Surely things like product comparisons are a great target for ads. But still, the typical ad revenue per user is probably significantly lower than the cheapest ChatGPT subscription.

They’re currently burning more than a billion USD each month, it’s fully understandable that they are trying to earn more money. I seriously doubt that ad revenue will even come close to what they need to financially survive.

No? Did I claim this?

The most upvoted post has ~20 upvotes, but there are a lot of posts with 1-5 upvotes.

I‘m not worried about myself. It’s easy enough to block stuff I don’t like. All I wanted to say is that counting daily posts without excluding bots doesn’t make much sense to me.

The instance is called lemmit.online, and the most upvoted post on the whole instance is “This bot is bad for lemmy”.

One thing that annoys me about each statistic about posts is that I don’t know how many of these posts are actually interesting and engaged with.

For example, there is a specific instance that just mirrors reddit content and has barely any engagement. The bot posts mulitple posts per hour, mostly without any comments or upvotes.

It seems rather irrelevant to compare these posts to actually interesting posts with a nice discussion and a couple of upvotes.

My suggestion would be to count and plot the number of posts that have at least a few interactions.

Is there a function to create a booklet or brochure?

This was a very useful feature to print a number of pages and have them in an easy format to read.

However, at least my Ubuntu print driver doesn’t have this feature, and I would need an extra tool to achive this goal.

Right. Basically, I can assume that at at least one thing in the household breaks each year. This year, it was the microwave oven.

One downside i see with this is that it is often unclear how long an item will last. For example, I bought my dishwasher in 2021. When will they need to be replaced? The last one lasted 24 years, but I’m not going to bet on the new one lasting as long.

I did it only once (yet) because i needed a specific addon for the software.

In my case, I wanted to use caddy webserver with a specific plugin. It was quite easy to create a new image exactly the way i wanted it.

I’m not a mbin user, but the combined frontpage looks interesting.

Looks more like a randomly generated password.

The maintainers of the big web browsers have pretty strict rules for CAs in this list. If any one of them gets caught issuing only one certificate maliciously, they are out of business.

And all CAs are required to publish each certificate in multiple public, cryptographically signed ledgers.

Sure, there is a history of CAs issuing certificates to people that shouldn’t have them (e.g. for espionage), but that is almost impossible now.

For 3 more months or so, you can’t buy them in april 2026 anymore

Short lifespans are also great when domains change their owner. With a 3 year lifespan, the old owner could possibly still read traffic for a few more years.

When the lifespan ist just 30-90 days, that risk is significatly reduced.

No, these are completely separate issues.

• CRL: protect against certificates that have their private key compromised
• CT: protect against incompetent or malicious Certificate Authorities.

This is just one example why we have certificate transparency. Revocation wouldn’t be useful if it isn’t even known which certificates need revocation.

The National Informatics Centre (NIC) of India, a subordinate CA of the Indian Controller of Certifying Authorities (India CCA), issues rogue certificates for Google and Yahoo domains. NIC claims that their issuance process was compromised and that only four certificates were misissued. However, Google is aware of misissued certificates not reported by NIC, so it can only be assumed that the scope of the breach is unknown.

Source

There are some nameserver providers that have an API.

When you register a domain, you can choose which nameserver you like. There are nameservers that work with certbot, choose one that does.

The only disadvantage I see is that all my personal subdomains (e.g. immich.name.com and jellyfin) are forever stored in a public location. I wouldn’t call it a privacy nightmare, yet it isn’t optimal.

There are two workarounds:

• do not use public certificates
• use wildcard certificates only

The best approach for securing our CA system is the “certificate transparency log”. All issued certificates must be stored in separate, public location. Browsers do not accept certificates that are not there.

This makes it impossible for malicious actors to silently create certificates. They would leave traces.

The “accepted anwer” feature seems very nice, i would love to see this implemented in other fediverse projects too.