Hmmmm, maybe the no transfer of account might be a good idea
KVM group deferred? Yes, that would open up a issue to legit users
sudo group deferred? The same thing as KVM group
Hmmmm, maybe the no transfer of account might be a good idea
KVM group deferred? Yes, that would open up a issue to legit users
sudo group deferred? The same thing as KVM group
In that case, why not defer the access to KVM and/or sudo unless the user provides personal identifications? That way you can either provide the info to immediately get access or wait for it while gaining trust through other means?
Hmmmm, maybe the no transfer of account might be a good idea
KVM group deferred? Yes, that would open up a issue to legit users
sudo group deferred? The same thing as KVM group
In that case, why not defer the access to KVM and/or sudo unless the user provides personal identifications? That way you can either provide the info to immediately get access or wait for it while gaining trust through other means?
@NodeSeek用户123 said:
I think there are several benefits to creating such a group on Telegram:
1. Telegram accounts require phone number verification, so someone who has been banned and wants to rejoin with a new identity would have to spend more than just registering a Gmail account.
2. Forum/email communication can be more efficient for problem-solving, but group chats are more relaxed and free-flowing, which can reveal people's personalities and true intentions.
The thing is people can register Telegram account using VIRTUAL NUMBERS which we can even get it for free (even though there are some virtual number service that costs money).
I saw a lot of tutorials in YouTube about registering Telegram account using virtual numbers for free. So I don't think this is a good idea.
Yep,If someone doesn't want to use their real phone number, they can purchase SMS services. Although not expensive, it's still better than using unlimited free email registrations, right? Furthermore, virtual numbers are often reused, and accounts registered with them have a risk of being banned by the official platform. 🤔
This barrier may not stop people who are determined to do bad things, but it can deter a large group of people who are just looking to play pranks or take advantage of the service without caring about it.🤔
@NodeSeek用户123 said:
I think there are several benefits to creating such a group on Telegram:
1. Telegram accounts require phone number verification, so someone who has been banned and wants to rejoin with a new identity would have to spend more than just registering a Gmail account.
2. Forum/email communication can be more efficient for problem-solving, but group chats are more relaxed and free-flowing, which can reveal people's personalities and true intentions.
The thing is people can register Telegram account using VIRTUAL NUMBERS which we can even get it for free (even though there are some virtual number service that costs money).
I saw a lot of tutorials in YouTube about registering Telegram account using virtual numbers for free. So I don't think this is a good idea.
Yep,If someone doesn't want to use their real phone number, they can purchase SMS services. Although not expensive, it's still better than using unlimited free email registrations, right? Furthermore, virtual numbers are often reused, and accounts registered with them have a risk of being banned by the official platform. 🤔
This barrier may not stop people who are determined to do bad things, but it can deter a large group of people who are just looking to play pranks or take advantage of the service without caring about it.🤔
Ok... did not consider that... even though I myself have used virtual numbers with skype to reduce costs of overseas calls... I guess I never used it with SMS so that's why that didn't even cross my mind.
So what kind of verification do you suggest? If telegram is out, whatsapp and discord follows it. Only social media with "followers" are now considered, but given that you can "buy" followers, doubt it is a good way either...
@Not_Oles forgot to mention, but please ensure that apache is not running as "root". It should be running as user "www-data" and group "www-data", otherwise certain scripts can be used to get shell access to the server as root user.
Do not enable cgi-bin or perl scripts for apache for the same reason.
As I said above, I will continue listening. You could say more. You are not giving me much to go on. How can I understand what you think when all you say is, "I see?"
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
Also isn't there a way to limit the amount of cpu/ amount of time a large amount of CPU can be used by a shared user?
@NotRealZeyad said:
Why when I connect it says potential security breach
Cause the server was wiped and OS was reinstalled, so the server signature changed. Yes, your data is gone. No, you are requried to keep own backups.
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
@Nubuki said:
Also isn't there a way to limit the amount of cpu/ amount of time a large amount of CPU can be used by a shared user?
No, because he isn't using any panels. So there is no monitoring going on. Only limitations are number of cores and max amount of RAM, which @Not_Oles isn't willing to enforce.
