Lemmy.World Announcements

29026 readers

2 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news 🐘

Outages 🔥

https://status.lemmy.world

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to [email protected] e-mail.

Report contact

DM https://lemmy.world/u/lwreport
Email [email protected] (PGP Supported)

Donations 💗

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Join the team

founded 1 year ago

MODERATORS

[email protected]

233

Jerboa app and Lemmy 0.18 (lemmy.world)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

191 comments fedilink hide all child comments

The 0.18 version of Lemmy was announced. This will solve many issues.

But we can't upgrade yet because the captcha was removed, and captcha relied on Websockets, which are removed in 0.18 so despite the devs agreeing on my request to add captcha back, this will not be until 0.18.1. Without captcha we will be overrun by bots.

Hopefully this 0.18.1 will be released soon, because another issue is that the newest version of the Jerboa app won't work with servers older than 0.18. So if you're on Lemmy.world, please (temporarily) use another app or the web version.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 1 year ago (1 children)

Why was captcha even removed in the 1sr place?

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

Captchas depended on websockets which were removed.

https://github.com/LemmyNet/lemmy/issues/3200#issuecomment-1600505757

"Note that captcha uuids and answers were stored in-memory in the websocket server which is removed now, so its necessary to add a new database table for captchas."

[–] [email protected] 0 points 1 year ago (1 children)

No need for a database table, just encrypt the solution and encode it in the filename.

[–] [email protected] 0 points 1 year ago (1 children)

You don't want to provide any more info to the client that you need to. Otherwise someone can write a robot that decrypts that filename and breaks the captcha.

[–] [email protected] 1 points 1 year ago

Encrypted means encrypted with real cryptography, using a secret key known only to the server. If a random robot can break that, we are all in trouble. Almost all internet security depends on basically similar cryptography.