The code is open source. Nothing is obscured.

“Security-by-obscurity” is a phrase used for any measure that is useless once you know how it works. In this case it’s hoping that a troll doesn’t know about the specific hardcoded rules. None of the rules in PieFed actually work if you are at all aware of them.

Thanks for clarifying, I guess I misremembered the shadowbanning part. I think I was mixing together the fact that reputation isn’t really transparent (users’ reputation can change by even attempting to upload an image that gets flagged, and the vague error means they’ll probably try multiple times without realizing they’re being moderated) and the fact the communities can autoban any user whose global reputation is low enough.

I still think the security-by-obscurity approach to moderation is inherently flawed though, and I hate to imagine how the dev approaches actual account security if that’s their approach to moderation.

Honestly I would consider [user-obscured] hardcoded shadowbanning just as bad.

Just because I’m closer to agreeing with the PieFed dev’s opinions a little bit more doesn’t mean that I’d support shadowbanning someone because the trivially-evaded checks caught a false positive in the crossfire. Piefed’s auto moderation/social scoring is pretty much textbook definition security-by-obscurity. The second anyone knows how it works, it’s useless. It will pretty much exclusively catch people who just wanted to post a harmless meme or something.

At least (for now) Dessalines isn’t hardcoding his tankie beliefs into Lemmy’s source code.

Edit: Blaze is right, it isn’t shadowbanning, but the rest of my point still stands, added the [] part to clarify

There were a few, not exaustive since it’s been a few months since I looked through the source code, some of this might have changed and there’s also a few other checks that I’m forgetting:

• 4chan screenshots (specifically anything that OCR identified as having “Anonymous #(number)” in it) were banned. Honestly this one is fine as a toggle but I think for a while it was just on by default in the code
• any community that had specific words in it were blocked at instance level. I think “meme” was there, a few swear words, and a few carryover reddit meme community names (196, I think nottheonion was also there, anything with “shitpost” in the name, etc.)
• There’s a hidden karma/social credit score based on a user’s interactions and net total karma hidden from them that gets impacted by any moderation actions, including some of the automated hardcoded ones (e.g. even trying to upload an image that gets flagged by the hardcoded checks). In some cases the user is not informed of any of these changes (the image upload will appear as a generic image upload error)
• users with a low enough net score can be automoderated at both a community and instance level

Edit: the other thing is, a lot of this hardcoded moderation isn’t documented anywhere outside of the code, likely because a lot of the measures would be useless if people knew how they worked

Edit 2: updated based on Blaze’s reply from another comment, I misremembered the shadow banning, I was confusing it with the federation errors that occur when one user blocks another

Tbf Piefed also does have opinionated moderation literally hardcoded into the source code.

It’s pretty easy to modify since it’s python and not rust, but still not great

Gender-wise, women tended to make small interjections, nod their heads, etc, as the conversation went among, to indicate that they were listening

Wait this isn’t something everyone does?

I’m comparing hardware to hardware, not artificial Apple software restrictions.

That’s great but hardware doesn’t exist in a vacuum. With an ecosystem as locked-down as an iPad’s you can’t just ignore the software. It’s not like you’ll ever be able to uninstall it because it’s intentionally locked down, unlike a macbook which allows installing apps and even modifying the bootloader to boot into a different OS.

Edit: Forgot to mention the fact even for people that might not care about that, iOS will automatically kill any app that uses more than a certain amount of RAM (I think it was 4GB? I don’t remember the exact number) so in a lot of scenarios you can’t even take advantage of the hardware in an iPad because of the locked down software

Ok but if you want to do actual work on it then these things absolutely do not cancel each other out because you have to spend $270 on a keyboard/trackpad regardless, and now have to use a clunky touchscreen on your 13 inch tablet half the time.

