this post was submitted on 21 Jul 2023
475 points (98.8% liked)

Lemmy

2172 readers
2 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 4 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 170 points 1 year ago (31 children)

The fact that people were registering .ml domains for projects like this is mindboggling. There are many TLDs to pick from without infringing on the terms of use of a country-specific one.

[–] [email protected] 65 points 1 year ago* (last edited 1 year ago) (7 children)

My thoughts exactly. You should not be choosing TLDs that are volatile to upsets like this. Stick with the tried and true .com or .net, or one of the new TLDs that are not bound to a nation (unless you can comply with the stipulations) or particular type of organization.

[–] [email protected] 32 points 1 year ago (2 children)

Or if you absolutely have to, choose the TLD of a country you live in.

[–] [email protected] 27 points 1 year ago* (last edited 1 year ago) (4 children)

That works, too. I'm on lemmy.ca. Buying a .ca domain requires confirmation of citizenship or other qualification before you can even use it.

load more comments (4 replies)
[–] [email protected] 16 points 1 year ago (1 children)

Agreed. I went with lemmy.ca since I'm Canadian and the instance is in my country.

I also heard Lemmy should perform a little quicker for me too this way.

[–] [email protected] 24 points 1 year ago (1 children)

No, practically speaking the domain name should have no effect on access time. DNS has so many layers of caching that as long as SOMEONE has accessed the website nearby (including you), the domain lookup will be local and therefore fast.

Anyway, DNS lookup times, even slow ones, are still not going to be noticable to the end use originally.

[–] [email protected] 13 points 1 year ago (4 children)

No, I meant the instance itself. The server. The one who runs lemmy.ca is here in Canada with me.

It's like when playing a game; You choose servers closet to you for the lowest ping time.

The other reason I neglected to mention was I like to support local. 😎

load more comments (4 replies)
[–] [email protected] 27 points 1 year ago (3 children)

Even gTLDs aren't entirely safe. .dev is iffy right now because only Google can give those out and Google domains is going away.

[–] Wispy2891 14 points 1 year ago (1 children)

.dev was stupid from the beginning due to how many local domains like that...

[–] [email protected] 26 points 1 year ago* (last edited 1 year ago) (3 children)

Alright https://lemmy.zip it is!

Edit: No way someone already did it

[–] [email protected] 15 points 1 year ago

Hello there stranger. As completely factually appointed ambassador of lemmy.zip, I'd like to extend a warm welcome to all and am glad to see you've discovered our existence.

load more comments (2 replies)
[–] aeharding 14 points 1 year ago (3 children)

Google domains is going away

What the hell, how am I just hearing about this now?

[–] ikidd 14 points 1 year ago

They didn't even tell domain holders.

load more comments (2 replies)
load more comments (1 replies)
load more comments (5 replies)
[–] [email protected] 22 points 1 year ago (1 children)

Dang I hope lemm.ee is safe. Hopefully Estonia doesn’t decide the same.

[–] [email protected] 54 points 1 year ago (2 children)

Well, I'm an Estonian citizen at least 😅

[–] [email protected] 20 points 1 year ago (2 children)

I didn't even consider .ee to be a country domain. I thought you used it for the catchy name.

That's pretty cool.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 12 points 1 year ago

This is terrible news to me, as an OCaml’eer.

There goes all my potential cool project domains … 😭

load more comments (28 replies)
[–] [email protected] 81 points 1 year ago (3 children)

It'll be fun when Tuvalu decides to take back .tv

[–] [email protected] 71 points 1 year ago (1 children)

1/12th of their national income is from .tv so they'll have sunk before that happens...

[–] SmokesForBreakfast 13 points 1 year ago (1 children)

But isn’t that day also nearing at a drastic rate? I feel like they’ve been on the brink to Atlantis for a while now.

[–] dustojnikhummer 11 points 1 year ago (3 children)

AFAIK they won't pass this decade, yes

load more comments (3 replies)
[–] [email protected] 23 points 1 year ago

I believe they sold the rights to some US company who is now managing the tld.

They specifically decided to profit off the fact that's it's an attractive tld, unlike tld like .ly and .ml where the country never intended for their tld to get a wide use.

[–] [email protected] 53 points 1 year ago (1 children)

Is there information about this situation with Mali government about ml domains? I cannot find anything about it.

Though apparently some ml domain receives a lot of accidental US military emails :).

