's case, new people will check what are the biggest communities and go there, and since there are more people there, it attract even more people. More people, more communities in that instance.
This is kinda something that affects a lot of fedi services, mastodon has mastodon.social, lemmy has lemmy.world, matrix has matrix.org, etc
I’m new to the fediverse and not sure how it works just yet. Can someone help me understand? My account was created on Lemmy.ml, will it no longer work and I’ll have to make another?
I would make a lemmy world account personally, it's tough to say what will happen long term with .ml domains. Even if your account still works, it may by hampered getting posts from the rest of the fediverse. Worst case scenario you have account on two popular lemmy instances.
the argument for .ml domain has always been absurd to begin with. So it's free but the price you pay is that it's being run by Mali. I'd just drop 8$/year tbh, that's not a hill you want to die for. Also you harm your project by being SEO punished for using spam-associated TLDs like this. One of the reasons original Lemmy took so long to adopt until Reddit's API drama. Pretty dumb ngl.
If i remember right it was also "free to register but insanely expensive to renew once they start to see traffic"
Renewal costs are my primary consideration when picking domains. Subscription fees is how your money disappears when you're not looking.
Anyone know how companies get the rights to domains to sell in the first place? Do they literally submit a list of all domains to ICANN or something? Sorry if this is a stupid question, I just never understood how any of this really works.
TLD - Top Level Domain (.com .ml .whatever)
Registrar - NameCheap, PorkBun, etc. Submits your domain.TLD request to a Registry
Registry - Maintains the list of domains for a specific TLD and the server infrastructure to run the TLD
ICANN - Decides who can be a Registry and for which TLD. Not involved in the nitty gritty of individual domain names.
This brings a disturbing thought to mind.. if an instance domain name like foo.bar lapses and someone else snaps the domain up (or of it gets stolen) can the new controller plop Lemmy on a server and be instantly federated? If so what kind of damage could they do?
No, the signatures wouldn't match.
That's an assumption that lemmy will quit federating with a server that does not match.
And what signature are we talking about anyway? Is not certificates...
Activitypub signatures that each user and group sends out their messages with.
This is why you don't let your domain registration lapse. It's not the only way computers on the internet verify each other's identity, but a hell of a lot of internet security features are based around domain names, so keeping yours functioning is a very big deal.
Domain registration ≠ internet security. Root of trust is in cryptographic keys, not domains. DNS is not the security cornerstone you make it out to be. PKI says hi!
Consider how many system relies on being able to send you an email for verifying your login and performing password reset. Those who have control over your email address domain can trigger password reset for most of online services out there. Imagine if Google forgot to renew gmail.com and it falls to a wrong hands.
Yes, but it is very quick and cheap to get a domain validated cert from a CA that is generally trusted by most web browsers, so once the bad actor has the domain, the should be able to trick most users, only maybe certificate pinning might help, but that is not widely used.
Email is tied to domains. TLS is tied to domains. CORS is tied to domains. OAuth is tied to domains. Those are just four things I can think of while half asleep. Here's one recent example of how screwing up a domain name is enough by itself to cause a security breach.
Cryptography is not security any more than domain names are; both are facets of how security is implemented but there's no one system that makes the Internet secure.
ICANN has an Expired Registration Recovery Policy (ERRP) that requires your registrar to give your domain a 30-day grace period before deleting the records. ERRP also requires them to shutdown your DNS resolutions 8 days before deletion.
You’d have to be really mismanaging your domain if you miss all the required email reminders and don’t notice your domain has been non functional for a couple of days.
I think Microsoft and Google have both done it, but what do they know? 🤣
Oh really? Haven’t heard that one, back in the day or something?
Yeah some dude bought the google.com domain via some glitch a while back. Here's a story about it.
Awesome lol
Yup. Microsoft let hotmail lapse once. Someone paid for the renewal for them. https://slashdot.org/story/00/01/18/1645224/microsoft-hotmail-domain-reward-check-on-ebay
Using .ml was stupid in the first place. No need to try to be a special snowflake by using a sketchy TLD.
But- But- But the memes of a Marxist-Leninist instance!!1!
Commies punching the air right now
They should check if .cia is open if they're want to switch over to something more fitting.
I wonder if it was done on purpose after it came out that the Pentagon had typo'd ".ml" instead of '.mil' and exposed a lot of sensitive emails...
Highly doubtful much of anything majorly sensitive got leaked. Firstly even unclassified DoD emails are encrypted by default. Secondly anything classified isn't even on a network that can talk to normal email, it's either 100% point to point encrypted or on an airgapped network. If I hopped on SIPR (DoD Secret-level internet) and emailed a normal email address it simply wouldn't work.
That doesn't stop somebody from being an idiot and mentioning something classified in clearnet communications. Never underestimate the power of stupidity.
Ehhhhh, you're missing the human element. Humans do dumb shit all the time. You can't stop someone from reading something with their eyeballs, remembering it in their meat brain, and using their sausage fingers to type it back into something unsecured. Odds are still low of course, but I wouldn't be so confident.
