the argument for .ml domain has always been absurd to begin with. So it’s free but the price you pay is that it’s being run by Mali. I’d just drop 8$/year tbh, that’s not a hill you want to die for. Also you harm your project by being SEO punished for using spam-associated TLDs like this. One of the reasons original Lemmy took so long to adopt until Reddit’s API drama. Pretty dumb ngl.
If i remember right it was also “free to register but insanely expensive to renew once they start to see traffic”
Renewal costs are my primary consideration when picking domains. Subscription fees is how your money disappears when you’re not looking.
Anyone know how companies get the rights to domains to sell in the first place? Do they literally submit a list of all domains to ICANN or something? Sorry if this is a stupid question, I just never understood how any of this really works.
TLD - Top Level Domain (.com .ml .whatever)
Registrar - NameCheap, PorkBun, etc. Submits your domain.TLD request to a Registry
Registry - Maintains the list of domains for a specific TLD and the server infrastructure to run the TLD
ICANN - Decides who can be a Registry and for which TLD. Not involved in the nitty gritty of individual domain names.
How is that decision made? How hard would it be for a group of amateurs to make an rog and try to be a registry or registrar.
You should check out the OpenNic project, which is an organization that has already attempted what you’re describing.
Hi, professional DNS engineer here! if anyone has any questions about the inner workings of DNS or top level domains, ask away! (THIS IS MY MOMENT)
How can a server know exactly what domain name they were accessed from or if they were accessed directly through IP?
To me, dns was just words->IP and then the computer connects using the IP so how would the server know what domain name was used
Well that sounds like my dream job, unfortunately this issue in particular is more of a Lemmy problem, not a DNS problem. See: https://lemmy.nrd.li/comment/190200 for the explanation of why you cant just transfer domains with Lemmy.
Also, if you’re genuinely interested in this field, first you should enter the world of enterprise network engineering. Get Security +, CCNA, and PCNSA. With those certs in hand (and knowledge in your brain), apply to jobs as a network support engineer. Do the work for a few years. Learn BIND. Learn Infoblox. Focus on learning DHCP and subnetting. Learn DNSSEC & IPv6. Experiment with a Pi Hole. Set up a home lab. Apply to jobs with DNS. Start living the good life. This takes about 10 years if you learn fast and are good at interviews.
I left my job as a network engineer to do DDI and it’s been a blast. A lot more to DNS than I could have imagined.
Also, a cat explains DNS.
Here is an alternative Piped link(s): https://piped.video/4ZtFk2dtqv0?si=uSI3Rzzh49cN_Yl5
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
I only just now saw this post, the last month i have already been going all out to learn everything that i need for my Security+ (then CySec+) i have a 30hr video course im part way thorugh, and ive set up a few VMs with various servers like OWASP Security Shepherd and Dam Vunurable Web App for some more hands on experience as well as testing on my personal production Nextcloud and Jellyfin servers and ive been having alot of fun with it all, i think im pretty solid with DHCP and subnetting already through my home networking adventures. I will look into each of those other Certs and each thing you mention to learn thank you! Ive been deep into various Linux systems since about 2008 and im hoping to leverage that as much as i can(although its left me with a lack of modern Windows experience).
Thank you so much for all the tips! I feel some good things coming as im getting into this as work.
Why is it always DNS?
When I was talking my cyber security / ethical hacking class, we learned how to do zone transfer. The concept never stuck and I basically “copy” from my friend. So what exactly is a DNS Zone Transfer?
The Mali government taking control of the .ml tld probably has something to do with the fact that hundreds of thousands of US military emails have been accidentally sent to Mali by users who type .ml instead of .mil in the address field.
Link to the actual post OP screenshotted: https://very.bignutty.xyz/notes/9hf13it1ced3b2za
Screenshots of text are not the way. The crappy “hey, a text thing I want to share, let me take an accessibility-poisoning screenshot and upload that graphic file like a psychopath instead of just copy/pasting either the link to the text or the text itself like a decent human being” routine needs to die with Reddit, we have to be better than that here.
At the least, put the screenshot and the link in the post. We can do both, people.
