Wordpress 1,000% (probably coupled with WooCommerce but there are probably some other options)
I honestly don’t even know off the top of my head why you would use anything else (aside from some vague elitism connected to the large ecosystem of commercial crap which has tainted by association the open source core of it) – it combines FOSS + easy + powerful + popular. You will have to tiptoe around some amount of crapware in order to keep it pure OSS though.
What the HECK man?
There’s an underlying problem IMO with all Fediverse software and instances, in that because it’s made available for free, people get entitled, moderators and admins are obligated to sort of do volunteer work on behalf of people who haven’t earned it in order for any of the thing to work, which naturally leads to a inexhaustible wellspring of negative energy because the whole thing isn’t right.
I saw the posts of Ruud asking for people to basically interview for a part time admin position and do a job which for skills and time investment is worth from $50k/yr-$200k/yr (calibrating for the fact that it’s “only” 5-10 hours per week), and all I could think was whoa no no no this isn’t the way. Not saying there’s anything wrong with people volunteering their time to make available this great thing, but I think undervaluing them when they decide to do that is almost inevitable, which has follow-on effects that manifest in all kinds of ways and lead to things not being the way they should be. Occasional prickly or unfair behavior by mods or admins represent one example of that; comments like this one represent another.
What on earth is hostile about the OP post in any way?
Yep.
There are two big end-user security decisions that are totally mystifying to me about Lemmy. One is automatically embedding images in comments without rehosting the images, and the other is failing to warn people that their upvotes and downvotes are not actually private.
I’m not trying to sit in judgement of someone who’s writing free software but to me those are both negligent software design from an end-user privacy perspective.
Of note about this is that image links in comments aren’t rehosted by Lemmy. That means it would be possible to flood a community with images hosted by a friendly or compromised server, and gather a lot of information about who was reading that community (how many people, and all their IP address and browser fingerprint information, to start with) by what image requests were coming in kicked off by people seeing your spam.
I didn’t look at the image spam in detail, but if I’m remembering right the little bit of it I looked at, it had images hosted by lemmygrad.ml (which makes sense) and czchan.org (which makes less sense). It could be that after uploading the first two images to Lemmygrad they realized they could just type the Markdown for the original hosting source for the remaining three, of course.
It would also be possible to use this type of flood posting as a smokescreen for a more targeted plan of sending malware-infected images, or more specifically targeted let’s-track-who-requests-this-image-file images, to a more limited set of recipients.
Just my paranoid thoughts on the situation.
deleted by creator
I have no real idea with Navalnvy, and only dim memories of news reports about Magnitsky which went into a little more detail, but I’ll tell you how I assume it operates: It’s basically mistreatment to the point that it’ll kill you, just slowly. Your cell’s cold all the time, in the arctic winter with no blankets. You get bad food and bad sleep and beatings and no medical care of any kind. Once your body starts to malfunction (Magnitsky started having kidney failure), they go on beating you severely enough to cause additional organ damage, but then just continue to put you in your cell day after day with no medicine. Basically, you’re going to die, but they’re drawing the process out enough that it’s indirectly, because of “medical issues” related to what they’re doing to you, instead of just from blunt force trauma or something. So it’s incredibly painful and long and drawn-out, a slow death of constant suffering from which you can’t escape or get any relief.
Not a map, but things I’ve seen on the roads in Boston:
You and I have different definitions of “wild animal.” That’s okay, we can agree to disagree, I’m comfortable with my view.
Wat
There are a lot of people who’ve interacted with cats they don’t know. Between the cat, animal control, the hotel, and the local health department, I like how you’ve chosen me as the one in this situation that clearly did something wrong lol.
Hm, yeah, this is a good point. This was at least 10 years ago so I think I’m probably safe but I agree with the principle in general.
Little buddy was suffering. Nobody wants to see that and I had nothing else going on that night anyway. On the other hand, if it turns out he’s an asshole, then I feel comfortable saying he’s not my problem.
