lemmy.fmhy.ml is gone [update from the team]
lemmy.fmhy.ml is gone [update from the team]
An update: - fmhy.ml is gone, due to the ongoing fiasco with mali government taking all their .ml domains back - As such, lemmy.fmhy.ml is also gone, we are currently exploring ways to refederate (or somehow restart federation entirely) without breaking anything substantial - We have backups, so do...
An update:
- fmhy.ml is gone, due to the ongoing fiasco with mali government taking all their .ml domains back
- As such, lemmy.fmhy.ml is also gone, we are currently exploring ways to refederate (or somehow restart federation entirely) without breaking anything substantial
- We have backups, so don't worry about data loss (you can view them on other instances anyway)
Currently, we have fmhy.net and are exploring options to somehow migrate, thank you for your patience.
Man this is all so interesting to see so many unique situations testing the Fediverse to see how it holds up.
let’s hope they’re interesting because it’s novel and the problems were there with other solutions just solved ages ago rather than the alternative: “so many unique situations” because there are a litany of “oops didn’t think of that” moments that will continue to crop up
IMO the real takeaway is that a big instance disappeared overnight and yet here we all are on the fediverse talking about it.
WIll this also affect all other .ml domains? Or is this some anti-piracy thing? (I don't know fmhy, but from the name I guess it's about piracy.)
It seems to be Mali just wanting their domains back, in which case it's uncertain times for all .ml domains.
rip lemmy.ml
I understand it as the Mali government is taking back all the domains after a subletting contract ran out. A lot of sensitive emails that should go to .mil (US military) has been typo-sent to .ml-addresses instead. Here's some more reading.
(I am very tired here and might have misunderstood everything, please correct me if I am wrong)
Perhaps the military should have a system in place to not allow emails to be sent outside of very specific TLDs if it's that sensitive? And perhaps have an automated contact book, instead of relying on someone typing out the to: address manually to be able to make that mistake in the first place?
Seems like some very basic security measures for something so serious.
Lemmy has had such a crazy month and a half. Insane growth, XSS injections, DDOS attacks, admin takeover, domain name seizures. What a wild ride
My boy Lemmy is growing up!
and still better than using official Reddit app (and still better than Reddit overall) lol
Welcome to the real world
What's this about an admin takeover?
I think they are referring to this
And we're still here, going strong. Long live the Fediverse.
That's how every service starts. Let's keep going
Facts. And such drama does make Lemmy more appealing in a way
Posting here for visibility as I guess most people on Lemmy are not on Firefish/Mastodon
glad to see them not go down the vlemmy path
Yes, that's reassuring. Also, nice to see their main website, I never actually noticed it existed
Damn, lemmy.zip, eh? If that instance is public, I don't see that being a good thing.
Tons of businesses, people, etc, are all banning .zip and .mov TLDs for security purposes. I've personally banned all those domains from my network as well.
Bold move.
i don't doubt there have been a lot of cases of those tlds used for scams but i haven't been negatively effected by this instances domain name.
feel free to read the discussion about it here though
First I join Vlemmy.net and then FMHY.ML... I am afraid whatever instance I join next will collapse 😭
I'm sorry but for the good of all instances I'm afraid you will need to become a lurker 😔
I also joined vlemmy.net and it came down between fmhy.ml and sh.itjust.works. Guess I got lucky!
Frick, my website uses .ml and it's gone.
Lost mine too, had an .ml domain for testing servers. Was baffled why the DNS won't resolve, then I see this.
Crap, sorry to hear that
I’ve been seeing posts from users on lemmy.ml though? How’s that possible
What about lemmy.ml? Can govt just take their domain?
I think in theory yes, since the .ml tld is now managed by the Mali government instead of some guy that had an agreement with them.
I posted this on another thread about this, but I'll repost it here:
I have made a tool that can backup / copy your account settings, subscriptions, and blocks to a new account: https://github.com/CMahaff/lasim
There are others out there as well if you look.
