sure they do, you're one of them
sure they do, you're one of them
reporting absolutely helps. it increases visibility for content that slipped through automated moderation and having more reports for content indicates urgency.
I can sell you a copy of lemmys source code, are you interested?
nearly all talks are either in English or have English translations. not sure if they're available on YouTube but you should be able to find everything on https://media.ccc.de
that doesn't do anything, they'll just register accounts in advance and wait some days.
we've even had spam recently from accounts that had been dormant for months, although it was a different kind of spam.
original source for this badly copied blogspam link: https://cointelegraph.com/magazine/china-dev-fined-salary-vpn-10m-ecny-airdrop-asia-express/
I ate fiber but now my internet is down. what do I do?
The 90 days disclosure you're referencing, which I believe is primarily popularized by Google's Project Zero process, is the time from when someone discovers and reports a vulnerability to the time it will be published by the reporter if there is no disclosure by the vendor by then.
The disclosure by the vendor to their users (people running Lemmy instances in this case) is a completely separate topic, and, depending on the context, tends to happen quite differently from vendor to vendor.
As an example, GitLab publishes security advisories the day the fixed version is released, e.g. https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/.
Some vendors will choose to release a new version, wait a few weeks or so, then publish a security advisory about issues addressed in the previous release. One company I've frequently seen this with is Atlassian. This is also what happened with Lemmy in this case.
As Lemmy is an open source project, anyone could go and review all commits for potential security impact and to determine whether something may be exploitable. This would similarly apply to any other open source project, regardless of whether the commit is pushed some time between releases or just before a release. If someone is determined enough and spends time on this they'll be able to find vulnerabilities in various projects before an advisory is published.
The "responsible" alternative for this would have been to publish an advisory at the time it was previously privately disclosed to admins of larger instances, which was right around the christmas holidays, when many people would already be preoccupied with other things in their life.
I've been using case insensitive fs on macOS for years and the only software having issues with this is onedrive.
can't say i'm surprised.
here's also some more context and explanation about what's going on:
https://fedi.fyralabs.com/notes/9psdqurvye
https://fedi.fyralabs.com/notes/9psnooe6p1
https://fedi.fyralabs.com/notes/9pth6oh3xr
account deletion does not federate in general, only banning (+ content removal) does
it is indeed somewhat attributed, but it still very much looks like scraped content.
a very strong indicator is the inclusion of
Subscribe The most engaging reads in blockchain. Delivered once a week.
Email address
SUBSCRIBE
at the end, which on cointelegraph's page is separate from the content and provides a sign-up form.
you can enable end to end encryption, it's optional. I don't think it's enabled by default.
I haven't checked how reddit does this but just from the example it seems like there is no anti tracking from the use of urlcheck that you're describing.
reddit appears to generate tracking link with a specific numeric identifier in their database, so instead of attaching a bunch of removable url parameters they instead do a lookup in their database and then redirect to the original destination.
this also means your app checking the redirect will need to fetch the url to determine the destination, which means their tracking still works just fine.
edit: a word
search for mautrix whatsapp (not a typo)
ncdu makes it even easier if you want to interactively browse through folders to see which files exactly are eating up space
at that point you'll just discourage any new users if they have to gamble on whether or not their content is actually seen by anyone. account age really isn't a good indicator of anything other than soemone being dedicated enough to spam. considering this isn't the first wave of csam attacks, i can assure you that whoever is targeting lemmy with this is determined enough that account age won't deter them for long, they'll just have to slightly adjust their playbook.
indeed, original source is the wrong term, but at least it's an english derivation of it, which was only copied by the link in this post
even on Windows 10/11, I'm still frequently hearing about issues at work where the necessary ssd drivers are only included in the default windows installer (not the recovery shipped with the device) like half a year later. at least with Dell this seems to be a common theme.
there's also kexec
if you're not community banned you might still be instance banned on the community instance, which wouldn't show up in your local instances modlog if the ban happened on a <0.19.4 instance. if the methods pointed out by other comments here fail I suggest you visit the instance of the community and check the site modlog there, searching for your user.
i suspect you're referring to your post to a lemmy.ml community and you have indeed been instance banned there for a limited amount of time.
if you're renaming from File.js to file.ts, which is also changing suffixes instead of just capitalization, then that couldn't be explained by case sensitivity, unless it was a typo and you meant File.js to file.js
for our admin team, we're using a bot to message a matrix room when content is reported and reacting to the message when it's been handled.
this could be done pretty much the same way on mod level, though this is certainly not easily accessible to everyone due to the hosting involved.
and all of this is only relevant if you even receive reports about content in the first place. if you moderate a community on another instance, tough luck unfortunately, as they currently do not federate.
edit: typos
no, they're getting a lot of downvotes because it's spam.
they're not interested in legitimate discussion, they only need to promote the spam links at the end of the post.
unless they changed it, play dev is a one time purchase, only apple takes a yearly fee.
for a device without inbound connectors and no ip based lan firewall rules, which applies to most phones, random per connection macs seem like a pretty good default for privacy.
some networks doing "unusual" things like hotel wifi limiting you to few devices (implemented by mac counting) may be thrown off though.
true, my comment was primarily from the perspective of the recipient of tracking links
I didn't say there were no use cases for this, but the average phone user will not need it. someone using samba on their phone would likely be capable of switching the network config to not randomize every time.
The OEM version is working fine, as the drivers are embedded there. My point was that without this recovery partition you tend to run into issues on newer devices, as the MS bundled drivers get updated only infrequently.
until 0.19.4 is released, clients are supposed to suppress comment contents when the comment is either marked as removed (moderator) or deleted (creator).
they might decide to show contents to site admins or community moderators anyway, but some clients did not implement this properly and show the original content to all users.
this is of course not something that should have been available to everyone in the first place, which is why this is being fixed in 0.19.4.
depending on the client, you should still see some kind of indicator above the comment text that shows it was removed or deleted, in this case removed.
do people commonly have three feet where you live?
won't be the case for much longer, the next lemmy release is removing that.
i suggest you remove this quote and summarize it with fewer details if you need to have it there in the first place. you're effectively advertising for them now and undoing the moderator action of removing this advertisement.
why is this a blog spam article badly copied from the original source at https://cointelegraph.com/magazine/china-dev-fined-salary-vpn-10m-ecny-airdrop-asia-express/ ?