Yeah. Build machines should never have had internet access. Any dependencies your product uses should be downloaded once and then cached in your own artifactory. If you don’t, what you deploy in production could be different from what you tested in staging. That can allow attacks like this to happen much more easily.
Even when running an instance for yourself, you’re not really safe. The threat to your privacy goes from being a third party in control of your data to your own operational inexperience.
I tried to host my own personal Lemmy instance and ran into a lot of issues hosting it. On the one hand you want to be safe by restricting unnecessary access, but on the other hand you have no idea why federation doesn’t work, or the postfix-relay docker cannot send an email, or why you cannot ssh into your own host, so you want to just allow everything and just get it to work somehow. In the end, unless you are already an expert at this stuff, trying to host your personal instance safely is a tall task.
It’s also going to be very costly. Especially for an image sharing website like Pixelfed.
Maybe there is a market for self-service managed hosts like we have with Wordpress blogs.
Hi, I’m Dr. Mordecai Tutu on this glorious day.
You know, saying that everyone except caucasians are “people of color” itself reeks of inherent racism.
Racism is quite common in the world. It always has been. It’s just that in most of our history our out-groups were still local so racism didn’t manifest.
Right now we’re at a point in the human journey where we see people of different races quite often, but we don’t interact often enough that it is no longer relevant for anyone. It’s improving.
Posted in /c/technology 😬
I swear there are as many packers and movers as there are ways to spell Agarwal. This is the case of Buma, Punna, and Pumma crowding search results for Puma.
I read somewhere on Lemmy that ich_iel deliberately uses wrong words four the lulz. So be careful or you’ll be learning bad grammar. Youse diggitty?
The apps are already amazing and will not suffer issues of scale themselves because they run on users’ devices. The scaling issues will be in Lemmy server code and ActivityPub in general.
ActivityPub doesn’t seem very scalable IMHO. It works well if all instances are about the same size and communities are well-distributed. Right now a few servers like lemmy.world, sh.itjust.works, and lemmy.ml are much larger than others. They host most of the popular communities as well. This creates an imbalance which ActivityPub doesn’t handle well.
I think Lemmy instances should be topic based. But that’d be confusing for people coming from centralized social media who are only trying to find a reliable starting place. So I really hope we reach a point of maturity and mainstream-ness of Fediverse that people feel comfortable with smaller theme-based instances.
You don’t love me.