If you think this post would be better suited in a different community, please let me know.


Topics could include (this list is not intending to be exhaustive — if you think something is relevant, then please don’t hesitate to share it):

  • Moderation
  • Handling of illegal content
  • Server structure (system requirements, configs, layouts, etc.)
  • Community transparency/communication
  • Server maintenance (updates, scaling, etc.)

Cross-posts
  1. https://sh.itjust.works/post/27913098
  • Kalcifer@sh.itjust.worksOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 month ago

    That is a cool feature, but that would mean that all of the web traffic would get returned to my local network (assuming that the server is set up on a remote VPS), which I really don’t want to have happen. There is also the added downtime potential cause by the added point of failure of the GPU being hosted in a much more volatile environment (ie not, for example, a tier 3 data center).

    • db0@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      Not all web traffic, just the images to check. With any decent bandwidth, it shouldn’t be an issue for most. It also setup in such a way as to not cause a downtime if the checker goes down.

      • Kalcifer@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        Not all web traffic, just the images to check.

        Ah, yeah, my bad this was a lack of clarity on my part; I meant all image traffic.

      • Kalcifer@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        With any decent bandwidth, it shouldn’t be an issue for most.

        It’s not only the bandwidth; I just fundamentally don’t relish the idea of public traffic being directed to my local network.

          • Kalcifer@sh.itjust.worksOP
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 month ago

            Yeah, that was poor wording on my part — what I mean to say is that there would be unvetted data flowing into my local network and being processed on a local machine. It may be overparanoia, but that feels like a privacy risk.

            • db0@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 month ago

              I don’t see how it’s a privacy risk since you’re not exposing your IP or anything. Likewise the images are already uploaded to your servers, so there’s no extra privacy risk for the uploader.

              • Kalcifer@sh.itjust.worksOP
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 month ago

                “Security risk” is probably a better term. That being said, a security risk can also infer a privacy risk.

                  • Kalcifer@sh.itjust.worksOP
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    1 month ago

                    For clarity, I’m not claiming that it would, with any degree of certainty, lead to incurred damage, but the ability to upload unvetted content carries some degree of risk. For there to be no risk, fedi-safety/pictrs-safety would have to be guaranteed to be absolutely 100% free of any possible exploit, as well as the underlying OS (and maybe even the underlying hardware), which seems like an impossible claim to make, but perhaps I’m missing something important.

      • Kalcifer@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        It also setup in such a way as to not cause a downtime if the checker goes down.

        Oh? Would the fallback be that it simply doesn’t do a check? Or perhaps it could disable image uploads if the checker is down? Something else? Presumably, this would be configurable.