this post was submitted on 21 Jul 2023
434 points (98.4% liked)

Fediverse

28491 readers
630 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
 

An update:

  • fmhy.ml is gone, due to the ongoing fiasco with mali government taking all their .ml domains back
  • As such, lemmy.fmhy.ml is also gone, we are currently exploring ways to refederate (or somehow restart federation entirely) without breaking anything substantial
  • We have backups, so don't worry about data loss (you can view them on other instances anyway)

Currently, we have fmhy.net and are exploring options to somehow migrate, thank you for your patience.

you are viewing a single comment's thread
view the rest of the comments
[–] 001100010010@lemmy.dbzer0.com 44 points 1 year ago (3 children)
[–] sab@kbin.social 65 points 1 year ago (2 children)

Good thing join-lemmy is safely tucked away in a .org domain.

This is extremely bad timing for Lemmy (if it ends up happening), but also a good example of how federation makes the entire social media landscape more robust. Had this happened to a centralized service it would be devastating.

[–] shrugal@lemmy.world 29 points 1 year ago* (last edited 1 year ago) (1 children)

Not really. Most centralized services are accessible via multiple domains, e.g. for different countries. This would just disable one of them, but users could still use another to log into their accounts. For the Fediverse it "disables" an entire instance, cuts it off from federation and locks out users.

Lets not put a positive spin on a situation that exposes a weakness of the current system. The federation protocol needs to be able to handle these things gracefully, like propagating domain changes and migrating accounts between instances!

[–] Toribor@corndog.uk 6 points 1 year ago (2 children)

I'm now wondering what happens if the Mali government (or someone else) begins using those domains with their own lemmy instance, potentially with malicious content.

Would the instances they've federated with begin ingesting and serving that content automatically? Or would that be blocked due to key mismatch?

[–] Amir@lemmy.ml 6 points 1 year ago

I think they need the private key for the https certificate to do that

[–] shrugal@lemmy.world 5 points 1 year ago

Afaik it is all connected to the domain name, so they could definitely start to impersonate any .ml instance. Other instances could detect that the signing key for federation messages changed, but that's about it. Their admins would probably have to block/defederate them manually.

[–] I_Has_A_Hat@lemmy.ml 9 points 1 year ago (1 children)

If it was always going to happen, now isn't really a bad time. Sure, a month ago would have been better, but people still haven't been here that long. If I wind up needing to migrate, and lose my current account, oh well. No big loss. I imagine others feel similar.

I was frustrated with the outage yesterday and created a new account on a different instance so I could still browse. Couple hours later I had all my subscriptions filled out and the experience is almost identical to my first account.

[–] rm_dash_r_star@lemm.ee 9 points 1 year ago

lemmy.ml is still up as of right now. Possibly they contracted a subscription to the domain name to keep it up. They had to do something to retain it otherwise the site would be unreachable. If lemmy.ml does have to change names it will be a hassle since I've got a good number of community subscriptions there.

This wouldn't happen to an instance with a regularly subscribed domain name. Problem is the .ml domains were free and the associated country decided to claim them back. The risk of using a free top level domain is something that should have been considered. I don't think it's worth the risk versus the cost savings considering how difficult it is to migrate a Lemmy instance.