Melody Fwygon

This gives me an idea;

Don’t store incoming data from remote instances into the “Main DB” immediately. Store them into SUBORDINATE DATABASES!

The logic of how you arrange these subordinate databases should be simple; depending on which instance you’re communicating with you could select a subordinate database like so;

• First; we need to have a “Main Delay” database. This database is used by all the instances we Both Federate With, and Mark as one we Trust! and we merge all records here into the main database on a specified timeframe to give ourselves a little time to roll back the clock if something betrays that trusted status.
• Secondly we need to have unique little databases for each little instance that we Federate with, but do not yet mark with trust! These little DBs are merged into “Main Delay”, then Main on a different time-delay schedule. This gives us even more time to roll back large-scale attacks, spam or flooding via ActivityPub as well as time to just smack the “Defederate” button as soon as they start to misbehave and, optionally, jettison the garbage data that caused the need for Defederation as well.

So what happened with lemmyworld?

Fuck /u/spez

Judging by the newsprint from today; it feels like spez is still lost in his own delusion.

Right now he’s at the bargaining stage; trying to find out if he can weasel his way out of this shit. Fuck him. He dug his own career’s grave there. I’ve already established a community here on lemmy.

I actually see myself being able to use this password manager; although it really does require that you approach passwords with a much different paradigm.

1. Spectre requires 3 input values. A “Full Name”, a “Master Password” and, a site name or domain name.
2. In order to manipulate the passwords provided you must manipulate these three values.
3. We can assume that “Full Name” is only changed or rotated when you are changing identities
4. We can assume that “Site Name” is only different when you are logging into a different website
5. We can assume that your “Master Password” or “Secret” is any old arbitrary string you choose.

Depending on the behavior of this generator we can always vary our input for #5 and, maybe vary the input for #4. I don’t know if it allows us to manipulate #3 after initial input though.

If 3 and 5 are variable with each use and 4 is auto-detected through software means, and stapled to the domain name value, then we already have two factors of information and we can use two ‘passphrases’ to derive one. You could insert a nonce into your First Name or Master Password. Maybe you only change the nonce word in your Name when making accounts for different purposes and change the nonce word in your Secret when a site needs a new password.

Full Name: First <Nonce> Last (change the nonce to change the account selected) Master Secret: Password <Nonce> (Change the nonce only when you need to kill the old password.

You remember: The Name, Secret, the Name Nonce and, the Secret Nonce. (This compresses down to three things if the nonce is same for both because the account has never been breached)

If only 5 is variable after initial setup and 3 is written only once and 4 is automatically determined; we can still vary the input of that to increment the passwords. You just have to add a nonce value or counter to your master password: MasterSecretHere <Nonce>

You remember: Master Secret and the Nonce. Maybe you have to remember if you’ve changed the Nonce for this website if it’s been breached.

If all three values are input to generate the password by you; then you have complete control over the generated password. You can insert your nonce into any, some or all of the values to change the desired password output.

Your remember: All three base inputs; Full Name, Site Name, and Master Secret. You may use as many or as few nonces as needed and you can make them memorable.

(Maybe Bad) Nonce Examples: (Please; be more creative than these nonces; these are only here to explain things.) [Please note that all names, sites and passwords/secrets presented are fictional and used only for example purposes. Do Not Use any of these examples as your own password generation inputs]

• First (Assumes Name and Secret can be variable; but not site name)

  • Full Name: Harry Muggle Dresden In this case; we use ‘Muggle’ as a memorable nonce to select his “Muggle” or “ordinary accounts” for handling his real life stuff like bank passwords.
  • Site Name: somewherenationalbank.com We assume this is set by his helpful browser plugin and he’s never had another account here; so we choose not to add any nonce here (if we even could).
  • Master Secret: Abracadbra-Alpha Here we follow a simple nonce list; since we haven’t needed to change the password yet; But if for some reason the bank gets a wild hair up it’s rear end and requires a new password; we would just cycle through the list of nonces as follows; Alpha, Beta, Delta, Gamma, Iota, Kappa, Omega

• Second (Assumes only the Secret is variable)

  • Name: Harry Milford Dresden
  • Site Name: spicymeatballsubsanywhere.com
  • Master Secret: Alakazam!Alpha He knows those nasty heckers at the FBI has been trying to snoop on his secret sub orders…so he’s using a different Secret base; Alakazam! to throw them off and prevent hacking. He would still just cycle through the list of nonces as follows; Alpha, Beta, Delta, Gamma, Iota, Kappa, Omega …if the password needs changing.

• Third (Assumes all three can be input at each password creation/retrieval)

  • Name: Harry <Purpose> Dresden You see; he’s a Wizard; so for times he’s being a Wizard for a client he uses Wizard, when he’s enforcing magic law he uses Warden and when he’s doing mafia work he’s using Winter to replace the <Purpose> token.
  • Site Name: <Username>@<domainname.tld> This should be obvious but this encodes his username and site name here.
  • Master Secret: <Passphrase>:<nonce> Pretty easy; he has a different passphrase for each purpse; all secret of course; and if a site gets hacked he changes the passphrase; if a site just needs a new password he changes his nonce by just cycling through the list of nonces as follows; Alpha, Beta, Delta, Gamma, Iota, Kappa, Omega

Hard No.

In fact I’d expect a large number of fediverse instances to defederate or silence the instance so that users who do not want to be bothered by it will not be bothered.

• 100% backpedal on all controversial changes announced within the previous 6 months; including any changes announced at the same time as said controversial changes.
• Form a task force of admins and developers to backport all; critical moderation tools and changes introduced since the new.reddit launch; to old.reddit. (Complete this task within 1-2 years.)
• Irrevocably Hard remove with no severance /u/spez from his CEO position and any position of power at reddit.
• Hire a new CEO from the pool of the community team(s).
• Cease all Dickery at once
• CANCEL THE IPO!!! This shit needs to wait until reddit gets it’s act together.
• Prioritize hiring humans to run reddit AEO; choose them from your MASSIVE FUCKING POOL OF SUBREDDIT MODERATORS! DO NOT USE AI OR HIRE ANYONE WHO HASN’T MANAGED AT LEAST 25K USER SUBS
• Ban all forms of facism; this is including forms of EXTREME viewpoints that grossly exceed reasonable discourse, peaceful free speech, advocate for extremist governmental regulation, violence or oppression of any kind against any group or subset of people.
• fuck /u/spez - Just make sure he never gets a C-Level job again please.
• continue to build reddit out in a way that allows for fair and ethically priced services from reddit (Ads, unlimited API access, rev sharing, premium features that are cosmetic items only, etc)
• Pick up the same “Do No Evil” ethos that Google abandoned; prioritize your users and revenue equally and balance the obligations better.