For any social network, not just a federated one.

My thoughts: The way it works in big tech social networks is like this:

1. **The organic methods: **

• your followee shares something from a poster you don't follow
• someone you don't follow comments on a post from someone you follow
• you join a group or community and find others you currently don't follow

2. The recommendation engine methods: content you do not follow shows up, and you are likely to engage in it based on statistical models. Big tech is pushing this more and more.
3. Search: you specifically attempt to find what you're looking for through some search capability. Big tech is pushing against this more and more.

In my opinion, the fediverse covers #1 well already. But #1 has a bubble effect. Your followees are less likely to share something very drastically different from what you already have.

The fediverse is principally opposed to #2, at least the way it is done in big tech. But maybe some variation of it could be done well.

#3 is a big weakness for fediverse. But I am curious how it would ideally manifest. Would it be full text search? Semantic search? Or something with more machine learning?

What are your predictions for his Trump's presidency will go?

Overall, I believe we will see a continuation of the trends from 2017-2020, but an increase or intensification of said trends due to Trump's experience in presidency and increased confident position.

• increased deregulation and cutting funding to regulatory bodies across the board
• federal workforce reduction
• immigration workforce reduction, reviving the spike in the backlog of pending immigration cases
• dramatic increase in tariffs. This has many implications, most importantly negative impact on domestic consumers, increase in consumer prices, but also economic war with certain players like China, and causing economic suffering to certain partners such as Mexico.
• Ukraine: this one is hard to predict, as trump is unpredictable on those. There's a good chance trump will push zelensky towards accepting a peace deal with Russia, but equally likely that he will up US' involvement in Ukraine (contrary to what Trump claims)
• Israel / Palestine: Biden admin was the first to show the kind of hesitant rhetoric we see today towards supporting Israel. Trump will reverse this trend, and we will go back to standard neocon Israel supporting. He will likely push for Israel to take over the west bank as a convoluted effort for "peace".
• interest rates: I am less certain of this, but there's a decent chance that trump pushes interest rates lower to catalyze short term economic growth
• job market: if interest rates drop, we will see a short term rally for the job market, especially in big tech. Long term ramifications are tough to predict
• border security: my unpopular / controversial opinion is that trump and biden admins are very similar on this. Although public sentiment about the border issues will likely shift, I do not expect a significant material change or major departure from biden policy.
• Healthcare: Trump didn't make any big moves in 2017-2020. I cannot forecast anything here.
• Abortion issues: with Republicans likely securing Congress, a federal abortion regulation is possible but not certain. Support for some type of regulation is near unanimous among Republicans, but some oppose the degree. Trump himself has flip flopped on whether a federal ban is necessary. I expect that there will be some regulation, albeit limited.

What are your predictions and thoughts?

Hi programmers,

I work from two computers: a desktop and laptop. I often interrupt my work on one computer and continue on the other, where I don't have access to uncommitted progress on the first computer. Frustrating!

Potential solution: using git to auto save progress.

I'm posting this to get feedback. Maybe I'm missing something and this is over complicated?

Here is how it could work:

Creating and managing the separate branch

Alias git commands (such as git checkout), such that I am always on a branch called "[branch]-autosave" where [branch] is the branch I intend to be on, and the autosave branch always branches from it. If the branch doesn't exist, it is always created.

handling commits

Whenever I commit, the auto save branch would be squashed and merged with the underlying branch.

autosave functionality

I use neovim as my editor, but this could work for other editors.

I will write an editor hook that will always pull the latest from the autosave branch before opening a file.

Another hook will always commit and push to origin upon the file being saved from the editor.

This way, when I get on any of my devices, it will sync the changes pushed from the other device automatically.

Please share your thoughts.

I am sure it was discussed here before, but I can't find a good way to search this community.

Are there any arguments against having a user's identity federate, and be compatible across platforms?

For example, let us say I sign up with my instance, matcha_addict@lemy.lol

But what if I go on mastodon, and I want to have my own micro blog. Or maybe go to write freely and post some blog posts. I'd have to make a different account on each one.

