this post was submitted on 13 Nov 2023
261 points (82.9% liked)

Anarchism

1413 readers
199 users here now

Discuss anarchist praxis and philosophy. Don't take yourselves too seriously.

Other anarchist comms

founded 1 year ago
MODERATORS
db0@lemmy.dbzer0.com
261
Be on the lookout for CIA propaganda! Tankies LOVE dissenters! (i.imgur.com)
submitted 1 year ago* (last edited 1 year ago) by db0@lemmy.dbzer0.com to c/anarchism@lemmy.dbzer0.com
597 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.world/post/8181688

undefined

you are viewing a single comment's thread
view the rest of the comments
[–] db0@lemmy.dbzer0.com 3 points 1 year ago (1 children)

Hmmm, yes, we clearly can see here who has their back to the cops.

[–] Catradora_Stalinism@hexbear.net 16 points 1 year ago (1 children)

we can't, the image is removed you fucking idiot

[–] db0@lemmy.dbzer0.com 3 points 1 year ago (2 children)

The image is fine. You just have a shit connection.

[–] TheCaconym@hexbear.net 8 points 1 year ago (1 children)

Or you have shit hosting

It's already back up, FYI. But stop leaking internal details of your reverse proxy in error messages.

[–] db0@lemmy.dbzer0.com 5 points 1 year ago (1 children)

We already clarified hexbear is blocking it. Keep up. And this is an internal url. Good luck connecting to it. But ye, thanks for attacking my hosting capabilities. Very cool y'all are.

[–] TheCaconym@hexbear.net 9 points 1 year ago* (last edited 1 year ago) (1 children)

We already clarified hexbear is blocking it

And I accessed it directly and was kindly trying to tell you you have a hosting issue.

And this is an internal url

It's exactly my point you nincompoop: you publicly advertise that you have a "pictrs" local hostname and that your pictrs instance runs on it on port 8080. Do you think this is useless to an attacker ? do you even care about opsec ?

[–] db0@lemmy.dbzer0.com 3 points 1 year ago (1 children)

Look mate, I am hosting what the lemmy devs provided. I don't think this is particularly useful to an attacker since this is an internal url not accessible outside of the internal network and all this is plainly open in the ansible code that deploys everything. Every lemmy is setup the same way. But do feel free to raise the security concern about it since practicallyt every lemmy server has a "pictrs" DNS.

[–] TheCaconym@hexbear.net 8 points 1 year ago (1 children)

I realize you're probably pretty angry right now since you were getting piled on a bit and I should've taken that into account, sorry for calling you a nincompoop.

But to be clear: every single information about your server matters. Security flaws that might not look exploitable can suddenly thrive due to internal information leaked by badly obfuscated hosting. It is a small issue, admittedly.

And no, not every lemmy is set up the same way. If you're serious about hosting an online forum that can potentially host activist-adjacent content (might not be the case ? but you do host a lot of piracy content at least), you need to think about opsec more. Starting with not just running ansible as-is to "deploy everything".

[–] db0@lemmy.dbzer0.com 4 points 1 year ago (1 children)

There's not enough time in the world to do all the opsec right and I'm not skilled enough anyway. I rely on the tools provided and hope they're sufficient. I'm sorry this is not the best answer, but I'm only one guy and I have a life as well. One can only do so much.

[–] TheCaconym@hexbear.net 7 points 1 year ago (1 children)

That's fair enough, but if you're really alone I suggest trying to find volunteers among your own instance. I say that kindly, you have 11k users already, you'll either burn out or screw up eventually.

[–] db0@lemmy.dbzer0.com 3 points 1 year ago

been there, done that. If only it was that easy.