I will preface by saying that I am not casting doubt on your claim, I’m simply curious: What is the rationale behind why it would be so unlikely for such an exploit to occur? What rationale causes you to be so confident?

Looks like a Fractal Node 304?

Yep! I’ve found that the case is possibly a little too cramped for my liking — I’m not overly fond of the placement of the drive bay hangars — but overall it’s been alright. It’s definitely a nice form factor.

It wasn’t a deliberate choice. It was simply hardware that I already had available at the time. I have had no performance issues of note as a result of the hardware’s age, so I’ve seen no reason to upgrade it just yet.

Main Server

Services

• Jellyfin
• FreshRSS
• Borg
• Immich
• Nextcloud AIO
• RSS-Bridge

Hardware

• CPU: Intel Core i5-4460
• GPU: Nvidia GeForce GTX 760
• Memory: Kingston KHX1600C10D3/8G (8GB DDR3-1600)
• Motherboard: ASUS H81I-PLUS

OS

• Ubuntu 22.04.5 LTS

Reverse Proxy

Services

• Caddy

Hardware

• Rasbperry Pi 4 Model B Rev 1.5 (2GB)

OS

• Debian 12

Router

Hardware

• TP-Link Archer C7 AC1750

OS

• OpenWRT 23.05.5

For clarity, I’m not claiming that it would, with any degree of certainty, lead to incurred damage, but the ability to upload unvetted content carries some degree of risk. For there to be no risk, fedi-safety/pictrs-safety would have to be guaranteed to be absolutely 100% free of any possible exploit, as well as the underlying OS (and maybe even the underlying hardware), which seems like an impossible claim to make, but perhaps I’m missing something important.

“Security risk” is probably a better term. That being said, a security risk can also infer a privacy risk.

Factorio’s art style may draw its inspiration from older games that had technological limitations that forced specific art techniques, but I’d only be guessing — I haven’t found any official source that states where Factorio drew its artistic inspiration.

Yeah, that was poor wording on my part — what I mean to say is that there would be unvetted data flowing into my local network and being processed on a local machine. It may be overparanoia, but that feels like a privacy risk.

You’re referring to using only fedi-safety instead of pictrs-safety, as was mentioned in §“For other fediverse software admins”, here, right?

One thing you’ll learn quickly is that Lemmy is version 0 for a reason.

Fair warning 😆

One problem with a big list is that different instances have different ideas over what is acceptable.

Yeah, that would be where being able to choose from any number of lists, or to freely create one comes in handy.

create from it each day or so yo run on the images since it was last destroyed.

Unfortunately, for this usecase, the GPU needs to be accessible in real time; there is a 10 second window when an image is posted for it to be processed [1].

Probably the best option would be to have a snapshot

Could you point me towards some documentation so that I can look into exactly what you mean by this? I’m not sure I understand the exact procedure that you are describing.

[…] if you’re going to run an instance and aren’t already on Matrix, make an account. It’s how instance admins tend to keep in contact with each other.

This is good advice.

Fediseer provides a web of trust. An instance receives a guarantee from another instance. That instance then guarantees another instance. It creates a web of trust starting from some known good instances. Then if you wish you can choose to have your lemmy instance only federate with instances that have been guaranteed by another instance. Spam instances can’t guarantee each other, because they need an instance that is already part of the web to guarantee them, and instances won’t do that because they risk their own place in the web if they falsely guarantee another instances (say, if one instance keeps guaranteeing new instances that turn out to be spam, they will quickly lose their own guarantee).

How would one get a new instance approved by Fediseer?

There is a chat room where instance admins share details of spam accounts, and it’s about the best we have for Lemmy at the moment (it works quite well, really, because everyone can be instantly notified but also make their own decisions about who to ban or if something is spam or allowed on their instance - because it’s pretty common that things are not black and white).

Yeah I think I’m more on the side of this, now. The chat is a decent, and workable solution. It’s definitely a lot more hands-on/manual, but I think it’s a solid middle ground solution, for the time being.

If you ban a user […], then if you are automating this you end up with the issue of if anyone screws up then how do you get someone’s account unbanned on all those instances?

The idea would be that if they are automatically banned, then the removal of the user from the list would then cause them to be automatically unbanned. That being said, you did also state:

If you ban a user and opt to remove all their content (which you should, with spam)

How do you get all their content restored

To which I say that I hadn’t considered that the content would be deleted 😜. I was assuming that the user would only be blocked, but their content would still be physically on the server — it would just be effectively invisible.

how do you trust all these people to never, ever, ever get it wrong?

The naively simple idea was that the banned user could open an appeal to get their name removed from the blocklist. Also, keep in mind that the community’s trust in the blocklist is predicated on the blocklist being accurate.

The first one is who controls it?

Ideally, nobody. Anyone could make their own blocklist, and one could choose to pull from any of them.

Sure, but (in the USA) an investigation precedes a criminal case [2], and a court order is part of that. I directly cite, for example, 18 U.S. Code § 1509 - Obstruction of court orders [1]:

Whoever, by threats or force, willfully prevents, obstructs, impedes, or interferes with, or willfully attempts to prevent, obstruct, impede, or interfere with, the due exercise of rights or the performance of duties under any order, judgment, or decree of a court of the United States, shall be fined under this title or imprisoned not more than one year, or both.