Lemmy

TL;DR: Lemmy generates SHA-256 TOTP digest which may be unsupported by some authenticator apps. https://github.com/LemmyNet/lemmy/issues/3309#issuecomment-1605259241 Thanks to this it may seem the authenticator is set up, yet it won't generate correct tokens.

When lemmy.sdf.org got updated to version 0.18.0, the first thing I did was that I set up 2FA. Or so I thought. I went to settings, checked "Set up 2-factor authentication", clicked save, and then clicked on the installation button which opened up the authenticator app I use, Cisco DUO. I saved it, and seeing that it was generating codes, I thought "Good".
Today I wanted to log into Lemmy on my laptop. I enter username and password, and get prompted for TOTP token. I take my phone and get the token from Cisco DUO authenticator, type it into the TOTP field, and it doesn't work. So I tried again, and again, and again,... I see. It doesn't work.
I went on the internet to search for the issue, and found the comment mentioned above and this request on GitHub.
Thankfully I was still logged in on my phone and I was able to remove 2FA.

Who knows, but there may already be bunch of people who won't be able to reply. Rest in peace.

If you want, please add your tips to the comments.

Here are mine - just a bunch of opinions/suggestions from someone who used to be a forum mod, then a subreddit mod.

As this is a rather big wall of text, I'll split it into sections, contained within spoiler tags.

The two top entries on lemmy.world sorted by hot as of a few minutes ago were a porn link on a porn community (nothing against porn per se, but I don't want to see it on the front page) and a bot post to some kind of bot link community. I see the "block user" button but I don't particularly care to see anything from those communities, so blocking the individual poster doesn't help much. I could actually visit the community in order to block it, but that sort of defeats the purpose of blocking. And I know of "Hide NSFW" but I'm not particularly anti-NSFW, I just don't want to see it unintentionally.

So it would be useful to have "block community" as an option along with "block user" in the little buttons underneath the post.

As a broader policy matter, I'd be cool with blocking NSFW from the front page altogether (it would still be available within communities of course). But I understand such a decision would want discussion for and against.

Idk if this is useful at all, but when starting my Mastodon server I set up an account at Open Collective with a fiscal sponsorship by the Open Collective Foundation. This gave us 501(c)(3) status, made all of our finances public and clear, and also got us free GSuite. Highly recommend it.

I've been looking between some instances to see how they look to each other and I came across this post/comment.

Source post/comment

off-instance post/comment

As you can see the original comment was deleted by the creator, but is still intact on the off-instance copy. I had presumed that each instance would relay the change, whether be an edit or deleted by creator, but perhaps its either an Admin setting or there was no event to push the change.

Just found it interesting and wouldn't mind understanding more about how it works.

How do y'all feel?

Hello, when I search in the search bar for some words, the results are not fully related. For example, if I filter it by Posts or Comments, the results are still inaccurate.

How to use:

The url must be the hostname only, NO SLASHES, like this: lemmy.dbzer0.com, don't use https://, don't append a slash afterwards (lemmy.dbzer0.com/), only the hostname including the subdomain if it has it (in this case, lemmy).

If the instance has blocked the IP address from the server, or it is stuck and its API is not working correctly, it returns "Not a Lemmy instance" (I am too busy to fix this right now).

If the url is not formatted in a way it can process it, it will say Invalid URL. Better processing can come in the future. I won't be updating it now.

• URL: https://federation-checker.vercel.app/
• Source code: https://github.com/lemmygod/federation-checker

In the backend, it just scrapes https://fba.ryona.agency/?domain={url} and uses the api https://{instance}/api/v3/federated_instances

PRs welcome.

Honestly it works better when deployed locally in a development environment. I think Vercel's IP address is just blocked by cloudflare and other blacklists that stop automated stuff? Idk. Can check back in a few days.

I'm stretching the definition of "app" here but Lemmy appears to be a progressive web app, so if you click "add to home screen" in iOS then the icon for Lemmy will open up a captive web browser that behaves like any other app.

