It seems like they are down for a longer time now. How will they recover? Does longer down mean they will have to do more catching up with other instances? Can I get updates somewhere?

  • Saik0@lemmy.saik0.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Hacking an account is still a valid concern though for various reasons

    Let’s assume you’re doing the best practice thing and using a long and unique password for each service you use.

    What benefit does a hacker have hacking your lemmy-based account? Considering that everything you post is public… There’s simply nothing of value that you would obtain by “hacking” an account here… The only thing I can think of is if your a moderator of a community or an admin of an instance.

    I just don’t see any value to it… But even then… 2fa is slated for v0.18 which is probably coming out in the next few weeks.

    • dan@upvote.au
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      2fa is slated for v0.18 which is probably coming out in the next few weeks.

      Only basic TOTP 2FA though. Webauthn/FIDO2 should be coming in the future though.

    • Illogicalbit@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Mostly thinking impersonation, spamming, deletion or modification of history…. Although I’m sure there are probably other reasons too.

      • Saik0@lemmy.saik0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Impersonation - Not sure this matters unless you’re a mod or admin. Spamming - Just make the accounts yourself… it’s going to be infinitely easier to just make spam accounts from nothing (since it’s free anyway) than to designate resources to cracking a password. Deletion/Modification of history - modlogs allow reverting ALL changes outside of full account deletion. Full account deletion - Well that’s annoying at the very least. But not like it’s the end of the world or has any actual cost associated with it.

        It’s a lot of work to do so little actual damage. It’s not like twitter where hacking Elon’s account can actually lead to monetary gain.

      • areyouevenreal@lemmy.fmhy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        What makes you think large social media platforms don’t have these exact problems? Because they definitely do.

        This software being open source will hopefully make it more secure one day than even things like twitter. This is because everyone can see and inspect the source code and try to find vulnerabilities. When they are fixed then (hopefully) all of the instances get updated. It’s what helps make Linux generally more secure than Windows.

        It seems to me you don’t see the value in open source platforms like this. If this is true then fair enough. Just don’t come crying to me when reddit does something you don’t like.