Appointed! Sorry about the hassle. I also learned about these federated community bugs just now.

Welcome!

Thank you being around, bringing this nice community here, and helping with the federation!! 😁

I find it satisfying to see the graph come down :)

Yes, sorry, there was some serious lagg in fetching posts from Lemmy World that persisted for several days and accumulated a 1-week delay.

But after upgrading Mander it is now fetching data from LW quite rapidly and it should be back in-sync in about a day and a half from now.

If you are curious about the ranking algorithm, there is some info here: https://join-lemmy.org/docs/contributors/07-ranking-algo.html

If the timing is right, I would bring a mushroom grow bag with mushrooms sprouting.

If not… probably my radiacode gamma spectrometer and some of my radioactive items. Maybe a clock with radium painted dials and a piece of trinitite. I think that there are many different points of discussion that can be of interest to a broad audience (radioactivity, spectroscopy, electronics, US labor law story of the radium girls, nuclear explosions, background radiation… etc). As a bonus I can bring a UV flash light and show the radium fluorescence. Adults love UV flash lights.

I am also quite interested in this. It is not something that keeps me awake at night, and I am not particularly paranoid about it. But I find that working towards answering this question is a fun frame from which to learn about electronics, radio communications, and networking.

Since this appears to be something that is causing you some anxiety, I think it is better if I start by giving you some reassurance in that I have not yet managed to prove that any electronic device is spying on me via a hidden chip. I don’t think it is worth being paranoid about this.

I can explain some things that could be done to test whether a Linux computer spying. I am not suggesting that you try any of this. I am explaining this to you so that you can get some reassurance in the fact that, if devices were spying on us in this manner, it is likely that someone would have noticed by now.

The “spy” chip needs some way to communicate. One way a chip might communicate is via radio waves. So, the first step would be to remove the WiFi and Bluetooth dongles and any other pieces of hardware that may emit radio waves during normal operation. There is a tool called a “Spectrum Analyzer” that can be used to capture the presence of specific radio frequencies. These devices are now relatively affordable, like the tinySA, which can measure the presence of radio frequencies of up to 6 GHz.

One can make a Faraday cage, for example, by wrapping the PC with a copper-nickel coated polyester fabric to isolate the PC from the radio waves that are coming from the environment. The spectrum analyzer antennas can be placed right next to the PC and the device is left to measure continuously over several days. A script can monitor the output and keep a record of any RF signals.

Since phones are small, it is even easier to wrap them in the copper-nickel polyester fabric alongside with the spectrum analyzer antenna to check whether they emit any RF when they are off or in airplane mode with the WiFi and Bluetooth turned off.

What this experiment may allow you to conclude is that the spy chip is not communicating frequently with the external world via radio frequencies, at least not with frequencies <= 6 GHz.

Using frequencies higher 6 GHz for a low-power chip is not going be an effective method of transmitting a signal very far away. The chip could remain hidden and only emit the signal under certain rare conditions, or in response to a trigger. We can’t rule that out with this experiment, but it is unlikely.

A next step would be to test a wired connection. It could be that the spy chip can transmit the data over the internet. One can place a VPN Gateway in between their PC and the router, and use that gateway to route all the traffic to their own server using WireGuard. All network packets that leave through the PC’s ethernet connection can be captured and examined this way using Wireshark or tcpdump.

If one can show that the device is not secretly communicating via RF nor via the internet, I think it is unlikely that the device is spying on them.

I used to it eat a lot of it as a child. But now that I think more about nutrition it is a rare treat for me. I don’t buy it nor keep any at my home, because if I buy it I’ll eat it. If I go out and eat fries I’ll usually eat them with mayonnaise. I do like the taste, especially in egg sandwiches.

Thank you for that reference! Very interesting

Yeah, I found out only after choosing that domain name… This TLD also gets penalized by the automatic e-mail spam detectors (like SpamAssassin). I wouldn’t pick the “.xyz” TLD if I were picking today 😅

Ah, actually, I responded thinking that you meant the /c/mycology community.

I’m not the creator/mod of the uncle_ben’s community, and the sidebar says “A community for the uncle ben’s mushroom growing technique.”, so I am actually not sure. I think it would be fine… Sorry!

Sure, what’s wrong with bird seed tech?

