This is bullshit. Just take this as an example. I found it with one quick search and there are plenty more. Perhaps we should broaden our horizons a little rather than entrusting everything to some corpos.

If you don't know what a content delivery network is, here : https://www.cloudflare.com/...

A CND is very costly to run in an effective way. And because it is an intermediary server between the user and content server, the market is already pretty full. So competing with the CDN giants is practically impossible in a decentralised manner.

Because of what a CDN does (cache website elements closer to the user, protect the website against ddos...), it cannot be a cheap weak server, or it's the one which will get overwhelmed by the ddos, or even the users.

Another limiting factor is that in decentralisation, that means different companies, and so many separate plans to pay, which is just impossible for a company.

If it was decentralized, a company would have to go and pay 100 different companies (which is more expensive, du to the server costs and each companies having their own staff to may (even if it's just 1 person per company)) just to offer a quick access to the users around the world, which is just impossible.

I think the biggest problem with such services is that they require lots of money to run which means that any well-meaning effort will eventually end up becoming a commercial service.

It’s an interesting question but the knee jerk reaction towards decentralization isn’t always a silver bullet. Bitcoin always screamed that concept while ignoring the role of clearinghouses. Decentralization can actually compound the issue. Not to dispel the solution but good to keep these things in mind.

You're being down voted, but a p2p cdn is something that sort of already exists. IPFS is probably the most mature. As far as I know, it'd only work for static content though. It's also an entirely different protocol so you'd have to use some sort of local gateway or plugin to make use of it.

I have several vms and dedicated servers that I sort of use as a DIY cdn. No where near as spread out or capable as something like cloudflare, but its also not incredibly expensive to do on a small low performance scale. DDOS mitigation is another story though, generally that is best handled by large networks that can soak up the throughput.

Wanna know the beauty of Lemmy? If you don’t like how instances are ran you can create your own🙂

Oh man, you lost me at blockchain.

You can't mitigate a man in the middle attack on a technical level... Because they are a man in the middle... That's the point of using DDoS mitigation. Nothing's stopping them from just sending incoming traffic to a phishing site if a bad actor was in control of it.

Dunno if this guy is just so stupid or is trolling at this point. Using random tech buzzwords that have no relevance to the issue.

You are smoking crack. You clearly do not know what you are talking about.

You had me until you mentioned blockchain technology. How would a blockchain system help in that regard, anyway?

Sure, but you still have to pay for servers to run the proxy instances on. Any DDoS of appreciable size will knock over the number of instances that lemmy.world could stand up. Interesting thought, though. Maybe CloudFlare or others use HAProxy internally? I'm actually not sure what tech they use

This explains nothing. It's literally saying "one thing is bad, the other thing isn't". Try to explain why instead, if you do happen to have an explanation.

Why are the Lemmy devs asking for snake oil on their Donate page then?

Sitting comfy in a country where the financial system works for you elites is the real snake oil.

this is a meme right

Stupid

Not sure. I would reach out to them.

Counterpoint- people are down voting because they think its unlikely and many people are inherently gaurded against conspiratorial thinking- especially if they think it's unrealistic.

Whether you think its happening or not, the idea that the only reason anyone would downvote is because they're "opperatives" of the big social platforms is kind of out of touch with the fact that there are lots of people who don't think like you do. I'm a real person, love open source, and love the fediverse (have 3 lemmy accounts, plus an account for mastodon and pixelfed each) and I was tempted to down vote certain comments just because they seemed silly and a bit like fearmongering that there's a big bad boogey man out to get us.

I hope I'm being clear, communicating on the internet devoid of tone or facial expressions is hard- my point isn't that your perspective is silly, my point is that there are lots of people who would sincerely see it that way and disagree with you. Assuming that being disagreed with is a sign of the sort of conspiratorial situation you're describing is a self fulfilling prophecy. I hope I'm not coming across as hostile, that isn't my intent

Personally I think the other platforms are unlikely to see the fediverse as a problem until it proves it can be, because CEOs are stupid, and after eons of not having meaningful competition in this space I think they're likely to be overly proud and look down on our nice little platform. I think its far more likely its just the internet being shitty because lots of people on the internet like breaking or ruining anything they can, regardless of whether its a good thing to have exist. I could very easily be wrong, and perhaps other platform's owners do want to kill what we have before it can manifest into something bigger, but either way there are lots of sincerely held perspectives that might drive someone to down vote some of the comments here just because they think the situation being described is unrealistic.

The downvotes suggest their operatives are reading the comments.

Let's not do this. People are allowed to downvote without being a paid operative. This was a very common mentality on Reddit I would like to avoid here.

It's a common scenario for someone who doesn't understand the point of putting a load balancer in front of a stateful application, perhaps. Not for anyone trying to solve a traffic problem.

No idea where you are getting your ideas from, but this is an absolutely uninformed example of how NOT to do something in an ideal way.

Friend...you have zero idea what you're talking about. Database existing in multiple locations? What in the hell are you even talking about? Single db instance, multiple app servers, and single LB. You are absolutely not experienced with this type of work, and need to just stop because you're making an ass out of yourself with these wild ideas that have no basis in practical deployments. Stop embarrassing yourself.

