We should see about getting lemmy to stop rendering pages unless you’re logged in. That would help stop crawlers from automatically flagging anti-Israel content. The next problem is going to be keeping AI agents out (hey this is just like that movie!). 2FA with a phone is tricky. I’m not sure if they can solve captchas yet, maybe a captcha on login would work. But then again, that’s just helping google train their bots.
We should see about getting lemmy to stop rendering pages unless you’re logged in. That would help stop crawlers from automatically flagging anti-Israel content.
The downside of that is it would kill the search traffic for the entire platform. I’d wager that’s almost half the traffic other lemmy sites that aren’t communist get.
2FA with a phone is tricky.
We’d half Hexbear’s users if you required people to give their phone number to the site for any feds to make a list of.
We should see about getting lemmy to stop rendering pages unless you’re logged in. That would help stop crawlers from automatically flagging anti-Israel content. The next problem is going to be keeping AI agents out (hey this is just like that movie!). 2FA with a phone is tricky. I’m not sure if they can solve captchas yet, maybe a captcha on login would work. But then again, that’s just helping google train their bots.
The downside of that is it would kill the search traffic for the entire platform. I’d wager that’s almost half the traffic other lemmy sites that aren’t communist get.
We’d half Hexbear’s users if you required people to give their phone number to the site for any feds to make a list of.
2FA with SMS is fundamentally broken anyway. Proper two factor works with crypto (e.g. google authenticator).
I found Hexbear through a search for some historical thing iirc. But at the same time, I dunno. The authorities are not fucking around.
Allowing mods/OP to optionally designate a post as logged-in-only or non-federated would be a good feature though.
Maybe even something like spoiler tags except you have to be logged in to see them.
This would effectively kill federation, no? You need go be able to view content without auth to display it on other instances.
This may be necessary, but just a consideration!
EDIT:
There are other clever ways to kill webcrawlers such as sinkholes that send recursives down a path of bogus cheap-to-serve data, for example.
Perhaps even using CAPTCHA or other auth to catch bots.
Both still have the issue of federation tho.
they can absolutely do captchas