Out of curiosity, other than fmhy.ml, lemmy.ml, and lemmygrad.ml, what other Lemmy instances were using .ml domains? Also, how are the latter two still running but fmhy.ml isn't?
edit: This has triggered a chain of comments I wasn't expecting. I'd appreciate it if someone can answer on a technical level. Is the latter two using a different registrar or name server which is why it still works for them?
Why are so many instances using .ml anyway?
AFAIK, lemmy.ml and lemmygrad.ml use it because the ml can also stand for "Marxist-Leninist", and the two primary maintainers of Lemmy are Marxist-Leninists . Not sure about the others though.
It can also definitely stand for Machine Learning which is the first thing that comes to my mind
Yes but lemmy has nothing to do with Machine Learning.
Yes, but as discussed several times here and there Lemmy Devs are pro china and anti USA and they admin lemmy.lm. in this case LM stays for Marxism Leninism.
That's not true at all. ML was used as an idiological choice as it's the only free TLD you can get and you should not have to pay for a domain name as per Lemmy's creators ideology.
That’s not true. There are a few other free TLDs. I think five total?
I think it's because ML is a popular shorthand for 'Marxist-Leninist' since they mostly seem to be communist servers
I'm guessing because it's sort of an alliteration on lemmy?
Theyre tankies, thats why.
So they can support Russia by proxy.
Lol so one could say they fucked around and have now found out (yes I realize that was a sarcastic answer)
I know a ton about DNS and its technical functionality, not necessarily the regulations guiding registrars, but the technician in me says your TTL (how long other servers wait until asking where xyz.ml points to) hasn’t expired, maybe? Perhaps the government administration process simply hasn’t executed any action against those particular registrars yet?
I never liked TLDs that are from random islands or less than stable countries and there are so many great TLDs available now, I simply don’t see the reason to use such obscure TLDs just for the marketing factor.
Thanks for answering. I figured it was a registrar thing. How bad do you think the situation will be for other .ml domains?
I'm guessing fmhy.ml was using Freenom but lemmy.ml and lemmy.ml were using a different domain registrar, hence the situation right now.
Yeah, not a good situation.
The main story I found seems to indicate that many government communications have been misdirected due to the typo of .ml instead of the intended .mil - reserved for the US military. 🤦♂️ There has been an entrepreneur that holds the contract to manage Mali’s country domain and that’s expiring Monday (24th?). I’m assuming the government is not renewing the contract and will instead be taking over the domains and any related data. He has been collecting some of that data and warning the US government about the issue to no avail…for 10 years.
ICANN is the body responsible for the gTLD initiative, which gives you names like .social and .world. They are an American non-profit with a multinational committee, handling nearly all of the databases that store our Internet address records, etc., you can be relatively assured that your domain won’t be messed with.
The instances really have no option here than to test out moving their systems to an alternative domain and “bench test” their migration to discover a path that works or a least come to the conclusion to start all over.
Holy shit this is actually kind of a huge story
Totally understandable incompetence from the military.
I think I only have a few original pages from my service. Most just disappear.
Yeah, they should just block ingress/egress to any .ml. Maybe they keep it open for misinformation campaigns.
Lmao if the US military gets phished by a domain typo they deserve it.
I remember reading somewhere that Tuvalu gets like 10% of their entire yearly income from Twitch.
I now pronounce Twitch as Twitch dot Tuvalu, but I get weird "huh?"s when I say it like that.
I for one will now be joining you in this crusade 🫡
You can see all but posts and comments won't be on their server until back online that are a few it went down. So I can visit my communities like https://lemmy.fmhy.ml/c/artwork that I mod. I can see it but nothing will happen until it comes back online. That's what understand at least.
Man, hacking, DDOS and now this. The fediverse just can't catch a break...
Resiliency is the strongpoint.
If Reddit shuts down, all of Reddit dies.
Same with Facebook, YouTube, etc. is that highly unlikely? Well, yeah, but still nonzero. The fediverse offers resiliency in this regard, and no one person has the ability to shut it down. Even if all instances decide to shut down, new instances can still be spun up.
If the communities you like to read and post to are down, then Fediverse is effectively down for you. Thus it doesn't offer any additional resilience, it's not a P2P system.
Stuff like technology has multiple big communities, I can go to the one on .ml .world or beehaw and still get a lot of content
I haven’t learnt all about account federation - through who are you authored to write a comment here with a .ml account? Where are you logged in from?
They're logged in from
lemmy.ml
, your account is only on the instance you registered with.Just because anti-lock brakes fail to work in all scenarios doesn't mean they're not still an improvement.
Lemmy is still up for most people. That is resilience. If you are affected by this outage, then it failed for you in this particular case but that doesn't mean the mechanisms don't exist and that they won't work to your advantage in the future.
True but if you have several interests, hopefully spread over several instances, then there is resilience because if one server crashes, you have at least some other things trucking along.
Would help if users spread out over all the running servers because problem is just a few lemmy servers have all the users. For example the instance I run would be a simple proxy to use for all the content and then would mitigate issues when a big server had problems since just parts of the fediverse would be affected from the users pov.
I feel like communities are the bigger problem here. And not one that's easily solved.
If users from multiple instances come together in communities, those communities are still centralized on a single server. So if something happens to that server, or if your instance defederates with it, the whole community goes with it.