[–] [email protected] 23 points 1 year ago (1 children)

Basically Mali took management of it back off Frenom.

[–] [email protected] 39 points 1 year ago (3 children)

Well, this is just weird. When I was migrating from Reddit to this fediverse world I chose .ml and thought it was short for "machine learning" which seemed as a cool domain for me at the time.

[–] [email protected] 47 points 1 year ago (7 children)

FYI, two letter TLDs are country/region/jurisdiction specific. There's an ISO standard for that.

  • .tv Tuvalu
  • .me Montenegro
  • .fm (Federation of) Micronesia

Some countries append additional modifiers to classify their uses:

  • .uk United Kingdom
  • .co.uk Company
  • ...

Three or more are generic (traditional or new)

  • .com, .net, .org, ...

In some cases, Uncle Sam said "first!" and it stuck.

  • .edu Education (MURICA)
  • .mil Military (MURRICA)
  • .gov Government (MURRRICA)

Just like what happens with Mali, what some silicon valley hipsters decide as a 'fun' acronym is just that, a fun thought. If the corresponding government decides to take away a specific domain, they probably can.

[–] CylonBunny 25 points 1 year ago (2 children)

.mil Military (MURRICA)

That is what made this whole .ml problem. Some people have apparently accidentally leaked American state secrets to Mali by typo.

[–] FlexibleToast 16 points 1 year ago* (last edited 1 year ago) (1 children)

That's a poor excuse. If something is secret or higher it has a different TLD. The SIPRnet uses .smil for example. There are also tools at the boundaries that don't allow going from SIPR to NIPR unless they meet specific criteria. Basically you can only leak those secrets accidentally if they were already on a system they shouldn't have been on.

load more comments (1 replies)
load more comments (1 replies)
[–] teolan 18 points 1 year ago (1 children)
  • .edu Education (MURICA)

.edu is not only american. For example I know many schools in France have .edu domains and emails, and I believe it's the case in many more countries.

[–] [email protected] 16 points 1 year ago (6 children)

In 2001 it was limited to US educational institutions only, all registrations prior were grandfathered in.

Although I haven't got a clue why my non-US university, founded in 2009, has a .edu domain.

load more comments (6 replies)
load more comments (5 replies)
[–] [email protected] 37 points 1 year ago* (last edited 1 year ago)

No, it's Mali.

The rumour is that lemmy devs chose it to mean "marxist leninist" but I think it's more likely they wanted a free domain name.

load more comments (1 replies)
[–] deafboy 30 points 1 year ago (1 children)
$ whois lemmy.ml
WHOIS lookup for LEMMY.ML can temporarily not be answered. Please try again.
ERROR: domain not found:
$

But it's still in my DNS cache

load more comments (1 replies)
[–] [email protected] 29 points 1 year ago

Sounds like it will if Mali decides to take back .ml as Gabon apparently did for .ga. background here https://domainincite.com/28814-millions-of-domains-to-be-deleted-as-freenom-loses-its-first-tld

[–] kratoz29 18 points 1 year ago (1 children)

Thanks for the image, I didn't know FMHY had an official response, good to know they had backups....unlike me who lives in eternal danger.

[–] [email protected] 13 points 1 year ago* (last edited 1 year ago) (2 children)

I'm confused why backups would even matter. Are the servers physically hosted in Mali and the government seized them?

Because if the government just invalidated the domain, that's completely different. In that case a server device with everything on it still exists in the same place it always did, it's just DNS that has changed.

(And yes, I understand that losing the domain name and the certs attached to it would be a big deal, but there's no data loss, hence no need to pull from backups.)

load more comments (2 replies)
[–] [email protected] 17 points 1 year ago (1 children)

On the technical topic of renaming a domain of a Lemmy server... I think it is worth experimenting with the code. At minimum, I think it should be an option to try and keep the same login/passwords for users from the old install of Lemmy. But even that could prove tricky if a particular domain changed underllying ownership more than once - and user@domain became rewritten by an entirely different person. I guess in the real-world people do often get mail for previous residence of a house.

My biggest concern is legality because Lemmy claims to support privacy. I honestly think it's a bad idea to claim privacy because you run into so many problems. If the user never knows that their lemmy instance changed names and can't find it again, etc. Especially on technical topics, 15+ years of having Reddit keep messages from deleted user accounts offered a lot of great search engine hits. With Lemmy, a person moving to a different instance and deleting their account, so much content is going to get black-hole in favor of 50 instances having copies of a meme post or trivial website link - and solid original content (often in comment discussions) gets removed.

