That is probably part of the problem. My guess is that for some reason programming.dev is trying to send a backlog of events since the time your instance was shut down. This doesn’t seem like something that should happen though, as I’d expect Lemmy to mark an instance as Gone and stop trying to send events after a while.

I’m like 90% sure that this post is AI Slop, and I just love the irony.

First of all, the writing style reads a lot like AI… but that is not the biggest problem. None of the mitigations mentioned has anything to do with the Huntarr problem. Sure, they have their uses, but the problem with Huntarr was that it was a vibe coded piece of shit. Using immutable references, image signing or checking the Dockerfile would do fuck-all about the problem that the code itself was missing authentication on some important sensitive API Endpoints.

Also, Huntarr does not appear to be a Verified Publisher at all. Did their status get revoked, or was that a hallucination to begin with?

To be fair though the last paragraph does have a point, but for a homelab I don’t think it’s feasible to fully review the source code of everything you install. It would rather come down to being careful with things that are new and doesn’t have an established reputation, which is especially a problem in the era of AI coding. Like the rest of the *arr stack is probably much safer because it’s open source projects that have been around for a long time and had had a lot of eyes on it.

Worth noting that despite the headline this does not have anything to do with the huge outage in the end of 2025.

The company said the incident in December was an “extremely limited event” affecting only a single service in parts of mainland China. Amazon added that the second incident did not have an impact on a “customer facing AWS service.”

Neither disruption was anywhere near as severe as a 15-hour AWS outage in October 2025 that forced multiple customers’ apps and websites offline—including OpenAI’s ChatGPT.

I would also have felt some level of schadenfreude if it turned out that any of the really big incidents in the end of 2025 was a result of managements aggressive pushes for AI coding. Perhaps that would cool off the heads of executives a bit if there were very real examples pf shit properly hitting the fan…

The free version is mainly just a number of user and device limit. Although the relaying service might be limited as well, but that should only matter if both of your clients have strict NAT, otherwise the Wireguard tunnels gets directly connected and no traffic goes through Netbirds managed servers.

You can also self-host the control plane with pretty much no limitations, and I believe you no longer need SSO (which increased the complexity a lot for homelab setups).

Don’t touch that, it’s a load bearing 100Mbit switch.

My guess is that this is a propaganda effort meant to counter that EU countries is putting pressure on social media to moderate hate speech and importantly disinformation.

Having an official US government site means both that it will have higher apparent legitimacy (compared to a random X post) for people who want to believe. It’ll likely also mean that there is no European corporate presence to pressure so the only option would be to escalate to blocking the entire site, which I don’t see happening tbh.

Wait, are they saying that when hosting services based on open source you can just refer to the source to explain how data is processed? Or am I missing something?

Because realistically that is still a quite high bar for anyone who wants to understand how data is processed compared to requiring a privacy policy.

The question can go the other way as well; what proof does people have that Discord is outright lying in their communication? All the communication indicates that they have actually taken steps to minimize the privacy impact. Importantly using local processing and only storing if it’s successful or not, even if that means that it can likely be bypassed (important web dev rule, never trust the client side).

Now introducing the Persona system is very concerning, and also a reason I don’t think it’s an overreaction anymore. Even if they claim they only save the data for longer than 7 days, the connection to Palantir and Peter Thiel is extremely troubling and erodes the trust. I mean it comes down to me not trusting them as much as Discord.

To expand on your question on why they wouldn’t be as evil as possible, it comes down to whether or not you believe that all developers and product managers are evil or not. I have worked for a decade for a few IT heavy companies and yeah, there are shit going on, but it’s mostly due to laziness, or product managers wanting numbers and pretty graphs of user behaviors (when it comes to privacy and data sharing).

The leak of the 70k UK identities is an interesting case. It’s often framed as if the processor was hacked but it was actually the normal support system where they handled appeals. The real mistake was that Discord didn’t properly think through appeal handling and it is probably attributable to a mistake/laziness then intentional malice.

Of course a bit different for the macro social networks, whose primary income stream is selling ads and they want to build behavior profiles because that allows them to argue that advertisers get more value out of their platform. The point I want to make is that your real name and photo doesn’t actually have any value for the companies, because they already do have everything they need from your activity. It does have risks and liabilities though if nothing else due to GDPR.

This article feels a bit like ragebait.

Yes, this happened once with a company that went bankrupt 2 years after launching their product. They seem to have designed an exceptionally poor product. How does this mean that the enormous engineering failures of this small startup applies to all other car brands?

