this post was submitted on 21 Jul 2023
8 points (100.0% liked)

Lemmy

12531 readers
22 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago
MODERATORS
 
top 41 comments
sorted by: hot top controversial new old
[–] cinaed666@kbin.social 1 points 1 year ago (3 children)

The fact that people were registering .ml domains for projects like this is mindboggling. There are many TLDs to pick from without infringing on the terms of use of a country-specific one.

[–] RagingNerdoholic@lemmy.ca 1 points 1 year ago* (last edited 1 year ago) (3 children)

My thoughts exactly. You should not be choosing TLDs that are volatile to upsets like this. Stick with the tried and true .com or .net, or one of the new TLDs that are not bound to a nation (unless you can comply with the stipulations) or particular type of organization.

[–] azuth@lemmy.world 1 points 1 year ago

.com and .net are under US jurisdiction they are not stateless. I could also see why the original lemmy developers would not want to use such a domain.

[–] ziggurism@lemmy.world 1 points 11 months ago* (last edited 11 months ago)

Do people not remember back in the 2010s when bit.ly was the main link shortener used everywhere on the internet, and then Ghadafi, the then dictator of Libya, declared the site to be incompatible with Muslin decency norms because it was used for porn? And then all bit.ly links were just dead links?

How many times do we have to learn this lesson? Domain name hacks are fun but just not worth it. And in 2023, now we have all the new TLDs. This was a dumb decision

[–] AnarchoYeasty@beehaw.org 0 points 1 year ago (2 children)

Even gTLDs aren't entirely safe. .dev is iffy right now because only Google can give those out and Google domains is going away.

[–] aeharding@lemmy.world 0 points 1 year ago (2 children)

Google domains is going away

What the hell, how am I just hearing about this now?

[–] ikidd@lemmy.world 1 points 1 year ago

They didn't even tell domain holders.

[–] ratman150@sh.itjust.works 1 points 1 year ago

Yeah I wasn't thrilled when I heard the news. I have one maybe two domains with Google and I'm going to be shipped off to somw third party for my renewal. I haven't checked but I'm pretty sure the domain business is being sold to one of those "build your website with us in half an hour" companies and I just cannot wait for the go-daddy like service...which I left go-daddy because of.

[–] Wispy2891@lemmy.world 0 points 1 year ago (1 children)

.dev was stupid from the beginning due to how many local domains like that...

[–] UnverifiedAPK@lemmy.ml 0 points 1 year ago* (last edited 1 year ago) (1 children)

Alright https://lemmy.zip it is!

Edit: No way someone already did it

[–] JackbyDev@programming.dev 2 points 1 year ago

Zip is the dumbest TLD of all. It is a phishers dream come true. invoice.zip explains it.

[–] MaxVoltage@lemmy.world 0 points 1 year ago (2 children)

but ML also can stand for Marxist Leninist and im sure has been the the way it was read by most early adopters

[–] RagingNerdoholic@lemmy.ca 1 points 1 year ago* (last edited 1 year ago) (2 children)

The official and authorized use for the TLD is an association with Mali. It doesn't matter what hip new meaning us internet dweebs want to assign to it.

[–] porkloin@lemmy.ml 1 points 1 year ago (1 children)

Yes, and q-tips aren’t for cleaning your ears.

[–] RagingNerdoholic@lemmy.ca 0 points 1 year ago (1 children)

The difference being that Unilever won't confiscate your Q-Tips for cleaning out your earwax.

[–] bionicjoey@lemmy.ca 0 points 1 year ago (1 children)

Kinda funny considering they got the ml domain to mean Marxist-Leninist and then would get fucked by nationalization

[–] gary_host_laptop@lemmy.ml -1 points 1 year ago

They didn't.

[–] gary_host_laptop@lemmy.ml -1 points 1 year ago

No, stop spreading this nonsense, it was never chosen because of that. It was used because it was free and the developers don't care about creating funny names with the DNS or for glorified expensive DNS.

[–] EeeDawg101@lemm.ee 0 points 1 year ago (1 children)

Dang I hope lemm.ee is safe. Hopefully Estonia doesn’t decide the same.

[–] sunaurus@lemm.ee 2 points 1 year ago (1 children)

Well, I'm an Estonian citizen at least 😅

[–] WarmSoda@lemm.ee 1 points 1 year ago (1 children)

I didn't even consider .ee to be a country domain. I thought you used it for the catchy name.

