Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
Uncategorized
22
Posts
19
Posters
0
Views
-
@Jade @vkc you may be able to connect with them over the bridge, if they allow it https://fed.brid.gy
@Laukidh@infosec.exchange @vkc@linuxmom.net I tried but no-one loves the bot that bridged you to other platforms
-
@vkc Wait, the people you block, on your account, are public to anyone? That... Is the weirdest technological decision I have ever heard of. I wonder why they would do that? Transparency? Idk...
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc a similar thing is true for Mastodon. the UI doesn't show it, but your server will send the other server a note saying that you blocked that user.
since you run your own server, you can get a list of who blocked you with a query like
SELECT accounts.username, accounts.domain
FROM blocks
JOIN accounts ON blocks.account_id = accounts.id
WHERE
target_account_id = (
SELECT id
FROM accounts
WHERE
username = 'vkc'
AND private_key IS NOT NULL
LIMIT 1
);this is documented, and while the official UI doesn't show it, a malicious actor could easily build tooling on their own server.
don't ask me why, I don't know either. while there probably are ui-niceties around it (mainly that the other node can make sure they don't show the user you've blocked your content), this... isn't great.
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc But this is a good feature, because it encourages engagement, which increases time on platform, which boosts revenue /s
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc Bluesky is running mass harassment campaigns on any excuse they can twist to push trans and intersex people off the platform. They’re just the new X for the day when Musk finally overdoses.
-
@Laukidh@infosec.exchange @vkc@linuxmom.net I tried but no-one loves the bot that bridged you to other platforms
-
@vkc a similar thing is true for Mastodon. the UI doesn't show it, but your server will send the other server a note saying that you blocked that user.
since you run your own server, you can get a list of who blocked you with a query like
SELECT accounts.username, accounts.domain
FROM blocks
JOIN accounts ON blocks.account_id = accounts.id
WHERE
target_account_id = (
SELECT id
FROM accounts
WHERE
username = 'vkc'
AND private_key IS NOT NULL
LIMIT 1
);this is documented, and while the official UI doesn't show it, a malicious actor could easily build tooling on their own server.
don't ask me why, I don't know either. while there probably are ui-niceties around it (mainly that the other node can make sure they don't show the user you've blocked your content), this... isn't great.
-
@vkc Wait, the people you block, on your account, are public to anyone? That... Is the weirdest technological decision I have ever heard of. I wonder why they would do that? Transparency? Idk...
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc This is straight up terrifying!
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc There is so much toxic crap, worldwide. I'm sorry you had to deal with any of it.
Against them. For You.
Tim -
@vkc a similar thing is true for Mastodon. the UI doesn't show it, but your server will send the other server a note saying that you blocked that user.
since you run your own server, you can get a list of who blocked you with a query like
SELECT accounts.username, accounts.domain
FROM blocks
JOIN accounts ON blocks.account_id = accounts.id
WHERE
target_account_id = (
SELECT id
FROM accounts
WHERE
username = 'vkc'
AND private_key IS NOT NULL
LIMIT 1
);this is documented, and while the official UI doesn't show it, a malicious actor could easily build tooling on their own server.
don't ask me why, I don't know either. while there probably are ui-niceties around it (mainly that the other node can make sure they don't show the user you've blocked your content), this... isn't great.
@denschub @vkc Yep, DMs or "Private mentions" on Mastodon can be exploited using a similar vector. The client can say this message should be readable only to this/these users, but you can write a client which doesn't respect the protocol and view them anyway. It's a strong argument for why DMs should probably not exist on decentralized platforms that do not or cannot use E2EE.
-
@Ember @vkc Sorry, but this has a bit of a "if you block someone and get harassed for it, it's your fault because you're on a node that's not doing a good job" vibes to me. I'd be a lot happier if we didn't provide potential footguns to people.
Also, I'm not even sure your argument works. If I'd be an instance admin wanting to do a decent job, I wouldn't even know how to protect my users. mastodon.social only has one instance blocked for blockbots according to their list, so that's not a good starting point. A lot of "decent instances" don't publicly explain why they block other instances, or don't show that info at all. If I, for example, would trust your decisions fully, I couldn't even follow your lead because you don't make server blocks publicly available. Same with Hachyderm. That also means a user couldn't evaluate block decisions before joining a server to make sure they're on a node that is "decent". In the end, it's all just vibes based, and that puts a lot of people at risk without them even knowing.
There's a ton of instances that are run by really awesome people, but they don't have the bandwidth to stay on top of the latest malicious instances all the time. And those are commonly also the kind of instances that host a lot of non-tech users, which makes this even riskier.
I get it, it's a hard problem to solve, but this is one of those many things where Mastodon puts users at risk without even telling them or allowing them to make a decision on their own. I don't like that. And if we rightfully throw shit at Bluesky, we should also at least acknowledge the limitations in our own courts.
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc alternatively, if you're going to BlueSky please block me. I don't want to know anyone that supports that platform.
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc
If you're gonna use Bluesky, don't. :) -
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
@vkc Could someone enlighten me on why this is bad or otherwise harmful?
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
Well done you.
I am not tech savvy enough to know why something is bad UNTIL it bites me on the ass.I know what I don't want. Anyone being harassed (you are legally required to kick Nazis in the balls - if they have any) in the future.
I do not want ads (craft items by individuals I like) but am [lobster weeps] not able to purchase presently.
I will not be going back on WAFRN developers/main forum until I am comfortable with its policy towards Bluesky. I only joined a few days ago. So no great loss. Though I really appreciated its early day capabilities. Ah Well ...
-
undefined _elena@mastodon.social shared this topic
-
RE: https://mastodon.social/@_elena/115909375706083994
Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.
I would block a baddie, and because that crap is PUBLIC on Bluesky (?!?), that basically creates a "hate list" that's easily exploitable. And of course folks were exploiting it!
If you're going to use Bluesky, strongly recommend not blocking folks unless they're specifically harassing you. And don't block big accounts, that crap can come back to haunt you.
I went the other way, and deleted my account.
Well done!
-
undefined oblomov@sociale.network shared this topic
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@boarim
OpenBSD is made by a far far smaller team of developer. Entering this team by far more demanding. This positively shows in the quality of the release. Yet we must acknowledge that Debian distributues a lot more packages. I won't be surprised discovering the ratio is 2 orders of magnitude
@OpenBSDAms
-
-
Tempesta. Confermata la fase di forte maltempo sulle due isole maggiori e sulla Calabria. Si tratterà, senza giri di parole o iperboli, di una vera e propria tempesta che raggiungerà il propizio apice tra domani (lunedì) e martedì. Prestare la massima attenzione…1/6
-
@ambientalismi pacifisti si astengono o votano inutile e dannoso santoro e fasci vanno al governo facendo cose fasce
-
-
Fantastic. Congratulations on the move!
-
Please do note that not only video streaming uses Widevine DRM, but audio / music streaming tends to use it too.
I personally greatly prefer media without DRM. Eg, I tend to get my music albums from Bandcamp - especially on their Friday specials where 100% goes to the artist.
-
#OpenBSD gains (open) Widevine DRM support on Chromium. This will fix compatibility with a large number of streaming services.
Please do note that Widevine has three security levels. Platforms can dictate what level they require. For instance, Netflix only allows SD (480p) playback at L3 and limits 4K to L1.
L1 requires secure boot, a signed and approved kernel, etc. This is not going to happen. Not on the BSDs, not on Linux.
Have yet to experiment with it - I presume it will default to L2. That is 720p playback on Netflix, if I am not mistaken.