The alternative would be to have tons of duplicate communities spread over many instances, but that's a bad user experience.
I think it can continue even without the source server? Like, once I press the
Reply
button on this comment, it gets saved to my instance (lemmings.world
) then it lets all the other instances know, includinglemmy.world
(where the community is hosted) andslrpnk.net
where you are registered.Now let's say
lemmy.world
stops existing, my instance still would let all the other instances it federates with know, meaning you could read my reply on a community that basically no longer exists. Though I'm pretty sure there are downsides to that (like, what if all the mods were fromlemmy.world
? There's no admin who can add a new mod).At least that's what I think it works like.
oh really? does it actually work this way? if lemmy.world dies, can all its communities continue to live on as long as there are lemmy instances out there federated and subscribed?
No. You would only ever be interacting with a snapshot-at-the-time-of-death of the community on your local instance only. It is the home instance of the community that federates all events, not the instance of the originating post/comment/vote/whathaveyou.
Ah, ok. So if lemmy.world dies, but !somecommunity@lemmy.world was federated to 2 different other instances, those instances wouldn't be able to "talk to each other"? They'd just have snapshots that they could locally interact with, but never see anything else? So is the fate of the Lemmyverse a graveyard of communities from dead instances?
Yep, without the source instance, you can’t communicate with other instances.
Pretty much. I wouldn't pay much attention to that, though - the absolute majority of the internet that has ever existed is a graveyard.
I wonder about this as well -- because communities are tied to a specific home instance, that instance going down affects that community, potentially killing it. Something more akin to hashtags/tags/labels wouldn't be tied to an instance so they would be more robust, though you'd lose the moderation of a community and just have a firehose of posts/comments...
Wow, you're right. We really need to bring back something like USENET, where newsgroups (their "communities") weren't tied to a specific server. We could almost just resurrect NNTP, although the handling of images (and binary data more generally) probably needs some tweaking.
Jesum Crow... Tags aren't a new concept. Just group communities with a tag... is that incredibly complicated to implement or something?
There needs to be a way for a person or group to essentially own a tag to enable moderation. It might be one of those rare problems for which a block chain is a good solution, because there would need to be a public ledger showing who is a moderator for a tag at any given moment.
There is no need to own a tag, nor to tack blockchain into a problem to try and sell a solution. Ever.
You seem confused about what block chains actually are. I'm not suggesting anyone sell anything.
And if you think moderation isn't needed for healthy online communities, I invite you to visit Twitter.
Moderation like you are proposing in no way requires someone to "own a tag".
Anyone can use #CocaCola. Coca Cola Company does not get to dictate, audit or execute how people use the tag, nor should anyone else.
At this stage in the game, I'm not even sure how to evaluate the trustworthiness of instances. Which also applies to the one I'm currently on. I'd like to assume everything is good, but admins do have power that can be abused, like visibility of IP addresses, access to accounts, access to passwords (reusing passwords is bad but especially don't do it here and certainly don't use the same password for your email associated with your account).
Facebook abused those powers (zuck even bragged about being able to see everyone's passwords, emails, private messages, pictures), so did Reddit (though more with shadow banning or quietly removing/restoring posts).
Fediverse instances are just run by random people as far as I can tell. I'm sure there's some that should absolutely be avoided and I'm sure that there's some that are perfectly fine. But I don't have a clue how to determine which list about specific instance is in, otherwise I'd love to join someone's small instance.
Edit: oh and that only goes into whether the admin is acting in good faith or intends to be abusive. Then there's the question of whether the admin is competent enough to run a server without it getting pwnt and giving others access to that same information and capabilities.
You are correct. A lot of the internet is built on trust. This is no exception. I suggest having an account in more than one instance so that you are not too vested into 1 place.
the problem is most users fear that if they choose a small instance, that it goes down random more likely and their account and everything else is gone. if you choose a bigger instance it feels less likely that the admin of the instance just says fuck it and kills the server random for whatever reason.
as long accounts can't be easy transfered and are maybe even safe somehow without their instance, people will choose the instance that feels the most secure to them. and when i looked at the available instances.. most looked not really long term secure. most did look like they are random ideas of people and they could vanish any second into the void. so i as an example did choose lemmy.world. seemed the most safe option with the best features (nsfw allowed, a lot of users and a big instance)
I understand the logic but its actually backwards. A small instance like mine is easily paid for totally out my own pocket and requires no outside funding or maintenance because I can do everything. If too few people donate to major instances then the costs starts to run away from the owners. In some ways becoming too large is a problem.
i understand that, but think about it - its a random instance from a random stranger on the internet. you don't know that person, and don't know if he is actually serious interested in that project of running that instance.. or if he will shut it down maybe a few day, weeks or months in the future.
and you can't really backup your account and load it somewhere else, so if this happens everything you saved and do is GONE. thats a huge risk if you value your account and contribution to communitys.
so it doesn't really matters to me if smaller instances are not expensive etc.. thats not what fears people (there are still ways to spread users along more instances but more even). its the suddenly vanishing without warning that scares people.
i had this often enough with similiar other projects where i created a account on such a small community / instance, was really active.. and suddenly it was just gone from one second to the next without warning. everything gone. admin didn't told anyone about it.. was just gone into thin air.
so it feels safer to go to instances who are more "trustworthy" in the longterm security of a stable operation.
if lemmy would support export of accounts maybe ever month once or something.. that would change things. also allow spoofing of stuff, but it would help with vanishing instances and people would feel safer on smaller more unknown instances.