Obviously the loss of .ml communities would still be catastrophic to Lemmy, but at least your new account won’t start from ground-zero, and you can be less effected by downtime by having 2 accounts with the same subscriptions.
Fantastic tool; thank you. I've been keeping 2 accounts—just in case—and this simplifies it significantly.
Super useful, thanks! 👍
Re-federation is probably possible. BUT! You're going to always have problems with older content. Case in point my federation error messages is at 2300. About half are failed requests on fmhy.ml.
So for re-federation what's needed:
1: Remote instances should unsubscribe all users from any fmhy groups. They're dead now. They can only announce that and hope they do. I reckon when their errors start ramping up (as I saw yesterday) they will be looking into why. Probably to help de-federate from the old URL
2: The fmhy instance should unsubscribe all users from all remote groups but keep a note of the groups while identifying as fmhy.ml. Then once on a configuration for the new domain re-subscribe to each one. The first step should hopefully stop them trying (and failing) to federate new events to the old URL. The second step should trigger federation with the new one.
3: They could be able to keep the DB. But I am not sure in what places the old domain might be stored in the DB and what would need fixing there. Also not sure if they'd need to regenerate keys. Not sure if they'll see the key was attached to the old domain and refuse to talk to the instance.Now what's going to be a problem? Well ALL the existing content out there has references to users on the old domain. It's VERY hard to fix that. Like every instance would need to fix their database. Not worth it. But, whenever someone likes/unlikes or comments or whatever a post made from fmhy.ml then there's a good chance a remote instance will queue up a retrieval of:
1: User info about the poster/commentor/liker
2: Missing comments/posts for a like/comment eventAnd those will fail and error log. I don't think there's a way around that aside from editing the whole database on every instance. Again, IMO not worth it.
Would be a nice federation feature if, provided you could identify with the correct private key, announce a domain change which would automatically trigger the above in federated instances, or at the very least some kind of internal redirect for outgoing messages.
If I'm running lemmy.world, I wouldn't unsubscribe my people. I'd wait for that instance to move to a new domain and just find/replace in the database.
Not every instance needs to migrate fmhy. Some can just leave that stuff broken. If the biggest half dozen instances migrate manually, fmhy would be able to keep most of their subscribers.
I do wonder how often instances will keep looking for fmhy without intervention. Seems like tooling to migrate or discontinue an instance wouldn't be too difficult to build. At least it wouldn't if they didn't have a million other things on their plate.
We could use a few less third party clients and more work on Lemmy itself. Unless you're going to bring over your userbase like RiF and Apollo can.
Yes, although you might need to fudge keys if they're properly enforced. Looking at kbin I can see requests are at least signed with the private key. Not sure if the public key is stored somewhere in database, or is pulled from the instance using DNS as a security guarantor (I guess) every time.
I don't have any subscriptions to them, but I have those 1000+ errors just from posts their users were involved in.
Afaik mastodon has a way for instances to migrate to a new domain, but the old domain must be up during the migration process. Lemmy on the other hand don't even have any domain migration procedure yet. People will probably go nuts about this on their GitHub issues portal.
Possibly. I think mastadon has been around a bit longer though? Not sure why the old domain must be up. Unless they don't store public keys of known instances and they rely on DNS for the security.
e.g. Instance A signs a request, Instance B queries Instance A via DNS lookup (as is normal) and checks public key confirms signature and allows it.
Is Mali gov just removing all DNS records without warning?
No respect for existing contracts, or at least some heads up a couple of months earlier.Governments just love doing stuff whenever they can, because what are you gonna do? This is a country under a military junta, there is no legal process to get back the domain.
They just handed off the management of .ml domains to a third party on a ten-year contract, and the contract is now ending.
So I guess Mali is honouring its contracts, and I doubt the third party provided anyone with contracts going beyond the ten year period they could guarantee for. I doubt the third party provided contracts at all to be honest.
FYI discussion on lemmy.ml about it
I hope FMHY comes back. Didn't realise how much I liked it until it was gone.
