Fediverse

@fediverse Dumb question but do "likes" on #Mastodon automatically create up-votes on a #Lemmy post? I want to get a good grasp on the #Fediverse.

We tested out the new Fediverse beta in Ghost, and wrote about our initial thoughts. There's a huge amount of potential, and it's already taking great shape.

Other noteworthy pixelfed things:

• HEIC support and image optimization https://mastodon.social/@dansup/114188453431873584
• account migrations: https://mastodon.social/@dansup/114165774134400571
• other improvements to pixelfed app: https://mastodon.social/@dansup/114104395559080307
• direct message redesign: https://mastodon.social/@dansup/114165690916601470
• login/signup workflow redesigened: https://mastodon.social/@dansup/114103672705665681
• fixing instagram import: https://mastodon.social/@pixelfed/114111613468448954
• cute "empty timeline" message: https://mastodon.social/@pixelfed/114117810433929782
• groups (compatible with lemmy communities!): https://mastodon.social/@dansup/114160936877926078
• dark mode, groups, etc: https://mastodon.social/@dansup/114160982209034687

loops:

• loops source code released: https://mastodon.social/@dansup/114188842036359216
• hashtags pinned videos: https://pixelfed.social/p/loops/798412572605169984
• website: https://pixelfed.social/p/loops/781981137786570155

I made a Lemmy instance with a custom algorithm that keeps only the top 20% most unique (=interesting?) posts. It does this by calculating a similarity score between every post on my instance and all posts that came before it. The top 80% of posts with the highest self-similarity get removed instantly.

The idea would be that this allows me to cut through the noise that's running through the communities, similar to how xkcd-signal attempted to do 20 years ago.

The instance is mostly meant for reading, not posting. So it has a very open federation policy (for now).

If anything, this is experimental. So please let me know what you think! You can see the type of stuff that gets removed in the modlog (https://lemmy.coffee/modlog).

What do you notice about the comments on this post? https://piefed.social/post/555259

The post was made in the news@lemmy.world community and other posts linking to the same news article were made in technology@lemmy.world and in askusa@discuss.online. 3 different posts in 3 different communities.

PieFed de-duplicates them and only shows the post once in the timeline and when viewing the post all the comments on those 3 posts are shown in one place.

The fragmentation problem is solved.

Has anyone tried it?

Ive been looking for something that can make following on mastodon easier and found this.

I just installed it and I really like the ability to go to any Mastodon site and click "Follow" and not having it re-direct to my personal site.

It doesn't seem to work with GoToSocial at least at the moment, which is unfortunate. Ill have to see if I can "trick" the API by making it think its a mastodon server.

EX: https://social.jaredzimmerman.com/@jaredzimmerman

@jaredzimmerman@jaredzimmerman.com

Follow button works very well.

In Bookwyrm there are way too many duplicate authors and books, and a way to merge them is unclear.

Open Library seems to offer a more unified and consistent database.

cross-posted from: https://lemmy.today/post/25826615

For those not familiar, there are numerous messages containing images being repeatedly spammed to many Threadiverse users talking about a Polish girl named "Nicole". This has been ongoing for some time now.

Lemmy permits external inline image references to be embedded in messages. This means that if a unique image URL or set of image URLs are sent to each user, it's possible to log the IP addresses that fetch these images; by analyzing the log, one can determine the IP address that a user has.

In some earlier discussion, someone had claimed that local lemmy instances cache these on their local pict-rs instance and rewrite messages to reference the local image.

It does appear that there is a closed issue on the lemmy issue tracker referencing such a deanonymization attack:

https://github.com/LemmyNet/lemmy/issues/1036

I had not looked into these earlier, but it looks like such rewriting and caching intending to avoid this attack is not occurring, at least on my home instance. I hadn't looked until the most-recent message, but the image embedded here is indeed remote:

https://lemmy.doesnotexist.club/pictrs/image/323899d9-79dd-4670-8cf9-f6d008c37e79.png

I haven't stored and looked through a list of these, but as I recall, the user sending them is bouncing around different instances. They certainly are not using the same hostname for their lemmy instance as the pict-rs instance; this message was sent from nicole92 on lemmy.latinlok.com, though the image is hosted on lemmy.doesnotexist.club. I don't know whether they are moving around where the pict-rs instance is located from message to message. If not, it might be possible to block the pict-rs instance in your browser. That will only be a temporary fix, since I see no reason that they couldn't also be moving the hostname on the pict-rs instance.

Another mitigation would be to route one's client software or browser through a VPN.

I don't know if there are admins working on addressing the issue; I'd assume so, but I wanted to at least mention that there might be privacy implications to other users.

In any event, regardless of whether the "Nicole" spammer is aiming to deanonymize users, as things stand, it does appear that someone could do so.