“i understand that, but think about it - its a random instance from a random stranger on the internet. you don’t know that person, and don’t know if he is actually serious interested in that project of running that instance… or if he will shut it down maybe a few day, weeks or months in the future.”
Have to be honest with you, that is how all yhe instances started including lemmy.world.
“so it feels safer to go to instances who are more “trustworthy” in the longterm security of a stable operation.”
There is no metric by which to know this yet as lemmy is new. Its not like there are 5 servers that are 10 years old and al the rest are just starting up. Just how it is.
Does that really scale though? The load on a server is not dependent on the number of users, but on the number of communities from other server that the sum of user is subscribing to.
Which means if you have a server for 100 users, you still need to pay for the 1000s giant communities that those users are subscribing to, as they are being copied over in your server.
So if you have a few mega server like Lemmy.world, they each pay say 10000£ in hosting a month (number taken out of my hat), which is fine because they have as many users that can contribute to it financially ( via donations, ads etc.). But small servers won't be able to support that load and will ultimately close.
That sounds like a design flaw if you ask me but i did not see anyone mentioning it so maybe i'm misunderstanding.
No its not really as bad as that at all. The disk space is linear in that way but disk space is cheap. All the rest is not taxed heavily by federation. Do the big costs like CPU dont scale up like that.
I cant believe this is just coincidence. This is coordinated.
Hi, professional DNS engineer here! if anyone has any questions about the inner workings of DNS or top level domains, ask away! (THIS IS MY MOMENT)
Why is it always DNS?
Because its always DNS
Because DNS is the user-facing part of the whole system. There is plenty of trouble with everything else, but you usually don't see that as a user. Also it's a hierarchical system with big providers/governments giving and taking names as they see fit, so there is always the possibility to get screwed.
Because it's the least-likely position to be staffed by a company. It's the "least important" person to have.... until it breaks. Often a company relies on routing-switching engineers to do DNS instead of hiring a dedicated DDI engineer (DNS, DHCP, IPAM). It saves money in the short term, but when shit hits the fan... no one knows how to fix it because DNS is really easy until it's not. DNS is super simple at a basic level. But it goes way deeper than most people realize.
Well that sounds like my dream job, unfortunately this issue in particular is more of a Lemmy problem, not a DNS problem. See: https://lemmy.nrd.li/comment/190200 for the explanation of why you cant just transfer domains with Lemmy.
Also, if you're genuinely interested in this field, first you should enter the world of enterprise network engineering. Get Security +, CCNA, and PCNSA. With those certs in hand (and knowledge in your brain), apply to jobs as a network support engineer. Do the work for a few years. Learn BIND. Learn Infoblox. Focus on learning DHCP and subnetting. Learn DNSSEC & IPv6. Experiment with a Pi Hole. Set up a home lab. Apply to jobs with DNS. Start living the good life. This takes about 10 years if you learn fast and are good at interviews.
Ah, thanks for the info! I have no idea how Lemmy stuff works. I only became aware of Lemmy last month.
When I was talking my cyber security / ethical hacking class, we learned how to do zone transfer. The concept never stuck and I basically "copy" from my friend. So what exactly is a DNS Zone Transfer?
Friday I was doing a zone transfer! What are the odds?
A zone transfer is like moving houses, except for an authoritative zone.
In DNS, we have what's called an authoritative zone. That means the device hosting the "resource records" (all the data that DNS passes around) is the "ultimate" answer. I.e, it's not cached data. It's not a hosts file. It's not a recursive answer. It's the real deal.
When you want to move the authoritative zone to another server, you do a "zone transfer" that means the new server will copy all the resource records over TCP from current authoritative zone. The reason you may want to do this instead of manually hand-jamming it is that many large organizations have, sometimes, hundreds of resource records (last month I coordinated a zone transfer that was over 1000 records!).
What's the point of alternative DNS roots? Can they be a thing to mitigate DNS related failures (though lemmy.ml is back online, so I guess that wasn't it)?
An alternative DNS root is where someone other than IANA sets up a root zone. At the end of the day, root zone authority is technically not "hard coded". It's a terrible idea to set up an alt root or to use one for these reasons:
To answer your second question, they are not good for acting as a way to mitigate DNS failures. No domain servers are going to be asking them in the first place, meaning no one can get there even if it does have the "correct" answer. If all 13 root servers went down simultaneously, the results would be catastrophic. But that's also why they're physically located around the world in many different countries in heavily secure facilities with many High-Availability servers (clone servers that instantly take over if there's a failure, the ultimate "hot" server)
You wouldn't want to have a DNS server ask two root zones anyway. If it can't reach the root zones, then that needs to be addressed. You can't just ask a "less secure" server in case the primary doesn't work. That's just begging for a security breach via cutting off access to the primary root zones so that they "fail over" to the less secure ones.
Thank you for such a detailed and instructive answer!
Woot we're saved.
