By the time you've used Lemmy you have already forfeited your expectations of no-bullshittery :chuckling_okuu:
RE: https://brain.d.on-t.work/notes/9oqwe2uljg3z0785
Conversation
Notices
-
:mima_rule: Mima-sama (mima@makai.chaotic.ninja)'s status on Sunday, 21-Jan-2024 19:09:03 JST 
:mima_rule: Mima-sama
-
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:09:55 JST 
Machismo
@mima What's wrong with lemmy? -
:mima_rule: Mima-sama (mima@makai.chaotic.ninja)'s status on Sunday, 21-Jan-2024 19:15:43 JST
:mima_rule: Mima-sama
@Zerglingman@freespeechextremist.com First of all it requires JavaScript. Might be fine for SNS but for forums this is just plain bullshit
The developers are relative beginners pretending to be experienced and it shows in the recent XSS exploit in their Markdown parser
The developers are also full-on tankies, the literal reason they created Lemmy is because of a grudge they have against anarchist Raddle, not out of benevolence
The whole project is a psyop, an entryist attempt by tankies to spread tankie, insecure, and privacy-breaking bullshit to the fediverseMachismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:20:36 JST
Machismo
@mima >First of all it requires JavaScript.
Skill issue. http://precious.harpy.faith/Zergling_man/clemmy/ (Also lemmyBB if you care to patch it up, which shouldn't be too hard; I ought to do it at some point soon.)
>Might be fine for SNS
Skill issue. I haven't written a client for pleroma yet though.
>The developers are relative beginners pretending to be experienced
Many such cases. They didn't believe me when I told them that they were setting the tooltip on fedilink icons incorrectly (using <title> tag) which was breaking the page title, visible on lynx. So I proved it with curl and then they believed me.
>recent XSS exploit in their Markdown parser
See above
>The developers are also full-on tankies, the literal reason they created Lemmy is because of a grudge they have against anarchist Raddle, not out of benevolence
Irrelevant. The thing works.
>The whole project is a psyop
[citation needed]
>an entryist attempt by tankies to spread tankie
[citation needed]
>insecure
[citation needed]
>and privacy-breaking bullshit to the fediverse
[citation needed] -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:37:56 JST 
laurel
@Zerglingman @mima
it's written in R*st.Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:39:01 JST
Machismo
@laurel @mima Mostly irrelevant, since it's not PHP.
Rust doesn't tend to cause that many issues. -
anonymous (anonymous@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:40:45 JST
anonymous
@Zerglingman @laurel @mima i dont like rust either tbh but that's mostly because of faggotfox. Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:41:39 JST
Machismo
@anonymous @mima @laurel The easiest reason to despise rust is its godawful syntax. I refuse to touch any rust project for this reason (I think lemmyBB is in rust, so, great).
But there aren't really any reasons to care about things other people write in rust. -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:42:26 JST
laurel
@Zerglingman @mima
It's difficult to read and modify.Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 19:42:43 JST
Machismo
@laurel @mima Yes. -
:mima_rule: Mima-sama (mima@makai.chaotic.ninja)'s status on Sunday, 21-Jan-2024 20:35:29 JST
:mima_rule: Mima-sama
@Zerglingman@freespeechextremist.comclemmyI don't care about third-party clients in this case. The fact that you need a third-party client to get away from the JS bullshit of the canonical frontend is proof enough that your software is bullshitMany such cases. [...]I can understand because HTML is bullshit anyway. I don't understand how they could've allowed that XSS to happen because if you're dealing with Markdown the first thing you must keep in mind always is the user can be hostile and put malicious code in their inputs. This is worsened by the fact that not only to you have to deal with that scenario locally but from the rest of the fediverse as well. That means taking as much precautions as possible like strict sanitation of HTML output (don't ever fucking allow to get outputted) and a strict Content Security Policy (don't ever allow scripts that are not self!).
Have you tried comparing a typical Lemmy instance's CSP and Raddle's CSP? You should if you haven't yet and you will see what I mean. (Oh and to add to the irony Raddle's software backend is written in PHP)Irrelevant. The thing works.So theoretically you're perfectly fine to use some pedo's Akkoma fork literally named after incest as is because it "just works". Sure it's an extreme example, but you did say "the thing works" so I want to test how far you'd go with that. :koakuma_giggle:privacy-unfriendly[citation needed]I forgot the issue number where this is discussed but Lemmy IIRC doesn't delete your posts and comments immediately and instead just keeps them hidden (but still visible to the admin) for 30 days. And it's intended behavior according to the devs.
Now you can argue that you shouldn't expect any privacy in the fediverse due to its open/public nature (I agree but I think we can do better), but you can't just not honor the user's request to at least remove their content from your server as soon as possible. It's their data; respect that. Again I do not expect all instances to honor their delete request (it has been a problem since Usenet and I'm not expecting this to be resolved in the near future) but two wrongs don't make a right.