All fungi are magical ;)

The mycology community is more general in scope. Psychedelic mushrooms are not excluded, but there can be so much specialized discussion in that sub-category that is worth it having a more specialized community.

There is also the first community !uncle_bens@lemmy.ml dedicated to growing, but it is not very active.

Nice to see he has had a graphics upgrade :p

I wouldn’t use this language myself because I am not ready to defend that it is reasonable to apply the Universal Declaration of Human Rights in this context.

I think that they might be referring to Article 1, and possibly 5.

If this is their interpretation, then calling someone a worthless piece of trash is also a violation. You are talking to another human being as if they have less dignity, and you are treating them in a cruel and degrading manner.

For example I can go up to someone and insult them for all sorts of things - “you’re an ugly stupid worthless piece of trash” and that’s ok but I say “you’re a dirty [racial slur]” all of a sudden it’s different?

If it makes you feel any better, telling someone “you’re an ugly stupid worthless piece of trash” would get you banned from my instance too, so it is not so different.

I’m not sure about Web Hosting. Many of us use a dedicated virtual private server (VPS)

I use https://serverspace.io, I think Lemmy.ml is hosted with https://www.hetzner.com/

These are servers that you access via SSH and can install the instance inside of it. I personally install using docker compose, but there are some other methods that are claimed to be easier. The cost starts at ~$5 / month. Currently I pay about $15 / month. You would then rent the domain name from a domain name registrar (I use namecheap.com) and ask them to point the domain name to your server’s IP address.

No, there is no API to get the votes (https://join-lemmy.org/api/). If my understanding is correct, now that I upvoted your comment my instance will push that information. I’m not sure whether it pushes it to dandroid.app first or to all instances, saying basically “Sal@mander.xyz upvoted https://dandroid.app/comment/441785”, and so every instance that has that comment can save my user ID in the “upvote” list of that comment, and that upvote is counted.

If only the vote direction was federated, then it would be very easy for me to spam the message “Upvote https://dandroid.app/comment/441785”. I would not even need to create an instance for that, I just need to speak ActivityPub. And it would be more difficult to detect that I am doing that, because the database would only hold the vote count.

I don’t think there is a way to ask an instance to reveal this list. You can only get it by directly querying the database if you have access to it. This is why if you fetch an older post or comment, it will arrive with a single or zero votes.

There is definitely a probability to deal with a non reliable instance admin, but not less than with any other social media, and in principle they collect even less data

Yeah. You can see the cookies that are stored by a site by right-clicking on the site, going to “inspect”, and the clicking “Storage”. By default, the only cookie that Lemmy has is an jwt cookie used to authenticate your user.

You are not asked for a phone number to be here. Providing an e-mail is often optional and even discouraged by some instances. When you want to send a private message through the site you get a message discouraging from doing that and encouraging to try to use an encrypted chat application instead, such as matrix.

The original Lemmy instance (lemmy.ml) is a community for FOSS and Privacy enthusiasts. What is asks from a user and what it does with the data is what it needs to be functional. Lemmy lets you take any proactive step that you would like to take to protect your privacy - use a VPN or Tor, use safe passwords, use a unique identity, and don’t provide any personal information. There are no built-in features to block you or discourage you from doing that. Lemmy never asks for your location, nor does it keep any logs of what content you visit, nor does it try to run any analytics on you. But even if that is not enough for you, the fediverse doesn’t lock you out, you can set up an instance or even create a new program to interact and communicate only precisely what you want to communicate via activity pub.

The votes themselves are the federated action.

If you fetch an old post, your instance will not see the previous voters. After that, whenever a user votes the instance will get the message “User X@instance upvoted/downvoted post Y” and the vote will be added to the database with the voter’s user ID and counted.

This has a practical function. If you don’t keep a list specifying who voted for what, it would be much easier to fake votes from one instance to another by simply communicating the message “Downvote post Y”. With the current method it is still possible to create a lot of fake accounts and mass-vote, but at least you can get a better insight when looking at the database if the votes are associated with accounts with no activity from a single instance.

There are some federated platforms that will show who likes / dislikes something. I know that friendica used to do this - I have not checked if it still does. So it is not only admins who can see this, this is is basically open information in the fediverse.