Developer fighting 502s from Lemmys Servers.
Just scrolled past this on All.
Americans should be contained be the SCP.
Sure, 90% of you guys over there are racists and have a huge racism problem but don’t go apply your racist shit to everyone internationally.
I’ll continue having Xi an Pooh synonymous because I’m not racist and can actually do things in life without trying to make it about ““race””.
P.S. God, where did Americans even get the idea that Asians look yellow?? Most of my family is Asian and is black. I know Asians who are paler than me (German).
It’s like I’d color my face blue and someone calls me a racist, discriminating penguins.
deleted by creator
deleted by creator
Good idea! I’ll incorporate something like this in my own Lemmy App.
I’m actually trying to solve this issue on my own Lemmy app. It automatically switches instances when the requested one is down. Works only in the Feed right now and, of course, accounts are still instance-bound - but I will fix that soon.
Off-topic question, but where can you see the stats?
Wow that’s really interesting.
I always wonder when people say something like this. I also develop a Lemmy app myself and don’t understand this point, like are you afraid people will complain about your code cleanliness or commenting techniques?
I mean what extra work is there really? Moving secrets to environment variables is annoying, I get that at least.
I mean no offense to you at all, really, but when I check out other Lemmy apps I don’t even bother with closed source ones since I can’t possibly know if you just steal login information. Especially since this is so immensely easy with Lemmy.
Again, I’m not saying you do these things but it’s always better being able to check yourself, you know?
Which App are you using?
Good idea. I’ll put that on the roadmap for my Lemmy app.
No. The ads from brave itself are only on new tabs and notifications.
Ah, sorry if I’m being unclear.
I was thinking of combining the user’s original password with a random 32 Character string and hash that combination. So basically salting the User’s password with random strings. That should work out to multiple passwords I can use.
Thinking of it bcrypt does exactly this, so just running bcrypt a couple of times should be sufficient, no?
Security wise if there was a breach, an attacker would still only have a couple of hashes, none of which are the original password and they can’t dictionary attack due to bcrypt.
Also, if an instance was hacked, the worst case would be that the attacker gains access to the hash (if the instance stored passwords in plain text and didn’t also hash them themselves).
I’m really tired right now so maybe none if this makes any sense, but I think it does lol.
Very good point! I think @TheButtonJustSpins@infosec.pub has a good idea on how to circumvent that.
I could make my own database with hashed passwords using postgreqsl and RLS, which is pretty secure. The User then decrypts the hashed passwords once on login and is simultaneously logged into multiple instances of Lemmy to get the JWT of each instance, which is then stored in SessionStorage or even in a Cookie if the User wants to which would make this a one-time process.
On signup the User could just register to one instance and then I just generate random 32 Character passwords and hash them with the Users’ password, then get the JWTs and if cookies are enabled the that would only have to be done every year or so (or when the User deletes the Cookies).
This whole process is seems pretty easy, especially if you’ve done something like this before and I’m betting some other App Dev is already taking notes lmao.
Edit: Let’s also do a thought experiment on what data will be leaked if I did this 1:1 and the database gets somehow hacked:
For each User:
I’m making an App for Lemmy and I’m planning on adding that feature. I also want to make it so you only have to register once and the App can register you to all the instances you choose automatically.
Edit: The Webapp is Nemmy, also the Community !nemmy@lemmy.world
Edit2: Please note that Nemmy is early Alpha, so not really useable as a daily driver yet.
Edit3: Changed Community link to proper format
You can actually fast travel directly to cities, even when you’re in a different system.