this post was submitted on 12 Jun 2023
493 points (100.0% liked)
Technology
37739 readers
482 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Sorry, but a lot of your concerns you outline, I just don't agree with.
No... Reddit's singular biggest issue is the fact that everyone is beholden to Reddit's whim. Leaving any of this to any singular company/persons whims is a big problem. Moderator banned you from a subreddit cause they powertrip? What's your recourse? You have none.
And yet emails are not a problem. Why specifically is this off putting? You've never emailed anyone outside of gmail.com? or outlook.com?
Statistically this is very wrong. Quite the opposite in fact. Users are terrible at identifying ANYTHING malicious as actually being "Wrong".
Just like setting up an email on Gmail doesn't mean you can just migrate to Outlook... and yes I would hope that deleting your account would delete all your comments. That's a GOOD thing.
What security are you talking about? There's nothing "secure" here. You're posting things to a public forum for all intents and purposes. What security are you expecting?
Slated for release with v0.18 which will probably drop within the next few weeks or so... But if your only concern for account security is 2fa... then you probably don't realize that long unique passwords are perfectly fine. I only really see this being an issue if you're a moderator or admin of an instance though. As both of those things... I actually don't currently see a problem. 2fa will be a welcomed addition though.
Just like on every other service on the internet? It seems that most places do fine without this worry.
On the instance you signed up for your account on. In your case that would appear to be lemmy.ca. That's the only instance that even really knows who you are. The rest of the instances just believe the origin instance of the data.
Yup. But that's the case with ANY online service. Where's your facebook data? How about the massive amounts of data that google collect on you? Where's every bit of that? The hope and prayer is that it's safe in some datacenter that has armed guards and all that. The reality is that data leaks happen. Engineers go home with harddrives full of backups that have all your data on it. Hell your doctors office probably has this issue... https://www.classaction.org/pediatric-data-breach-connexin. I don't see you complaining about that. This service is not super sensitive... and if you believe it is... host your own instance.
And yet everyday you hear about some other company that got completely shafted... and more user information leaked out there like it belongs in the wild. But I once again have to ask... Aside from password (which is hopefully long and unique)... What content do you have on lemmy that actually matters? You realize that everything you post on a platform like this or Reddit is public... There's nothing you should ever assume to be "secure" or private on a platform like this, including Reddit. You bring this up so many times... What are you uploading that's sensitive that you think needs to be secure?
Finally a legit concern. Yes, finding communities is actually a bit annoying. There's work being done to fix it. Remember this is version 0.17.4 that we're on right now. And the mass influx of people trying the platform out is putting a ton of stress on lots of undersized server instances. Things will happen... But same story with reddit... Reddit just had 3-4 hours of downtime because some subreddits went private. They're not perfect either... what's their excuse? It can't be because it's new and small...
What? There's TONS of content already. You need to join more communities I think. Reddit was never there to generate content either though. It's an aggregator, not typically a source.
I didn't have the energy to write all that and what I woud have written would have been 90% the same so thank you! The parent doesn't know how things actually are in corporations. Neither about hosting stability, nor data security, nor regulation, nor financial security, nor responsibility. Most of the concerns they had with the random dude are valid for any typical, in other words limited liability, corporation. And the big instances are not at all hosted by some random dude. You can't run a big instance without sysadmin knowledge at the very least. The three I have looked into, lemmy.ca, lemmy.world and lemmy.ml, are all run by either software developers or system/database admins. At least two of them are also well funded which we can tell due to the transparent funding and available track record. Small non-profit teams and organizations have made much bigger contributions to my life and society than many big corporations. From Wikipedia, through Mozilla to all the outfits behind most open source software that literally runs the world. Two random dudes write the crypto for the security that nearly every corporation uses (OpenSSL). Anyways. I'm not writing this to change minds. Just expressing my thoughts and reaction. 🥲
I tried not to bring up individual instances... but to your point there... I'm a CISO... My whole job is data security. My instance is 100% for sure safe... and honestly I probably have better tools in place than a good 80-90% of companies that you give all sorts of private information to.
I felt that point wasn't specifically relevant, but it's just odd that people treat companies as better than individuals in general... My uptime actually beats Amazon this year so far. And I'm hosting from hardware in my garage, which happens to be a cluster of proxmox boxes with a good dedicated 60 amps of power and 6+ hours of battery backup.
The datacenter my business is in contract with... I have better uptime than them... They've had 3 major outages in the past 9 months.
Businesses are not infallible... and honestly are likely worse to work with since no individual ever feels compelled to own up to the mistakes. It's always shareholders and money with businesses. I love working with vendors that are 1-3 man teams... They are ALWAYS vested and always do good work IMO... It's the large places that pass the buck everywhere they can and everything is always a shoe-string shitshow.
Just my additional 2 cents to continue the discussion.
Heavy agreement. Having seen how corporations host and treat data, it's a clown show. Everyone knows noone can be held accountable beyond being fired and execs and shareholders know they can't lose the money they already made. It's certainly better than that in some places but that's the baseline because those are the incentives. It's only better if there's lots of money on the line in case of a data breach. Real scenario from a corporation:
That's of course security patches by some random dudes, for the software written by the random dudes.
🤦♂️🤦♀️🤦
Anyway, what's your instance?
E: Found it.
E2: I'm falling asleep, I assumed it's a public instance. I'll probably be standing up my own at some point too.
https://lemmy.saik0.com is my instance. I'm treating it as the original myspace idea... friends of friends can get in. Also makes the local communities much better IMO...
Running in an LXC container on a proxmox cluster, all the data stored on a ceph cluster. Backed up nightly to a large 400TB backup server. Proxied through cloudflare (yes I've gotten cloudflare working correctly enough... I should probably clean up the page rules a touch...). The only thing I'm missing in my "homelab" is offsite backup... Of which I'm looking for tape libraries or similar things I can put into my rack to swap out every week or so to an offsite location.
And your example of the Ubuntu thing is even worse the moment you bring up windows environments. I know so many companies still running Windows 2012... And their reasoning? "Well it's still supported until October right?"... Not realizing it probably takes months to a year to validate all the software they're going to have to migrate. Clown show is accurate.
Great stuff.
Honestly, even if most folks from Reddit don't stay, the ones that know will most likely stay. I've been here for a week and I know I will. In the worst case scenario it'll turn out like Slashdot used to be. Frequented by knowledgable folks sharing News for nerds, stuff that matters. If that's all we get in the end, it won't be so bad. 👌
But I think a lot more will stay.
Anyway, good night!