Because few people know what’s realistic for LLMs

Or instance admins can block and save their users the hassle

Because one or two trolls can be mocked, a whole instance will always only be trouble not worth the effort.

Yeah, but who would be able to prove it?

Instance admins could easily patch it in for their local communities (just add a filter ignoring API actions like posting and voting for some users), but it’s not official and probably won’t ever be official behavior

A lot of this doesn’t work easily on the activitypub model, because accounts and posts and communities live on their host instances, and every interaction has to be relayed to them and updates have to be retrieved from them.

While you can set up mirrors with arbitrary additional moderation that can be seen from everywhere, you can’t support submission of content from instances blocked by the host instance.

The bluesky model with content addressing can create that experience by allowing the creation of “roaming” communities where posts and comments can be collected by multiple hosts who each can apply their own filtering. Since posts are signed and comment trees use hashes of the parent you can’t manipulate others’ posts undetected.

Bluesky already has 3rd party moderation label services and 3rd party feed generators for its Twitter-like service, and a fork replicating a forum model could have 3rd party forum views and 3rd party moderation applied similarly.

There’s some things which Mastodon does you can copy, like the question about what your home instance is

https://slrpnk.net/comment/9042474

You must use your home instance as a proxy.

If you find a post elsewhere you have to take its URL and put it into your own instance’s search function, and it will recognize it as a post on another lemmy instance and retrieve it for you.

You can also use search from your instance to go looking for things outside your instance which it already knows about.

Mastodon has made this easier by asking what your home instance is when you try to interact with a post on their domain without being logged in, and then it redirects you to a view of that same post from your own instance. Lemmy could do the same.

Relevant

https://connect.iftas.org/

A site for fediverse moderators

Neither does most recruiters in technicals fields, lol

I don’t think that’s new, you just need to throw in a personal subscription key in the URL

Create an alias and set forwarding

Also, doesn’t show the effect of recessive genes and similar stuff

I’m tech support so I’ve seen some stuff, sooo many intranet sites on internal servers don’t have HTTPS, almost only the stuff built to be accessible from the outside has it. Anything important with automatic login could be spoofed if the attacker knows the address and protocol (which is likely to leak as soon as the DHCP hijack is applied, as the browser continues to send requests to these intranet sites until it times out). Plaintext session cookies are also really easy to steal this way.

Chrome has a setting which I bet many orgs have a policy for;

https://chromeenterprise.google/policies/#OverrideSecurityRestrictionsOnInsecureOrigin

Of course they should set up TLS terminators in front of anything which doesn’t support TLS directly, but they won’t get that done for everything

Plaintext connections inside corporate networks can still be MITM’ed if the adversary knows what they’re targeting, while they can’t connect to the corporate network they can still steal credentials

Hilariously enough, Windows users can use WSL to run a Linux VPN (but only applications running in WSL are safe if I understand the attack right)

Yeah, it’s like a fake traffic cop basically, sending your (network) traffic down the wrong route

Pushing a route also means that the network traffic will be sent over the same interface as the DHCP server instead of the virtual network interface. This is intended functionality that isn’t clearly stated in the RFC. Therefore, for the routes we push, it is never encrypted by the VPN’s virtual interface but instead transmitted by the network interface that is talking to the DHCP server. As an attacker, we can select which IP addresses go over the tunnel and which addresses go over the network interface talking to our DHCP server.

Ok, so double encrypted and authenticated traffic (TLS inside the VPN) would still be safe, and some stuff requiring an internal network origin via the VPN is safe (because the attacker can’t break into the VPN connection and your client won’t get the right response), but a ton of other traffic is exposed (especially unencrypted internal traffic on corporate networks, especially if it’s also reachable without a VPN or if anything sends credentials in plaintext)

When the oil industry doesn’t have to pay to clean up their externalities we already don’t have a free market. You break it you pay. Fixing the externalities by incentivizing better technology is at minimum a correction to the market.

It needs to rotate unless it’s a superconductor.

Also a magnet that size would mess up navigation equipment for miles