Could users set a temporary entry in their hosts file pointing the .ml domains to public IPs in order to regain access to their account if they needed to?
Can Lemmy federate to an IP address directly or will the settings only accept an fqdn?
Will a Lemmy instance work behind a reverse proxy.
Thanks for taking the time to answer questions.
There are several problem with this including total lack of SSL without the proper cert for that other domain, also Lemmy.ml's IP seems to be running a reverse proxy so the internal IP that we would want to connect to is not visible to the world this is common for web security, the owners must set allowed domains and ports in their config file.
If none of that was a problem Lemmy itself does not do well with changing domains, as highlighted here: https://lemmy.nrd.li/comment/190200
Sorry that I couldn't answer more of your questions.
Why is it always dns
So, how some companies get right to sell TLDs? Can I start selling TLDs nowdays? It's just that they were there first and get all top level domains and now we have to pay for it?
Thanks in advance.
They paid a huge amount of money to get a TLD
So why do we need the .com or .org or whatever at all? And the www. as well?
I remember when I had to type the whole http://www.cakefarts.com and now just cakefarts.com works. What changed? And what's next?
The ".com" and ".org" and all other Top Level Domains are owned/controlled by some organization.
Com and org are your original TLDs, so since they were around first you see them everywhere. At some point countries got their own TLDs so Mali got "ml" for example but Tuvalu got "tv". (Yes, technically ".tv" has nothing to do with television.) And a few years back there was open bidding for a bunch of new TLDs which is where ".sport" or ".dentist" come from.
Anyone some entity owns/controls them and then can sell any word or domain under it. So if you want "greatgatsby.com" you have to talk to the ".com" owners. If you want "greatgatsby.sport" you talk to the ".sport" owners. Usually there is another company or agreement that groups these together so you can manage all your domains in one place.
So anyways now you own a domain like "greatgatsby.sport", what do you want to host? Mail at "mail.greatgatsby.sport"? A website at world wide web aka "www.greatgatsby.sport"? Up to you.
Over time, largely by convention "www" became where you put your website.
From there you have two options, you can setup a redirect from "http://greatgatsby.sport" to "http://www.greatgatsby.sport" or you can do a little hosting "trick" and just make "http://greatgatsby.sport" return your website.
So say I want a ".travel", who actually makes and sells these? Is it a private company? A country? An independent entity who's sole purpose it is to keep domains and the interwebs alive?
Btw, .com is owned by the US Department of COMmerce. .org is owned by a non-profit organization called "Public Internet Registry"
To answer your other question: most likely, www.cakefarts.com is now accessible from cakefarts.com for one of three reasons:
For the 'record', www is just a really common record name. There's nothing special about it. You could have dudebro.cakefarts.com or wwwwwww.cakefarts.com. It's up to the domain owner.
Hi! When DNS servers are launched, they have to be purchased, correct? So in this case, did Mali file for the domain to be reclaimed somehow? Do you have an idea how that might work?
We had a situation at a shared space here where an OpenWRT client device accidentally somehow managed to announce itself into the network in a way that its v6 local link address (
fe80::
) got inserted into /etc/resolv.conf as a third DNS option (with the first two being the ones from DHCP) and then served incorrect records when queried. What mechanism is that and were the engineers who designed that feature on drugs? Also, how can I tell my Linux system to not accept such announcements?Why is it always DNS?
lemmygrad.ml and lemmy.ml are gone? So sad.
Anyway.
Unfortunately, it seems the tankies are gonna tank right on (over the bodies of students).
Best comment
both are up, but fmhy is down, maybe forever
Link to the actual post OP screenshotted: https://very.bignutty.xyz/notes/9hf13it1ced3b2za
Screenshots of text are not the way. The crappy “hey, a text thing I want to share, let me take an accessibility-poisoning screenshot and upload that graphic file like a psychopath instead of just copy/pasting either the link to the text or the text itself like a decent human being” routine needs to die with Reddit, we have to be better than that here.
Screenshots of text preserve the state of the text at the time it was seen...
Yes, it's not good for accessibility but it's a good way to quickly capture a moment in time.
(I would recommend perhaps also copy/pasting a synopsis for people who might be vision impaired etc)
So copy/paste the text for your snapshot, and link to the original.
That's kinda what I was saying? Include the snapshot but also the original text body as a copy/paste for those using screen-readers or other such tools
At the least, put the screenshot and the link in the post. We can do both, people.
Yeah, this is the correct way, because posts often become inaccessible.
Screenshots stay with time, I hate it when I arrive a bit later and the link is already dead and I have no idea what it said.
..except when the image hoster suddenly dies and 10000s of Screenshots suddenly vanish from the internet and all howto's etc are killed by it
That's why you shouldn't use external image hosters but embed the picture the normal way. Then if the lemmy instance dies then the screenshot dies with it but not seperatelly.
well, often webprojects don't have that much money and hosting communitys who post a lot of images, videos etc. costs a lot of money. because that a lot of users use imagehosters to bypass this issue.
If you can post an image, you can post text, right?
Image in the post, text+link in the description, everyone happy.
Copy/pasted text stays with time too and doesn't have the issues that pictures of text do. Also hosted images disappear all the time.