All of my posts on other instances are gone now :/
Now that we see things like this can happen, maybe we can make it easier to resolve going forward.
Prolly a noob question but why was the .ml TLD chosen in the first place?
The scuttlebutt is that it's a inside joke by the far-left dev of lemmy to stand for marxist-leninist, but it's just as likely, if not more, that it was chosen because it's free.
Keep in mind that most (all?) two-letter TLDs are associated with a country. This includes stuff like
.io,.tv, and.me
Does this have anything to do with the whole email thing from the American military? According to the financial times, there are about 117.000 emails send to .ML addresses instead of .MIL..
Somewhat related. Basically, the management of the .ml TLD are being handed back to Mali government, and they seem to revoking.ml domains left and right.
I suspect they're revoking registration for .ml domains that was registered for free. the company that originally managed .ml domains had a free domain offers where you could register any .ml domain for free, the caveat is you don't have the ownership right to that free domain. Maybe Mali government doesn't honor such free domain registration and wish to revoke them all.
So why is lemmy.ml still working?
At least I see posts from their instance, like this one https://midwest.social/post/1290001
They may not have taken the lemmy.ml domain back yet, but because the different instances are federated, you'll still be able to see contents from an instance that's gone.
lemmy.fmhy.ml is pirate friendly, lemmy.ml is not. Maybe the Mali government suddenly decided they don't like piracy because... reasons? Maybe the Somalian pirates pissed them off???
I doubt they care about such things.
But they only took the domain name, not the server? So it should be no issue to just get another domain, change a bit of config on the system and web server, and be up and running in no time?
Not that easily, no. With ActivityPub your user ID is tied to the instance URL. If you subscribe to a community for example, when that community tries to "honor" your subscription by sending you updates of what is happening, it'll go to that
.mldomain and be lost.There's no official supported way to change your instance domain other than to start fresh. They might be able to do something hacky such as change all of the domains in the database and while locally that might appear to work, I don't know if it would work across the federation.
I do know on the instance I run, I accidentally broke the webserver config for one of the ActivityPub endpoints and the result was that when I sent out comments, it never actually got federated / published yet I can still see them from my instance. New subscriptions also didn't work. It was as if I effectively shadow-banned the instance by accident.
Sure, but depending on which timezone they are in, it could be nighttime for them
Because this caught everyone by surprise or was there some indication that things would just continue business as usual? The registrar has known the contract ended since it was signed 10 years ago, I would figure this would have been accounted for.
IDK, but registrars are generally shitty and exploitative. I'd be surprised if they volunteered that info
I migrated, but I would happily rejoin under a different tld.
Hello! I'm new to Lemmy, could someone break this down like I'm 5 and explain what it means for the people who were already on there?
It means anybody who will want to go to site lemmy.fmhy.ml will not load site and would think its down, maybe some will find out on google about it, some are already on multiple instances...
Also all links to lemmy.fmhy.ml are dead/gone now.
Btw the domain *.ml was free as i read, at least they could get some 1-5 USD domain name extension.
Only instances with a ".ml" at the end of the name may or may not be affected. Lemmy is a collection of instances so the loss of a few will not cripple the whole thing. Content over the whole is not greatly affected.
If your home log-in instance is one that's affected, you'll have to find a new one. You'll know right away because the instance will be unreachable. Not a big deal, last time I looked there was over 1200 instances to chose from.
Another consideration is any communities living on an affected instance may have issues. All communities are common to Lemmy, but each originates from a particular instance. We've not yet seen a major instance go down so I don't know how Lemmy deals with communities getting orphaned like that.
Thanks for that, was concerned about keeping my subscription to that community. Keep us posted and let us know where you end up so I can change over my community subscription.
Anyway I think the lesson learned here is don't use free TLDs. Lemmy is not at all designed to deal with domain name changes.
