listing: all - local
1
497
Blahaj zone hacked (pen.blahaj.zone)
submitted 3 days ago* (last edited 1 day ago) by ada to c/main
87 comments fedilink

Firstly, apologies to everyone for the extended downtime. Unfortunately, it was for a pretty bad reason. We were hacked.

The bad news is that it was a comprehensive attack, and the attackers had privileged access to our database system, across all of our services (except for writefreely, which doesn't use postgres). From what we can tell, the attacker did not do anything with that access, so we don't believe any user data was accessed, but we can't be certain of that. For lemmy, the impact of this should be minimal. If you registered with a real email address, they may have that. User passwords are encrypted in the database, so if you were using a secure, non trivial password, it should be safe, but you should still change it. You should also reset your 2 factor authentication if you had it enabled, as the seeds for these are not encrypted.

Our understanding is that the attacker used a peertube exploit, then a postgres exploit and then a kernel exploit to systematically gain access to different layers of our database server. A side effect of the hack was that it filled up our database servers hard drive, and caused it to fail over to our backup, which we believe mitigated some of the potential fall out.

We have had to reset activitypub keypairs for every account and community on lemmy, so there may be some federation hicoughs for a day or so, until remote servers have dropped any cached copies of our users public keys. This is uncharted territory though, so hopefully it's as smooth as we think it will be, but we can't be sure!

As stated earlier, our writefreely instance is still up and running as it wasn't impacted by this attack. Vernissage (our pixelfed replacement) has been brought back online, as has our matrix server.

We will be bringing up Sharkey, and then Piefed hopefully later today, but we have to rotate keypairs on those services too, which is also uncharted territory, so the timelines are hopes, not guarantees. At this point in time, we don't plan on bringing pixelfed back online, as it was slated for shutdown in August in any case. If people still need access to pixelfed to export data, we can spin it up briefly if needed, so please reach out if this is you. We also won't be bringing peertube back up at this point. It was not heavily utilised, and it was the source of the attack, so Kaity is a bit gun shy about spinning it back up on shared database infrastructure. If there is a strong desire to bring peertube back, we can consider doing that on isolated hardware, but at the current utilisation level, it doesn't seem worth the cost/effort to run it isolated.

in any case, you can read a fuller explanation of the attack by Kaity here https://pen.blahaj.zone/supakaity/weve-been-hacked

Edit - Piefed is back now!

2
55
Introducing Critter! (lemmy.world)
submitted 40 minutes ago by tooks@lemmy.world to c/cat@lemmy.world
2 comments fedilink

This lil 9 week old guy adopted us 4 weeks ago. Showed up on our doorstep, crying and scared. He took to us immediately, and because of an impossibly dumb rule I made years ago, he now lives with us permanently. We named him Critter, and according to the vet (and the size of his paws), he's expected to reach the 17-18 lb range. He has become incredibly affectionate, and being my first ever pet (in my late 40s), I can't get over just how much joy he brings us. I'm in love.

I have yet to upload it anywhere, but one of our cameras captured a rather remarkable moment when Critter made his move to join our little family of two.

Anywho, new to the world of cats, and so far it has been the most rewarding and fascinating experience of my recent life. Hope to share more of Critter's future with the community.

3
58
Pedo party vote NO (lemmy.zip)
submitted 46 minutes ago by stumu415@lemmy.zip to c/politicalmemes@lemmy.world
3 comments fedilink
4
24
Uncanny (lemmy.world)
submitted 21 minutes ago by ickplant@lemmy.world to c/cat@lemmy.world
1 comments fedilink

This is from Pet Portraits by Hercule

5
39
Stand Uppy Sit Down (lemmy.world)
submitted 43 minutes ago by homesweethomeMrL@lemmy.world to c/microblogmemes@lemmy.world
2 comments fedilink
6
36
JD Vance 'humiliated' by Iranian negotiators in stunning spectacle: 'Never looked weaker' (www.rawstory.com)
submitted 43 minutes ago by stumu415@lemmy.zip to c/world@lemmy.world
8 comments fedilink
7
78
Frank Castle IRL (sh.itjust.works)
submitted 1 hour ago by exupulosion@sh.itjust.works to c/shirtsthatgohard@lemmy.world
3 comments fedilink

Accurate to the source material

8
26
Quick, Sketch This (lemmy.world)
submitted 32 minutes ago by homesweethomeMrL@lemmy.world to c/luigimangione@lemmy.world
6 comments fedilink
9
71
Kitten Update (pictures of Schlomo in the post body) (sopuli.xyz)
submitted 1 hour ago* (last edited 1 hour ago) by naeap@sopuli.xyz to c/cat@lemmy.world
2 comments fedilink

Schlomo is absolutely loving the little play house, I've bought them - and both of them happily slept in it tonight

Schlomo is like 30mins older, but he always does stuff first and is the explorer of them

I showed him how to play with the play-mouse and he already started a little fight with it :⁠-⁠)

As seen in the picture of the post, Fenri is really focused on us.
Cries when we say good morning and starts running to us, so he can climb up on us (when we're kneeling) and wants to cuddle :⁠-⁠)

Both of them stole our hearts and we already pretty much decided to keep both of them.

The mother should get back to her rescuer, as soon as they have a suitable apartment and the kittens don't need her anymore.

I'm not sure, if it will even be possible to keep all them together in a single apartment without conflicts.

We will see how things develop...

