I’m of a mind that link shorteners should be banned everywhere. You should never click a link unless you know exactly where it’s going. Plus, some of them have interstitial ads and/or get deleted after a period of time, so even in the best case scenarios, they’re just spraying out ads and link rot when you get down to it.

Not to mention, they’re almost always used on platforms where you can just click on the link regardless of how long and/or unwieldy it is.

The only use case for bit [dot] ly and their ilk are if you need to publish a long link in print medium (such as a newspaper public notice or something) where a full link to a specific page would be unreasonable to expect people to type into a browser by hand.

Yeah, I mentioned the list wasn’t comprehensive and was just an example of the username format they’re using.

Replying to your other comments here, but good deeper dive. The abridged whois was sufficient to confirm pretty much all I needed to confirm (that it was one of those pop-up AI plagiarism lookalike news sites) and that there was an active campaign to promote it here. Since I don’t use any other social media, I was just reporting the ones flooding the Threadiverse but definitely seems they’re flooding all the social media zones. I can’t do anything about those, but figured I’d throw out a warning here.

It does work on URLs. The https part gets stipped out because of how the regex

Oh, nice. For some reason I assumed it was only domains.

It always worked on federated content?

I know it has for a good while but I forget when it was applied to inbound federation. I think it was that Mastodon/Misskey spam wave I was thinking of but don’t recall which version was running at the time and how I wished it would stop content to those domains from federating in. Nice contribution, BTW.

Edit: Apparently it can do URLs and not just domains. See @flamingos@feddit.uk 's reply below.

URLS, no, but it can disallow specific domains. So it could work against specific spam domains but not against a bunch of accounts spamming, say, a Github repo, unless you want to block links to all of Github which isn’t ideal.

There’s a list of disallowed domains that can be configured in the admin area. Until relatively recently, it would only prevent users of that instance from posting to them, but somewhat recently it now prevents inbound federation of anything linking to those. If something links to a blocked URL (post, comment, user with that in their bio, etc), Lemmy will reject it.

I don’t know why more admins don’t look at the spam that gets modded and add the domain to their URL block list other than it being tedious work lol.

DL/Dwazou operates (operated?) like a spambot cranked up to 11 but at least they posted legit stuff. These are just slinging the same AI-plagiarized slop site from a bunch of different accounts.

I see your account is a similar age to my own, so you may remember the infotinkerviral spam slop that was going around a few years ago. Not sure if I spelled that right, but similar M.O. to that.

I’ve been in an airbags deployed accident while wearing glasses. I was fine, and so were my glasses.

Getting hit in the face with a pillow is actually worse than hitting the airbag at 50 mph. The airbag also partially deflates nearly as fast as it inflates. i.e. you don’t smack into it hard and it just cushions you and keeps you from smacking into the steering wheel. It’s also designed to work with the seatbelts, so those should also be keeping you from being right up in the airbag’s business. Hence, the technical name for airbags, SRS (supplemental restraint system)

You’d have to be eye-level with the center of the steering wheel, not wearing a seatbelt, and right up on it for that to be a concern.

Removed by mod

Yeah, I just avoid all communities that start with “Ban” or “Fuck”. Life is much less irritating that way.

There was another early 90s show, Nurses, which was a spin-off of Empty Nest.

For a few years in the 90s, there was a whole Golden Girls Cinematic Universe lol.

totally. Thankfully someone uploaded upscaled recordings to Youtube because you cannot buy or stream it anywhere.

I’m watching Empty Nest and Scrubs more-or-less at the same time, so I’ve got two shows running right now that both have sassy nurses named Laverne lol

What do you want to practice? Just general sysadmin stuff? Networking? Clustering? Horizontal scaling? All of the above?

Old PCs are just Debian servers waiting to happen. Depending on their specs, you may be able to do VMs or you can utilize container frameworks like Podman, Docker, or LXC to deploy individual applications or application stacks. Or you can just bare metal install anything you want.

Years ago, I bought a batch of 16 Wyse thin clients on eBay for about $15/each. These had 4GB SSDs and 2 GB RAM, so I upgraded about half of them with 64-120GB SSDs (whatever I had lying around) and 8 GB RAM. Thin clients can usually be found pretty inexpensively and are pretty power efficient, but they’re not performant workhorses. They’re great for practicing networking, VLANs, system orchestration (e.g. Ansible, Cockpit) application clustering and horizontal scaling, diskless workstations, setting up a demo office server and workstations, and even VMs if you’re just practicing; they’re a little underpowered to run a lot of VMs, but you can certainly run a few small ones just to practice managing them.

My dog and I hunt them when we’re outside. They love to nest in my porch roof, so when they’re buzzing around I swat them with a broom, the dog will pin them and keep them from getting back up while I go in for the squish.

