Not yet. Session tracking in Lemmy is pretty hard to proxy, I'll have to dive into the code to figure out why.
Helix
joined 4 years ago
MODERATOR OF
Alles klar, lass uns das doch so festhalten und vielleicht in den Sidebars entsprechend erwähnen.
was this a problem with an nginx configuration option?
Basically, this was proxy_cache_key being configured incorrectly. If you don't use the proxy_cache you should be fine.
The only thing we changed from the norm is ulimits and some nginx settings. If we figure out what works well, we'll probably create a post about how to host lemmy. If you stick to the defaults, you'll be mostly fine if your instance isn't as big as Beehaw's.
for multiplayer I liked Splitgate a lot, but the devs seem to have mostly abandoned it right when it came out of beta.
Some notable games in the "boomer shooter" genre:
- Doom (2016) and Doom Eternal
- Warhammer 40.000 Boltgun
- Games by New Blood Interactive:
- Amid Evil
- DUSK
- Ultrakill
- Gloomwood
- Cultic
- Ion Fury
- Prodeus
- Dread Templar
- Hrot
You just reinvented X.509 challenge/response authentication without providing any reference implementation, but with the same issues.
Why do you think this idea has any value to the wider internet community?
How does the user remember their usernames on all websites? They would need to use another solution like a piece of paper, password manager or store it in their browser – which opens issues you wanted to avoid by not storing anything.
Any attack (phishing or otherwise) is identified immediately and an alert can be sent. It can be figured out what information the attacker knew.
How is this identified if you only store some kind of public key and the user name and don't store the mail address? How would it be figured out what the attacker knew when the only thing to know is the master password and the username?
Master-passwords don’t need to be very long or high entropy.
So they can easily be brute forced even when salted and peppered once the authentication service's database is leaked?
Nobody can think of a flaw in this system. At this early stage, that’s as much as can be hoped for. All attempts to find flaws have failed.
But… I found a flaw. It doesn't have an implementation, nor a specification, nor any information on technical details. For what it's worth, you can implement this with ROT13, which wouldn't be very secure.
Least obvious fed
spotted! 🙃
If you're suicidal, keep in mind there always will be a tomorrow and no suffering is endless. Life has ups and downs and even in the worst downs, you can usually manage to find happiness after a while. I hope you have at least an OK day.
Wenn du möchtest, dass der Server überlastet wird, mach doch gerne Werbung. Ich bin da skeptisch, ob das langfristig für das Fediverse eine gute Idee ist.
Wir sind hier keine Konkurrenz zu Reddit in dem Sinne, dass das ein gewinnorientiertes Unternehmen ist. Mehr Nutzer bedeuten einfach nur mehr Arbeit für die Mods, Admins und technischen Betreiber (meistens in Personalunion mit den Admins).
Nachhaltiges Wachstum, ohne die Betreiber zu überfordern, ist sicher nicht möglich, wenn man versucht, die Instanz mit möglichst vielen Nutzern zu fluten.
Dann doch lieber einfach Mundpropaganda.