Hence why I share with you, so you can be wiser than myself
I was driving through Maryland, it was getting late, and I saw a hotel that was $45 per night. I literally thought to myself, “WTF, I just need a bed, how much could really go wrong if I stay here.”
The room opened straight to the parking lot, and there were cats everywhere outside crying. I said hello to one of them, he was clearly in bad shape and so I went and got some cat food and invited him in and gave him some food. He bit me so I put him back outside and went to sleep.
I was most of the way on the drive home when I noticed I had red welts in a little line down my arm. You fucker, you have to be kidding me.
I basically stripped in the parking lot of my place, went in and took a long shower first thing, and put into the garbage all the clothes I’d had with me, suitcase, shoes, my backpack after taking the computer and notebook out. I put them all in a trash bag in the parking lot and then threw it in a dumpster that wasn’t near any residence. Then I vacuumed my car and took a long shower again.
Fuckin bedbugs. I had no bedbugs carried back to my place after that and that’s how I like it. $45 for the hotel cost me maybe $300 worth of stuff that I decided to get rid of.
There are lots of things that glow under ultraviolet light. It’s honestly hard for me to see why they would decide to spray a compound including one of the most toxic heavy metals in the world unless it was deliberately to poison people.
Yeah, email is unsafe, agreed. I addressed that below, saying I thought they just wanted to separate their real-world identity from their un-private emails. If you’re trying to use Proton to keep your un-private emails private, you’re gonna have a bad time and you should use some good end-to-end solution that isn’t email instead.
Ah makes sense, I read only the title, my bad
Librewolf?
I’ve been using that for a while since I ditched Chrome, and anecdotally it seems like it hits a pretty good sweet spot of “privacy-protecting to such an extent that I notice little annoyances as I browse the web, but they’re all trivial and easily bearable, which probably means it’s doing quite a lot to try to protect me.”
If someone is looking for end to end encrypted communication, I agree, they are probably better suited by another protocol. SMTP is really good at what it’s designed to do.
I agree with this. I’ll pretty much leave it at that.
I’m not trying to argue or anything, but I think you should read this for a quite good overview of the issues involved with trying to secure SMTP email. You can also read any number of expert opinions saying the same thing, if you don’t believe me or that article.
If you’re communicating with someone you know who’s also running their own email server, there is no problem with using email.
So, basically, never. I’ve run several SMTP servers in my time. I’m having trouble thinking of an example of when I might have been communicating from one of them to someone else who also ran their own secure SMTP server. If you’re trying to set up a secure end-to-end communication channel with one specific person which involves work on both your ends, it’d be way easier and more secure to use some other transport protocol at that point.
Email is a good protocol
It is. 100%. Sorry if I gave the impression I didn’t think it was. For all its age and some amount of minor stone-age baggage it brought with it, SMTP is genuinely quite well-designed and still serves its purpose 43+ years later, which is incredibly impressive. That purpose is, insecure but reliable and interoperable communication.
it runs over TLS.
Yeah, so does your HTTP connection with Proton. That doesn’t mean the end-result system keeps your messages secure, any more than using HTTPS means Proton is secure.
You can read the article I linked to above, but basically the short version is that email is by the design of the protocol subject to being stored or transmitted unencrypted at various intermediate places as it’s being sent around, in ways that are by the design of the protocol impossible to prevent.
You’re not required to agree with me; you can think what you want, but that’s how I see it.
Everything Wordpress is heavily infested with that. However you don’t have to let it impact you – it kind of looks to me like they pressure commercial vendors to put their stuff under the GPL if they’re wanting to offer a free version, so there’s a robust ecosystem of actually-FOSS tooling for it. My experience has been that it’s always worked pretty well in practice; you just have to keep your nope-I’m-not-paying-for-your-paid-version goggles firmly affixed. (Also, side note, GPT does an excellent job of writing little functions.php snippets for you to enable particular custom functionality for your Wordpress install when you need it.)