What if mastodon or write freely could just let me log in with my lemmy account (or lets call it federated account). This has several benefits:

• users don't have to scratch their head on if I am the same person or not across these platforms
• theoretically, someone following my feed can get updates on what I do on multiple platforms

Now I understand this would be difficult to implement and iron out all the edge cases, but am I missing anything on why it wouldn't be a desirable feature, given it is implemented?

From a practical sense, ActivityPub may be the obvious choice as it gives easier interop with the largest federated platforms.

But what else? There are existing platforms built on these protocols, such as movim for xmpp, and another for matrix I forget.

From a technical standpoint, are there any major pros and cons?

I heard often about activityPub being challenging to implement.

Now I know part of this is because, if you are building on activityPub, you want interop with existing platforms such as mastodon, and they do their own thing.

But ignoring that aspect, what is so hard about activityPub? What could have been done better?

I am a software developer, so feel free to use software dev concepts and terms when explaining. Thanks!

Lemmy developers have said there are no near plans for allowing users to follow mastodon or other activityPub networks, so I'm considering another platform that can do this.

It looks like mbin, Piefed and FediLab have the ability to do this. Has anyone tried them and have a comparison?

I also heard it may be possible to do from just mastodon-like platforms. Anyone tried this?

I know they're quite different technically. But practically, what does ActivityPub unlock that was not previously possible with RSS and basic web tech stack?

I think I have an idea of the answer. RSS may provide a way for users to "subscribe" to content from a feed, equivalent of following and putting it in a unified feed.

But it does not have a way for users to interact with the poster, like comments or likes. This may be possible with a basic web stack though, but either users will have to make accounts on every person's site, or the site has to accept no user auth. (but this could be resolved with a identity provider standard, like disqus does)

I suppose another thing activityPub does is distribute content to multiple servers. Not sure if this is really desirable though?

Anyways, did I miss anything?

I recently learned about nsjail, a utility to sandbox applications or provide workload isolation.

It seems to be lighter weight than firejail and possibly better suited for server applications.

Has anyone used this? What's your experience with it? I'm curious about using it for my web server applications as an additional layer of Dr hotty.

Is there any fediverse client out there (mobile or pc or web) that has support for multiple types of content, rather than just for one?

Most apps I find are only mastodon-like (including pleroma etc.), or only lemmy-like, or only peertube-like. One of the main benefits of the fediverse is that I could theoretically access all of those from one platform. But the clients I saw don't seem to support it too well.

Is there any fediverse client out there (mobile or pc or web) that has support for multiple types of content, rather than just for one?

Most apps I find are only mastodon-like (including pleroma etc.), or only lemmy-like, or only peertube-like. One of the main benefits of the fediverse is that I could theoretically access all of those from one platform. But the clients I saw don't seem to support it too well.

Hi all,

I found a hobby in trying to secure my Linux server, maybe even beyond reasonable means.

Currently, my system is heavily locked down with user permissions. Every file has a group owner, and every server application has its own user. Each user will only have access to files it is explicitly added to.

My server is only accessible from LAN or VPN (though I've been interested in hosting publicly accessible stuff). I have TLS certs for most everything they can use it (albeit they're self signed certs, which some people don't like), and ssh is only via ssh keys that are passphrase protected.

What are some suggestions for things I can do to further improve my security? It doesn't have to be super useful, as this is also fun for me.

Some things in mind:

• 2 factor auth for SSH (and maybe all shell sessions if I can)
• look into firejail, nsjail, etc.
• look into access control lists
• network namespace and vlan to prevent server applications from accessing the internal network when they don't need to
• considering containerization, but so far, I find it not worth foregoing the benefits I get of a single package manager for the entire server

Other questions:

• Is there a way for me to be "notified" if shell access of any form is gained by someone? Or somehow block all shell access that is not 2FA'd?
• my system currently secures files on the device. But all applications can see all process PIDs. Do I need to protect against this?

threat model

• attacker gains shell access
• attacker influences server application to perform unauthorized actions
• not in my threat model: physical access