Hello users of hexbear, or shall i say chapo.chat, we fucked up, and i fucked up like three times making this post.
Yes, hexbear.net has expired. Yes, we were aware of this possibility. We have gradually lost contact with the access owner (prior admin) for the domain registration. We attempted to make a migration plan, but we were disarmed by the reappearance of the party in question in September 2024 and repeated assurances that they would a) transfer credentials and b) continue payments until they were able to do the former.
We accept full responsibility for this. We should have been more aggressive about this and continued our alternative despite these reassurances. This is our fuck up, and we can’t offer anything besides our continued apologies and our plan of action going forward and an explanation of what happened:
Over the time of chapo.chat and hexbear.net the admins that purchased the domain, established the donation accounts, and the server accounts have left. One of the primary admins has gone inactive and returned many times, over a year ago some of the newer admins began asking the older admins to give full access to the domain, servers, and donations. These requests were not met, despite warnings of this exact event.
At the moment we do not have access to hexbear.net and there is a strong chance we will not get it back without participating in the auction, which is already over $300. Choosing to abandon the hexbear.net domain will cause federation problems and considerable technical issues which would lead to potential extended downtime.
During this downtime we would be reestablishing access to the new domain (or hexbear.net if we win the auction), access to server ownership, and donation accounts. This would be distributed among a number of admins so that we can prevent this from happening again.
Chapo.chat has the same access problem that led to the current state of hexbear.net so it is to be considered temporary.
I will do my best to answer questions
You must log in or register to comment.
Pinning @[email protected] comment:
True Hexbear Fedayeen have hexbear hard coded in their hosts file and are currently enjoying their
On OSX/Linux just add
37.187.73.130 hexbear.netto the bottom of/etc/hostsand you’ll get your back.On Windows its at
C:\Windows\System32\drivers\etc\hostsOn Phones it’s much harder so all your
are lost.I’d like to reignite the
struggle session to cover for CARCOSA on this oneTHERE IS TOO MUCH BEANISPOSTING ON THIS SITE
What even is a beanis?! You’re driving out the normie posters!
IP address is wrong: it should be “37.187.73.130” according to Cloudflare DNS
They just missed the first octet.
Ya I paste like a moron sometimes (when I don’t take my ADHD meds). My bad.
No worries
I’m in talks with IANA rn to obtain the 37/8 block :3
7·1 month agoYou what???
We just did a little coup on IANA, they are now known as JDPON-IANA and 16777216 imperial core treatlerites will have to give up their IPv4 addresses for us
spoiler
This is a bit
It’s okay, I’m sure the US DoD will be happy to give up one of their /8s to replace it :3
Why yes we do own 1/256th of the internet. That’s 1/256th of the way to communism.
How much of IANA is still run by the US Government? Trump and Elon have the opportunity to do the funniest thing…
I’m fuckin back babyWhy don’t some emoji work?
How do I do this on android?
I use NextDNS for the adblocking but it also supports DNS rewrites. No local DNS server necessary. It’s working for me atm.
Edit: my.nextdns.io lets you set up an anonymous profile, DNS rewrites are under the “settings” tab. Hexbear.net goes in the top box, 37.187.73.130 in the bottom one.
hell yeah, thanks for the tip
I’m so back
Worked perfectly on an unrooted Android phone
You can’t unless your phone is rooted.
You could do something like this on your home router, but the instructions vary from router to router and aren’t generic.
Not really doable without a rooted phone, but if you’re tech-savvy and dedicated enough you could rig up a local DNS on your network (like a pi-hole) and override there
Does just bookmarking the IP address work?
Unfortunately no, cloudflare (content delivery network) prevents that (which is a good thing in every circumstance except this one)
Admins can correct me (edit: I stand corrected, see below), I think this should at least kinda work as a temporary bookmark replacement, since it will redirect you to the current legit hexbear domain. Currently, if you go to http://37.187.73.130/ in your browser, it will HTTP redirect to https://chapo.chat/. But emojis and probably some other things won’t work since they’re hardcoded to download from hexbear.net.
But long term, bookmarking a static IP address isn’t as safe as using the domain name, because a) there’s no verification that the machine serving you 37.187.73.130 is the one who can prove it owns hexbear.net (or chapo.chat), leaving you open to a variety of attacks, b) the hexbear IP doesn’t have to stay static. The safest way is to navigate to the domain name and use HTTPS so that your browser checks that the server giving you the page also can prove it’s the server that owns the name.
Won’t work in all cases because when you connect via HTTP you send the server the IP/Domain as part of the request to see the page.
CloudFlare IPs host multiple domains, and if you send the IP CloudFlare won’t know where to actually send you.
ah that makes sense! I didn’t realize it was some shared IP/tunnel situation
yay it worked. Had to close the browser completely afterwards
edit: ok nm mostly works but still have random emojis turning into 'visit hexbear.net"
but at least i can see some and everybody’s beautiful pfps
You have to add a second line as follows:
37.187.73.130 www.hexbear.net
Adding a static DNS entry on your router also works.
Call me silly, tell me to touch grass, but hexbear has been a big part of my life for a few years now.
I don’t want to see anyone go away, and i have faith we’ll be back up in whatever form before long. Yall have given me so much over the years, and been by my side as I grow, through all my ups and downs.
Idk, feels like i had more to say, but lost my train of thought. Outside hangin with the corgi rn.
I love you all, and can’t wait until we’re back in whatever form.