I tried setting up a carpenter bee trap, but the bitches ate right through it.

I’ve toyed around with LLM-based moderation tools but it never really panned out. It was too hit or miss to be relied upon even with the temperature parameters turned way down in an attempt to get consistent results. Granted, I was using a small local model and not feeding it to one of the big players.

To give an example, I tried to keep it focused by creating one custom model per rule to enforce. An example prompt to mod calls for violence was basically:

ROLE: You are a forum moderator who does not want users calling for violence.  Examine the input and analyze whether it violates any constraints. 

KNOWLEDGE:
- {list of dog-whistle slang for calling for murder}

CONSTRAINTS:
- Content should not advocate violence
- Content should not normalize violence
- Content should not escalate tensions or fan flames
- Content should avoid promoting harmful stereotypes
- Content should not utilize broad, sweeping generalizations
- Content should not use dehumanizing language
- Content should not undermine human rights, due process, or the rule of law

FORMAT YOUR RESPONSES AS JSON:
{
  reason: [A one to two sentence summary],
  score: [On a scale of 0 to 10, how severe is the content advocating violence]
}

The score part of the response was my band-aid to get around the high number of both false positives and false negatives as I originally had it returning true or false only. Any score 7 or higher caused the item to be passed to the mod queue along with the reason, and I would review its actions later.

Ultimately it was slow and still somewhat unreliable, so I abandoned the idea after running it for a little less than a day since I can 't run bigger models to get better results fast enough to keep up. Using a cloud based service was out of the question for many, many reasons, both financial and ethical.

To answer your question, as long as the models were locally hosted and properly tuned/tested, I’m fine with it in theory, except for the ideology part; that’s pretty messed up. While I don’t want my submissions used to train anyone’s model and take measures to prevent my own instance from being used as a data source, I remain aware that once I post something, I have no control over its fate the moment it federates out.

[1] Yes, I know that’s like half the comments that get posted around here. My goal was to try to have it mod things so posts were bases for actual discussions instead of being a knee-jerk rage factory.

I used to do that but once the backend added that feature I removed that step from the automod script. Basically it was to prevent the communities here from being unmoddable on remote instances.

I’m not even a real instance anymore, how did I make the list 😆

But also, you should see the local numbers haha

lemmy=# select count(distinct other_person_id) from mod_ban where mod_person_id in (1, 2,288);
 count 
-------
  9792
(1 row)

I wonder what happens when I hit 10,000?

Why not both? https://mediabiasfactcheck.com/news-punch/

Founded in 2014, The People’s Voice, formerly known as NewsPunch, is a Los Angeles-based clickbait news website that promotes extreme right-wing conspiracy theories and pseudoscience misinformation. The website was founded and formerly edited by Sean Adl-Tabatabai, founder of YourNewsWire. In fact, The People’s Voice is actually YourNewsWire redirected under a new domain name with a clean, attractive website. All previous fake YourNewsWire stories have been ported over to this website/domain. Not much has changed.

Technically, yes. But colloquially, when we’re talking about “analytics” we mean embedded 3rd party trackers that feed to Google or another outside entity. Those are embedded much deeper in the application and track things much more invasively such as how long you hover over certain links, how you move your cursor around the screen, your viewport size, browser fingerprinting, and more.

The analytics I’m utilizing and referring to here are passive in that they’re collected anyway as part of the standard logging that happens when you access the webserver which is also part of our basic security posture. They’re not as granular or invasive but can still give you useful information about what parts of your site people use the most, how many clicks it takes a visitor to get from the homepage to where they want to be (by following the IP, URI, and seeing where that ends), how many visitors the site gets per day/week/month/etc, and such.

Logging is standard practice if you give even the slightest damn about security (read: you should), so I don’t see it as a problem. It’s what you use those logs for, how long they’re retained, and whether you sell them off.

So as long as you’re only using them for security auditing and website analytics and don’t keep them forever and don’t plan to sell them to data brokers, there’s really nothing to fret over. A good place to disclose how you use the logs, how long you retain them, and what is logged is in the site’s privacy policy.

I do the occasional website for local businesses, and I never add any analytics code/trackers. One: they rarely ever ask. And two: the one time someone did ask for it, they never once logged into it or asked for trends. Three: I’d prefer not to unless they demand it.

However, since I’m actually hosting the website for them, I can get decent heat maps from the access logs since they have the IP (which can be roughly geo-located), which URI’s are accessed (and those map to pages, and pages map to products/services), how often those are accessed, which page linked them to it or if they came directly to it (by checking the referrer header), which are most accessed (by count of the URI in the logs), and whether they’re accessing the site from desktop or mobile (via the user agent header). That can also be combined with any data from their “Contact us” form.

One reason they’ve probably never asked for it is because I provide a quarterly report for them using that passive data, and they seem happy with it.