Most cars have a very clear separation between core driving software and the infotainment, and the vast majority will never have any software updates so what works, will continue to work (or the other way around). At worst you’ll loose stuff like remote commands, wheatear info, list of charging points/map updates… Things that are kind of dynamic and needs to be regularly updated.

The rules only matter if the admins adhere to them and enforces them consistently.

It sounds like you are assuming that the wallet needs to re-validate each session and I don’t see why this would be needed. Each user account would just need to validate their age once then the website operator could store this in their database. If you’ve validated once you can be sure the user keeps being old enough.

They’re probably not going to use it…

… but if they do it’s going to be a hell of a good starting point in motivating people to leave Facebook

I believe something like this is supposed to be a use-case of the digital EU Wallet. A website is supposed to be able to receive an attestation of a users age without nessecarily getting any other information about the person.

https://en.wikipedia.org/wiki/EU_Digital_Identity_Wallet

Apparently the relevant feature is Electronic attestations of attributes (EAAs). I’m not really familiar with how it will be implemented though and I am a bit afraid of beurocratic design is going to fuck this up…

Imo something like this would be magnitudes better than the current reliance of video identification. Not only is it much more reliable, it will also not feel nearly as invasive as having to scan your face and hope the provider doesn’t save it somewhere.

För Discord tror jag det beror väldigt mycket på hur aktivt chatten är. För större servrar så håller jag absolut med dig om att det blir för mycket och saker bara försvinner. Men för mindre instanser, typ där det bara är ens närmaste vänner så fungerar upplägget väldigt bra. I instanser med mindre aktivitet tror jag att någonting som är mer tvingande att skapa trådar mest skulle få diskussioner att kännas fragmenterade.

Samtidigt så är det nog många communities som använder Discord vara för att det är stort, även om det inte nödvändigtvis är det bästa alternativet.

Is there really a lot of AI generated doorbell camera videos out there? I can’t remember anything posted but then again maybe that just proves the point.

Then again the low resolution does make it much easier to hide typical artefacts and issues so I don’t think it proves anything.

More relateable than I would like it to be…

That’s not all, though; some users are also unhappy not just with the age verification process itself and the security of their data, but also the people bankrolling Persona, which includes the investment fund of Palantir founder, Peter Thiel. Palantir is the data and surveillance company currently used by US federal agencies, including ICE, and Thiel’s name appears 2000+ times in the Epstein files.

I used to think that people were massively overreacting about all this, but this is some pretty fucking suspicious connections.

They can absolutely run the verification code client side, but they can’t really fully trust the data being provided from client side since the client might be manipulated or a 3rd party client may have reverse engineered the API to bypass the verification.

Probably they made the decision that it’s worth it to protect privacy (you know the thing people have been complaining about) weighed against that most teens probably won’t figure out how to bypass the system… which makes this sudden change (trial?) where it’s being sent to a 3rd party anyway kind of odd.

Vad jag har förstått så är det i princip bara att man inte kan se kanaler som är markerade som NSFW, eller om hela servern är det (kanske individuella posts går att markera som NSFW också?), samt att det ska vara begränsningar för DMs.

Står ingenting i deras information om att server ägare måste vara vuxna, men kan tänka mig att man kanske inte får ha “vuxenkanaler” i sin server om inte alla mods har verifierat sig.

Helt ärligt så tycker jag att reaktionen runt det här har varit väldigt överdriven, även om jag förstår och håller med om att video identifiering är väl typ det jobbigaste sättet att verifiera sig… men tror inte det är många som tycker att det är jobbigt nog att byta klient för att de behöver göra det en gång.

Många är snabba att peka på att de läckt all data en gång redan, men det är ju inte helt sant. Det de läckt var enbart från deras support system, när folk öppnade tickets och skickade med foto på sitt ID för att överklaga beslutet. Det säger inte riktigt någonting om det primära systemet och jag tror inte på riktigt att de skulle spara den datan speciellt länge. Låter också som att det är ett annat eller ändrat system nu när de säger att video datan bara behandlas lokalt (också intressant fråga, de litar helt på klienten? Borde göra det möjligt att helt gå runt)

Så även om jag är ett fan av konceptet av federerade nätverk, och är lite sugen på att sätta upp en egen Matrix/Synapse server för min vänkrets, så orkar jag inte riktigt driva på och övertala folk att flytta. Speciellt inte då det också verkar som att folk kan fortsätta använda de (relativt få) servrar jag är med på utan att verifiera sin ålder.