• 1 Post
  • 11 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle




  • I don’t know anything specifically about KeePassXC but it’s my understanding that a transform round is some computationally expensive task that can be preformed as many times as desired, but must be preformed the same number of times to decrypt as well. The point being to slow down any attempts at brute forcing access to you database if someone gets a hold of your encrypted DB file. For example say it takes one second to derive the proper DB access key from the password you entered to unlock the app, that doesn’t really matter to you logging in as almost no one is going to notice a one second delay in logging in. But if some one else gets a hold of your encrypted password DB then they have to wait one second for every password they try, making brute forcing the DB file practically impossible given you’ve chosen an adequate password.

    Ideally you’d choose something which gives a delay not too inconvenient for you when logging in, but enough to thwart the person who might try and brute force the password even if they’re using more powerful hardware.



  • I didn’t notice any downtime of course as I would have been asleep at the time haha. I just wanted to jump in here and say that I really appreciate all the work you put into running this instance and maintaining it’s content. I know it is early days and the lemmy software isn’t super stable or easy to work with, not to mention the monetary aspect of the costs of the server time.

    I’m just happy there’s somewhere non-commercial I can go now to see my strange combination of yiff, news, and memes. I’m sure we can all tolerate a bit of downtime here and there, so try not to worry about it too much when it happens. We know you can’t be available 24/7 so some downtime is inevitable, try not to fret about it too much when it happens. And for goodness sake don’t overwork yourself and get the burnout, I’m pretty sure that’s happened to several of the larger instance admins so far, I’d hate to see you befallen the same fate.



  • Not universal but it’s the unfortunate reality that people obsess over stuff they don’t like as a form of internalized repression. They better be careful though, looking at so many furry images while downvoting they may eventually catch the pathOwOgen.

    It’s nice that you can get this information by querying the database directly but it would be nicer still if it was built into the admin or mod interface somehow. Although I imagine in order to compile that information you used some sort of DB aggregation which could be unexpectedly resource intensive on larger instances so perhaps not.

    I wonder how possible it would be to create some sort of plugin system for lemmy to add functionality like this and more that would only be of interest to particular lemmy instances. That could help to keep the core of the server small and lightweight while giving people the option developing and installing server resident bots, additional functionality, and user interface enhancements as they see fit.


  • I had a peek at the source code and although I don’t actually know Rust it looks like that error comes from a check for character length in the function “is_valid_body_field”. Strangely it does the same check twice against two variables “POST_BODY_MAX_LENGTH” and “BODY_MAX_LENGTH”.

    The smaller of the two is BODY_MAX_LENGTH which is set at 10000, so I assume the max character limit is 10,000. There are no other checks in that function other than the character count and that’s the only place in the source code that the text “invalid_body_field” shows up so I assume it’s only sent as a response to too much text, but as I said I don’t actually know Rust so I could be wrong.