Also last I checked Lemmy still doesn't support proxying media, and because you can embed images in your Markdown post and comment, it means you can find out if someone read your post or not because the recipient's browser will automatically load your remote image. I thought we left webbugs / beacons from email behind. :sagume_think:Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 20:35:46 JST
Machismo
@mima >The fact that you need a third-party client to get away from the JS bullshit of the canonical frontend
Fuck off nigger. -
:mima_rule: Mima-sama (mima@makai.chaotic.ninja)'s status on Sunday, 21-Jan-2024 20:36:26 JST
:mima_rule: Mima-sama
@laurel@freespeechextremist.com I'm not a fan of Rust (compile times can be a nightmare and dependencies are as ridiculous if not worse than Node), but I don't care enough to call for its head.
The evangelists are annoying though, I can wholeheartedly agree on that. But that doesn't make the language look bad. It makes its supporters look bad. Pretty big difference IMO.
@Zerglingman@freespeechextremist.comMachismo and New Janny in Town like this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 20:36:32 JST
Machismo
@mima @laurel The language makes the language look bad. -
New Janny in Town (mk2boogaloo@lab.nyanide.com)'s status on Sunday, 21-Jan-2024 20:47:20 JST 
New Janny in Town
@Zerglingman @laurel @mima only professionals use JS, does that mean it's the best language? Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 20:48:12 JST
Machismo
@MK2boogaloo @mima @laurel If you have time to post rubbish you have time to play SWAT. New Janny in Town likes this. -
New Janny in Town (mk2boogaloo@lab.nyanide.com)'s status on Sunday, 21-Jan-2024 21:09:37 JST
New Janny in Town
@Zerglingman @laurel @mima can we do it tomorrow instead? Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:09:52 JST
Machismo
@MK2boogaloo @mima @laurel You'd better be there New Janny in Town likes this. -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:10:00 JST
laurel
@mima @Zerglingman
If you don't plan to look a its internals and/or hack on it, I agree.
But I plan to do so and rust being so difficult to read is a problem for everyone. For maintainers, system admins and those looking to modify it.Machismo likes this. -
New Janny in Town (mk2boogaloo@lab.nyanide.com)'s status on Sunday, 21-Jan-2024 21:10:17 JST
New Janny in Town
@Zerglingman @laurel @mima I will. Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:10:45 JST
Machismo
@laurel @mima I can read enough of it to understand how to work with it, and to trust that it's not making any suspicious connections. -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:15:37 JST
laurel
@Zerglingman @mima
Then it's a great choice for you.
I'd rather read anything else, PHP, assembly, C preprocessor rather than rust.Machismo and New Janny in Town like this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:18:31 JST
Machismo
@laurel @mima I don't really consider it a choice. Some stuff I work with is written in rust, so I sometimes read rust.
I'd rather python but most people never got the memo that python is actually good if you don't run the default interpreter. (Which I do anyway :^) )
I'd agree that PHP is easier to read than rust. Not assembly though; since I think rust's syntax was basically "hey I really like assembly but I also really like java let's make our syntax like both of those". -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:20:12 JST
laurel
@Zerglingman @mima
It might be PTSD after I had to read a convoluted cli frontend written in rust. The backend code was readable but the front was something else.
Could be done with one twentieth the complexity with bash or python.Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:20:51 JST
Machismo
@laurel @mima Well, yeah, that's like saying it's less complex to write code than to solder components to achieve image recognition. New Janny in Town likes this. -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:29:28 JST
laurel
@Zerglingman @mima
>most people never got the memo that python is actually good
It's either seething or skill issue.Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:30:31 JST
Machismo
@laurel @mima You can *usually* get them to admit that python is nice to write, but they'll dismiss it with complaints about pip (lol) or "hurr it's slow". -
New Janny in Town (mk2boogaloo@lab.nyanide.com)'s status on Sunday, 21-Jan-2024 21:35:22 JST
New Janny in Town
@Zerglingman @laurel @mima also, here's an argument against Rust. Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:35:52 JST
Machismo
@MK2boogaloo @mima @laurel >c++
>gigachad
🤔New Janny in Town likes this. -
anonymous (anonymous@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:38:20 JST
anonymous
@Zerglingman @laurel @mima Pip has broken 95% of python software I try to install. Thing is a fucking nightmare.
Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:38:39 JST
Machismo
@anonymous @mima @laurel The easiest way to fix any pip-related problem is to throw pip into the nearest furnace. -
New Janny in Town (mk2boogaloo@lab.nyanide.com)'s status on Sunday, 21-Jan-2024 21:39:47 JST
New Janny in Town
@Zerglingman @laurel @mima you don't understand yet. Machismo likes this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:40:28 JST
Machismo
@MK2boogaloo @mima @laurel :lainstatic: New Janny in Town likes this. -
laurel (laurel@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:48:40 JST
laurel
@Zerglingman @MK2boogaloo @mima
>c++
C+= https://github.com/TheFeministSoftwareFoundation/C-plus-EqualityMachismo and New Janny in Town like this. -
Machismo (zerglingman@freespeechextremist.com)'s status on Sunday, 21-Jan-2024 21:59:37 JST
Machismo
@laurel @mima @MK2boogaloo heh New Janny in Town likes this.
-
All 076萌SNS content and data are available under the