Selfhosted

50716 readers

530 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

197

Why are anime catgirls blocking my access to the Linux kernel? (lock.cmpxchg8b.com)

submitted 1 day ago by tofu@lemmy.nocturnal.garden to c/selfhosted@lemmy.world

114 comments fedilink hide all child comments

Some thoughts on how useful Anubis really is. Combined with comments I read elsewhere about scrapers starting to solve the challenges, I'm afraid Anubis will be outdated soon and we need something else.

you are viewing a single comment's thread
view the rest of the comments

[–] daniskarma@lemmy.dbzer0.com -3 points 20 hours ago (1 children)

I still think captchas are a better solution.

In order to surpass them they have to run AI inference which is also comes with compute costs. But for legitimate users you don't run unauthorized intensive tasks on their hardware.

[–] poVoq@slrpnk.net 8 points 18 hours ago (1 children)

They are much worse for accessibility, and also take longer to solve and are more distruptive for the majority of users.

[–] daniskarma@lemmy.dbzer0.com -2 points 18 hours ago* (last edited 18 hours ago) (1 children)

Anubis is worse for privacy. As you have to have JavaScript enabled. And worse for the environment as the cryptographic challenges with PoW are just a waste.

Also reCaptcha types are not really that disturbing most of the time.

As I said, the polite thing you just be giving users the options. Anubis PoW running directly just for entering a website is one of the most rudest piece of software I've seen lately. They should be more polite, and just give an option to the user, maybe the user could chose to solve a captcha or run Anubis PoW, or even just having Anubis but after a button the user could click.

I don't think is good practice to run that type of software just for entering a website. If that tendency were to grow browsers would need to adapt and straight up block that behavior. Like only allow access to some client resources after an user action.

[–] poVoq@slrpnk.net 10 points 18 hours ago* (last edited 18 hours ago) (1 children)

Are you seriously complaining about an (entirely false) negative privacy aspect of Anubis and then suggest reCaptcha from Google is better?

Look, no one thinks Anubis is great, but often it is that or the website becoming entirely inaccessible because it is DDOSed to death by the AI scrapers.

[–] daniskarma@lemmy.dbzer0.com -1 points 17 hours ago (1 children)

First, I said reCaptcha types, meaning captchas of the style of reCaptcha. That could be implemented outside a google environment. Secondly, I never said that types were better for privacy. I just said Anubis is bad for privacy. Traditional captchas that work without JavaScript would be the privacy friendly way.

Third, it's not a false proposition. Disabling JavaScript can protect your privacy a great deal. A lot of tracking is done through JavaScript.

Last, that's just the Anubis PR slogan. Not the truth, as I said ddos mitigation could be implemented in other ways. More polite and/or environmental friendly.

Are you astrosurfing for anubis? Because I really cannot understand why something as simple as a landing page with a button "run PoW challenge" would be that bad

[–] poVoq@slrpnk.net 3 points 17 hours ago (1 children)

Anubis is not bad for privacy, but rather the opposite. Server admins explicitly chose it over commonly available alternatives to preserve the privacy of their visitors.

If you don't like random Javascript execution, just install an allow-list extension in your browser 🤷

And no, it is not a PR slogan, it is the live experience of thousands of server admins (me included) that have been fighting with this for month now and are very grateful that Anubis has provided some (likely only temporary) relief from that.

And I don't get what the point of an extra button would be when the result is exactly the same 🤷

[–] grysbok@lemmy.sdf.org 4 points 16 hours ago

Latest version of Anubis has a JavaScript-free verification system. It isn't as accurate, so I allow js-free visits only if the site isn't being hammered. Which, tbf, prior to Anubis no one was getting in, JS or no JS.