• 17 Posts
  • 291 Comments
Joined 1 year ago
cake
Cake day: June 9th, 2023

help-circle
  • Everything Wordpress is heavily infested with that. However you don’t have to let it impact you – it kind of looks to me like they pressure commercial vendors to put their stuff under the GPL if they’re wanting to offer a free version, so there’s a robust ecosystem of actually-FOSS tooling for it. My experience has been that it’s always worked pretty well in practice; you just have to keep your nope-I’m-not-paying-for-your-paid-version goggles firmly affixed. (Also, side note, GPT does an excellent job of writing little functions.php snippets for you to enable particular custom functionality for your Wordpress install when you need it.)


  • Wordpress 1,000% (probably coupled with WooCommerce but there are probably some other options)

    I honestly don’t even know off the top of my head why you would use anything else (aside from some vague elitism connected to the large ecosystem of commercial crap which has tainted by association the open source core of it) – it combines FOSS + easy + powerful + popular. You will have to tiptoe around some amount of crapware in order to keep it pure OSS though.


  • Yep.

    There are two big end-user security decisions that are totally mystifying to me about Lemmy. One is automatically embedding images in comments without rehosting the images, and the other is failing to warn people that their upvotes and downvotes are not actually private.

    I’m not trying to sit in judgement of someone who’s writing free software but to me those are both negligent software design from an end-user privacy perspective.


  • Of note about this is that image links in comments aren’t rehosted by Lemmy. That means it would be possible to flood a community with images hosted by a friendly or compromised server, and gather a lot of information about who was reading that community (how many people, and all their IP address and browser fingerprint information, to start with) by what image requests were coming in kicked off by people seeing your spam.

    I didn’t look at the image spam in detail, but if I’m remembering right the little bit of it I looked at, it had images hosted by lemmygrad.ml (which makes sense) and czchan.org (which makes less sense). It could be that after uploading the first two images to Lemmygrad they realized they could just type the Markdown for the original hosting source for the remaining three, of course.

    It would also be possible to use this type of flood posting as a smokescreen for a more targeted plan of sending malware-infected images, or more specifically targeted let’s-track-who-requests-this-image-file images, to a more limited set of recipients.

    Just my paranoid thoughts on the situation.



  • He’s just trying to help you, dude. lemmy.world is by far the biggest instance; 3x the users of the next biggest instance and much more than most. But, lemmy.world is also defederated from some notable instances like beehaw and hexbear. Another instance which also has in the tens of thousands of users (enough to be subscribed to “most stuff”) might well give you better search results.

    You may decide that the defederated-from-here instances aren’t worth bothering with, with some justification, but you came in asking for help, he’s trying to help you, and you’re lecturing him about what’s what. 🙄









  • It’s definitely factual. That’s why I linked to some examples of rape. The occupying forces are committing rape. Want me to try to find more examples? Or do the same for occupation, killing, torture, and systematic dehumanization?

    The fact that now that I’ve read up a little bit more, I think it’s genuinely pretty unfair to put that in there in the way that I did, and that context needs to be added, doesn’t change the fact that rape has occurred because of what Israel is doing in the Palestinian territories. It also doesn’t change the overall thesis of what my comment was in the slightest.

    The wider point, that us being allowed to have this conversation is a good thing and that forbidding this conversation would be a bad thing, was more my point. I won’t claim to be perfect or right all the time, and I’ll be pretty honest about it if I learn something or realize I got something wrong. But if you want to talk about what Israeli forces are doing in Palestine I’m happy to do that and back up anything I’m saying or have said.