Screenshots of text preserve the state of the text at the time it was seen…
Yes, it’s not good for accessibility but it’s a good way to quickly capture a moment in time.
(I would recommend perhaps also copy/pasting a synopsis for people who might be vision impaired etc)
So copy/paste the text for your snapshot, and link to the original.
Screenshots stay with time, I hate it when I arrive a bit later and the link is already dead and I have no idea what it said.
Copy/pasted text stays with time too and doesn’t have the issues that pictures of text do. Also hosted images disappear all the time.
If you can post an image, you can post text, right?
…except when the image hoster suddenly dies and 10000s of Screenshots suddenly vanish from the internet and all howto’s etc are killed by it
That’s why you shouldn’t use external image hosters but embed the picture the normal way. Then if the lemmy instance dies then the screenshot dies with it but not seperatelly.
well, often webprojects don’t have that much money and hosting communitys who post a lot of images, videos etc. costs a lot of money. because that a lot of users use imagehosters to bypass this issue.
I did share it. It’s in the comments.
Using .ml was stupid in the first place. No need to try to be a special snowflake by using a sketchy TLD.
But- But- But the memes of a Marxist-Leninist instance!!1!
I wonder if it was done on purpose after it came out that the Pentagon had typo’d “.ml” instead of ‘.mil’ and exposed a lot of sensitive emails…
Highly doubtful much of anything majorly sensitive got leaked. Firstly even unclassified DoD emails are encrypted by default. Secondly anything classified isn’t even on a network that can talk to normal email, it’s either 100% point to point encrypted or on an airgapped network. If I hopped on SIPR (DoD Secret-level internet) and emailed a normal email address it simply wouldn’t work.
You highly overestimate the US army.
Reminder that the most recent leak was done by a guy who just wanted to be right on Discord.
Yeah but that was intentional stupidity. Regular typos are covered fairly well.
That doesn’t stop somebody from being an idiot and mentioning something classified in clearnet communications. Never underestimate the power of stupidity.
Well kinda feels like my house burned down.
Hopefully the push towards some kind of direct migration comes on the feels of this.
lemmygrad.ml and lemmy.ml are gone? So sad.
Anyway.
Unfortunately, it seems the tankies are gonna tank right on (over the bodies of students).
Best comment
A lot of people should be concerned about this for .me domains as well (Montenegro)
I think that’s different because the .ml domain apparently was being given away for free by a registrar that wasn’t responding to abuse complaints, and thus was being heavily abused.
…but if not, then holy shit what a mistake it was to register
firstname@lastname.meas my primary email address.
Man, hacking, DDOS and now this. The fediverse just can’t catch a break…
Would help if users spread out over all the running servers because problem is just a few lemmy servers have all the users. For example the instance I run would be a simple proxy to use for all the content and then would mitigate issues when a big server had problems since just parts of the fediverse would be affected from the users pov.
the problem is most users fear that if they choose a small instance, that it goes down random more likely and their account and everything else is gone. if you choose a bigger instance it feels less likely that the admin of the instance just says fuck it and kills the server random for whatever reason.
as long accounts can’t be easy transfered and are maybe even safe somehow without their instance, people will choose the instance that feels the most secure to them. and when i looked at the available instances… most looked not really long term secure. most did look like they are random ideas of people and they could vanish any second into the void. so i as an example did choose lemmy.world. seemed the most safe option with the best features (nsfw allowed, a lot of users and a big instance)
On a small instance, you have greater opportunities to take action to positively support that instance. You can make friends with the administrator, volunteer to become an administrator yourself, donate cash to offset running costs, lodge helpful reports, welcome new users, etc…
I understand the logic but its actually backwards. A small instance like mine is easily paid for totally out my own pocket and requires no outside funding or maintenance because I can do everything. If too few people donate to major instances then the costs starts to run away from the owners. In some ways becoming too large is a problem.
i understand that, but think about it - its a random instance from a random stranger on the internet. you don’t know that person, and don’t know if he is actually serious interested in that project of running that instance… or if he will shut it down maybe a few day, weeks or months in the future.
