BarterClubWelp that answers a lot of why all .ml are down
DaGeek247Goddamn, looks like im switching registrars soon. Thanks for the link.
db2This brings a disturbing thought to mind… if an instance domain name like foo.bar lapses and someone else snaps the domain up (or of it gets stolen) can the new controller plop Lemmy on a server and be instantly federated? If so what kind of damage could they do?
WanderNo, the signatures wouldn’t match.
This is why you don’t let your domain registration lapse. It’s not the only way computers on the internet verify each other’s identity, but a hell of a lot of internet security features are based around domain names, so keeping yours functioning is a very big deal.
finnDomain registration ≠ internet security. Root of trust is in cryptographic keys, not domains. DNS is not the security cornerstone you make it out to be. PKI says hi!
Yes, but it is very quick and cheap to get a domain validated cert from a CA that is generally trusted by most web browsers, so once the bad actor has the domain, the should be able to trick most users, only maybe certificate pinning might help, but that is not widely used.
Consider how many system relies on being able to send you an email for verifying your login and performing password reset. Those who have control over your email address domain can trigger password reset for most of online services out there. Imagine if Google forgot to renew gmail.com and it falls to a wrong hands.
Email is tied to domains. TLS is tied to domains. CORS is tied to domains. OAuth is tied to domains. Those are just four things I can think of while half asleep. Here’s one recent example of how screwing up a domain name is enough by itself to cause a security breach.
Cryptography is not security any more than domain names are; both are facets of how security is implemented but there’s no one system that makes the Internet secure.
hemmesICANN has an Expired Registration Recovery Policy (ERRP) that requires your registrar to give your domain a 30-day grace period before deleting the records. ERRP also requires them to shutdown your DNS resolutions 8 days before deletion.
You’d have to be really mismanaging your domain if you miss all the required email reminders and don’t notice your domain has been non functional for a couple of days.
I think Microsoft and Google have both done it, but what do they know? 🤣
Oh really? Haven’t heard that one, back in the day or something?
Yeah some dude bought the google.com domain via some glitch a while back. Here’s a story about it.
Awesome lol
cdivYup. Microsoft let hotmail lapse once. Someone paid for the renewal for them. slashdot.org/…/microsoft-hotmail-domain-reward-ch…
Microsoft Hotmail Domain Reward Check on E*Bay - Slashdot
Big_Joe wrote to us with the continuing story of Michael Chaney. Michael is the guy who paid the re-registration fee for the Hotmail domain name, after Microsoft had failed to over the Christmas holiday. He's auctioning the 500$ "thank you" check off on E*Bay and has pledged to donate the winning b...
hitagiOut of curiosity, other than fmhy.ml, lemmy.ml, and lemmygrad,ml, what other Lemmy instances were using .ml domains? Also, how are the latter two still running but fmhy.ml isn’t?
You can see all but posts and comments won’t be on their server until back online that are a few it went down. So I can visit my communities like lemmy.fmhy.ml/c/artwork that I mod. I can see it but nothing will happen until it comes back online. That’s what understand at least.
NOT_RICKWhy are so many instances using .ml anyway?
Red Wizard 🪄It was free
I’m guessing because it’s sort of an alliteration on lemmy?
Compadre de OgumIt was free
And
Lemmy creators are Marxist Leninists
Theyre tankies, thats why.
𝔊𝔦𝔫𝔧𝔲𝔱𝔰𝔲AFAIK, lemmy.ml and lemmygrad.ml use it because the ml can also stand for “Marxist-Leninist”, and the two primary maintainers of Lemmy are Marxist-Leninists . Not sure about the others though.
I’m going to have to make a copy paste for this:
.ml stands for Mali.
.ee stands for Estonia.
.tv stands for Tuvalu
Just like .ca stands for Canada.
Madbrad200this is technically true, but it’s not why lemmygrad, ran by full on communists, chose the .ml tld
.ml was the main Lemmy before .world Most communities were there.
Yes I know, the owners of lemmygrad/lemmy.ml created lemmy
I can’t believe someone else is having the exact same conversation with the exact same person as me
Feels more like Reddit every day
Which ironically, is now failing due to the fault of those in power of that TLD. The festive raw needs to be careful with tld’s they choose. ICAAN exists, but it’s obvious that some domain power is delegated and therefore safer TLDs should be chosen
Honestly this might be an unpopular opinion, but I think this literally down to bad luck and this is nothing we have to be prepare for anymore than any other host. Which is an incredibly small amount. It’s not like this shit happens often as there would be a lot of news coverage around it considering the amount of big companies affected, and I frankly think this is very low on the list of priorities of things that lemmy has to keep in mind or address at some point.
I completely agree with you. My point was purely to say that in the future those running parts of the fediverse now need to be more cautious. Now that we know that ICAAN will allow TLD administrators to reclaim these domains, it’s important that TLDs are chosen less about how they look on the moment as a cool URL, and more about their historical integrity of keeping a domain active.
My point was purely to say that in the future those running parts of the fediverse now need to be more cautious.
And that’s where I disagree. This is like being attacked by a lion in Berlin. Yeah, it’s a risk, but tbh it’s just such a stupid situation that if it happens, we are decentralised so for most ppl it should be a minimal impact, and for the rest it’s unavoidable. My point is, there’s always a non-zero chance for this but we should waste no time thinking about this, as there’s no real solution to it. It’s like saying “there’s a non-zero chance my house can be hit by the shockwave a meteorite”. No one prepares for that, as it makes no sense to accomodate for that.