My own take is that the best fix here on the lemmy-and-other-Threadiverse-software-side would be to disable inline images in messages. Someone who wants to reference an image can always link to an external image in a messages, and permit a user to click through. But if remote inline image references can be used, there's no great way to prevent a user's IP address from being exposed.

If anyone has other suggestions to mitigate this (maybe a Greasemonkey snippet to require a click to load inline images as a patch for the lemmy Web UI?), I'm all ears.

cross-posted from: https://lemmy.sdf.org/post/31221907

Since 2013, Ghost has made it possible to publish content online with a website and RSS feeds. In 2019 we added support for delivering content by email newsletter.

Now, in 2025, we're taking our biggest step yet by making it possible to publish to the social web.

[...]

cross-posted from: https://lemmy.zip/post/34378996

cross-posted from: https://programming.dev/post/27143191

Why I recommend against Bluesky.

Have you ever heard of the term federation-washing?

Bookwyrm's catalog is currently quite limited. Every user can always add a book, of course, but a lot of people will not find the button or just don't want to do this, and so they'll leave the platform disappointed.

To bolster Bookwyrm's chances against Goodreads etc., there should at least be a browser plugin where we can enter an Amazon link and have Bookwyrm's data entry form be automatically populated with all data available from Amaozon (and, by cross-searching with the ISBN, with the book's OpenLibrary ID etc.). Of course, the user should still check the data before ultimately submitting it. In creating the tool, one should also check if one needs to beware of copyright traps e.g. in the book descriptions.

(Theoretically, one might even go so far as to create a tool that scrapes book data in bulk, but this poses (a) increased legal risks and (b) will most likely lead to lots of duplicated books & authors on Bookwyrm, which for lack of an easy merging tool would be a real pain – the many existing duplicates are already annoying. Edit: And, as others have pointed out, there are a lot of fake & crap books on Amazon, so that indiscriminate scraping would flood Bookwyrm with entries that we really don't want there.)

Is there currently any tool as I described above?

(I'm aware that I'm giving this spam more attention by posting this, but I really wanted to share this weird behaviour.)

There are accounts whose sole purpose seems to be posting links to a certain blogspot blog. The posts of this blog only consist of YouTube videos, with very basic titles such as "Kangaroo Fight", "Growing Strawberries", etc.

Here are some example accounts I found via a web search (unfortunately the URLs of posts isn't taken into account when searching on lemmy):

• (*) https://moist.catsweat.com/u/thegeeek / https://lemmy.world/u/thegeeek@moist.catsweat.com
• (*) https://moist.catsweat.com/u/katknapz / https://lemmy.world/u/katknapz@moist.catsweat.com
• https://europe.pub/u/cloverpi
• https://is.hardlywork.ing/u/Squog

I also found two other accounts that seem to be part of this, too, but they were already banned:

• https://lemmy.wtf/u/dullhuman
• https://thebrainbin.org/u/zeffley

Another interesting discovery: Compare the two links for each of the accounts marked with (*). You will notice that the posts on moist.catsweat.com link to YouTube, but when viewing the posts from lemmy.world those same posts link to the blogspot. Why is that?

Just stumbled upon this. There are many ways to share your Event and you can even create some Events anonymous. This is awesome for organizing protests or other events you want to publish but you dont want to be mentioned in them as creator.

It also can publish events into Mastodon.

Lemmy's design is focused on quality content by ditching the Karma farmers and addicts. No more chasing upvotes—people here actually focus on real value instead of feeding the ego.

EDIT: I know there are upvotes and downvotes, but the problem with Reddit is you can't post in most communities if your karma or reputation is bad. This is a big problem because herd mentality prevails there and if ypu have unpopular opinions you're basically censored.

Lemmy isn't designed to milk ypur dopamine with notifications every 10 upvotes, so you focus more on posting valuable cont instead of farming for approval and upvotes.

Today we're opening a public beta for our social web integration in Ghost. For the first time, any site on Ghost(Pro) can now try out ActivityPub.

cross-posted from: https://lemmy.world/post/26978000

What is "Toastify is awesome”?
https://lemmy.world/post/17198003/10978272

... to fix the problem i simply logged out and logged in again

Just like apps and websites implement "Sign in with Apple" and Google couldn't we build some kind of federated authentication provider? Then everyone creates an account there and fedi apps can implement an easy way to authenticate users. Even non fedi apps could use it. I imagine user interaction between different fediverse platforms would be much easier too.

I guess could run an auth instance. Ideally everyone would run their own, keeping your data safe.

Is there something likes this already? Saw some discussion here but not much else https://socialhub.activitypub.rocks/t/single-sign-on-for-fediverse/712