Could admins sign announcements with a PGP key to mitigate false admin posts and the consequences this might have? Or is this no longer necessary?
this post was submitted on 10 Jul 2023
2929 points (99.3% liked)
Lemmy.World Announcements
29077 readers
105 users here now
This Community is intended for posts about the Lemmy.world server by the admins.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world/
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Support e-mail
Any support requests are best sent to info@lemmy.world e-mail.
Report contact
- DM https://lemmy.world/u/lwreport
- Email report@lemmy.world (PGP Supported)
Donations ๐
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
Join the team
founded 2 years ago
MODERATORS
How do we know you're the real you? This all could be part of the plan!
load more comments
(1 replies)
Ugh, people should not go after systems trying to give a free service to the internet. It just ruins everything.
Thanks for the transparency.
Great lemmies! Thanks for uniting us.
Soo it looks like the entry for this instance was also changed on https://lemmyverse.net/ . At least I hope it is the hack
load more comments
(6 replies)
Thanks for the great work. The response time was awesome, considering you were asleep as well.
Can I ask some possibly dumb questions?
- What is JWT?
- Was any private user data compromised, and if so will users be informed?
- Is there anything regular users can do to avoid their data being compromised? For example, not accessing lemmy on certain web browsers?
Thank you!
load more comments
(5 replies)
Once again, thank you guys for all that you do. As many other people are saying, appreciate the transparency about these things.
load more comments
(1 replies)
I had to create a new account. I tried enabling 2FA on my main account a week ago, but was never able to generate a token. Now when I try logging in it is asking for my 2FA token. Is there any way to get my account back. I'm a moderator of a community.
load more comments
(4 replies)
Yah, I noticed my Lemmies auto-corrupted to Lemurs.
I don't care. I'm keeping it.
Lemurs are cute.
load more comments
(1 replies)
I can only log in on incognito mode, which makes me think my cookie has been stolen or whatever. So my question is, what should I be doing about that?
load more comments
(11 replies)
Pardon the ignorance, but how do I know if I was compromised? what do?
load more comments
(11 replies)
This is so sad lmao rip. With any site growing as fast as these instances (because of the Reddit folk) Ig these attacks are to be expected. Hope everyone's accounts and personal info are okay
This is why I've decided against running my own Lemmy instance. Too much work to have to keep up constantly with updating, too big of an attractive target for attackers.
load more comments
(3 replies)
Must have been jealous spez
One thing I don't get. Custom emojis can only be created by an admin, but you're saying an admin's account here got compromised because of that and not the other way around. Does that mean that an evil instance set a custom emoji with the injected JavaScript and propagated it to the federated instances?
load more comments
(1 replies)
Rock on, Rudd.
Well that's just great it really is a shame though how some people would actively want to ruin something free like this just because they can.
load more comments
(1 replies)