Yes, the M4 is much faster and it is probably only stupid product segmentation keeping it on the iPad. But the reality is, iOS/iPadOS puts OS-level limits on how much you can even take advantage of that hardware even if there is an iOS app for the thing you want to do

TLDR: If you really want a MacBook just get a refurbished M1/M2 MacBook and call it a day, bonus points for putting Asahi on it

That’s fair, I assume most people probably aren’t following ladybird that closely so it’s easy to miss. It just bothers me because shrugging off small individual problems and ignoring a bigger trend is arguably what let people like DHH get a platform in the first place.

How many times do I have to give him the benefit of the doubt though?

First it was the “using they in documentation is political ideology” Github issue, then he publicly defended DHH when people called him out for being a white supremacist, he implied tech companies are discriminating against white people with diversity policies, and he tweeted that he hopes young people will carry on Charlie Kirk’s legacy.

If one or two of these things happened in isolation, I could maybe understand giving him the benefit of the doubt as a non-American (for that last one) non-native English speaker. But all of these things taken together? I personally don’t think I can look past that.

All things considered the way they’re approaching the migration is fine enough - they’re only moving specific portions at a time, they’re not stopping C++ development, and they’re making sure it doesn’t introduce regressions. Adopting a memory-safe language for something like a browser makes sense because it completely eliminates that class of vulnerabilities.

The problem is the way they’re approaching the code itself. From their wording, it sounds like they’re relying on AI heavily for both writing and reviewing the code. Rust has a steeper learning curve than most languages and is very different from C++. They even mention in the blog that their current Rust code looks like C++ code ported over. If they don’t take the time to actually learn Rust before adopting it, it’ll just lead to security logic issues that their AI couldn’t catch because C++ and Rust don’t always behave the same way. And that’s completely ignoring all of the other ethical/technical issues with AI

Ok but the radio station change might cause my car to spontaneously combust so I should make a new car from scratch with my car factory just in case, that way I’ll still have a car.

Never change, NixOS

Nah NixOS is a picture of a factory automatically making cars

Not sure about link click but To Be Hero X was co-produced between a Japanese anime studio (I forget which one) and Bilibili. The source material is game franchise, so the line is definitely blurry there. But since Cyberpunk Edgerunners generally counts as anime despite being published by an American company and based on a Polish game, I’d say these can fall under the umbrella also.

To be hero X is another really good Chinese one

Presumably just for transparency in case humans down the line went looking through closed PRs and missed the fact that it’s AI.

Worth noting that Linux Mint Debian Edition exists and is based directly on Debian instead of Ubuntu. They starting publishing it specifically because the Linux Mint team doesn’t like the direction Ubuntu is heading in with snaps. Not sure how good it is as I haven’t tried it in a while (and don’t really use regular mint either).

Honestly I’d consider using this in combination with NixOS just for the flatpak support

Fair enough. For me it gets most of the popup and in-page ads that would display on top of articles. I don’t think it gets past paywalls but honestly I try not to read from paywalled sites anyway. Improving it to be more advanced would be nice though since I think right now it’s just a simple toggle in settings.

Xlibre is backed for the most part by the singular maintainer that was still willing to work on X11 who got kicked out for being too toxic and breaking existing code. For what it’s worth, it also explicitly used MAGA language in its README for a while.

Phoenix is intended to allow for support of legacy software/DEs and provide a more modern/maintainable version of X11. It isn’t trying to compete with Wayland, it’s trying to live alongside it for environments that won’t or can’t move to Wayland. It also technically won’t be a complete X11 implementation, as it’s ignoring older portions of the protocol.

Neither option addresses the elephant in the room: The X11 protocol is still fundamentally broken in a lot of aspects. Multi-monitor support, especially when monitors aren’t the same resolution, refresh rate, or physical size, is broken at a fundamental level. It will never work even as well as Windows, which is already an incredibly low bar to clear.

Wayland is slow moving, sure, but it is a much more stable base to work with than Xorg ever was. From a security, modularity, and extensibility standpoint, Wayland is a lot better. There is a reason most of the Xorg team developed a completely new protocol instead of just reimplementing X11 themselves.