Image processing libraries are used at the forefront of almost all web services, including lemmy and are extraordinarily robust. I really don’t have the time to go at this in depth, but if you are familiar with this stuff you will know how extraordinary such an exploit would be and its existence would be causing massive chaos all over the world.
FYI when you request a guarantee, you can specify another instance to solicit a guarantee from. They will get a PM to inform them.
Generally getting people to guarantee for others consistently has been the biggest struggle on fediseer >_<
It’s been out for the past year. It’s all word of mouth but a lot of instances have fediseer badges to draw attention to it.
You mean an exploit payload embedded in an image, and pwning a system parsing that image through python PIL? While there’s never a 100% chance of anything, you’re more likely to be struck by lightning than this coming to pass and at that point you’re at more security risk at using the internet altogether.
Why would it be a security risk?
I don’t see how it’s a privacy risk since you’re not exposing your IP or anything. Likewise the images are already uploaded to your servers, so there’s no extra privacy risk for the uploader.
Lemmy and Mastodon as well for me. With a little bit of discord and matrix for my projects’ realtime chat
You can actually run it in async model without pictrs safety and just have it scan your newly uploaded images directly from storage. It just doesn’t prevent upload this way, just deletes them.
You don’t get public traffic redirected. It’s not how it works
It stops doing checks. Iirc you can configure it yes
Btw, have you played something like Hades? You’re not technically a wizard, but close enough. And there’s other hades-like games which might be more “wizard-like”.
Oh man, that’s really sad :(
https://github.com/db0/fedi-safety and the companion app https://github.com/db0/pictrs-safety which can be installed as part of your lemmy deployment in the docker-compose (or with a var in your ansible)
Not all web traffic, just the images to check. With any decent bandwidth, it shouldn’t be an issue for most. It also setup in such a way as to not cause a downtime if the checker goes down.
The software is setup in such a way that you can run it on your pc if you have a local gpu. It only needs like 2 gb vram
Badass wizard eh? Try Magicka! 😁
!mechabellum@lemmy.dbzer0.com if you’re a tactics freak. It like fucking crack to me.
Anyone remember technorati? What about the nethernet? Ah that brings me back…