It's not as fast as an actual app, but it feels very similar to using one. Most apps are just react-native these days anyway.

A user checking out one of these URLs does not want to filter only local post on that instance.

On all instances, this url should mean "show me all /c/piracy on all federated instances"

If you really mean /c/piracy only on that instance, then add something to the url.

The current convention breaks the most important aspect of federation and makes its vestigial appendage.

The current way has user asking question /c/piracy, but on which instance ?

So now they'll all join the same instance . You wouldn't post anywhere else since no one would every see it.

It's a recipe for centralization.

I think this is obvious to most users, were deal with "voat with extra steps" here

This Lemmy app's experience is just amazing when you install it as an app with Chrome. With Firefox it's sluggish as hell. So before judging the app if you're using Firefox, consider opening it in Chrome instead, it's like night and day!

Hello, these rumors are getting out of hand. To make matters worse, they are rejecting Lemmy (the software) because of the rumors about the developers. You really need to do something about this, because the reputation of Lemmy (the software) is in serious danger. Thank you for listening to my concern about malicious rumors.

Is it just me?

My hot it full of months, or even years old posts that have almost no upvotes or comments. Why are they there?

And unlike actually "hot" posts they don't seem to want to go away. Is this a bug? I'm not seen any discussion on it, not even on github.

I used to manually remove for example the GPS location when using Reddit since I don't trust them. Does Lemmy or any Android client remove it by default?

I wrote a very simple UserScript for the browser which can be used for example with https://www.tampermonkey.net/ to be injected in all the pages where there is the sidebar telling you you're not logged in but can subscribe by copy and pasting this string.

A replace this string with a link to the search of my instance so I then can easily subscribe to it.

It has one flaw though, it needs to run once a second for all the time because I couldn't figure out how to trigger it when you move around on the instance, DOMContentLoaded only triggers once and then the rest happens with XHR requests, but the popstate doesn't get fired when I navigate.

The instance I usually log into is sitting on 0.17.4 and I wanted to see how 0.18.0 looks. So I created a new sign in on a good looking updated instance to give it a whirl.

I'm not happy with some of the changes and the interface feels more clunky to me. Yeah there's some improvement in response after dropping web sockets and it's nice the sort orders work better, but that's all I have to say positive about it.

Searching for communities is giving me fits now. When I go to search for a community from the community page it defaults to an "all" search where it should default to a "community" search. So now I have the extra step of selecting the "communities" option from the search page, but first I have to do the default "all" search to get to there. It's just super clunky and annoying.

When subscribing to communities 0.17.4 would get stuck in subscribe pending mode, but I'm having even more trouble with 0.18.0. When I call up a community the subscribe button is missing. I have to reselect the community for it to appear. Then I'm still getting weird behavior in response to pushing the button. In some cases it does nothing and repeated presses are required to see subscribe pending. It rarely shows joined within a reasonable amount of time. There's still a bunch pending since 8 hours ago.

I really don't like how the first reply to a post shows the reply bar. It looked so much better when only a reply to a reply started the reply bar chain. It really bugs me as far as the page aesthetic.

I have some other small gripes with the new version, but those are the ones giving me the most trouble. I mean don't change stuff just to change stuff. Fix things and make them easier to use, not harder. Don't worry about stupid things like changing header fonts and reply bars. Give me the stuff I really-really need;

• a compact view option
• a setting to open all links in a new tab
• granular settings for default sort orders
• clickable headers in lists for sorting.

Ok, so I have some code to crawl a posting of a community and compare two servers for comments missing. It looks bad today. Both of these servers are version 0.18.0 and have been upgraded for several days.

