it’s clearly 3, stop spreading misinformation

if you’re not community banned you might still be instance banned on the community instance, which wouldn’t show up in your local instances modlog if the ban happened on a <0.19.4 instance. if the methods pointed out by other comments here fail I suggest you visit the instance of the community and check the site modlog there, searching for your user.

i suspect you’re referring to your post to a lemmy.ml community and you have indeed been instance banned there for a limited amount of time.

sure they do, you’re one of them

based on the sticker logic, it’s clearly not

The 90 days disclosure you’re referencing, which I believe is primarily popularized by Google’s Project Zero process, is the time from when someone discovers and reports a vulnerability to the time it will be published by the reporter if there is no disclosure by the vendor by then.

The disclosure by the vendor to their users (people running Lemmy instances in this case) is a completely separate topic, and, depending on the context, tends to happen quite differently from vendor to vendor.

As an example, GitLab publishes security advisories the day the fixed version is released, e.g. https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/.
Some vendors will choose to release a new version, wait a few weeks or so, then publish a security advisory about issues addressed in the previous release. One company I’ve frequently seen this with is Atlassian. This is also what happened with Lemmy in this case.

As Lemmy is an open source project, anyone could go and review all commits for potential security impact and to determine whether something may be exploitable. This would similarly apply to any other open source project, regardless of whether the commit is pushed some time between releases or just before a release. If someone is determined enough and spends time on this they’ll be able to find vulnerabilities in various projects before an advisory is published.

The “responsible” alternative for this would have been to publish an advisory at the time it was previously privately disclosed to admins of larger instances, which was right around the christmas holidays, when many people would already be preoccupied with other things in their life.

it sure is possible, but not with the amount of work anyone would be willing to put into it.

i don’t want to go to all that effort

👀

you can just turn it off, see https://help.kagi.com/kagi/settings/general.html

if you’re renaming from File.js to file.ts, which is also changing suffixes instead of just capitalization, then that couldn’t be explained by case sensitivity, unless it was a typo and you meant File.js to file.js

I’ve been using case insensitive fs on macOS for years and the only software having issues with this is onedrive.

can’t say i’m surprised.

indeed, original source is the wrong term, but at least it’s an english derivation of it, which was only copied by the link in this post

it is indeed somewhat attributed, but it still very much looks like scraped content.

a very strong indicator is the inclusion of

Subscribe The most engaging reads in blockchain. Delivered once a week.

Email address

SUBSCRIBE

at the end, which on cointelegraph’s page is separate from the content and provides a sign-up form.

original source for this badly copied blogspam link: https://cointelegraph.com/magazine/china-dev-fined-salary-vpn-10m-ecny-airdrop-asia-express/

why is this a blog spam article badly copied from the original source at https://cointelegraph.com/magazine/china-dev-fined-salary-vpn-10m-ecny-airdrop-asia-express/ ?

reddthat.com.
you should also see that when you click my name, if it doesn’t already show it on my name.

to be fair, iirc it was only a total of 3 comment threads at the time, where two were started by lemmy.world users and one by a hexbear.net user. as those instances are on your instances block list, that would enough to hide the entire comment threads I believe.

seems to be a federation issue for you, I see 90+ comments (reported by client, not counted), earliest from 9h ago

is that because Microsoft doesn’t have QA anymore?

I didn’t say there were no use cases for this, but the average phone user will not need it. someone using samba on their phone would likely be capable of switching the network config to not randomize every time.

for a device without inbound connectors and no ip based lan firewall rules, which applies to most phones, random per connection macs seem like a pretty good default for privacy.

some networks doing “unusual” things like hotel wifi limiting you to few devices (implemented by mac counting) may be thrown off though.