just this week I’ve had multiple random matrix accounts start a chat with me to post an Imgur link with some Hitler bs. I assume they just chose random members of one or more fediverse related public matrix rooms to send that to. they probably just do this with random public rooms and the fediverse relation didn’t matter.

that’s odd, my (indirect, reported by others) experience with GlobalProtect on Linux was mostly fine, although when using SAML it only really works with the GUI version and not the CLI version

yes, there are various other browsers still supporting proper ad blocking

I like having TLS in my browser

SwiftKey? seeing the same here

if you’re not community banned you might still be instance banned on the community instance, which wouldn’t show up in your local instances modlog if the ban happened on a <0.19.4 instance. if the methods pointed out by other comments here fail I suggest you visit the instance of the community and check the site modlog there, searching for your user.

i suspect you’re referring to your post to a lemmy.ml community and you have indeed been instance banned there for a limited amount of time.

sure they do, you’re one of them

Are those downvotes maybe coming from non-Lemmy instances?

As an admin you should be able to see the downvotes of the post that made it to your instance.

I’m wondering if some software might be broadcasting votes to all linked instances, while I believe Lemmy only sends them to the community instance and it’s the community instance’s responsibility to relay them.

how about “silly”? “stupid”?

unlike on reddit, you can edit your post title here on lemmy.

🥇

here’s also some more context and explanation about what’s going on:

https://fedi.fyralabs.com/notes/9psdqurvye
https://fedi.fyralabs.com/notes/9psnooe6p1
https://fedi.fyralabs.com/notes/9pth6oh3xr

The 90 days disclosure you’re referencing, which I believe is primarily popularized by Google’s Project Zero process, is the time from when someone discovers and reports a vulnerability to the time it will be published by the reporter if there is no disclosure by the vendor by then.

The disclosure by the vendor to their users (people running Lemmy instances in this case) is a completely separate topic, and, depending on the context, tends to happen quite differently from vendor to vendor.

As an example, GitLab publishes security advisories the day the fixed version is released, e.g. https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/.
Some vendors will choose to release a new version, wait a few weeks or so, then publish a security advisory about issues addressed in the previous release. One company I’ve frequently seen this with is Atlassian. This is also what happened with Lemmy in this case.

As Lemmy is an open source project, anyone could go and review all commits for potential security impact and to determine whether something may be exploitable. This would similarly apply to any other open source project, regardless of whether the commit is pushed some time between releases or just before a release. If someone is determined enough and spends time on this they’ll be able to find vulnerabilities in various projects before an advisory is published.

The “responsible” alternative for this would have been to publish an advisory at the time it was previously privately disclosed to admins of larger instances, which was right around the christmas holidays, when many people would already be preoccupied with other things in their life.

it sure is possible, but not with the amount of work anyone would be willing to put into it.

i don’t want to go to all that effort

you sound like you’re not even washing coconuts

those aren’t actually gifs.
they’re frequently webms.

various people don’t care or don’t know the difference between media formats though, so they’ll just call anything remotely gif-like a gif.

unfortunately, reports still do not federate to mods on other instances.
the related GitHub issue is https://github.com/LemmyNet/lemmy/issues/3781

you can just turn it off, see https://help.kagi.com/kagi/settings/general.html

true, my comment was primarily from the perspective of the recipient of tracking links

for our admin team, we’re using a bot to message a matrix room when content is reported and reacting to the message when it’s been handled.

this could be done pretty much the same way on mod level, though this is certainly not easily accessible to everyone due to the hosting involved.

and all of this is only relevant if you even receive reports about content in the first place. if you moderate a community on another instance, tough luck unfortunately, as they currently do not federate.

edit: typos