• UltimateUsermaim@monyet.cc
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    I wanna share my latest poem I made 2 weeks ago

    King of Dirt

    I eat myself full of dirt

    Of the Dirt I thought I conquered

    The dirt I thought I won over but in truth

    It was nothing but an obvious case of denial and an overinflated ego

    It is dirt borne of half baked resolve and clown juice

    When will I learn to take things seriously

    When will this dirt be the true works of my labour

    Here I lay, reigning over these piles of dirt I’ve convinced myself I have

    My magnum opus, the greatest king of all

    My king of dirt

  • scotchandyes@monyet.cc
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Hello folks! I’m new here. It’s good to know a place that feels familiar yet is on a different ground. Here’s to my reddit-free journey.

    Question: How do I interact with lemmy dot ml subs? I thought that the sign up is universal throughout whole of lemmy.

    • Naomikho@monyet.cc
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Welcome!

      Your account is tied to the instance you created your account in. To browse you’ll need to subscribe to another instance by searching for the instance and adding it to your list. I think you can find a guide somewhere under announcements :)

  • armandtanzarianmusic@monyet.cc
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Downloaded a mobile version and now it sits next to my Reddit.

    Also tried Threads. Immediately got a bunch of Muslim accounts on For You. I don’t follow any on Instagram neither am I Muslim.

    Will wait till my feed stabilizes back to my usual diet of left wing shitposts and music memes.

  • Annoyed_🦀 @monyet.cc
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Shiet, sad that i have to work, reading the saucy stuff of lemmyworld hack is entertaining and educational.

  • Annoyed_🦀 @monyet.cc
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Shit, lemmy world got hacked, click on that Israel will lead you to explicit picture of a bunch of naked old man sucking each other, and also pop’s up lead to porn site.

    Avoid at all cost.

    • zen@monyet.cc
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      this is bad. rumour has it this is due to an admin’s json web token being leaked.

      so I would advise all admins here not to log into 3rd party web apps (mobile apps should be okay) with their admin accounts, as the web apps usually proxy your requests (hence, they have your token), and they proxy not due to nefarious purposes, but due to some problem with cors (in other words, being forced to proxy your request isn’t really their fault, and once the cors problem is fixed in the lemmy backend, they can stop doing that).

    • unhedged@monyet.cc
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      That kind of feels like the old internet. Insert inappropriate links etc.

      What next, resurgence of the Rickroll?

        • zen@monyet.cc
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          1 year ago

          now I’m hearing that the hack is being spread through direct messages as well.

          as this seems to be a javascript hack, all admins logged on through any web ui (even the official one) are advised to not open dm’s from unknown users.

          as mobile apps differ from browsers, and shouldn’t execute javascript directly, they should be less affected, but please take caution anyway for the time being.

          edit: it seems lemmy.blahaj.zone has been hacked too. the malicious javascript has been detected in custom emojis and community description sidebars, so admins must watch out for new users who signup and immediately start posting custom emojis or opening new communities.

            • zen@monyet.cc
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              1 year ago

              I think it is better to not open it at all (at least in the web browser, mobile apps seem to be okay, but nothing is really certain atm), as the malicious javascript seem to be connected to custom emojis and community descriptions in the sidebar (see my latest edit), so no clicking required.

    • zen@mitra.076.moe
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      https://github.com/LemmyNet/lemmy-ui/issues/1895 has more information on mitigations, which may not be necessary if no custom emojis were added.

      it also has something for invalidating all json web tokens by changing the signing key (all users will need to re-login after doing that), which may be necessary depending on whether the tech team believes any of them (especially any of the admin’s) have been compromised (there is currently no expiry date on the tokens).

      #lemmyworldhacked #fediversedrama

    • ruk_n_rul@monyet.cc
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Goddammit. The fediverse drama continues.

      Btw admins it’s best that we defederate for the time being.

    • ruk_n_rul@monyet.cc
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      1 year ago

      https://kbin.social/m/android@lemdro.id/t/168524/Lemmy-world-and-another-instance-have-been-compromised#entry-comment-661712

      The linked comment suggests that the entire Lemmy platform is currently vulnerable to the cookie stealing exploit that already happened to several instances.

      Now, if only we have automod that could detect code injection in markdown links and tempban offenders…

  • Naomikho@monyet.cc
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I’m still contemplating whether to buy a yukata for bon odori. But I don’t think I will wear it much 😞

  • Penang Kia@monyet.cc
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Did not expect my post to promote the Kdrama community to provoke anti-Lemmy posts, but this is Mastodon 🤣

    • imaginelizard@monyet.ccOPM
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Keep promoting anyway. The more the merrier I say, any engagement is a good engagement when we’re this small.

  • cendawanita@monyet.cc
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    btw if anyone is also exploring fedi side of the microblogs (your insta, tumblr, twitter equivalent - there’s even an FB one), and are looking for more hashtags to follow as you set up your account (as you don’t have to follow accounts, you can also just follow hashtags):

    • Histodon
    • Bookstodon
    • Bloomscrolling
    • Florespondence
    • TootSEA
    • MYToots
    • MakanApaToday (belated also can)
    • PlaylistSEA (music recs; doesn’t have to be current)
    • FilmSEA
    • ArtistSEA or ArtSEA
    • CatsOfMastodon
    • LawFedi

    the Malaysians are still workshopping if we want to call ourselves Feditiam or Feditory so the ones who layan this are tagging one or the other, lol.