Discord is horrible
Lemmy.world Support
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news π
Outages π₯
https://status.lemmy.world/
Even Discord issues aside, it just seems strange to have a proprietary software used for a platform as open source as Lemmy.
It would be as strange as having a Twitter account for the instance.
Especially since there is already a lemmy.world announcement community..
IMO that's being too fanatic. I love FOSS, but you don't have to use FOSS for absolutely everything. Making a FOSS product does not mean you need to use FOSS for everything. And sometimes the closed source options are simply the best. Eg, GitHub and Discord are widely considered the best options in their field.
Also, at least before Twitter became such a shitty alt-right shit hole, many FOSS products did have twitter accounts! That's just part of promoting your product and providing an alternative place to contact and discuss. Eg, when Reddit went down, I'd usually check their twitter to get updates on it.
Fucking hell, this again.
Listen, you people need to realize a lot of people are here on Lemmy because Reddit screwed them over, not because Lemmy is open source or less of a privacy issue or whatever your reasons for using it are.
So you hate Discord. That's fine, you're allowed to! But pitching a fit because everyone else doesn't hate it isn't gonna convince anyone to stop using it.
I don't hate Discord, but I do hate that they seem to require my phone number. I tried joining Discord over a year ago. Upon first log in they claimed that there was suspicious activity that required me to verify the account by giving them my phone number. This was from a computer, I never even visited the site on my phone let alone use the mobile app. I gave up and forgot about until a few months ago and decided to try again. They still wanted my phone number, email wasn't good enough. I contacted their support email and was told that there was no other option but to provide a phone number and that they couldn't override it. So I told them to delete my account and that I would never use their service. It took two weeks for them to do it.
There are very few situations in which an app needs my phone number in my eyes. And a chat application is not one of them. Just like I refused to use the official Reddit app because it wanted access to my contacts and location. I am not a super privacy nut, but the whole hog approach of gathering my info is not acceptable. I would rather pay for the service. I would have paid for Reddit if they had gone that route rather than dropping 3rd Party apps. Instead I'm on Lemmy.
So fucking hell yes, this again.
There are alternatives to Discord.
Yeah I'm here because I like the alternative to Reddit's bullshit.
I couldn't care less about Foss. I mean it's cool, but it's not why I'm here.
Reddits bullshit is the end case for ANY product or service that is not FOSS.
https://pluralistic.net/2023/01/21/potemkin-ai/#hey-guys
You should care, or else you will go through reddit all over again and again.
I think at the very least we could have an open source alternative along with the discord. No reason to completely shutdown the discord.
Mozilla uses matrix ... so that might be a good hint
Can't we just have an IRC room on somewhere like Libera, please?
Or if we really need images and stuff, a Matrix room would be sufficient. Or an XMPP room..
I wonder whether matrix and/or matrix bridge has been mentioned before. Maybe discord + matrix bridge is a good enough compromise for reachability.
To get the privacy benefits wouldn't you need to forego bridges?
I have never hosted a bridge before so I may get things wrong. Please correct me where I do.
I assume this channel may be public, so any privacy concern needs to take that into account.
In terms of implementation, I was thinking that there would be 1 channel hosted on discord and 1 room on matrix being bridged together.
The benefit is that users of matrix and users of discord can participate in the same conversation without having to create an account on the other service. That way, matrix users donβt have to create a discord account or download discord app, which would be a good outcome in terms of privacy.
Edit: I have a faint memory that this is possible if the owners of the channel set it up on both ends. But I canβt find what the bridge is called, maybe itβs a different service from discord? Or I may have misunderstood things,
Discord is a horrible company, it should be avoided at all costs, why is it being advertised over Matrix?
In my opinion users should be made aware of those channels instead.
What people don't get is that self-hosting a Discord-like is not a solution. The idea is to have a fallback in case the server goes down, and Discord serves that role well.
Uh He never said it has to be self-hosted though, so this already sounds like a strawman argument. Only one who has mentioned self hosting in this thread is you.
People want something that is secure and respects privacy, they could simply use the Matrix channel, or create their own Matrix space specific to lemmy.world , both of these would be better options for the users than to try and get them to use Discord which is a proprietary corporate service that is not only prone to security problems but also has some serious privacy concerns due to being corporate owned.
Sure, Lemmy does not offer end-to-end encryption by default, which means that your messages could be intercepted by someone who is able to access your ISP's network or the Lemmy server. A red flag for me is the fact that Lemmy stores some user data on their servers, such as your IP address and email address. This data could be used as breadcrumbs.