I did share it. It's in the comments.
Yeah, it's 2023, just take a video of your screen and upload that like the kids all do now.
And then play that video on your screen, take a video of that screen with your phone while shaking the phone around and mumbling over the audio, and upload that phone video to TikTok.
It's called a single-point of failure in Engineering.
Funny enough it wasn't even a technical one but a contractual one.
Maybe there is some kind of lesson here on the risk of delegating critical structural elements to 3rd parties that rent rather than own that which they're selling ...
Unfortunately that has always been the nature of TLDs
It’s less sketchy if you pay for a domain through a reputable registrar
The issue here isn't the registrar though right? It's that the TLD is being repossessed by the government of the country it's meant to be associated with.
I think the point is that a reputable registrar wouldn't sell domains like these in the first place... But I'm not saying that's actually the case :/
Governments are unpredictable. It's not the registrar's job to mitigate that unpredictability to their customers.
Idk, I feel like we're only saying this because it's Mali... If it were .US or .CN people would be like "well, duh"
Every country gets to decide how tight of a grip they have on their TLD. Some sell it for some extra income (like Tuvalu) while others hang onto it for government or domestic use only
Yeah, and I'd say going with any of the ones that sell it or leave it free is a risk because you never know when their regime might change and the new one might want more of an official internet presence. Unless there's a 2nd level domain it's all under (like co.uk), you should assume they'll want it back at some point. This could apply more to popular domains that some governments could see as free traffic if they reclaim them.
Not really. When you pay for .us domain you have it for a certain number of years. If the US tried to suddenly yank those back and violate the outstanding contracts for x number of years, there would most likely be lawsuits and an injunction from a federal judge blocking the action until there are hearings, etc. It would be a whole thing. If you simply couldn't renew your .us domain anymore, that's something you would know ahead of time and could plan for. It wouldn't just vanish one day.
More like, it's less sketchy if you pay for a domain at all. .ml was free, what did they think was going to happen?
Indeed... you never really purchase a domain. It's definitely more of a lease. And that's any tld.
For that instance, yes. For the whole of Lemmy, no. Everything else keeps on chugging along.
Indeed.
Imagine if this had happenned to a centralized system like Reddit...
I think its called "redundancy L"
Visited lemmy.ml : it is on.
When was it down ?
I just visited lemmy.ml as well and still up, however cannot get to lemmy.fmhy.ml in any app or browser.
Yeah. Lol all the people celebrating the demise of that nasty commie site. Also the admins created lemmy.
It was quite hard to find any information on this, so I will post what I found.
https://domainincite.com/tag/freenom
https://tech.slashdot.org/story/23/05/26/2121222/phishing-domains-tanked-after-meta-sued-freenom
That second link is less relevant but interesting.
Why is Meta suing Freenom?
Why is Meta suing Freenom?
Freenom gives away domains, many of which are used by phishers and other bad actors. Meta is suing them for not being responsive to their complaints about this. And I guess the injury inflicted on their users by phishers.
Wait, is it actually Feeenom's fault? Isn't it from whatever the server the malicious actions comes from?
For example I use one of their domains along with a Digital Ocean droplet, and I used it briefly to increase my seeding ratio by portforwarding my Qbittorrent port, after several months I got a letter from DO (which is amusing because my country couldn't care less about torrenting lol) which I think is correct, I don't think this is Feeenom's fault.
I'm assuming they've run afoul of something similar to the DMCA safe harbor provisions. Basically under the DMCA a hosting provider isn't responsible for violations due to user submitted content as long as they're responsive to notifications and remove the content quickly when notified.
Now that applies to copyright not domain names, but I'm assuming there's some kind of similar law at play. Meta has said that Freenom has been ignoring complaints about domains registered with them that are being used for phishing attacks. It could also be a DMCA issue because I think it does have some anti-domainsquating provisions in it that prevent you from E.G. registering say cocacola.ml as you aren't the holder of that trademark.
In theory depending on where Freenom is run out of they might be able to just ignore the lawsuit, but it's probable that doing so will get them blocked by various ISPs and organizations.
Registrars not only have rights, but also responsibilities. They physically own the domain names and bear responsibility to ensure their domain names follow international rules.
Which is good because phishing sites suck especially when they start hitting high up on google searches
A lot of people should be concerned about this for .me domains as well (Montenegro)
I think that's different because the .ml domain apparently was being given away for free by a registrar that wasn't responding to abuse complaints, and thus was being heavily abused.
...but if not, then holy shit what a mistake it was to register
firstname@lastname.me
as my primary email address.I was using .ml domains for my selfhosted services, since it was just an hobby and I didn't wanted to invest money on it. Apart from Freenom website being pretty unusable since I have memory, I've already had troubles renewing them last year and now they stopped working without any notice nor update from Freenom itself. Finally I decided to move to a payed domain from Infomaniak, since it's been more than a year I've been selfhosting and $10/year is a fair price for me.
But still without those free domains I wouldn't probably ever started selfhosting, and I guess a lot of other people like me wouldn't have experimented or spin up their projects if they had to pay for a domain from the beginning. So despite my hate for Freenom I guess I have to thank them and hope someone else (maybe a bit more "professional") will take its place in the future
Umm... Can we talk about how a private company is suing another private company over something that should be in the interest of the government/general public? Where are our agencies, where is Interpol/Europol or ENISA?