and you can’t really backup your account and load it somewhere else, so if this happens everything you saved and do is GONE. thats a huge risk if you value your account and contribution to communitys.
so it doesn’t really matters to me if smaller instances are not expensive etc… thats not what fears people (there are still ways to spread users along more instances but more even). its the suddenly vanishing without warning that scares people.
i had this often enough with similiar other projects where i created a account on such a small community / instance, was really active… and suddenly it was just gone from one second to the next without warning. everything gone. admin didn’t told anyone about it… was just gone into thin air.
so it feels safer to go to instances who are more “trustworthy” in the longterm security of a stable operation.
if lemmy would support export of accounts maybe ever month once or something… that would change things. also allow spoofing of stuff, but it would help with vanishing instances and people would feel safer on smaller more unknown instances.
“i understand that, but think about it - its a random instance from a random stranger on the internet. you don’t know that person, and don’t know if he is actually serious interested in that project of running that instance… or if he will shut it down maybe a few day, weeks or months in the future.”
Have to be honest with you, that is how all yhe instances started including lemmy.world.
“so it feels safer to go to instances who are more “trustworthy” in the longterm security of a stable operation.”
There is no metric by which to know this yet as lemmy is new. Its not like there are 5 servers that are 10 years old and al the rest are just starting up. Just how it is.
Have to be honest with you, that is how all yhe instances started including lemmy.world.
but now they have enough reputation & users to make them feel like the safest option
There is no metric by which to know this yet as lemmy is new. Its not like there are 5 servers that are 10 years old and al the rest are just starting up. Just how it is.
compared with random instances with 2-3 users or so, a instance who is there since the beginning / relative long compared to other is safer feeling tho.
i’m so worried about this topic, that i even think about maybe setting up my own instance just to keep my accounts etc safe & from vanishing.
I feel like you have missed the points im my previous comments but if you just want to feel safer because in your heart of hearts this instance or that instance just feels safer then go for it.
My advice does not change. Make a backup account on another instance to avoid being burned. If you dont want to, then its now on you.
I feel like communities are the bigger problem here. And not one that’s easily solved.
If users from multiple instances come together in communities, those communities are still centralized on a single server. So if something happens to that server, or if your instance defederates with it, the whole community goes with it.
The alternative would be to have tons of duplicate communities spread over many instances, but that’s a bad user experience.
Jesum Crow… Tags aren’t a new concept. Just group communities with a tag… is that incredibly complicated to implement or something?
There needs to be a way for a person or group to essentially own a tag to enable moderation. It might be one of those rare problems for which a block chain is a good solution, because there would need to be a public ledger showing who is a moderator for a tag at any given moment.
There is no need to own a tag, nor to tack blockchain into a problem to try and sell a solution. Ever.
At this stage in the game, I’m not even sure how to evaluate the trustworthiness of instances. Which also applies to the one I’m currently on. I’d like to assume everything is good, but admins do have power that can be abused, like visibility of IP addresses, access to accounts, access to passwords (reusing passwords is bad but especially don’t do it here and certainly don’t use the same password for your email associated with your account).
Facebook abused those powers (zuck even bragged about being able to see everyone’s passwords, emails, private messages, pictures), so did Reddit (though more with shadow banning or quietly removing/restoring posts).
Fediverse instances are just run by random people as far as I can tell. I’m sure there’s some that should absolutely be avoided and I’m sure that there’s some that are perfectly fine. But I don’t have a clue how to determine which list about specific instance is in, otherwise I’d love to join someone’s small instance.
Edit: oh and that only goes into whether the admin is acting in good faith or intends to be abusive. Then there’s the question of whether the admin is competent enough to run a server without it getting pwnt and giving others access to that same information and capabilities.
You are correct. A lot of the internet is built on trust. This is no exception. I suggest having an account in more than one instance so that you are not too vested into 1 place.
Resiliency is the strongpoint.
If Reddit shuts down, all of Reddit dies.