10
56
Are You Kids On Dopamine? (lemmy.world)
submitted 1 hour ago by homesweethomeMrL@lemmy.world to c/tumblr@lemmy.world
2 comments fedilink
11
37
Happy father's day (lemmy.zip)
submitted 52 minutes ago by stumu415@lemmy.zip to c/politicalmemes@lemmy.world
0 comments fedilink
12
15
Shade (ani.social)
submitted 38 minutes ago by severalkittens@ani.social to c/midriffmoe@ani.social
0 comments fedilink

https://www.pixiv.net/en/artworks/146150495

13
41
Hyper Bole (lemmy.world)
submitted 1 hour ago by homesweethomeMrL@lemmy.world to c/politicalmemes@lemmy.ca
0 comments fedilink
14
11
I visited Launceston Castle in Cornwall, UK (lemmy.world)
submitted 19 minutes ago by me_myself_and_I@lemmy.world to c/castles@feddit.online
0 comments fedilink
15
10
The right meme at the right time (lemmy.world)
submitted 34 minutes ago by Themosthighstrange@lemmy.world to c/lemmyshitpost@lemmy.world
1 comments fedilink
16
108
🤌🤌🤌 (lemmy.world)
submitted 1 hour ago by ickplant@lemmy.world to c/lemmyshitpost@lemmy.world
5 comments fedilink
17
12
Careful now (lemmy.world)
submitted 35 minutes ago by AbsolutelyNotSpez@lemmy.world to c/tenforward@lemmy.world
0 comments fedilink

18
6
Finally got real chainmail that weighs 9kg! (lemmy.world)
submitted 22 minutes ago by me_myself_and_I@lemmy.world to c/cosplay@lemmy.world
3 comments fedilink

Finally got a real chainmail shirt and hood (coif)! Weighs 9 kg though the leg armour and sabatons are handmade by me from plastic. The gauntlets are also real steel. And the sword is only from wood and I left my real sword at home since I wasn't sure if I was allowed to take it to the castle.

19
13
Kennedy Center tarp is massaging ‘broken egos’—Court docs (www.newsweek.com)
submitted 44 minutes ago by KingPorkChop@lemmy.ca to c/politics@lemmy.world
2 comments fedilink
20
8
Director of national intelligence Tulsi Gabbard was under the sway of her lifelong guru, a cultic leader who told her what to say and how to say it (www.washingtonpost.com)
submitted 33 minutes ago* (last edited 29 minutes ago) by Valuy@lemmy.zip to c/politics@lemmy.world
1 comments fedilink
21
10
I know we have it way easier than others, but I’m dreading these temperatures. (lemmy.world)
submitted 39 minutes ago by Seimhe@lemmy.world to c/ireland@lemmy.world
1 comments fedilink
22
4
A portrait of a friend getting ready for dance night. Ink, June 2026. (lemmy.world)
submitted 9 minutes ago by case_when@lemmy.world to c/artshare@lemmy.world
1 comments fedilink
23
6
Long drive to the Southeast (sol 1896) (lemmy.world)
submitted 29 minutes ago by paulhammond5155@lemmy.world to c/perseverancerover@lemmy.world
1 comments fedilink

post-drive NavCam

24
65
Not just books - how renting a sewing machine from the library can improve democracy (www.bbc.co.uk)
submitted 1 hour ago by poVoq@slrpnk.net to c/solarpunk@slrpnk.net
12 comments fedilink
25
5
A cosplay inspired by the novel The Children of Hurin by J.R.R. Tolkien (lemmy.world)
submitted 25 minutes ago by me_myself_and_I@lemmy.world to c/cosplay@lemmy.world
1 comments fedilink
view more: next ›

Blåhaj Lemmy

10,434 readers
373 users here now

Blåhaj Lemmy

Blåhaj Lemmy is brought to you by the kind folk at Blåhaj Zone, and while anyone is free to register for an account here, please bear in mind that this is a server that is very protective of our minority members and bigotry of any variety will be squashed with great prejudice.

We have several alternative lemmy frontends you can use. Just login with your regular blahaj login details.

We have a public matrix channel for all Blahaj users at #blahaj:chat.blahaj.zone

We also have a matrix channel for gender diverse folk and our allies! If you're already a matrix user, you can head straight to our application room https://matrix.to/#/#gv-apply:chat.blahaj.zone, or by searching for #gv-apply:chat.blahaj.zone from within your matrix client.

If you're new to matrix, you can find some more details and an instruction video on how to get up and running here https://chat.blahaj.zone/c/genderverse/

Community Guidelines

Blåhaj Lemmy is a space where everyone should feel able to participate safely, and to that end, our community is built on the guiding philosophies of empathy, inclusion and acceptance.

Empathy

We want our community members to be guided by compassion and empathy for others.

Examples of behaviour that are contrary to this philosophy are personal attacks, insults, doxing etc. If your comment is designed to hurt someone, this isn't the space for it.

Inclusion and Acceptance

Embracing inclusion and acceptance means listening when people tell you who they are and what their needs are. It means not telling people that you know their experiences better than they do. It means not gatekeeping experiences of identities of others. It means no bigotry such as racism, sexism, anti LGBT commentary, ableism etc. It means doing your best to ensure that you don't over-talk the voices of folk who don't share your privileges.

Supporting Blåhaj Lemmy

After much hesitation, we have a Ko Fi to enable people to help with supporting some of the running costs associated with our instances.

Providing a safe space for our community is the goal, so please only consider donating if you are in a position to do so without any financial stress.

Mascot and logo

Find out about our mascot Shonky (they/them) who appears on our site logo here.

--

founded 3 years ago
ADMINS
blahaj
ada
supakaity
will_steal_your_username
robota