Why was .ml selected to begin with?
.ml stands for Marxist/Leninist apparently. Communists try not to let idealism get in the way of practicality challenge(impossible)
To be fair this is a pretty crazy black swan event they couldn’t have possibly seen coming. But yeah, this is why novelty domain suffixes are novelties.
It was totally possible to see coming. The .ml domain deal and its expiration was known far in advance and I've been seeing posts about it for months.
This is 100% incompetence on whoever set up the site.
Lemmy was started in 2019. And before the Reddit meltdown, it was more a bunch of very nerdy friends for whom a server going down was Tuesday.
Interesting ... I always wondered why the
.ml
. In my trade ML is mostly used to mean "machine learning", aka AI, but it didn't seem fitting here.No that's not true.. .ml is the TLD for Mali and lemmy.ml selected it because it was free.... This claim you're making is like people claiming AC/DC stands for anti-christ devil-child. No, it's electrical currents, hence the lightning bolt...
With that said, they did censor anti-china rhetoric, had many pro-china trolls/brainwashed users, and started censoring words, including "bitch." So I'm not defending the instance. But this claim about what .ml means is just blatantly false! It's a country's TLD!
Free
Always thought it's a play on machine learning, but I'm most probably wrong.
FYI I have made a tool that can backup / copy your account settings, subscriptions, and blocks to a new account: https://github.com/CMahaff/lasim
There are others out there as well if you look.
Obviously the loss of .ml communities would still be catastrophic to Lemmy, but at least your new account won't start from ground-zero, and you can be less effected by downtime by having 2 accounts with the same subscriptions.
Yeah this sucks for my small but growing community. Ive created an alternative instance elsewhere (on .world) but hopefully .ml doesnt go down forever.
https://krebsonsecurity.com/2023/03/sued-by-meta-freenom-halts-domain-registrations/
Goddamn, looks like im switching registrars soon. Thanks for the link.
Personally I think more people should be aware of the evil company that is Freenom. (Not saying Meta is not evil.)
Or at least the people that unwittingly transact with them and give them attention / money.
you say we should be ware, yet you provide no information.
thanks for nothing
What did they do?
I can understand why refederation needs to be done manually, but I'm confused as to why transferring users and histories is a maybe. Web and database hosting are mutually exclusive from domain hosting/registration.
With ActivityPub all of the primary ids contain the domain of the hosting server. So if you lose your domain none of the other instances know that you're the authority on those communities, posts, comments or users. So essentially federation breaks with all of the old data.
That seems really dumb given the technical aspects as well as the purpose of domains.
Just like email right?
Same issue is why mastodon needs your origin server to be online to migrate to a new server. In both cases, federating a public key for the server or accounts would allow either to pop up at a new domain and prove it has the authority to migrate links to the new location.
The domain bs is a interesting case of scummy practices in general, .tv was missused in a similar way with awful contracts, essentially scamming a already increadably poor country!
Didn't Tuvalu massively benefit from being assigned a TLD that is popular? I read they were able to build an airport with .tv money
Yea, they managed to get it back at some point but it was under external control with close to no benefit for them for a long time!
They reclaimed many domain rights and are now renting them out for big money, yeah. They were still scammed off by many.
There is also
.io
for the Indian Ocean territories. They seem to be fine with it. It is interesting they have problem with it. I wonder what the actual motivation is, because it can't be due to a lack of viable domain for businesses.The US and UK build a military base and established it with that ages ago so I am not surprised the current population is fine with it but they expelled the original population to do so! :/
TLDs are a non-tangible arrangement of characters that are defined by a committee at a whim. The countries they are given to have not contributed anything to make them worth more. I don't see how that can be seen as a scam when they don't get free money based on a random decision by someone outside of their country.
That's not actually true, the guy who made them originally was from the west and those countries didn't contribute because they had no chance of any digital infrastructure yet but top level country domains use caracters from the correspinding countries name and those are all determind in the same way so you essentially use their name without their permission or based on scetchy and scummy legally binding agreements!
.ml was a terrible name anyways. People just kept saying everyone was a tannkie whether or not true. Not the image that's going to help you grow or your ideological goals imo
how does ML make people it's tankies?
edit: nvm comments lower say Marxist/leninist
…not even gonna lie, I thought it had something to do with machine learning at first.
Umm with no warning whatsoever?? That's quite insane.
A week ago I literally read articles about how .ml was switching to the (Russian-influenced) Mali government in a week, and did not even think about how lemmy.ml would be affected
This is why I have a .org.
this is why instances should be abstracted away as underlying infrastructure and the users don't have to think about "instances". accounts and communities are replicated across servers.
This is not the solution! Being able to pick a server to trust your data and content moderation with is a feature, not a bug.
What we do have to do is make this feature more resilient and easier to use. Like adding the ability to easily transfer accounts and communities between instances, or even change the domain name of an entire instance.
There are a few technical problems with that. First of all, the cost of each instance would become quickly unbearable since everyone has all the duplicated data.