missing 0 unequal 0 11 on https://lemmy.ml/ vs. 11 on https://sh.itjust.works/
missing 35 unequal 1 48 on https://lemmy.ml/ vs. 14 on https://sh.itjust.works/
missing 4 unequal 0 9 on https://lemmy.ml/ vs. 5 on https://sh.itjust.works/
missing 6 unequal 0 9 on https://lemmy.ml/ vs. 3 on https://sh.itjust.works/
missing 1 unequal 0 1 on https://lemmy.ml/ vs. 0 on https://sh.itjust.works/
missing 6 unequal 0 12 on https://lemmy.ml/ vs. 6 on https://sh.itjust.works/
missing 3 unequal 0 8 on https://lemmy.ml/ vs. 5 on https://sh.itjust.works/
missing 3 unequal 0 6 on https://lemmy.ml/ vs. 4 on https://sh.itjust.works/
missing 22 unequal 0 42 on https://lemmy.ml/ vs. 20 on https://sh.itjust.works/
missing 5 unequal 0 15 on https://lemmy.ml/ vs. 10 on https://sh.itjust.works/
missing 8 unequal 2 17 on https://lemmy.ml/ vs. 9 on https://sh.itjust.works/
missing 3 unequal 0 3 on https://lemmy.ml/ vs. 0 on https://sh.itjust.works/
missing 0 unequal 0 10 on https://lemmy.ml/ vs. 10 on https://sh.itjust.works/
missing 11 unequal 0 24 on https://lemmy.ml/ vs. 13 on https://sh.itjust.works/
missing 1 unequal 0 2 on https://lemmy.ml/ vs. 1 on https://sh.itjust.works/
missing 13 unequal 0 37 on https://lemmy.ml/ vs. 24 on https://sh.itjust.works/
missing 3 unequal 0 7 on https://lemmy.ml/ vs. 4 on https://sh.itjust.works/
missing 0 unequal 0 10 on https://lemmy.ml/ vs. 10 on https://sh.itjust.works/
missing 60 unequal 2 186 on https://lemmy.ml/ vs. 126 on https://sh.itjust.works/
missing 10 unequal 2 51 on https://lemmy.ml/ vs. 41 on https://sh.itjust.works/
missing 16 unequal 0 51 on https://lemmy.ml/ vs. 36 on https://sh.itjust.works/
missing 31 unequal 3 128 on https://lemmy.ml/ vs. 97 on https://sh.itjust.works/
missing 0 unequal 0 4 on https://lemmy.ml/ vs. 4 on https://sh.itjust.works/
missing 2 unequal 0 5 on https://lemmy.ml/ vs. 3 on https://sh.itjust.works/
missing 15 unequal 1 67 on https://lemmy.ml/ vs. 52 on https://sh.itjust.works/
missing 4 unequal 0 53 on https://lemmy.ml/ vs. 49 on https://sh.itjust.works/
missing 0 unequal 0 5 on https://lemmy.ml/ vs. 5 on https://sh.itjust.works/
missing 0 unequal 0 0 on https://lemmy.ml/ vs. 0 on https://sh.itjust.works/
missing 1 unequal 0 19 on https://lemmy.ml/ vs. 18 on https://sh.itjust.works/
missing 0 unequal 0 2 on https://lemmy.ml/ vs. 2 on https://sh.itjust.works/
missing 0 unequal 0 22 on https://lemmy.ml/ vs. 22 on https://sh.itjust.works/
missing 0 unequal 0 16 on https://lemmy.ml/ vs. 18 on https://sh.itjust.works/
missing 0 unequal 0 7 on https://lemmy.ml/ vs. 7 on https://sh.itjust.works/
missing 3 unequal 0 27 on https://lemmy.ml/ vs. 24 on https://sh.itjust.works/
missing 2 unequal 0 32 on https://lemmy.ml/ vs. 30 on https://sh.itjust.works/
missing 3 unequal 0 21 on https://lemmy.ml/ vs. 18 on https://sh.itjust.works/
missing 3 unequal 1 16 on https://lemmy.ml/ vs. 13 on https://sh.itjust.works/
missing 3 unequal 1 47 on https://lemmy.ml/ vs. 44 on https://sh.itjust.works/
missing 1 unequal 0 24 on https://lemmy.ml/ vs. 23 on https://sh.itjust.works/

The number of comments is based on loading comments, not the counts at the top of the posting.

cross-posted from: https://lemmy.world/post/715287

Guess where? Unironically r/Save3rdPartyApps

The Reddit search for Lemmy also gives these privacy copy-pasta as top results when searching for Lemmy. I'm still betting that Reddit employees are involved in boosting these posts.

it's not just Lemmy users and instances graphs that are going FULL STONKS 📈 , it's people starring repo as well:

I have been playing with Connect and Jerboa for Lemmy on an Android phone. Both are very decent apps.