@NotRealZeyad said:
Why when I connect it says potential security breach
Cause the server was wiped and OS was reinstalled, so the server signature changed. Yes, your data is gone. No, you are requried to keep own backups.
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
@Nubuki said:
Also isn't there a way to limit the amount of cpu/ amount of time a large amount of CPU can be used by a shared user?
No, because he isn't using any panels. So there is no monitoring going on. Only limitations are number of cores and max amount of RAM, which @Not_Oles isn't willing to enforce.
@NotRealZeyad said:
Why when I connect it says potential security breach
Cause the server was wiped and OS was reinstalled, so the server signature changed. Yes, your data is gone. No, you are requried to keep own backups.
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
@Nubuki said:
Also isn't there a way to limit the amount of cpu/ amount of time a large amount of CPU can be used by a shared user?
No, because he isn't using any panels. So there is no monitoring going on. Only limitations are number of cores and max amount of RAM, which @Not_Oles isn't willing to enforce.
Thanks
FYI, you can always just click the tanks button bellow the username instead of a comment to just say thanks. Ofcourse it's ok to comment if you have some other comments or questions
Yep, postponing membership is necessary. It takes time to implement security measures and observe and consider users. In short, I believe there is no rush to open membership.🤔
@NotRealZeyad said:
Why when I connect it says potential security breach
Cause the server was wiped and OS was reinstalled, so the server signature changed. Yes, your data is gone. No, you are requried to keep own backups.
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
I'm actually not disputing this,
In case it wasn't really clear I just wasn't clear if open Source here meant running only Linux kvms , running open source code and what not.
Can you maybe elaborate what count as open source and what doesn't?
@Nubuki said:
Also isn't there a way to limit the amount of cpu/ amount of time a large amount of CPU can be used by a shared user?
No, because he isn't using any panels. So there is no monitoring going on. Only limitations are number of cores and max amount of RAM, which @Not_Oles isn't willing to enforce.
I assumed that @Not_Oles could have done so by using cpulimit on the QEMU executable, ensure that a login shell is run with nice so that the child processes will inherit the nice value, or limit with cgroups and or probably create a bash script that checks if a process hogging CPU has run for too long.
It's done that way in those rootless tilde servers (I think)
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
I'm actually not disputing this,
In case it wasn't really clear I just wasn't clear if open Source here meant running only Linux kvms , running open source code and what not.
Can you maybe elaborate what count as open source and what doesn't?
Anything where the source code is readily available to anyone looking for it is open source. Yes, linux is opensource. Almost all projects on github is also considered opensource.
Windows is not open source as you dont have access to the source code.
If you have any specific software in mind, google for it whether it is open source or not.
Ofcourse you can negotiate final terms with Not_OIes if you need something specific?
@Nubuki said:
I assumed that @Not_Oles could have done so by using cpulimit on the QEMU executable, ensure that a login shell is run with nice so that the child processes will inherit the nice value, or limit with cgroups and or probably create a bash script that checks if a process hogging CPU has run for too long.
It's done that way in those rootless tilde servers (I think)
Sorry, that all passed way over my head
Maybe you can explain it in simpler terms (or a step by step guide) to @Not_Oles ?
@somik said: So what kind of verification do you suggest? If telegram is out, whatsapp and discord follows it. Only social media with "followers" are now considered, but given that you can "buy" followers, doubt it is a good way either...
I think setting up a Telegram group is just a preliminary verification, and we do not expect it to be the sole means of verifying users. What I have in mind is to gradually deepen our understanding of users through chatting, and finally decide whether to let them use it through anonymous voting.
Users who have contributed to this node and ctively helped others are eligible to enter the KVM group, while those who have provided necessary identity proof materials on the basis of their contributions are eligible to enter the sudo group. Whether they can ultimately qualify depends on the results of anonymous voting.
@somik said: So what kind of verification do you suggest? If telegram is out, whatsapp and discord follows it. Only social media with "followers" are now considered, but given that you can "buy" followers, doubt it is a good way either...