It was good while it lasted and they managed to keep it going longer than my first instance (two days)
Not all instances are created equal however one I tried to sign upto their email verification didn't work and others just didn't bother to activate my account for whatever the reason.
Happy to see your on shitjustworks now, it's a solid one
Is there some news coverage on the mali governments actions? I couldn't find anything on my quick google search
This is why we host our instance on a .org. Honestly another huge blow for Lemmy. It doesn't really inspire confidence in the platform. Hopefully after enough time passes smaller instances like us and the bigger ones left will have help up a good track record to inspire confidence again.
This isn't really that huge of a blow, it's a learning curve sure but just because some people made dumb decisions on what TLD to use based on something they decided it means (and backtracked to say they chose it because it was free, I know) doesn't mean federated platforms don't work. Actually imo it points to the strength of federation that we can still be here using lemmy on our instances while they switch.
All this really did was teach instance owners (who this might be their first experience hosting things too btw) that you have to use a TLD that is more stable like a .org, .com, .net, etc over a "free" one, and this is afaik the first instance of something like this happening, so honestly they didn't have precedent to base this on before.
By no means did i mean that federated platform's wont work, far from it. Im more considering the reputational damage of the platform. For me all the .ml instances unresolvable. And it doesn't look good when the "official" instance is lost. If i were an outsider considering moving to lemmy and i saw vlemmy disappear, lemmy world get hacked, and .ml loosing their domains id be pretty hesitant on making the switch. Thats where i sit for the moment. Lets all hope we can get a good track record going now.
Exactly, IMO this has nothing to do with lemmy itself and everything to do with dumbass domain names.
Only one went down - most everyone else are still up.
This is the opposite of a blow. It directly shows the resilience of the fediverse.
Where I live i cant access any .ml instances so for me even the lemmy.ml is down
If this was a planned takeover by the government, why was there no notification sent in time? Why is lemmy.ml not shut down in parallel?
There was a report in the beginning of June that things started looking weird. The registration of new .ml domains shut down in the beginning of the year.
In short, the Mali government just gave some random 3rd party a ten-year contract to hand out the domains for free, which the third party did without too much care or attention. It would have been up to the third party to notify domain owners, but as they're not paying and probably don't even have contracts themselves, there was little incentive to do so.
As far as I can understand, it relates to the US military scandal only indirectly: As the .ml domains are now returning to the government of Mali, it becomes a lot more problematic that the US keep directing their emails there, and the person in charge of managing the domain went public about the security threat.
Good timing for Reddit …. Wait….
What happens when it goes down, will all of the posts be gone?
I initially started on Lemmy.ml but decided to look for smaller instances. Not only just to be safe for stuff like this, but also to find a tighter community. I found an instance dedicated to the area I grew up around and have been really happy with that move.
I’m happy with the app because I would get suspicious every time the link changes again… pffff
This is precisely why my experiments with servers and internet technology stop whenever a dns is mentioned.
If i need to pay a subscription or otherwise rely on a centralized entity its not independent hosting and my interest in it disappears instantly.
Or don't rely on a country code tld thats being used for vanity purposes.
you rely on centralised entities every day to use the internet… ICANN, IANA, and a few more right at the top, government agencies to manage IP ranges etc, whoever owns your IP block, whoever provides your network… TBH you rely on cloudflare even if you never pay them because they CDN half the damn internet. you reply on google and amazon simply because again they host services you use
don’t kid yourself, the internet works because of centralised bodies; not despite them! DNS is the least of your concern; at least those names are commoditised and have enough scrutiny (unless you choose a TLD that doesn’t have favourable TOS) BY those centralised authorities that they’re pretty untouchable short of legal challenges
I know, i specified “internet technology” for this reason.
I run a few websites and servers all of them are local only. Society can go to hell, my stuff isn’t relying on it.
I also use the internet of course but thats outside of my creative ventures.
I'm kind of curious about how you think the internet works.
Eh, you can self host your name system though. OpenNIC does exactly that. The problem is convincing other people to use your resolver instead of using ICANN.