My comment is purely about new servers being set up. It’s decentralized but there is a massive margin of users on certain servers. It’s always a non-zero chance of something going wrong, but the fediverse shouldn’t be without responsibility and efforts to improve. If it’s know that certain TLDs are likely to take back a domain, then don’t use them.
there’s a non-zero chance my house can be hit by the shockwave a meteorite
More like “there’s a non-zero chance that country-based TLDs are more risky”
One has real data behind it, one is a literal random basis
I’m surprised they didn’t use the .su Soviet Union Top Level Domain.
Stalinists, not communism
It’s funny you’re getting down votes for this. ML was literally created as the official formulation of Marxism & Leninism for the USSR by Stalin.
Reactionary Stalin/China/etc stans try to frame themselves as communists and don’t like it when it’s called out. They’re like qanonists with a different cult leader.
Please don’t make a copy paste for this, smh.
Yes, it stands for Mali, no, it's not why lemmygrad used the domain name. Do you think all the services like Grammarly and Bitly are all Libyan services as well? Because I've got news that may just blow your mind.
Please stop copy-pasting ignorance.
∟⊔⊤∦∣≶It can also definitely stand for Machine Learning which is the first thing that comes to my mind
Hey now, what’s with all the logic and stuff. We only allowing jumping to conclusions around these parts, you should know better than that.
/s
It’s not jumping to conclusions; it’s actually pretty well-known. The devs and their instance are very open about being Marxist-Leninists.
I don’t see how machine learning is related to Lemmy in any way
Okay, fair enough. So…we getting back to Lemmy now?
gelberhutYes, but as discussed several times here and there Lemmy Devs are pro china and anti USA and they admin lemmy.lm. in this case LM stays for marksism Leninism.
bdonvrYes but lemmy has nothing to do with Machine Learning.
Do you have a source for that statement?
Yes. Check (Google) esses in GitHub of one of Lemmy Devs, check official Lemmy creation history, check Reddit post announcing lemyy creation.
This topic was discussed multiple times here and there.
Alright, thanks. I’ll look around. I don’t have a problem with it if that’s why they chose ml, I just want to know for sure before I told anyone that. Some people get up in arms about socialism.
Cynetri (he/any)Idk if it was intentional or not but that last sentence is a great pun lmao
LemmyNet GitHub: github.com/LemmyNet/lemmy
One of two creators and main devs github.com/dessalines (second one: github.com/Nutomic)
His essays on github: github.com/dessalines/essays
Very polite version of lemmy creation: join-lemmy.org/docs/…/07-history-of-lemmy.html
In this trhead someone already posed reddit annoucment, which uses more honest wirding 🙂
TheGreenGolemOkay, but. Are they Marxist-Leninist? Pro-China? Socialists? Anti-capitalists? Looks like: yes. Was the whole thing founded on the grounds of free, shared things and anti-corporate thinking? Also yes. Do we absolutely know for sure that the ML domain was chosen because of this? No, because the above sources (or any source I ever saw) confirms or denies this claim. (If there is something specifically about the TLD, please share with me.)
I’m not saying it stands for Machine Learning. I’m not saying it stands for My Love or Mah Lord. But I also wouldn’t say that it for sure stands for Marxist-Leninist. We can assume, but we don’t know for sure. Maybe it’s because it’s free, maybe it sounds cool, maybe it’s Maybelline. We don’t know this specific aspect of the story. (As far as I’m aware.)
Yes. Here you are right. There is no written explanation for the domain name I’m aware of, but from all possible interpretation this is the most logical one.
Fucking KNEW it, just found this.
It was simply just free.
People and their “knowledge” about topics they don’t know anything about…
PSA: Sharing lemmy.ml links on sites where they are blocked - Lemmy
Some websites block lemmy.ml [http://lemmy.ml] links, for example Facebook as you can see in the screenshot below. [https://lemmy.ml/pictrs/image/joG9JbEySe.png] I dont know if this is because of the .ml domain (which is free and might be used by spammers), or because they are scared of Lemmy. Anyway, this doesnt mean that it is impossible to share content from lemmy.ml [http://lemmy.ml] on Facebook or other sites, thanks to federation there is a relatively easy workaround: 1. Find another Lemmy instance [https://join.lemmy.ml/instances], ideally one that is relevant to your audience 2. Copy the lemmy.ml [http://lemmy.ml] link, and paste it into the search field of your chosen instance 3. You should get a search result for the post, comment, community or user, click on it 4. Copy the link and share! There are a few caveats though: In the case of a post, comments and votes will be missing. You can fetch comments in the same way through the search. The other instance will also not receive any new posts/comments/votes made in the community, unless a user from the remote instance is following the lemmy.ml [http://lemmy.ml] community. The easiest way to avoid these problems is for you to make an account on the other instance and follow the community from it. Then every post/comment/vote will be delivered to the other instance, and the community should look identical on both instances.
Thanks!
That’s not true at all. ML was used as an idiological choice as it’s the only free TLD you can get and you should not have to pay for a domain name as per Lemmy’s creators ideology.
That’s not true. There are a few other free TLDs. I think five total?
lemmy.ml, what type of drug are you on
I think it’s because ML is a popular shorthand for ‘Marxist-Leninist’ since they mostly seem to be communist servers