Thanks!

So after I save and close a group… where do I find it?

Cheers for that. Many of these issues allow an authenticated user to do admin actions if they do the right things, so it seems you should never allow a user that you don’t fully trust to have an account.

But outside of this, there isn’t anything in there that on its own worries me given the nature of the platform (that is, that if it all burnt down I could retrieve all data from other sources). I’m no expert but a cursory look shows a bunch of potential issues that may be layered with other issues but no clear attack path except with prior knowledge.

These should obviously be fixed but there’s nothing that makes me want to rip my server off the open internet in a hurry.

What kids of things?

I’ve never worried that much because it’s not critical data and it’s containerised in Docker, but I am curious about specifics because large numbers of people expose it to the internet (through reverse proxies).

Isn’t there an assumption it would be behind a reverse proxy… At least I hope that’s the assumption.

I just really want to see where the numbers come from.

You know people self hosting email, I know people self hosting email. But that is certainly not the case for the vast, vast majority of individuals. For businesses, I have seen Exchange take over what used to be smaller hosts, and Google has broken into the small/medium business world as well. I have searched and searched and found nothing, but I don’t see why it should be so hard to do. Obtain a list of email addresses from some data breach (I dunno how but I’m sure security researchers do it all the time) then check their DNS to see what proportion point at big tech. My gut feel is that it’s a large proportion, but maybe that’s just the corner I work in.

email can be run using hundreds of servers on dozens of platforms even from your own house and interact with the email network.

It’s nice that it can, but the point of this list is is that what actually happens for the majority of people?

And from my experience, the answer is no, the vast majority of people use Microsoft or Google.

This claim is “Top Provider User Share: Google ≈ 17% → Score: 27/30”

Where does this number come from? Gmail alone claims 1.5 billion active users. Outlook.com has 500 million. But then you have to start adding up all the email users worldwide that are using services hosted by Microsoft (all the Exchange business customers), and the google customers as well (that may or may not be included in the Gmail figures). Then there are all the ISP email addresses that use these services as the provider.

I find it hard to believe that email is as decentralised as claimed here, and I’m really keen to see more data on how it was calculated.

The reason I find it so hard to believe is that when Microsoft fucks up (and given time they always do), a significant portion of the business customers I deal with get affected.

What surprises me is that they count using an email service as self-hosting. With that logic wouldn’t bluesky get a high score because people can bring their own domain easily?

Ah I guess it’s that it shows what they want then they have to install the app to buy it?

Maybe this article is intended for advertisers to convince them of the value.

Isn’t the idea that if you advertise you will get more people looking at/downloading your app and therefore rank higher?

It doesn’t make it not paid product placement, but I don’t think it implies that people are buying spots on the ranking.

It does imply the rank is almost useless because most high rankers are just spending a lot on ads.

There’s also Lemmy Instance Assistant. It has multiple features but my most used is that if you end up on another instance it adds a link to take you to that same post/community on your home instance.

It hasn’t been updated in quite some time but the dev was active on Lemmy not too long ago and it continues to work fine for me.

There’s a community here, links in the side bar: https://lemmy.ca/c/instance_assistant

I do a lot of browsing on desktop, especially when comments need a lot of research. I use mobile a lot as well.

Yeah, they do ship to Oz. But you can’t pay with an NZ card so you’ve gotta do a whole thing where you send money internationally to a friend then they pay and order and receive it then ship it to you. It seems like a big ask for contacting a distant relative out of the blue and asking them to do that.

Same here! I have one but can’t get components any more because they locked down freight forwarding 🙁

Lemmy supports this. There are lots of ways to access Lemmy, and the default Lemmy website is probably the one that hides this feature the most.

Go to the search page (for you this would be https://lemm.ee/search) and there is a community list. Select the community you want to search within. Then enter your search term.

Eh I don’t even need to think about this anymore. I have a cron job that backs up every March 31st.

No, they removed that clause some 2 or 3 years back.

I use Borgmatic for my scheduled backups, and sync to Backblaze B2 with Rclone. Works great!

My data doesn’t compress as well as yours though.

Holy hell, Napster is a (legal) subscription music streaming service! Crazy times we live in.