I do it for the following reasons:

1. The big main lemmy servers can and do go down regularly. having accounts on other instances still gives me the ability to log in and participate on the communities I care about. I sure do wish the underlying federation logic allowed for associating selected logins on various instances together somehow.
2. Testing: often, I will create a post or comment into a community hosted on a different lemmy server and not see it update. When this happens, I'll log in on the other instance to see what that post or comment looks like from there.
3. Insurance against defederation: I participated/followed some beehaw.org communities before they defederated, and then I was forced to open an account there to continue participating in those communities.

Taking some load from the biggest servers such as LW. I still have a community on LW however, and mod with my local account

Well, I can’t answer for them but this situation in particular makes it nice to have accounts on different instances. If I can’t log on to/load my lemmy.world account then I can switch to my lemm.ee account and load content there.

I imagine this is more of a "If we give people the basic stuff for free when they are small, they are more likely to buy our better stuff when they grow and need to update"

Because CDNs lighten load and work as a global cache for load times? Game servers and plenty of other types of servers have exposed their IP since the dawn of time.

Have you considered drugs? Maybe a prescription to some anti depression meds or maybe just some magic mushrooms. I hope that your life becomes more tolerable and you can find some kind of balance.

then let me correct my previous comment. i hope you will find happiness! i know how bad it feels, so i wish you with my full hearth that you will be happy! you deserve it, never let anyone tell you otherwise.

Honestly I’ve never felt happy to start with.

I have family members who have struggled with anger and depression. In my limited sample, the ones who have never been happy have had chemical imbalances, and most of the issues went away when their chemical systems were managed. If you haven't spoken with a doctor about it, you should really consider it. There isn't a lot to lose, and there's an awful lot to gain.

Whatever you decide, good luck and I hope you can find some inner peace.

This reminded me of my first time using mushrooms. I realized I had never known love or peace.

I dunno if respect from online strangers does anything for you, but you have mine. Takes some maturity to get to the point where you are.

I am curious about how you perceive various things, since this kind of thinking is a bit foreign to me, but a public forum is likely not the best place to dive in. I am curious about what kinds of things you find satisfying, what you imagine happiness to be like, what kinds of things you desire, etc. General human condition kind of things.

I imagine that lots of people feel like you do, but we, as a society, don't understand it yet. I think if we did, we could make progress. Maybe I'm too idealistic, i dunno

Cool. I didn’t really want to make a patreon account.

The real alternative is super simple. It requires just a little bit of knowledge. All we would need is to have someone who is an enterprise grade sysadmin with nothing but free time and a willingness to do something they will barely get paid for, if not lose money on. Then we also need to hire out a dedicated network and security engineer as well as a dedicated network traffic monitor. Then we would need to implement and setup our own hosting, as well as servers and configure our own databases. Of course all of this has to be done as cheaply as possible by people who are so good at multiple different sectors of IT and could easily be making more money doing work, but obviously out of the kindness of their hearts want to progress the fediverse and Lemmy rather than realizing they could be making 200k+ doing the same thing for a private company rather than a hobby.

In short: we need a network engineer, a security analyst, a sysadmin (or maybe 2?) all of whom work 24/7 for free and then purchase all of the physical hardware with the knowledge and capacity to set it up and maintain it to nearly break even just so we can shitpost rather than those people working and making 200k+ a year.

The problem is not the service is that Cloudflare is a mega corporation. Having anti-ddos service which does nothing else is perfectly fine. Having one that also fingerprints everyone and does who-knows-what with all that absurd amount of data and control is a different issue entirely.

Well, it's not without evidence, we have plenty of that through the years. Unfortunately, we also don't have any real alternatives either, so the choice is take the DDoS or get Cloudflare. Not much of a choice.

That seems troublesome. Is it more of an issue with Cloudflare or just improper configuration by the instance admin?

The specific attack they were talking about involved 126.9 million network requests per second, over a sustained period of time, and it was a widespread attack where the source was millions of individual computers, suspected to be regular desktop PCs from (or adjacent to) China. In other words the attack involved malware that was rapidly installed on vast numbers of computers at the same time.

Due to the massive size of the attack, it was investigated thoroughly and the only sensible conclusion was that it was state sponsored. Specifically China likely to have used their widespread censorship tools to install malware that quietly attacked Github, likely without the owner of the PC from even knowing it had happened (the attack wasn't serious enough to disrupt the infected PC)..

That's not "hating Chinese" it's just pointing out a simple fact. Some DDoS attacks are state sponsored. And only a small number of states gate involved in such attacks.

I don't hate the Chinese population, I just don't like how the Chinese government operates and how they use and manipulate their population. How they seem to be deliberately antagonizing diplomatic relations. Granted they aren't going as far as the Russian government is, but they are going pretty far to try to paint every western country as the bad guys.

And yes I know western countries aren't perfect - no country is perfect. But the actions of the Chinese government seems to be painting us in a light that is far worse than reality.

They tend to stick to the old Soviet way of relieving internal issues by giving the people an external force or government to hate rather than trying to fix their own issues. That "saving face" culture they have is really detrimental to their ability to move forward and fixing their internal problems.

Yeah I don't blame Chinese people for their government's actions. It's like hating Americans for what Trump says. Simply invite real Chinese people to post on Lemmy and give their honest opinions on GreatFire, and stop hurting their feelings.

If your origin servers IP is never revealed then all traffic goes through cloudflare regardless. Firewall restricting the IPs is just good practice since cloudflare is the only IP that is supposed to talk to that server anyway, but it's not a requirement.

I can see some overhead if you're maintaining a large blacklist, but I don't see it happening with a small whitelist and default inbound DROP