• @xe8
    link
    93 years ago

    Not Safe For Brands? I don’t know whether to laugh or cry. Ridiculous.

    Does Lemmy have any kind of protection against stuff like vote manipulation from bot accounts?

    • DessalinesA
      link
      63 years ago

      Their goal would probably just be to have what twitter has, where brands like burger king and wendys, who have thousands of followers, send heart emojis back and forth to other brands, lol.

      Does Lemmy have any kind of protection against stuff like vote manipulation from bot accounts?

      Not besides the captcha signup. BUT, my original intention was, unlike reddit, which is happy to allow bots and vote manipulation, to be very strict about having bots be a separate entity from users. And the fact that most bots or things like RES are just extra features that reddit wouldn’t or didn’t think to add in the first place. Being an open source project, its possible to add those features directly into lemmy.

      One way I can think of to keep out bots past signup, is to periodically, maybe every few weeks, log users out and require a captcha for sign in again, but I imagine people wouldn’t like being logged out. Its something we’ll def have to keep an eye on.

      • @TheAnonymouseJokerM
        link
        33 years ago

        Just do not use a privacy violating captcha. This is one of the most critical reasons why users see Lemmy as so nice.

        HCaptcha is nice, and there might be some other alternatives too. Also avoid CloudFlare.

        • DessalinesA
          link
          53 years ago

          We use an open-source rust based captcha in lemmy internally. HCaptcha is def not as bad as google, but its still a silicon valley company, and doesn’t offer a self-hostable version, and isn’t open source in the slightest. Cloudflare is absolutely awful, we’ll never use it.

          • @TheAnonymouseJokerM
            link
            43 years ago

            Very interesting and very nice. I appreciate this hard stance which made me see Lemmy uniquely among all these Reddit alternatives that pop up everyday.

            One interesting thing is that most toxic ignorant Redditors so affectionate about their racism hatred or love of corporate capitalism never consider trying to pollute Lemmy.

            • DessalinesA
              link
              33 years ago

              That’s the goal :smiling face:

            • @seahorse
              link
              33 years ago

              I caught a QAnon guy trying to start a group here lol. Luckily we banned him and his community before he dragged anybody else over here.

              • @bluerabbit
                link
                13 years ago

                Just curious - I have no interest in giving QAnon conspiracies more oxygen - but on what basis were they banned? Being disastrously misinformed, on its own, does not appear to be against the Code of Conduct (and nor should it be).

                • @TheAnonymouseJokerM
                  link
                  13 years ago

                  Spreading such misinformation without full knowledge of a subject, and hearing all sides of arguments, does violate the policies here I think. And it seems to be working, keeping those hive minded Redditors or Facebook-tier users away.

                  • @bluerabbit
                    link
                    13 years ago

                    I can’t see anything in the text that would disallow that other than “mod doesn’t like it” - if so, it’s rather similar to what Reddit’s being accused of in this post. So far my experience is that opinions on this Lemmy federation are even more homogeneous than they are on Reddit - the prevailing view is just different. Again, this post has been a good example. It’s all a little disappointing.

              • @TheAnonymouseJokerM
                link
                13 years ago

                I pity people who fall for their trap. Most victims often are otherwise intelligent, but only are socially discriminatory or unintelligent. Followers often are not a pure extension of one’s ideology.

          • @lavidaloca
            link
            3
            edit-2
            3 years ago

            What’s an alternative to cloudflare? Not getting ddossed is good

            • DessalinesA
              link
              23 years ago

              For most things, ddos protection isn’t gonna be necessary, they’re targeted attacks. For most servers, simple nginx rate limiting, ufw, and fail2ban or https://github.com/crowdsecurity/crowdsec are good enough… there are good guides for doing other things too like disabling password-based ssh logins.

              Good VPS’s will offer anti-ddos protection, we were getting hit here pretty hard until we moved to ovh. Cloudflare should never be an option though, that gives them all form submits, including passwords, all client-server data unencrypted.

              • @lavidaloca
                link
                23 years ago

                Whoa! I looked it up. OVH offers quite a lot there. That’s awesome! Will definitely consider moving my setup there. Appreciate the tip.