this post was submitted on 06 Jul 2023
7 points (100.0% liked)

No Stupid Questions

35729 readers
989 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.



Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.



Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- Majority of bots aren't allowed to participate here.



Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 1 year ago
MODERATORS
 

Is it possible to automatically subscribe to all (federated) communities with the same name?

Example in the screenshot: I want to follow !astronomy, and I don’t really care whether the content is coming from from Lemmy.World, kbin.social and mander.xyz - I just want to see it all.

Obviously I could manually subscribe to them all, but is it possible to do so automatically? Ideally if a new similar community pops up on another instance, I wouldn’t miss it.

I read here that community grouping is a thing, so that instances with identical communities can work together. Is that a feature that could work towards this end?

top 14 comments
sorted by: hot top controversial new old
[–] Cr4yfish@lemmy.world 3 points 1 year ago* (last edited 1 year ago) (1 children)

I'm making an App for Lemmy and I'm planning on adding that feature. I also want to make it so you only have to register once and the App can register you to all the instances you choose automatically.

Edit: The Webapp is Nemmy, also the Community !nemmy@lemmy.world

Edit2: Please note that Nemmy is early Alpha, so not really useable as a daily driver yet.

Edit3: Changed Community link to proper format

[–] Odusei@lemmy.world 0 points 1 year ago (1 children)

Registering to all instances with the same username/password is just asking for trouble. They’re not all equal and some of them will get hacked somehow.

[–] Cr4yfish@lemmy.world 0 points 1 year ago* (last edited 1 year ago) (1 children)

Very good point! I think @TheButtonJustSpins@infosec.pub has a good idea on how to circumvent that.

I could make my own database with hashed passwords using postgreqsl and RLS, which is pretty secure. The User then decrypts the hashed passwords once on login and is simultaneously logged into multiple instances of Lemmy to get the JWT of each instance, which is then stored in SessionStorage or even in a Cookie if the User wants to which would make this a one-time process.

On signup the User could just register to one instance and then I just generate random 32 Character passwords and hash them with the Users' password, then get the JWTs and if cookies are enabled the that would only have to be done every year or so (or when the User deletes the Cookies).

This whole process is seems pretty easy, especially if you've done something like this before and I'm betting some other App Dev is already taking notes lmao.

Edit: Let's also do a thought experiment on what data will be leaked if I did this 1:1 and the database gets somehow hacked:

For each User:

  1. Username (=> Gives away that you use Nemmy)
  2. Hashed Passwords (=> Hashed passwords cannot be read if you don't have the original Users' password until we have access to quantum computers which can literally crack the encryption algorithm)
[–] siriuslyred@lemmy.world 0 points 1 year ago (1 children)

How are you hashing a password with a random 32 character string? I feel like you are mixing terms here or so you combine the password and the random element first or do you mean you decrypt the hash with a symmetric algo and get the 32 char string?

[–] Cr4yfish@lemmy.world 0 points 1 year ago (1 children)

Ah, sorry if I'm being unclear.

I was thinking of combining the user's original password with a random 32 Character string and hash that combination. So basically salting the User's password with random strings. That should work out to multiple passwords I can use.

Thinking of it bcrypt does exactly this, so just running bcrypt a couple of times should be sufficient, no?

Security wise if there was a breach, an attacker would still only have a couple of hashes, none of which are the original password and they can't dictionary attack due to bcrypt.

Also, if an instance was hacked, the worst case would be that the attacker gains access to the hash (if the instance stored passwords in plain text and didn't also hash them themselves).

I'm really tired right now so maybe none if this makes any sense, but I think it does lol.

[–] topscientist@lemmynsfw.com 2 points 1 year ago

Congrats, you’re already doing better at password security than Target, Yahoo, and the US Government

[–] Kichae@kbin.social 0 points 1 year ago (2 children)

Being able to one-click subscribe to all communities with the same name known by one's instance is a frequently asked for feature, so I can see it coming down the pipeline, but no, it's not a thing yet.

Even short of that, though, it would be really nice if the community search page had subscribe/unsubscribe buttons right there in the search results. It would at least make it easier.

[–] DrQuint@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Subscribing to all would be a really good step already.

But we all know what we all really want, ultimately, is to also then see all those subscriptions as a single feed, instead of having to visit all of them in order.

What was one subreddit is now multiple. Something as small as 5 subs can be something as big as 20 communities here, and if one topic becomes big, then all subs of that topic will dominate your dashboard. Grouping up communities would be a way to tell the dashboard to not overload us on one pf the things and also to give us a way to browse just the one topic you want at the moment.

[–] mookulator@lemmy.world 0 points 1 year ago (2 children)

The other way to go is to automatically cross-post across federated servers if they have the same community. Why doesn’t it work like that?

[–] wjrii@kbin.social 0 points 1 year ago (1 children)

I think the specific way that Lemmy/Kbin are growing is not exactly how the creators, particularly the Lemmy devs, envisioned it. I think they believed people of a specific interest or ideological leaning would band together on an instance, make a few communities that were relevant to them, and federation would allow their work to be shared and for them to venture out to participate in whatever they thought was neat. The best examples I can think of off the top of my head are probably Lemmygrad and the Star Trek instance that hosts three communities related to Star Trek (memes, general discussion, and deep-dive nerdery). I think the notion (I doubt it was a fully formed plan) was that instances would have relatively little overlap in the types of communities, and even less in the content.

How growth is actually happening is seems to be turning out fairly differently. Reddit is basically having these little spasms (or maybe just coughs at this point) where a few thousand people leave at once, and many of them are heading to L/K instances. Sometimes we don't quite fully understand federation when we arrive. Sometimes federation is down for a bit. People are basically flocking to established but previously tiny general instances with no particularly strong agenda, and seem to be creating communities with no particular concern about fragmentation.

This may not have been how federation was envisioned, but it creates its own kind of flexibility, where instead of X% of communities being at risk when an instance goes dark or goes crazy, it's Y% of content. I think giving users the option to adapt to this state of affairs by implementing something like persistent multireddits we could subscribe to or just a setting to "autocollate" identically named communities would be really helpful, eventually. In the meantime, trying to understand how we got here makes it easier to accept where we are, and hopefully lets me stay on the right side of the line between being a valued user and a pain in the ass, LOL.

[–] BullsOnParade@lemmy.world 0 points 1 year ago (1 children)

I'm not sure if it's for the same reasons, but Andro.id is another example of an instance around a common intent/subject, with communities based on topics within that subject area.

Interesting concept but agree that if that was the intended means of propagating the fediverse, it doesn't seem like it's happening as planned (but still in a very viable way).

[–] blakerboy777@lemmy.one 0 points 1 year ago (1 children)

I kind of wonder if we'll see more interest focused instances continue to be a relatively regular occurances. I could see communities around specific games deciding to make a new home for themselves if for no other reason than everyone gets a new @myfavorite.game handle and you can customize a little more to their tastes. I think it might still lean more heavily towards generalized instances but maybe the main reason to run a new instance will be to be interest focused.

[–] marmo7ade@lemmy.world -1 points 1 year ago

We will see more focused instances when moderation starts to overreach. Not if, when.