[–] [email protected] 10 points 1 year ago* (last edited 1 year ago) (6 children)

On the technical topic of renaming a domain of a Lemmy server… I think it is worth experimenting with the code.

This is unfortunately only possible if you still own the original domain. Think about it this way: if you could migrate domains without proving you own the original, then what's stopping a bad actor from migrating any domain they want? Keep in mind that Federated servers rely on DNS to verify who's who -- they don't have a backup system for deciding trustworthiness.

Yes, there's no technical reason Lemmy has to rely on DNS to establish trust (aside from the fact that changing this would require a massive rearchitecting effort), but why shouldn't it? It's possible to switch to a different trust system (i.e.: public/private keypairs), but that doesn't actually change the nature of the problem -- people can still lose control of the private key and blow the whole system up (and, arguably, this is a lot more likely to happen than permanently losing a domain).

At minimum, I think it should be an option to try and keep the same login/passwords for users from the old install of Lemmy.

So, login credentials aren't actually tied to the domain name at all. A user like [email protected] is simply known as example to the server internally. The server doesn't particularly care if it lives at lemmy.ml or microsoft.com -- if user example shows up and gives the right password, they're allowed to log in. What I'm trying to say is that -- assuming that the user database isn't destroyed -- login info would probably carry over without any special effort needing to be taken at all.

But even that could prove tricky if a particular domain changed underllying ownership more than once - and user@domain became rewritten by an entirely different person. I guess in the real-world people do often get mail for previous residence of a house.

The identity problem you allude to is not exclusive to this scenario. Let's use lemmy.ml as an example: where did the domain come from? The Mali government. Does this mean that the Mali government owned lemmy.ml before it became associated with the Lemmy project? At the risk of oversimplying: yes, pretty much! Prior to 2019, the government of Mali could have created "fraudulent" Fediverse posts under your username, /u/[email protected].

With that being said, it's kind of a silly concern. Despite being partially distributed, Lemmy is not a read-only database (i.e.: not a blockchain). There's nothing stopping the current domain owner from more-or-less completely undoing vandalism from a prior domain owner by simply asking the other federated servers to delete that fraudulent content. Keep in mind that the domain is not the server; the original operator keeps all of the original data even if they lose the ability to host that data under the original domain.

My biggest concern is legality because Lemmy claims to support privacy. I honestly think it’s a bad idea to claim privacy because you run into so many problems. If the user never knows that their lemmy instance changed names and can’t find it again, etc.

This is not a problem unique to Lemmy. If Google forgets to pay for gmail.com, then suddenly a lot of email addresses become untrustworthy. This isn't a privacy issue because your old emails don't leave Google's servers. It is a trust issue, however, since the new owners can now impersonate any gmail.com address and receive any new email that was intended for the original owner.

Not to downplay how catastrophic this scenario would be... but I don't think there's any law on the books which would legally obligate Google to operate gmail.com until the end of time. Nothing lasts forever and eventually gmail.com won't be controlled by Alphabet Inc. anymore -- that's just how time works. Those bothered by this uncertainty can instead choose to host their own mail server (or Lemmy instance) on their own domain -- this won't last forever, either... but at least you're in control now.

Especially on technical topics, 15+ years of having Reddit keep messages from deleted user accounts offered a lot of great search engine hits. With Lemmy, a person moving to a different instance and deleting their account, so much content is going to get black-hole in favor of 50 instances having copies of a meme post or trivial website link - and solid original content (often in comment discussions) gets removed.

~~Just FYI: Much like Reddit, comments continue to exist even when the author deletes their account. The user must explicitly delete each individual comment before deleting their account if they want it all taken down.~~ EDIT: This is not actually currently the case, though as far as I can tell the stated intent is to prefer anonymizing comments over deleting them when deleting an account (source). I don't really get this complaint in the first place, actually... surely both kinds of content would get lost when a user deletes all of their data, right? There's no button that says "delete all of my stuff, except for the shitposts".

load more comments (6 replies)
[–] [email protected] 17 points 1 year ago

*affect.

thanks for the humorous takes, but what's the verdict...? and what's the next step, download posts and settings and move elsewhere?

load more comments
view more: next ›