![](https://lemmy.world/pictrs/image/92efb986-f47b-4c53-8690-0647886e93ac.jpeg)
![](https://lemmy.world/pictrs/image/94450a36-7ffd-4f86-826b-ca02e9abb3eb.png)
That is the best part; such confident incompetence coming back to bite them in the ass.
That is the best part; such confident incompetence coming back to bite them in the ass.
When a vulnerability at this level happens and a patch is created, visibility is exactly what you need.
It is the reason CVE sites exist and why so many organizations have their own (e.g. Atlassian, SalesForce/Tableau )
It is also why those CVE will be on the front page of sites like https://news.ycombinator.com to ensure folks are aware and taking precautions.
Organizations that do not report or highlight such critical vulnerabilities are only hurting their users.
If you go to your profile, there is a setting to turn it private; after that you should have an option on your posts to keep them private or public
I wish there was a simpler way to keep PixelFed private; I get that there is a lot of focus on the fediverse, but this can also serve as a private image/video sharing platform for close friends and family.
Being public by default creates a blocker for the average person joining it.
Sounds like you’re really missing the threads experience; why aren’t you there and posting 250 characters at a time?
It would not be that simple, considering they’d be running multiple instances and require more effort to aggregate, deduplicate, and stage that data - vs just having a single clean database for it
It does actually matter, because that is what is happening.
Head over to the gaming@beehaw.org link that you shared as an example and notice that the posts are 3+ days old and all the recent posts are from instances other than beehaw; this clearly shows that Lemmy.world has not been receiving any data from beehaw for some time already.
As for hurting Lemmy and driving people to threads, is a baseless argument; anyone wanting an experience that Threads offers is not coming to Lemmy; they would either already be there or would be coming from Twitter/Mastadon. Lemmy at its core is very far from what Threads/Twitter/Mastadon try to be.
So many folks on here are jumping on and claiming that decentralization is a one way or that people don’t know anything, but have failed to read the specifications themselves.
https://www.w3.org/TR/activitypub/#block-activity-outbox
Servers SHOULD NOT deliver Block Activities to their object.
https://docs.joinmastodon.org/spec/activitypub/
ActivityPub defines the Block activity for client-to-server (C2S) use-cases, but not for server-to-server (S2S) – it recommends that servers SHOULD NOT deliver Block activities to their object.
So as I mentioned before, Lemmy.world should be blocking those servers at the instance level, preventing it from sharing any data to any identified Facebook instances.
Sure this doesn’t stop Facebook from spinning up other instances, but that will improve a lot more effort on their side and will quickly be identified and blocked by the communities, just like all their urls for ads, api, etc. have been for years.
Anyone can do anything; the point is handing it over automatically and neatly into a database and ready for use.
Because we, the users of Lemmy.world, do not want our data handed over to Facebook
Never understood homes that pave/block out all the greenery; makes the home depressing af all for saving some 30min of upkeep per week.
Can anyone share what bucket permissions they used for pict-rs? I am using minio and used the below policy for an access key, but am still getting unauthorized responses
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": [
"*"
]
},
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::pict-rs"
]
},
{
"Effect": "Allow",
"Principal": {
"AWS": [
"*"
]
},
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::pict-rs/*"
]
}
]
}
Anyone know if the new Guardians of the Galaxy is available in non-cam yet?
What kind of patch cables are you using here?