Lemmy version 1.1.0 will include the ability for mods to remove votes. Hopefully also logged to the modlog, because we know some mods will use it for some other purpose.

https://github.com/LemmyNet/lemmy/issues/5569

Some instances enable the image proxy, which should prevent this.

@TomMonkeyMan@chinese.lol @yassinsiouda@lemmy.doesnotexist.club

Voting here doesn’t influence your feed

It does when you use sorting algorithms that depend on it.

it might just default to saying ‘closed’ if it doesn’t have the data.

Nope. Fediseer displays unknown fields as N/A.

The admins can reasonably be blamed for setting up instances with open registrations and no protections and then forgetting about them

No, I don’t think they forgot. Would you forget about something you regularly pay for?

Well yeah, there is no concrete evidence that it is the admin (or the admins). But the hints I found seem to be pointing that they are the one behind this. Of course there is a possibility that it is someone else, but it baffles me why anyone would leave the registrations open for 2 years, keep the instance running, but never interact with the fediverse through it themselves. And this isn’t exactly like kbin.social, the admin eventually did respond and close down the instance (not to mention, the admin was still communicating with the people). This instance and its bots have been going on for over 2 years, with not even a single sign of activity from the admin(s).

Nevertheless, defederation is the right thing to do right now. Unless concrete evidence is found, we could put this aside.

The bots are from those two instances as you can see in the screenshot. Furthermore, lemmy.doesnotexist.club has had dozens of bots since at least 2023 (2 years after domain creation. found via the web archive). Since at least 2023, the admin hasn’t been doing anything, or even interacting with anyone. That account seems pretty much dead. But they keep hosting the instance for some reason. It is also a possibility that someone else indeed is using these two instances because they are “abandoned”, but it is highly likely that it is the admin. It is very suspicious that the registrations have been open unguarded against bots since at least 2023. These two instances have been invaded with bots long ago, so defederation is still the right thing to do.

I also don’t want to jump to conclusions, but I think the chances are pretty high that it indeed is the admin. It might lead us to whoever is behind the recent nicole spam.

Upon inspecting the actual websites, the registrations seem to be actually open for both instances with no email confirmation, captcha or manual approval as one user pointed out. I checked the Fediseer page for these instances. What is the update delay for Fediseer?

Wdym. Do you mean how I found out that the attacker was the admin? Yeah sure, you definitely can automate that.

This is kind of like blaming the founder of knives because criminals use them to murder people.

It’s dumb.

My mom laughs at AI slop

Tesseract.

The whole linking to other instances and services like lemsha.re or lemmyverse.link within Lemmy should become obsolete in the next release of Lemmy. It will include rewriting remote instance URLs to the local instance equivalent.

KDE Connect is good.

The graphics are much better tbh

Locking for rule 5.

Related: OAuth for third party websites is being discussed here https://github.com/LemmyNet/lemmy/issues/1368

Flatpak with more improvements to size and sandboxing could be accepted as the standard packaging format in a few years. I think sandboxing is a very important factor as Linux distros become more popular.

I still don’t see the repo containing the actual backend code.