IMO Saidit would look nicer if we could create text posts with a thumbnail. by O_G_P in SaidIt

[–]GothFvck 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

It'd be great to have more options!

What is the ratio of lurkers (no account), inactive users (have an account but hardly use it to post), and active users on Saidit? by Chipit in SaidIt

[–]GothFvck 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

I've had an account for a while but rarely visit the site. And most of the time there's just no reason to comment.

Saidit.net — Dec 19, 2018 — New Saidit Android App Released by magnora7 in SaidIt

[–]GothFvck 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

What about for other servers running Saidit? We need to be able to log in to this app using our own instances!

Federation? ActivityPub is all the rage these days but, OStatus might work just as well. (See https://GNUsocial.network)

Welcome to Saidit.net! by magnora7 in SaidIt

[–]GothFvck 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

However this is an anonymous social media forum. Requiring 2FA will reduce the number of users who want to join, as it forces partial de-anonymization.

I don't understand this logic. Please elaborate.

For me, it's difficult to take any site seriously or view them as legitimate if they don't take security seriously. Regardless of what information our profiles & accounts have or do not have here, it is still imperative to maintain good security. Especially these days when browsers force the use of TLS/SSL and search engines down-rank unsecured sites. You guys have gone through some trouble to add a canary warrant, why not use something like https://www.keycloak.org/ by Red Hat for account management? It supports OpenID as a login option and MFA. Even hardware MFA (multi-factor authentication) optionally. No additional information is required. Even with a strong password, an attacker could still compromise a users account. However, the likely hood of it is far, far less with 2FA enabled. I think these should all be optional for users and mandatory for moderators. Think of all the harm that can be done with that much control on the site and then what it'd take to clean up the mess. It beseeches a person to be proactive, rather than reactive. Prevent problems from happening in the first place so you don't have to scramble to fix them later meanwhile your precious site and community has been damaged. Sure, breeches happen all the time but, it's the way a company or project handles the situation. It's about what measures and barriers they had up and then how transparent, fast, and knowledgeable they were afterwards.

Don't just listen to me. Check out the site I linked, do some more research, and I highly, highly recommend listening to the netcast Security Now with Steve Gibson, a 30+ year Security Engineer/Researcher and author of Squirrelmail & Spinrite. He really knows his stuff and I've learned so much listening to that show over the last few years. https://twit.tv/sn | https://grc.com

For the record, I run https://TheFreaks.Club and we're working on setting up Keycloak for single sign-on & security. TFC is a brand new federated social network for all sorts of macabre misfits and it utilizes many free/libre open source softwares. We plan on using Saidit for our message boards soon(TM). :D P.S. We're using a dedicated server in Iceland for their higher free speech & privacy standards.

Oh. I should add that if a person really wants to be anonymous there are plenty of disposable/temporary e-mail services out there and many allow the creation (and deletion) of aliases to create separate personas and compartmentalize their different identities. Plus, there's Tor and Brave browser makes it super easy by building it in with Private windows. So, requiring an e-mail doesn't make anyone less anonymous.

Seriously what's the deal with Brave? Where did it come from? by eremsee in Browsers

[–]GothFvck 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

One way they make money is with Brave Rewards / Ads. Companies pay X amount for Y number of ads they want to be displayed per month for users who opt-in to the system.

It didn't just pop up out of nowhere. It''s based on Chromium and one of the founders of Brave is a former founder of Mozilla. It's been around for years. Personally, I think it's great. I've got a site that accepts Basic Attention Token (BAT) tips. This is something users can opt in to as a way of supporting the sites they visit. A portion of the money goes to the site.

Just take a look at https://basicattentiontoken.org/

Saidit.net Canary #11 by magnora7 in SaiditCanary

[–]GothFvck 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

This is good news! But how long can we expect this to stay up for? If we don't see a new one posted by X date, we should assume there's been a compromise.