That's pretty cool.

[–] DaPorkchop_@lemmy.ml 1 points 1 year ago (1 children)

afaik all the two-character TLDs are for countries

[–] mouse@midwest.social 2 points 1 year ago

You are correct, all two-character TLDs are country-code.

Source: https://www.iana.org/domains/root/db

[–] dingdongitsabear@lemmy.ml 1 points 1 year ago

*affect.

thanks for the humorous takes, but what's the verdict...? and what's the next step, download posts and settings and move elsewhere?

[–] RoundSparrow@lemmy.ml 1 points 1 year ago (1 children)

On the technical topic of renaming a domain of a Lemmy server... I think it is worth experimenting with the code. At minimum, I think it should be an option to try and keep the same login/passwords for users from the old install of Lemmy. But even that could prove tricky if a particular domain changed underllying ownership more than once - and user@domain became rewritten by an entirely different person. I guess in the real-world people do often get mail for previous residence of a house.

My biggest concern is legality because Lemmy claims to support privacy. I honestly think it's a bad idea to claim privacy because you run into so many problems. If the user never knows that their lemmy instance changed names and can't find it again, etc. Especially on technical topics, 15+ years of having Reddit keep messages from deleted user accounts offered a lot of great search engine hits. With Lemmy, a person moving to a different instance and deleting their account, so much content is going to get black-hole in favor of 50 instances having copies of a meme post or trivial website link - and solid original content (often in comment discussions) gets removed.

[–] chaorace@lemmy.sdf.org 1 points 1 year ago* (last edited 1 year ago) (2 children)

On the technical topic of renaming a domain of a Lemmy server… I think it is worth experimenting with the code.

This is unfortunately only possible if you still own the original domain. Think about it this way: if you could migrate domains without proving you own the original, then what's stopping a bad actor from migrating any domain they want? Keep in mind that Federated servers rely on DNS to verify who's who -- they don't have a backup system for deciding trustworthiness.

Yes, there's no technical reason Lemmy has to rely on DNS to establish trust (aside from the fact that changing this would require a massive rearchitecting effort), but why shouldn't it? It's possible to switch to a different trust system (i.e.: public/private keypairs), but that doesn't actually change the nature of the problem -- people can still lose control of the private key and blow the whole system up (and, arguably, this is a lot more likely to happen than permanently losing a domain).

At minimum, I think it should be an option to try and keep the same login/passwords for users from the old install of Lemmy.

So, login credentials aren't actually tied to the domain name at all. A user like example@lemmy.ml is simply known as example to the server internally. The server doesn't particularly care if it lives at lemmy.ml or microsoft.com -- if user example shows up and gives the right password, they're allowed to log in. What I'm trying to say is that -- assuming that the user database isn't destroyed -- login info would probably carry over without any special effort needing to be taken at all.

But even that could prove tricky if a particular domain changed underllying ownership more than once - and user@domain became rewritten by an entirely different person. I guess in the real-world people do often get mail for previous residence of a house.

The identity problem you allude to is not exclusive to this scenario. Let's use lemmy.ml as an example: where did the domain come from? The Mali government. Does this mean that the Mali government owned lemmy.ml before it became associated with the Lemmy project? At the risk of oversimplying: yes, pretty much! Prior to 2019, the government of Mali could have created "fraudulent" Fediverse posts under your username, /u/roundsparrow@lemmy.ml.

With that being said, it's kind of a silly concern. Despite being partially distributed, Lemmy is not a read-only database (i.e.: not a blockchain). There's nothing stopping the current domain owner from more-or-less completely undoing vandalism from a prior domain owner by simply asking the other federated servers to delete that fraudulent content. Keep in mind that the domain is not the server; the original operator keeps all of the original data even if they lose the ability to host that data under the original domain.

My biggest concern is legality because Lemmy claims to support privacy. I honestly think it’s a bad idea to claim privacy because you run into so many problems. If the user never knows that their lemmy instance changed names and can’t find it again, etc.

This is not a problem unique to Lemmy. If Google forgets to pay for gmail.com, then suddenly a lot of email addresses become untrustworthy. This isn't a privacy issue because your old emails don't leave Google's servers. It is a trust issue, however, since the new owners can now impersonate any gmail.com address and receive any new email that was intended for the original owner.