One thing I really liked about Boost (reddit) is that I could create widgets of the reddit home page or multi-reddits and put them on a page. Are there any Android Lemmy apps that have the ability to create a widget of the home page or lists?

Thanks!

A sticky point for me in Lemmy is that some instances are topic-oriented, and sometimes communities just seem to belong on a certain instance. For example, programming language related communities living on the programming.dev instance, which I recently discovered, seems to make good sense.

I registered for the instance and I enjoy being able to log into it and view the top local posts of the day, for example. Also if I wanted to create a community on that instance I believe I need an account there.

Anyway, it seems like there's a use case for one person having users on several instances. An issue with this is that it may be difficult to understand the actual identity of a user on a given instance, versus an impersonator. While I understand that there seem to be some partial solutions to this, such as linking to a website in one's profile which in turn validates the identity of various Lemmy accounts (assuming you trust the website), it seems like there might be a need for something more robust.

All this to say, have people already been putting thought into a system of identity that scales onto multiple instances? For example, what if you could send pairing requests between users across instances, where the requestor and requestee both must confirm that they are the same person and would like the accounts linked? Would ActivityPub be able to support implementing this kind of link?

Really I'm just wondering what the state of the art is on this kind of thinking... if any.

When could we realistically expect a new release? Even if it would be just for captchas as the only new feature, it's IMO urgent at this point and will avoid some embarrassment as the 2nd wave of Reddit refugees is in 3 days and many servers are still on the 0.17.4 because captchas are essential to them to help combat spam.

Gonna just say it. As a longtime Lemmy user I'm really not a fan of a lot of the people coming over from Reddit. It's probably just a small but vocal minority and confirmation bias on my part, but I get the impression that they are trying to turn Lemmy into Reddit, toxicity, entitlement, stupid challenges and all.

When we've had two major debacles before Reddit even opened back up, one about "how dare these unpaid admins try to lessen their workload with sign up questions", and the other about "how dare instances block other instances that are being used as proxies for forwarding spam and bot content into their own instances." The people from reddit seem to still think they're on Reddit and any perceived inferiority that Lemmy has compared to Reddit is seen as just as bad as Reddit's corporate decisions. A few people even trying to go to an instance with the intent of "converting" the existing users who may be socialist or communist, by commenting abuse on their posts of course, just like how they presumably do it on Reddit.

People also seem to be refusing to learn what federation is and how that works, despite it being literally the most important aspects of Lemmy. This is evident in people telling instances who block spam or troll ridden instances to "mind their own business" as if that content doesn't get forwarded over to and show up on the main pages of other instances, you know, what the fediverse was designed to do.

FYI, Reddit has opened back up. Spez has made it clear that he will never tolerate subreddits shutting down and inconveniencing you again. If you're so unwilling to even adopt a different mindset and perspective when coming to Lemmy, I think it's best if you went back. Plenty of us came here because we didn't want to be on Reddit.

Last thing and a pet peeve of mine: stop calling yourself a refugee. You left a meme website for another meme website because you didn't like one aspect of the management, the entire decision and migration probably took less than an hour of you sitting in your comfortable house in front of a computer. To compare that to being a refugee speaks volumes about your entitlement and privilege. And it's especially ironic considering what real refugees go through to save themselves and their families, that you won't even answer a few registration questions.

I just created awesome-lemmy based on the well-known awesome lists.

There is already a awesome-lemmy-instances which is specialized in Lemmy instances but no general list that's why I created one.

It's forked from awesome-scala which has a very neat python script to easily add new projects so it should be quite easy to contribute, feel free to add tools, apps and websites linked to lemmy!