I feel like we need to talk about Lemmy’s massive tankie censorship problem. A lot of popular lemmy communities are hosted on lemmy.ml. It’s been well known for a while that the admins/mods of that instance have, let’s say, rather extremist and onesided political views. In short, they’re what’s colloquially referred to as tankies. This wouldn’t be much of an issue if they didn’t regularly abuse their admin/mod status to censor and silence people who dissent with their political beliefs and for example, post things critical of China, Russia, the USSR, socialism, …

As an example, there was a thread today about the anniversary of the Tiananmen Massacre. When I was reading it, there were mostly posts critical of China in the thread and some whataboutist/denialist replies critical of the USA and the west. In terms of votes, the posts critical of China were definitely getting the most support.

I posted a comment in this thread linking to “https://archive.ph/2020.07.12-074312/https://imgur.com/a/AIIbbPs” (WARNING: graphical content), which describes aspects of the atrocities that aren’t widely known even in the West, and supporting evidence. My comment was promptly removed for violating the “Be nice and civil” rule. When I looked back at the thread, I noticed that all posts critical of China had been removed while the whataboutist and denialist comments were left in place.

This is what the modlog of the instance looks like:

Definitely a trend there wouldn’t you say?

When I called them out on their one sided censorship, with a screenshot of the modlog above, I promptly received a community ban on all communities on lemmy.ml that I had ever participated in.

Proof:

So many of you will now probably think something like: “So what, it’s the fediverse, you can use another instance.”

The problem with this reasoning is that many of the popular communities are actually on lemmy.ml, and they’re not so easy to replace. I mean, in terms of content and engagement lemmy is already a pretty small place as it is. So it’s rather pointless sitting for example in /c/[email protected] where there’s nobody to discuss anything with.

I’m not sure if there’s a solution here, but I’d like to urge people to avoid lemmy.ml hosted communities in favor of communities on more reasonable instances.

  • @[email protected]
    link
    fedilink
    English
    85 months ago

    There are serious cyber security implications here that people are sleeping on

    No, there are not.

    At most, if they decide to kill the project by adding malicious code they can affect Lemmy itself. 99% of users don’t run Lemmy (which is where the “quiet exploits” would run), and the frontend simply doesn’t allow you to have a serious impact, unless you think they will stumble upon a browser 0-day and they decide to burn it by committing the exploit to an open source repo instead of selling it for millions (or use it elsewhere).

    What’s with the fearmongering? Their stance is crystal clear since ever.

    possibly even fork the Lemmy repos

    Right, and who maintains the fork? Who, among the large population of external contributor, I mean?

    • What do u mean their arnt any security issues here. Ive played enough 2b2t to know a backdoor makes u a literal fucking god. If u own all the servers u have everyone’s ip, u can control everyone’s interaction. U can can literally 1984 the entire federated history. Do u not see the issue here they could take control of your account post cp then report ur ip and get u locked up for long time.

      • @[email protected]
        link
        fedilink
        English
        35 months ago

        I am a security engineer by profession, so I do have at least a decent understanding of what I am talking about. Every server in this case has that potential. There is nothing preventing any admin from patching code and manipulating the network after TLS termination (I.e., changing payloads of POST requests etc.). That said, not even in a videogame you would be “locked up” by someone posting CP on your behalf like that. This is simply not a threat and if you think it is, then you should be worried about every website you visit.