You mean an exploit payload embedded in an image, and pwning a system parsing that image through python PIL? While there’s never a 100% chance of anything, you’re more likely to be struck by lightning than this coming to pass and at that point you’re at more security risk at using the internet altogether.
Why would it be a security risk?
I don’t see how it’s a privacy risk since you’re not exposing your IP or anything. Likewise the images are already uploaded to your servers, so there’s no extra privacy risk for the uploader.
You can actually run it in async model without pictrs safety and just have it scan your newly uploaded images directly from storage. It just doesn’t prevent upload this way, just deletes them.
You don’t get public traffic redirected. It’s not how it works
It stops doing checks. Iirc you can configure it yes
https://github.com/db0/fedi-safety and the companion app https://github.com/db0/pictrs-safety which can be installed as part of your lemmy deployment in the docker-compose (or with a var in your ansible)
Not all web traffic, just the images to check. With any decent bandwidth, it shouldn’t be an issue for most. It also setup in such a way as to not cause a downtime if the checker goes down.
The software is setup in such a way that you can run it on your pc if you have a local gpu. It only needs like 2 gb vram
Ye, generally I would only use njalla for discardable services and domains.
Ye, going for extreme privacy like this has these kind of downsides.
Wait, if they suspended your domain, can you even transfer it away? if not, that’s really fucking scary.
I don’t have good interaction with them either, but nothing as bad. I used one of their VPS to hold the reverse proxy for my lemmy instance like a year ago. Randomly it went down and the support was non-existent. Eventually it came back on its own after some days but I had already moved everything away from them
Nlnet is a non profit which takes ngi money and handles the bureaucracy for the Foss contributors
Ye pretty much. I was just quite astounded at that statement as the AI Horde is basically just a lot of python processes behind a very low powered haproxy server.
Personally, I understand people like to stay with the familiar, which is perfectly fine for a non-demanding service, but when something becomes demanding, I find the haproxy specialization serves better. I wish lemmy deployment by default utilized haproxy myself.
Not sure why you say haproxy can’t serve python. I do it all the time. You just use something like python waitress and then point haproxy to it’s port.
My gawds, some people need to learn what’s a homage and also stop being upset on behalf of others. This comic is fine, stop bellyaching. This is what terminal permission culture does to a motherfucker.
It’s not a parody. It’s a homage
All translations are LLM translations by this point I believe.
Image processing libraries are used at the forefront of almost all web services, including lemmy and are extraordinarily robust. I really don’t have the time to go at this in depth, but if you are familiar with this stuff you will know how extraordinary such an exploit would be and its existence would be causing massive chaos all over the world.