Lemmy may not sell user data to third parties, but what about the servers? There have been some security vulnerabilities found in Lemmy's code. These exploits could result in servers being hijacked or user accounts compromised.
So, what does all this mean? It means that it is your personal responsibility to take steps to protect your privacy and security when using Lemmy. This includes using the encryption feature, being aware of the risks associated with using Lemmy, and carefully evaluating the privacy policies of any platform before you use it.
I know it's a lot to keep track of, but it's important. Your privacy is your business, and it's up to you to protect it. So take these things seriously, and don't let anyone take your privacy away from you.
About the concerns with Discord:
Creating a post saying, 'everyone else does it' and locking it is funky in my book. I, like you, I am all about transparency and understanding. I fully understand your anxiety, and it is a bit warranted. I am not trying to sound like an alarmist.
On the subject of Discord, it is amazing and disturbing how much data is curated and harvested. Their business model is quite mysterious. No one really knows what their real motives are. Discord shrouds itself and does not provide clear and concise privacy audits or statements on the subject.
You are concerned about your privacy, and rightfully so. Lemmy is designed for privacy from the ground up when used properly and only with encryption functions enabled. Discord, on the other hand, unfortunately has a stranglehold on the instant messaging backbone.
CVE-2021-29465: This vulnerability allowed attackers to overwrite any file on the system with the command results. This could have been used to steal user data, install malware, or take control of Discord servers.
CVE-2021-29466: This vulnerability allowed attackers to read local files from the server. This could have been used to steal user data, such as passwords or chat logs.
CVE-2021-34491: This vulnerability allowed attackers to bypass Discord's rate limit, which could have been used to send spam or DDoS attacks.
CVE-2022-22936: This vulnerability allowed attackers to take control of Discord servers by exploiting a flaw in the Discord Token Generator.
These are just a few examples, but I would be lying if I said they were not patched. That being said there is no telling how many zero-day security risks are out there at this time, so it is important to stay vigilant and ask the hard questions to ensure that your privacy is protected.
Lastly, you could totally start a community here on .world for Discord alternatives. It's a easy breezy lemon squeezy way to find people who are also into privacy and security.
I have hated discord so much and for so long. It collects all my data, controls and censors servers, and its run by shitty people who keep their shareholders close by.
I use Matrix and it has the potential to be a lot of fun (use a frontend that isn't Element and it gets way better) but it has limited instances. Yeah, I'd be extremely grateful if Lemmy communities had Matrix Rooms as opposed to Discord Servers.
Yeah, just use matirx!
As a tech-ignorant person who uses Discord with multiple gaming groups, what is so bad about it?
How they monetize is unknown, but they are big and well funded.
I keep my workstation behind a whitelist firewall. It is a pain, but this means I have a device that filters all network traffic and only lets websites I have added to the list to transmit and receive messages. So like, if I download something sketchy or accidentally write some buggy code, it won't have internet access to unapproved locations.
All legitimate commercial websites have their human readable web address. So on my whitelist, I can add Lemmy.world:443 and it will allow connections to Lemmy over port 443 aka https.
Discord doesn't do anything conventional like this. If you try to connect to discord with a whitelist firewall, and look at the blocked connection logs, all you will see are random raw IP addresses. This alone is super weird. Then you will find these addresses are trying to connect to odd ports with no documentation about what they are used for or the protocol. Discord does not provide any details whatsoever that I could find.
Okay so a few super weird connections on super sketchy ports, with no idea what they are doing, and no documentation. Hmmm. But it gets worse. I can jot down some notes for a couple of random raw IP addresses. At this point I really don't like it, but might just grumble past it like just before reddit died. But no, trying to connect to discord after punching these holes, lead to two more random raw IP addresses and different ports, and after that it happened again. Now I'm at 6 random undocumented holes in a firewall, and it still doesn't work and is trying for more. Fuck that bullshit. Reading their terms agreement is basically legalese for you have no rights to anything. It is totally insane that people just run this shit and don't take 5 minutes to ask where is the money exchanging hands to fund this. Who knows, maybe it is legitimate. I fully expect to hear about it in the news one day, and I expect this one to be a giant nuclear bombshell when it happens. I keep popcorn reserves on standby.
I just migrated to a different instance and now see this lol. I agree though that it is odd
Yeah, I was wondering what that was doing up still.