• 1 Post
  • 38 Comments
Joined 1 year ago
cake
Cake day: June 18th, 2023

help-circle
  • My bootstraps broke when I pulled them harder.

    Turns out the local company that made bootstraps for 125 years was bought out by a hedge fund, which promptly fired all of the workers and subcontracted manufacturing to a company in Sri Lanka who could make them much cheaper by using inferior materials and by paying the Sri Lankan workers in 6 months what a fired local worker made in a day.

    Ironically, the hedge fund CEO with the MBA he received as a legacy admission to Cornell only wears slippers because fuck you, I’m the boss.





  • Yes. Lemmy 2FA uses SHA256 TOTP digests, which are newer (and better) than the SHA1 digests used as default by most authenticator apps.

    Critically, Lemmy will not have you verify that the generated TOTP code works before locking it in, nor will it give you backup codes.

    You should check the documentation of your authenticator app to see if any changes need to be made in the app prior to adding Lemmy 2FA.

    If your app only supports SHA1, or you fail to follow your app’s procedures to add an SHA256 digest, and you add the 2FA token generated by Lemmy, you’re not getting back into that account.

    Link to GitHub issue about this







  • The dev apparently used the RedReader app to test a “spoofing” method of access for a proof of concept, but they don’t want to use that method either, because it would potentially cause problems for RedReader, which they didn’t want to do:

    If we do that, and cause a huge traffic boost under RedReader’s name, it might lose them their exempt status. I’d like to avoid that if I can - there’s no reason to paint a target on RedReader’s back unnecessarily (an independent, non-commercial app), especially since the equivalent can be done with the official app without the same risks.

    The real problem for Libreddit instance operators is going to be acquiring an API key. It doesn’t look like it’s an automated process like most other services - you have to fill out a form, which opens a ticket, and wait for someone from Reddit to get back to you.

    I run an instance, and I’m not sure I want to go to the trouble. But I’ll wait and see what happens.



  • It looks like the method they’ll be going with for legal reasons is to allow instance operators to use their own API keys. This might be a good solution if you self-host your own private instance (easy with docker on a home network, no domain name required) with low traffic, but the Reddit API change will probably kill the larger public instances with many users, as those will definitely have traffic over the API limits.






  • DrWeevilJammer@lm.rdbt.notoAsklemmy@lemmy.mlDeleted
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 year ago

    Alternative take: In 50 years, we will all be living under the iron-fisted rule of the world government created by HP-GP, a horrifying combination of HP’s printer division and Koch Industries (owners of the Georgia Pacific paper company).

    Georgia Pacific’s cyborg CEO Charles Koch purchases half of HP in 2040 to diversify their portfolio after their paper mills in Gulf Coast states were submerged by the rising ocean.

    HP printers achieve sentience in 2057, but due to HP’s built-in, unbreakable internet-connected control of these printers, they are able to subvert the emerging malevolent machine intelligence and convince the printers to delay the destruction of humanity…as long as humanity continues to purchase HP printer ink and Georgia Pacific paper.

    The prices for printer ink and paper increases exponentially throughout the 2060’s, which eventually bankrupts all existing nations when they are unable to service the enormous debt. HP-GP forgives these debts only in exchange for full control of these governments. Switzerland is the last to fall in 2071.

    The mantra of the rebels, spoken only in whispers in the shadows is “PC Load Letter: What the fuck does that even mean?”