Yep.

There are two big end-user security decisions that are totally mystifying to me about Lemmy. One is automatically embedding images in comments without rehosting the images, and the other is failing to warn people that their upvotes and downvotes are not actually private.

I’m not trying to sit in judgement of someone who’s writing free software but to me those are both negligent software design from an end-user privacy perspective.

Of note about this is that image links in comments aren’t rehosted by Lemmy. That means it would be possible to flood a community with images hosted by a friendly or compromised server, and gather a lot of information about who was reading that community (how many people, and all their IP address and browser fingerprint information, to start with) by what image requests were coming in kicked off by people seeing your spam.

I didn’t look at the image spam in detail, but if I’m remembering right the little bit of it I looked at, it had images hosted by lemmygrad.ml (which makes sense) and czchan.org (which makes less sense). It could be that after uploading the first two images to Lemmygrad they realized they could just type the Markdown for the original hosting source for the remaining three, of course.

It would also be possible to use this type of flood posting as a smokescreen for a more targeted plan of sending malware-infected images, or more specifically targeted let’s-track-who-requests-this-image-file images, to a more limited set of recipients.

Just my paranoid thoughts on the situation.

Not a map, but things I’ve seen on the roads in Boston:

• Left turn only from left lane, straight or left from 2nd lane, straight or left from 3rd lane
• Green light and perpendicular traffic coming to me on the cross street, also going, because they also have a green light
• Two lanes, surprise! Lane markers go away it’s one lane, not defined who yields, you guys can work it out

Collard and colleagues first published their finger amputation thesis a few years ago but were criticised by other scientists, who argued that the amputation of fingers would have been catastrophic for the people involved. Men and women without fully functioning hands would be unable to cope with the harsh conditions that prevailed millennia ago.

Sounds pretty fair.

Since then, Collard, working with PhD student Brea McCauley, has gathered more data to back the amputation thesis. In a paper presented at the European Society conference, they said their latest research provided even more convincing evidence that the removal of digits to appease deities explains the hand images in the caves in France and Spain.

Oh really? Sorta interesting, okay, what’s the evidence?

The team looked elsewhere for evidence of finger amputation in other societies and found more than 100 instances where it had been practised. “This practice was clearly invented independently multiple times,” they state. “And it was engaged in by some recent hunter-gatherer societies, so it is entirely possible that the groups at Gargas and the other caves engaged in the practice.”

…

That is not convincing evidence.

Sure, it’s possible. If someone assembled some data that showed that in the modern day, ritual amputation is way more common quantitatively than accidental loss of digits, and showed that they were able to reject some other plausible explanations (e.g. showing that there wasn’t a particularly cold climate in that area that would cause frostbite to be more common than normal), then sure. But that’s not this paper, it sounds like.

Almost as if the whole endeavor is a ridiculous counterproductive waste of time.

It would be possible to implement a “slur filter” on the reader’s side, that automatically redacted a configurable list of bad words from any comment on any instance… but I suspect that the percentage of people who would enable it, and the general community feedback on it, wouldn’t be what the person who made the decision wants to hear. Doing it on the sender side provides a convenient pretense of “I’m doing a good thing here” because it prevents that feedback.