Same with Facebook, YouTube, etc. is that highly unlikely? Well, yeah, but still nonzero. The fediverse offers resiliency in this regard, and no one person has the ability to shut it down. Even if all instances decide to shut down, new instances can still be spun up.
The domain bs is a interesting case of scummy practices in general, .tv was missused in a similar way with awful contracts, essentially scamming a already increadably poor country!
FYI I have made a tool that can backup / copy your account settings, subscriptions, and blocks to a new account: https://github.com/CMahaff/lasim
There are others out there as well if you look.
Obviously the loss of .ml communities would still be catastrophic to Lemmy, but at least your new account won’t start from ground-zero, and you can be less effected by downtime by having 2 accounts with the same subscriptions.
This brings a disturbing thought to mind… if an instance domain name like foo.bar lapses and someone else snaps the domain up (or of it gets stolen) can the new controller plop Lemmy on a server and be instantly federated? If so what kind of damage could they do?
This is why you don’t let your domain registration lapse. It’s not the only way computers on the internet verify each other’s identity, but a hell of a lot of internet security features are based around domain names, so keeping yours functioning is a very big deal.
Domain registration ≠ internet security. Root of trust is in cryptographic keys, not domains. DNS is not the security cornerstone you make it out to be. PKI says hi!
No, the signatures wouldn’t match.
That’s an assumption that lemmy will quit federating with a server that does not match.
And what signature are we talking about anyway? Is not certificates…
It’s not an assumption, it’s how activitypub works.
Can you show me documentation that shows communities or servers are signed?
So looking at that spec… Nothing there is validation that current messages originate from an “original” server…
I don’t think either of these signature options for Server to Server communications means that my current lemmy.saik0.com instance can’t be torn down (delete LXC container) and reconfigured as a brand new instance (New LXC container) and other instances wouldn’t know that there’s been a change to the instance running here… or more accurately would flag a change. I think these signatures are all about not being able to spoof OTHER instances. eg, lemmy.ml can’t send messages on behalf of lemmy.world.
I assumed that once federated the public key would be remembered and signatures that do not match it would be handled, but you may be correct. I do wonder whether this could be a problem as instances close down over time. I’ll have to spend some more time researching to see if there’s a more clear answer, or if any ActivityPub implementations have their own way of handling that situation.
Activitypub signatures that each user and group sends out their messages with.
this is why instances should be abstracted away as underlying infrastructure and the users don’t have to think about “instances”. accounts and communities are replicated across servers.
Seriously it’s like no one knows how to use the internet (erm, to learn about teh innernets).
When in doubt, Wikipedia.
https://en.wikipedia.org/wiki/Country_code_top-level_domain?wprov=sfla1
I’m new to the fediverse and not sure how it works just yet. Can someone help me understand? My account was created on Lemmy.ml, will it no longer work and I’ll have to make another?
I would make a lemmy world account personally, it’s tough to say what will happen long term with .ml domains. Even if your account still works, it may by hampered getting posts from the rest of the fediverse. Worst case scenario you have account on two popular lemmy instances.
Are you aware that ml in lemmy.ml stands for marxism-leninism and that the admins of your instance don’t support any critique of the chinese government? I’m asking because I think a lot of new users chose lemmy.ml randomly - mostly because it was big - and if they knew this, many of them would have chosen differently.
I had no clue. I was just tired of Reddit and when looking into Lemmy the .ml one came up first in the search. Guess I get to make a new one somewhere else.
They chose .ml because it was free. They don’t delete comments just because they don’t agree with them. I don’t get why some people feel the need to spread lies about the lemmy devs/lemmy.ml admins just for being in favour of communism.
The claim about .ml meaning that is about as dumb as people saying AC/DC means anti-christ devil-child…
But lemmy.ml absolutely removed posts criticizing china. They also made their beliefs very clear. It wasn’t lemmygrad… but they would absolutely censor anti-china rhetoric, and had many brainwashed or Chinese troll accounts.
They even started censoring certain words on lemmy.ml, including “bitch.” I’m not okay with that…
I think the majority of users were normal people who randomly ended up there. But just because this one claim is silly, it doesn’t detract from very real issues that existed there.
