• Perfide@reddthat.com
    link
    fedilink
    arrow-up
    49
    arrow-down
    2
    ·
    7 months ago

    Maybe, just maybe, we shouldn’t be picking domains based on stuff like “hehe it says queer as fuck lul”? What did they expect to happen picking Afghanistan of all places for the domain of an LGBT instance?

  • Ziggurat@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    27
    ·
    7 months ago

    I am even surprised that the Taliban let someone buy the queer.af domain.

    But it’s also a cool feature of the federation, an instance is closed by an authoritarian government, tons of others are still there, and migration is easy, so you don’t loose you whole network. Still an annoyance for the user, but not as much an annoyance as when a centralized social media closes.

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      arrow-up
      10
      ·
      7 months ago

      On the other hand, there’s very little to prevent the Taliban from re-registering queer.af and reusing old account names to spam their shitty opinions on this stuff.

      Luckily they’re probably not smart enough to figure out they can, but this is one of the many reasons to be careful about the TLD you pick.

      • Noel_Skum@sh.itjust.works
        link
        fedilink
        arrow-up
        8
        ·
        7 months ago

        Just as an aside: unfortunately some of the Taliban are actually very smart - in an academic sense. Some of them have gone to the best schools and universities our world has to offer… and then decided the dark ages are where we should be. Go figure. But, to clarify, they aren’t all backwards goat herders from the middle of nowhere.

      • Floon@lemmy.ml
        link
        fedilink
        arrow-up
        5
        ·
        7 months ago

        Just because they can take control of the domain doesn’t mean they somehow have access to the data any servers that used the domain have. Those servers were, i feel confident, not in Afghanistan. Domains are just redirects, so the Taliban have nothing on any of the users.

        • Skull giver@popplesburger.hilciferous.nl
          link
          fedilink
          arrow-up
          5
          ·
          7 months ago

          They can’t access old account data, but they can impersonate the accounts.

          The ActivityPub spec does not tell you how to deal with “domain changes owner” situations. I believe Mastodon caches an actor’s key in perpetuity (and thus only allow the very first owner of a domain to set up an ActivityPub service), but there’s no guarantee other servers do the same.

          If the new owners set up a server, complete with valid TLS certificate, they can host their own Mastodon with a list of account names that they can scrape from cached toots elsewhere, and start using those for propaganda. Some services will refuse the new messages because of theily cached the old keys, but undoubtably others will accept them. Things become extra fun when those servers start boosting/replying to the toots with embedded content.

          The users aren’t in danger, but there’s a risk other servers will be spammed in the their old names.

          What doesn’t help is that Mastodon’s migration feature only implements a redirect, so if they take over the domain before the server has updated all the other servers (i.e. due to high load or downtime on another server), the account ends up unredirectable.

          This doesn’t need to be malicious, either; admin@example.com can simply let their domain expire, and if the new owner decides to also create an admin@example.com then all kinds of ActivityPub hell will break loose.

          We need better standards for this, so domain takeovers can’t result in account impersonation, but domains can also be transferred to someone else without locking them out of ActivityPub forever.

        • A1kmm@lemmy.amxl.com
          link
          fedilink
          English
          arrow-up
          4
          ·
          7 months ago

          If you have control of the domain, you can also get an X.509 certificate from any CA (e.g. for free from LetsEncrypt). Then you can put up a new server on that domain with a valid cert. If that server supports ActivityPub, it can provide new public keys for private keys you control for all users on the server, and can use the corresponding private keys to sign messages from any user on that server to any community those users are still subscribed to. In addition, any users on other servers still posting to / interacting with communities on that server would cause their server to send that to the inbox on the new server.

          This means any usernames or communities on queer.af should no longer be trusted.

  • TheAnonymouseJoker@lemmy.ml
    link
    fedilink
    arrow-up
    28
    arrow-down
    6
    ·
    7 months ago

    This is not something to blame Taliban for. Mali government was also keen on taking down .ml instances of Lemmy. This is simply a legal and reasonable reservation of country TLD domains.

  • jackpot@lemmy.ml
    link
    fedilink
    arrow-up
    9
    arrow-down
    2
    ·
    7 months ago

    they could become queer ‘for real’ unless macron gets a tumor

    • Eggyhead@kbin.social
      link
      fedilink
      arrow-up
      25
      arrow-down
      18
      ·
      edit-2
      7 months ago

      I know we’re talking about a time before a lot of young adults were born, but comparing the closure of a federated instance to what happened to a lot of people and families on 9/11 is actually pretty fucked up.

      Edit: Alright. Apparently some atrocities are okay because other atrocities happen, too. Love you guys.

      • muse@kbin.social
        link
        fedilink
        arrow-up
        26
        arrow-down
        3
        ·
        7 months ago

        What’s the difference between 9/11 and a cow?

        You stop milking the cow after a decade.

      • Overzeetop@sopuli.xyz
        link
        fedilink
        arrow-up
        11
        arrow-down
        4
        ·
        7 months ago

        Americans have no sense of perspective. I have friends who were affected by the tower collapse in NY. We sent more service members to die looking for Bin Laden than were killed that day. And more than 10 times a many people die from gun violence in the US every God damned year than died in all four plane strikes. And every one of those other tragedies destroys families and communities.

        It’s so overblown it’s practically a meme to everyone but the boomers and Christian “patriots” who need a way to make people angry about foreigners so they can ignore our home grown violent tendencies.

        • thoughtorgan@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          I mean, we were literally attacked by a group of organized terrorists. Trying to minimize or downplay that to be anything less scary than it is, is stupid.

          I think you’re lacking a little bit of perspective.

      • Gabu@lemmy.ml
        link
        fedilink
        arrow-up
        2
        arrow-down
        4
        ·
        7 months ago

        There’s also the fact the event reference happened in 'murica. People don’t really take 'murica seriously.

      • SattaRIP@kbin.social
        link
        fedilink
        arrow-up
        11
        arrow-down
        14
        ·
        7 months ago

        9/11 has been so overblown. Literally, with the bombing of middle eastern people when the US government used it as an excuse to attack an uninvolved country… such that most people think of it as a joke now.

        Also with what the other person said regarding COVID. I personally cannot take that event seriously anymore. In fact, I see anyone who complains about it having to be taken seriously as overprivelaged… Yes, really.