Second problem, a malign entity could just come, create its own instance, spam everything and everyone with ads or whatever and suddenly every instance is full of that stuff. Also, how do you handle defederating in that case?
What has been proposed before instead was to make some kind of mega communities that gather all posts from communities with the same name across instances
I don't want to share an instance with the nutballs on the tankie instance or the nutballs on the fascist instance.
to expound:
here you reveal a conceptual misunderstanding, or rather, a part of the lemmy architecture which i disagree with. there shouldn't be a concept of a "interest X instance" etc. it should be similar to a distributed storage model. so the concept of a community is not per-instance, it's just an abstract thing that exists in conceptual space.
you already share water with them though. how is this any different? more seriously though, you already share internet infrastructure with them. the packets you just sent to make that comment could have been sandwiched between a "tankie" and a "fascist nutball". that's just the way it is man, there have always been crazy humans.
This was my thought as well. Before learning more about the fediverse, I thought things are distributed and are replicated across servers (much like how distributed storage and computing works). But apparently they're not. You still have to choose which instance you want to use as your "home", and your data and your contents stays in your home. Others get to look at your profile and contents thanks to ActivityPub.
I understand the needs for multiple instances (i.e., preferences for moderating concents, governance, etc.) But shouldn't the users and the user generated contents (arguably fediverse's valuable resources) should be safe-guarded by having redundancies in place across multiple instances?
Has there any work or effort on this?
Is this because of the DoD typo leaks? Lol
I wouldn't be surprised. That was a pretty major mistake, so I was already kind of expecting there to be some changes with the .ml TLD. Didn't expect this, though.
No, just the contract ended
The Mali government taking control of the .ml tld probably has something to do with the fact that hundreds of thousands of US military emails have been accidentally sent to Mali by users who type .ml instead of .mil in the address field.
It's almost 100% because they were in violation of at least some of the content policies found here
It's just that the Fediverse now has enough global attention being paid to it that they're probably actually cracking down on enforcement. Probably something under the "Insults" or "Racism" content policy, since those are the most vague and poorly defined and highly likely to be "obvious" primarily to the country who is operating them, Mali.
fmhy had pornography, which is banned for
.ml
domains.I don't understand why they went with free domains in the first place. Freenom is known for being unreliable.
Are .ml accounts going to disappear? Is .world "safer" (if you don't count the day accounts were compromised, because an exploit?).
Go with a .com ?
I think any non-regional and non-special TLD is fine. Some have rules associated. I thought
.movie
had special rules about only lasting for a specific amount of time but it looks like I may have been wrong (not sure where I got the idea and I can't find anything to back that up)..us
you have to be a US citizen for..dev
has the "rule" that it is HTTPS only because*.dev
is in the HSTS always-on list by default but that's not related to the domain itself.or .xyz
Note: some .xyz domains (6-9digit numbers) are amazingly cheap, cost about 1USD/yr.
Why not
Zoidberg.ziplol...put that nonsense domain to some use.
Speaking of which... anyone want to register Appleinvoice.zip? Haha
Even better, join a smaller one to spread out and make use of the federated nature. Right now imagine
lemmy.ml
andlemmy.world
for whatever reason go down. Basically whole Lemmy is kinda fucked because it's extremely centralized, even though decentralization is one of the points of Lemmy.We need a better way to advertise what servers to direct people to. Would be nice to circle through a big list of instances to evenly direct new users to
People couldn't care less if it's centralized or not. People come for the community, not the tech behind it. Also people are lazy, they will use the easiest thing that comes up. Why should one go to another instance, if the one they are right now works great?
I am not saying that this system is bad. I am just saying that people will always take the easiest option there is.
Well, I'm not blaming the people, really. This is a communication issue, it should be well advertised to do it "correctly" and it should actually be the easiest option.
How I see it is that every decentralized system with people is going to form some sort of centralization unless you actively fight against it.
In Lemmy's case, new people will check what are the biggest communities and go there, and since there are more people there, it attract even more people. More people, more communities in that instance.
This is kinda something that affects a lot of fedi services, mastodon has mastodon.social, lemmy has lemmy.world, matrix has matrix.org, etc
in confused. ml doesn't seem to be down anymore.
I’m new to the fediverse and not sure how it works just yet. Can someone help me understand? My account was created on Lemmy.ml, will it no longer work and I’ll have to make another?
I would make a lemmy world account personally, it's tough to say what will happen long term with .ml domains. Even if your account still works, it may by hampered getting posts from the rest of the fediverse. Worst case scenario you have account on two popular lemmy instances.
Bummer, I was gonna make fmhy my main instance!
It was my main instance 💀
That’s wild! But also not surprising?
Well kinda feels like my house burned down.
Hopefully the push towards some kind of direct migration comes on the feels of this.
Time for use the ip instead of a name
rip my website
I like how this mastodon app you are using actually says its name inside the dynamic island
I just had to do this to get back on here... Does anyone know if there is a way to transfer posts like it says here?
They would have to. We can move our stuff
Ah well that would explain why I couldn't join some community on one of those that popped in the new communities community a few days ago.
RIP.
Couldn't have happened to a worse bunch of people lol
i paid freenom for my .ga domain... i still have it for some reason