X11 already supports this lol

I think they’re talking about the image

The code is open source. Nothing is obscured.

“Security-by-obscurity” is a phrase used for any measure that is useless once you know how it works. In this case it’s hoping that a troll doesn’t know about the specific hardcoded rules. None of the rules in PieFed actually work if you are at all aware of them.

Thanks for clarifying, I guess I misremembered the shadowbanning part. I think I was mixing together the fact that reputation isn’t really transparent (users’ reputation can change by even attempting to upload an image that gets flagged, and the vague error means they’ll probably try multiple times without realizing they’re being moderated) and the fact the communities can autoban any user whose global reputation is low enough.

I still think the security-by-obscurity approach to moderation is inherently flawed though, and I hate to imagine how the dev approaches actual account security if that’s their approach to moderation.

Honestly I would consider hardcoded shadowbanning just as bad.

Just because I’m closer to agreeing with the PieFed dev’s opinions a little bit more doesn’t mean that I’d support shadow banning someone because the trivially-evaded checks caught a false positive in the crossfire. Piefed’s auto moderation/social scoring is pretty much textbook definition security-by-obscurity. The second anyone knows how it works, it’s useless. It will pretty much exclusively catch people who just wanted to post a harmless meme or something.

At least (for now) Dessalines isn’t hardcoding his tankie beliefs into Lemmy’s source code.

There were a few, not exaustive since it’s been a few months since I looked through the source code, some of this might have changed and there’s also a few other checks that I’m forgetting:

• 4chan screenshots (specifically anything that OCR identified as having “Anonymous #(number)” in it) were banned. Honestly this one is fine as a toggle but I think for a while it was just on by default in the code
• any community that had specific words in it were blocked at instance level. I think “meme” was there, a few swear words, and a few carryover reddit meme community names (196, I think nottheonion was also there, anything with “shitpost” in the name, etc.)
• There’s a hidden karma/social credit score based on a user’s interactions and net total karma hidden from them that gets impacted by any moderation actions, including some of the automated hardcoded ones (e.g. even trying to upload an image that gets flagged by the hardcoded checks)
• users with a low enough net score get shadow-banned without being informed

Tbf Piefed also does have opinionated moderation literally hardcoded into the source code.

It’s pretty easy to modify since it’s python and not rust, but still not great

Gender-wise, women tended to make small interjections, nod their heads, etc, as the conversation went among, to indicate that they were listening

Wait this isn’t something everyone does?

I’m comparing hardware to hardware, not artificial Apple software restrictions.

That’s great but hardware doesn’t exist in a vacuum. With an ecosystem as locked-down as an iPad’s you can’t just ignore the software. It’s not like you’ll ever be able to uninstall it because it’s intentionally locked down, unlike a macbook which allows installing apps and even modifying the bootloader to boot into a different OS.

Edit: Forgot to mention the fact even for people that might not care about that, iOS will automatically kill any app that uses more than a certain amount of RAM (I think it was 4GB? I don’t remember the exact number) so in a lot of scenarios you can’t even take advantage of the hardware in an iPad because of the locked down software

Ok but if you want to do actual work on it then these things absolutely do not cancel each other out because you have to spend $270 on a keyboard/trackpad regardless, and now have to use a clunky touchscreen on your 13 inch tablet half the time.

Yes, the M4 is much faster and it is probably only stupid product segmentation keeping it on the iPad. But the reality is, iOS/iPadOS puts OS-level limits on how much you can even take advantage of that hardware even if there is an iOS app for the thing you want to do

TLDR: If you really want a MacBook just get a refurbished M1/M2 MacBook and call it a day, bonus points for putting Asahi on it

That’s fair, I assume most people probably aren’t following ladybird that closely so it’s easy to miss. It just bothers me because shrugging off small individual problems and ignoring a bigger trend is arguably what let people like DHH get a platform in the first place.

How many times do I have to give him the benefit of the doubt though?

First it was the “using they in documentation is political ideology” Github issue, then he publicly defended DHH when people called him out for being a white supremacist, he implied tech companies are discriminating against white people with diversity policies, and he tweeted that he hopes young people will carry on Charlie Kirk’s legacy.

If one or two of these things happened in isolation, I could maybe understand giving him the benefit of the doubt as a non-American (for that last one) non-native English speaker. But all of these things taken together? I personally don’t think I can look past that.

All things considered the way they’re approaching the migration is fine enough - they’re only moving specific portions at a time, they’re not stopping C++ development, and they’re making sure it doesn’t introduce regressions. Adopting a memory-safe language for something like a browser makes sense because it completely eliminates that class of vulnerabilities.

The problem is the way they’re approaching the code itself. From their wording, it sounds like they’re relying on AI heavily for both writing and reviewing the code. Rust has a steeper learning curve than most languages and is very different from C++. They even mention in the blog that their current Rust code looks like C++ code ported over. If they don’t take the time to actually learn Rust before adopting it, it’ll just lead to security logic issues that their AI couldn’t catch because C++ and Rust don’t always behave the same way. And that’s completely ignoring all of the other ethical/technical issues with AI

Presumably companies would be able to argue they aren’t pushing out pollutants with the intention to change the climate

Presumably just for transparency in case humans down the line went looking through closed PRs and missed the fact that it’s AI.