[-] Kalcifer@lemm.ee 10 points 10 months ago

Maybe something like taskrabbit? Could pay them to pick it up, then send it through a courier.

[-] Kalcifer@lemm.ee 9 points 1 year ago

After some testing, It might be that the parent commenter just deleted their comment which nuked all the child comments. I can't rememeber if this is what Reddit does. I think it just sais "Deleted by creator", but keeps the children. Could certainly be wrong, though.

[-] Kalcifer@lemm.ee 7 points 1 year ago* (last edited 1 year ago)

Yup it appears that our entire comment chain got nuked. So it is now confirmed that if you delete the parent, then all children get removed as well.


For any reading this message, the context is that we tested it by me replying to OP's previous comment, then OP responding to me, then I deleted my comment to see if their comment also got deleted.

[-] Kalcifer@lemm.ee 10 points 1 year ago* (last edited 1 year ago)

What issue are you looking to solve? You state that you believe people are able to seek out, and attain their education independently through resources like the internet. So why would it matter if there are alternatives that cost money which one can pay, and receive loans for?

[-] Kalcifer@lemm.ee 11 points 1 year ago* (last edited 1 year ago)

What is this post signature [...] Also, what is the purpose?

I'm testing out some ideas that I've had for my posts -- the signature and the edit history. They are a result of the current status of the following two issues on GitHub:

Recently (as of 2023-10-02T03:28Z), one of the maintainers/developers for Lemmy closed those two issues with either little, or no rationale. I personally think that they are good features. Since it appears that those features are not going to be seamlessly added to Lemmy, I'm trying to see if it is practical to manually add them to posts.

Regarding the edit history: The purpose of an edit history is to solve the issue of people not knowing what changed in a post when it was edited. The main issue with a user-created, and maintained edit history, however, is its inherent the lack of trust. Its existence increases transparency, but you still have to trust that the user hasn't lied about what is in the diff. The implementation would be to have the server generate it, but, unfortunately, the dev has removed that possibility for the time being.

Regarding the signature: The purpose of the signature was a means to ensure censorship resilience from the admins of an instance. As it currently stands, any admin can freely edit the content of a user's posts, or comments with no one being the wiser. A signature would provide a sort of check against this. If a user signs a post with their own private key, then, by verifying the post's signature with the user's public key, one can be certain that that user was the one that wrote it, and not a server admin, or any other external entity. But, again, this feature has been blocked on GitHub.

The long, and short of it is this is me trying to protest what I think are silly decisions made by the devs of Lemmy.

how does one use it and create one for their own post?

The way that I am currently doing it is I take the raw content of the post, or comment (the body, and it's formatting, including the edits, if they exist, and excluding the signature code block), generate a SHA-256 hash of it, and sign the hash using RSA-2048. For example to sign one's post's content, the following could be done:

  1. Put the raw post content into a file, post-content.txt.
  2. Generate an RSA-2048 private key, and output it to a file, private-key.pem:
openssl genrsa -out private-key.pem 2048
  1. Generate the public key, and put it in a file, public-key.pem:
openssl rsa -in private-key.pem -pubout public-key.pem
  1. Hash, and sign the content of the post, then output the signature to a file, post-content.sig:
openssl dgst -sha256 -sign private-key.pem -out  post-content.sig post.txt
  1. To then be able to paste the signature as text, it must be base64-encoded:
openssl base64 -in post-content.sig -out post-content.sig.b64

If you would like to verify your signature, you could then do:

openssl dgst -sha256 -verify public-key.pem -signature post-content.sig post.txt

If the signature is correct, then it will return Verified OK

There likely exists other, simpler methods of going about this, but this method is functional.

content-signature:CEsuKEwcmfYh/3/04OTscm9G/+JNkIoAELQBxqJYe67O6qCbZZ7IuzFjes4yVVW+ntE6807wy0lmt7TU8obFLHGbVrrb+J8M+Qo/qviftMNKAux+7ASWz/z87UOGieOPRlV6PbWzpMBHdF2A5LFLdpS68adQrLNOjb5JalWRYa2vN4L6BO88doirJmHtQ8TQ4mvaNKYe0BD7BdXQkc9pzivKWVmSdZA7avb8QJLDdukgJCRHgjQXKaLnEZHfmSxfG4mUDcK0bw35GmqYLsVlN0nwj1Xdd1A0bl3sgTgCbpkpb9kdQv4L2HINJ1vCy472qG+cnor4Lt6NpdKIhUR35Q==
[-] Kalcifer@lemm.ee 8 points 1 year ago

Would you mind defining "we don't really know how it works"?

[-] Kalcifer@lemm.ee 10 points 1 year ago

I have found that instances that do seem to modify the source code just use the existing "Code" link and simply point it to their own repo instead.

[-] Kalcifer@lemm.ee 7 points 1 year ago

How was it handled on Reddit? Did the moderators have to handle it there as well, or did Reddit filter it out beforehand?

[-] Kalcifer@lemm.ee 10 points 1 year ago* (last edited 1 year ago)

I would say that a big part of the issue is the difficulty in transferring one's account. Ignoring the fact that one simply can't transfer their posts, trying to manually copy all previously subscribed communities to a new account is a rather tedious task. I am aware that there exists scripts that can automate that process, but I don't think that it's fair to expect that the userbase should run 3rd party scripts. Until account transfer is properly implemented, defederation will continue to be a major issue.

[-] Kalcifer@lemm.ee 8 points 1 year ago* (last edited 1 year ago)

You claim that you believe that there is a problem with elected officials being incompetent, and yet you then contradict yourself by stating that you are part of the problem:

personally I prefer someone with memory issues but is representing what I vote for than someone who is perfectly neurotypical but contradicts my beliefs.

You are correct that the voters have the power to change their representatives if they are found to be incompetent, so use it. Don't fall victim to the ostrich effect.

[-] Kalcifer@lemm.ee 10 points 1 year ago* (last edited 1 year ago)

I'm still not entirely sure what problem Sup is trying to solve. Matrix already exists. Matrix supports E2EE through the signal protocol, as well as native federation, and it bridges to almost any existing chat service. Matrix is inherently less secure, overall, than Signal, but I don't see how Sup would fix this either -- for that I'll have to wait and see. As for using one's fedi account to sign-in, that's mostly just up to supporting OAuth, and not some feature that would be unique to the app.

[-] Kalcifer@lemm.ee 8 points 1 year ago

Are the lemm.ee servers not located in a region that protects online forums from the content that its users post?

50
submitted 1 year ago by Kalcifer@lemm.ee to c/opensource@lemmy.ml
69
submitted 1 year ago by Kalcifer@lemm.ee to c/opensource@lemmy.ml
view more: ‹ prev next ›

Kalcifer

joined 1 year ago