8
submitted 4 months ago* (last edited 4 months ago) by debanqued@beehaw.org to c/isitdown@infosec.pub

These are Lemmy instances with a “Sign Up” link which present you with a form to fill out to register. Then after you fill out the form and supply information like email address to the server, they respond with “registration closed”:

  • lemmy.escapebigtech.info (dead node now, but got instant reg. closed msg when they were alive)
  • expats.zone
  • hackertalks.com
  • lemmie.be
  • lemmy.killtime.online
  • lemmy.kmoneyserver.com
  • lemmy.sarcasticdeveloper.com
  • level-up.zone
  • zoo.splitlinux.org

I suppose it’s unlikely to be malice considering how many there are. It’s likely a case of shitty software design. There should be a toggle for open/closed registration and when it’s closed there should be no “Sign Up” button in the first place. And if someone visits the registration URL despite a lack of Sign Up link, it should show a reg. closed announcement.

Guess it’s worth mentioning there are some instances that accept your application for review (often with interview field) but then either let your application rot (“pending application” forever) or they silently reject it (you only discover non-acceptance when you make a login attempt and either get “login failed” or even more rudely it just re-renders the login form with no msg). These nodes fall into the selective non-acceptance category:

  • lemmy.cringecollective.io
  • lemmy.techtriage.guru
  • lemmy.hacktheplanet.be (pretends to send confirmation email then silently neglects to)
  • links.esq.social
  • dubvee.org

To be fair, I use a disposable email address which could be a reason the 5 above to reject my application. And if they did give a reason via email, I would not see it. Not sure if that’s happening but that’s also a case of bad software. That is, when a login attempt is made, the server could present the rationale for refusal. Another software defect would be failing to instantly reject an unacceptible email address.

you are viewing a single comment's thread
view the rest of the comments
[-] stevedidwhat_infosec@infosec.pub 1 points 4 months ago* (last edited 4 months ago)

Your post and subsequent comments say quite the opposite - they’re oozing ego-charged.

Try coming from a place of genuine curiosity and not “this is wrong and stupid”

I’m not interested in bickering with you about semantics of social conduct. Black boxing applications from disposable/abusable mechanisms is absolutely a-okay in cybersecurity terms.

this post was submitted on 07 Jul 2024
8 points (78.6% liked)

Is this Instance Down?

79 readers
1 users here now

Discuss which Lemmy instances are online or offline. Problems with federation may also be discussed.

Visit lemmy-status.org for an overview.

Equivalent communities exist on other instances:
/c/isitdown@lemmy.ml
/c/isitdown@feddit.de
/c/isitdown@kbin.social

Please be civil and stay on topic. Posts and comments referencing NSFW content must start with the word "NSFW".

founded 10 months ago
MODERATORS