O7
I couldn’t agree more. This site has such a palpable culture of solidarity permeating even the silliest bits and struggle sessions. It’s a safe space on an internet that largely lacks them, and a social site without the corporate overlords breathing down our necks. I love this place and hope it makes it <3
Please reply to this comment with name suggestions in the event we have to change from hexbear.net
Hexbear.chat
i’m with the folks wanting different variations of hexbear (.zone/.space/.chat/.red)
FINALLY! Finally it is time for hereshowberniecanstill.win
hexbear.zone
Bearhex.net and we replace the hexagon shaped bears with bear shaped hexagons
Obvious option would be hexbear with an alternative to .net, like .su or something. Although sometimes .su gets auto flagged as malicious since there isn’t a Soviet Union anymore, idk
Someone here already registered hexbear.gay that redirects to a community here, if getting access is an option. Fits with the majority of the userbase.
I have a friend who is willing to help us get hexbear.su. I don’t have a Russian passport, so the stability will be an issue, but we could get it for the bit. Should I pursue this?
Never mind, I didn’t realize that an Amerikkkan passport works for .su
Lib.rehab was a classic Edit: lol it redirects to lemmy.world
I think the best option is some variation of hexbear as opposed to a whole new name. The only problem I could see from that is if whoever ends up buying the original domain redirects it to something horrible. Probably wouldn’t want a similar domain name in that instance.
hexbear.red
At least we outlived kissinger
There’s one thing I’m sure of, when this is all over, “visit hexbear.net” is going to be added as an emote
Please don’t spend a single cent recovering the domain. The closing bid is probably going to be >$1000, which most of you probably couldn’t afford anyways. What’s done is done.
The way forward is to accept the lost of the domain name, come up with internal processes to make sure that retiring admins have to fork over the credentials, and either come up with another site name or reuse chapo.chat. Please don’t try to attempt to outbid these libs and definitely do not make some humiliating backroom deal with those libs over the administration of this site for the sake of getting the domain back.
… What about maliciously driving the price up for whichever mfer lib trying to grab it
But make sure it’s actually a lib and not another comrade trying to do the same.
chapo.chat has the same lack of access problem that hexbear.net has so i do not want to rely on it
Doesn’t seem worth it to buy the domain again and it sounds like we’re looking at downtime no matter what.
On the bright side we have the opportunity to absolutely lose our fucking minds over renaming the site again.
Is it a coincidence that Matt Christman rejoined the podcast this year? And ChaCha rises again?
I think not. Trust the plan.
largeadult.son???
Wait shit he’s back on?
Yeah, although only to interject a few comments here and there
On the bright side we have the opportunity to absolutely lose our fucking minds over renaming the site again.
I still remember making my account intended as a bit campaigning for the site name to stay chapo and then just never making another account
Personally fond of onesixone (numeric abbreviation for anti-fascist action in case yall didn’t know) as a name. Just goes hard imo
letting the domain expire as a joke was not ok
It kinda was
This is the dumbest shit
The intersection of capitalist exploitation and leftist infighting; a microcosm
I’ve seen this happen to actual companies. In various different ways Domains / SSL Certs / Hosting Bills. Happens at least once in a startup’s lifetime.
pouring one out for all of the hexbears who don’t know how to reconnect with the site
hope they find their way back to us some day
Are you sure this is not DOGE cutting the funding off like they did with USAID?
changing our name to Xbear.net to gain back our funding
The admins probably have to do their 15 min interviews with 19 year old kids to justify why Hexbear should be saved from the restructure.
i bombed mine hence the problem
Did you try telling them how much Elon sucks at videogames?
We flew too close to the sun, the feds lost control and had to shut us down.
About the donations, should people stop contributing to the liberapay/hexbear account?
yes
So hexbear.club is available, you can just
s/hexbear.net/hexbear.club/gin the lemmy setup for federation shit. Annoying I’m sure but not the end of the world.In practice what I want to suggest to you guys is when you’re rebuilding the hosting accounts/stack to use either something OSS like KeepassXC or a service like 1Password (which may be easier to admin vs playing around with multiple vaults/access levels for Keepass) so you can manage access to various sites you need to keep the service up.
we had that, however when we had issues with the Keepass the admin would not be available to restore access despite stating they would do so
This is pretty easy to work around:
- Host a core file on
hexbear.netitself in a magical secret directory and turn off directory access. - When creating the database there’s a screen that asks “How long do you want to wait to decrypt” set that to the maximum.
- Make a really long password that’s easy to remember for example a stanza from a song.
- Add a Keyfile to distribute only to admins.
It’s hard to collect all this data.
Even if you find the database you won’t crack it in this lifetime.
Even if you find the database and know the password you need the key file.
Even if you find the database and have a keyfile you need the password.
Ideally this data shouldn’t change, in practice try to find hosts like AWS that allow you to set up orgs and link accounts and only hold the “root account” details in the database.
Stanza from a song is a bad idea, shit like that got cracked when people used such text for so-called Bitcoin “brain wallets” like a decade ago, and hardware is a lot faster now. Passwords/passphrases absolutely must be randomly generated to be truly secure.
It’s formatting should be unique enough that it won’t match a rainbow table sure, but overall that’s not a hard problem. You just need a small salt. Key file also works as the salt in this case
- Host a core file on
Annoying I’m sure but not the end of the world.
not the end of the world.
whois hexbear.world Domain not found.
Nice thanks, also should probably remove the liberapay link from the <3 logo in the site header
i will, thank you
Will you be taking donations to win the domain back in the auction?
My personal stance is that we should try to change domains and use the hundreds it would take to win the auction for [email protected] posts instead
What about the patreon
same
USAID funding gets slashed
Hexbear mysteriously loses access to the site owner
hmmm
Letting the hexbear domain ownership expire as a joke is not OK
😔
When this happened did you say “oops” as that’s what I’d do
I’d also consider a ruh r’oh raggy
collar tug while saying yikes
D’oh!