Not to downplay how catastrophic this scenario would be... but I don't think there's any law on the books which would legally obligate Google to operate gmail.com until the end of time. Nothing lasts forever and eventually gmail.com won't be controlled by Alphabet Inc. anymore -- that's just how time works. Those bothered by this uncertainty can instead choose to host their own mail server (or Lemmy instance) on their own domain -- this won't last forever, either... but at least you're in control now.

Especially on technical topics, 15+ years of having Reddit keep messages from deleted user accounts offered a lot of great search engine hits. With Lemmy, a person moving to a different instance and deleting their account, so much content is going to get black-hole in favor of 50 instances having copies of a meme post or trivial website link - and solid original content (often in comment discussions) gets removed.

~~Just FYI: Much like Reddit, comments continue to exist even when the author deletes their account. The user must explicitly delete each individual comment before deleting their account if they want it all taken down.~~ EDIT: This is not actually currently the case, though as far as I can tell the stated intent is to prefer anonymizing comments over deleting them when deleting an account (source). I don't really get this complaint in the first place, actually... surely both kinds of content would get lost when a user deletes all of their data, right? There's no button that says "delete all of my stuff, except for the shitposts".

[–] bane_killgrind@lemmy.ml 1 points 1 year ago

Your Gmail example is very funny because if anyone actually tried to do it, they would effectively DDoS themselves.

Governments could do it effectively.

[–] RoundSparrow@lemmy.ml 1 points 1 year ago* (last edited 1 year ago) (1 children)

This is unfortunately only possible if you still own the original domain. Think about it this way: if you could migrate domains without proving you own the original, then what’s stopping a bad actor from migrating any domain they want?

I'm suggesting a whitelist, that each peer has to put in a substitute list of vlemmy.ml==vlemmy.ml to re-federate.

Much like Reddit, comments continue to exist even when the author deletes their account.

That is NOT how the testing code of lemmy_server tests things, nor how the GitHub front page advertises Lemmy.

[–] chaorace@lemmy.sdf.org 1 points 1 year ago (1 children)

I’m suggesting a whitelist, that each peer has to put in a substitute list of vlemmy.ml==vlemmy.ml to re-federate.

I don't see any inherent problem with that suggestion, though it does create something of a sticky situation with things like canonical links. It also kind of goes against what I've so far perceived as a "low-maintenance" operations ethos from the project maintainers, so I'm not totally sure if they'd greenlight it. Technically quite doable, though.

[–] RoundSparrow@lemmy.ml 1 points 1 year ago

me: list of vlemmy.ml==vlemmy.ml

I meant to say vlemmy.ml=vlemmy.net in example

[–] Boforn@lemmy.ml 0 points 1 year ago (2 children)

Well, this is just weird. When I was migrating from Reddit to this fediverse world I chose .ml and thought it was short for "machine learning" which seemed as a cool domain for me at the time.

[–] Zyratoxx@kbin.social 0 points 1 year ago (1 children)

I mean, I knew it was a country top level domain but I was told Dessalines intended the "ml" as an abbreviation for "marxist-leninist"

[–] gary_host_laptop@lemmy.ml -1 points 1 year ago

That is not true, he has said multiple times it was used because it was free.

[–] livus@kbin.social 0 points 1 year ago (1 children)

No, it's Mali.

The rumour is that lemmy devs chose it to mean "marxist leninist" but I think it's more likely they wanted a free domain name.

[–] gary_host_laptop@lemmy.ml -1 points 1 year ago (1 children)

The rumor is fake, the devs have said it multiple times. If they would have wanted to do some funny Marxism meme they would have used .su

[–] bdonvr@thelemmy.club 0 points 1 year ago (2 children)

Maybe they didn't choose it for that, but to be fair they are definitely and admittedly Marxist-Leninists

[–] gary_host_laptop@lemmy.ml -1 points 1 year ago (1 children)

Yes, as there are plenty of other developers who are openly liberals or some other flavour of capitalism. You don't need to agree with the developers political choices all the time to use their software.

[–] bdonvr@thelemmy.club 0 points 1 year ago (1 children)

Right. My statement was one of fact, not trying to say it's a bad thing. I'm a Marxist-Leninist as well.

[–] gary_host_laptop@lemmy.ml -1 points 1 year ago

Hello there comrade! Nice to have you here!

[–] Pili@lemmy.ml -4 points 1 year ago

Yeah they are, so if they did choose .ml for that reason they would have no problem admitting it also. So it's pretty clear that they just wanted a free domain.