I think setting up a Telegram group is just a preliminary verification, and we do not expect it to be the sole means of verifying users. What I have in mind is to gradually deepen our understanding of users through chatting, and finally decide whether to let them use it through anonymous voting.
Users who have contributed to this node and ctively helped others are eligible to enter the KVM group, while those who have provided necessary identity proof materials on the basis of their contributions are eligible to enter the sudo group. Whether they can ultimately qualify depends on the results of anonymous voting.
The issue with voting is that once a certain group becomes the majority, they can influence the outcome. Lets say there are 20 users on the server. In that list, 5 users belongs to the "abuse" group. Then when a new "abuser" joins, those 5 can all vote "yes" and they will only need 33% of the remaining people to vote yes to get the new abuser in. Once that happens, this can go until they become the majority.
Thus, in this case, I think that instead of voting, leave the decision making to @Not_Oles as in the end, it is him who is paying for the server and it is him who have to face Hetzner when abuse gets reported. What do you think?
Whoah, I posted a thing on page 2, not interested in a free account but wondering how you'd be dealing with abuse, after 20 pages shits going down really quick, so around a month, i guess.
in the previous pages, there's already a post that mentions doing stages of verification to get more privileges or move to a more 'important' server, but imo if you really want to cut the headache, do what hetzner did: verify them using idenfy
another option is to do a similar thing like freeshell (verify using postcards, don't forget to make a nice blog with those scans; i'm sure it's interesting to get in touch with LESbians), they provided free accounts for years, albeit with no root access, but you can request to install stuff. still, it proves that they managed to handle the abuse issues.
on the other hand, I found it interesting that Tom still treats his free vps members like humans (it's really admirable), if i were him, I'd already used my custom kernel to log every user's activity (shell command history is just a small portion of it), and treat them like pieces of data that 'somehow' behave like sentient programs.
goddamn that sounds like a psycho, but if I were giving away free stuff, i'd highly desire more interesting results instead of having to deal with abuse nonsense.
@Encoders said:
another option is to do a similar thing like freeshell (verify using postcards, don't forget to make a nice blog with those scans; i'm sure it's interesting to get in touch with LESbians), they provided free accounts for years, albeit with no root access, but you can request to install stuff. still, it proves that they managed to handle the abuse issues.
Woa, wasn't even thinking that as a option... freeshell looks interesting too!
@Encoders said:
on the other hand, I found it interesting that Tom still treats his free vps members like humans (it's really admirable), if i were him, I'd already used my custom kernel to log every user's activity (shell command history is just a small portion of it), and treat them like pieces of data that 'somehow' behave like sentient programs.
You and me both. Follow what the big corporations do. If it works for them, thats more then proof enough that it works
Hello @Not_Oles
Could you add my ssh key again? ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAdxnYG6YQ7yl/JpMl1v2+NS9fnaf+NiWWyWLsC7PUcg
Can i also ask you about the vms (if they are allowed or no?) simply whats not allowed real quick if you can.
@somik said: So what kind of verification do you suggest? If telegram is out, whatsapp and discord follows it. Only social media with "followers" are now considered, but given that you can "buy" followers, doubt it is a good way either...
I think setting up a Telegram group is just a preliminary verification, and we do not expect it to be the sole means of verifying users. What I have in mind is to gradually deepen our understanding of users through chatting, and finally decide whether to let them use it through anonymous voting.
Users who have contributed to this node and ctively helped others are eligible to enter the KVM group, while those who have provided necessary identity proof materials on the basis of their contributions are eligible to enter the sudo group. Whether they can ultimately qualify depends on the results of anonymous voting.
The issue with voting is that once a certain group becomes the majority, they can influence the outcome. Lets say there are 20 users on the server. In that list, 5 users belongs to the "abuse" group. Then when a new "abuser" joins, those 5 can all vote "yes" and they will only need 33% of the remaining people to vote yes to get the new abuser in. Once that happens, this can go until they become the majority.总之
Thus, in this case, I think that instead of voting, leave the decision making to @Not_Oles as in the end, it is him who is paying for the server and it is him who have to face Hetzner when abuse gets reported. What do you think?
You are always able to consider things thoughtfully and thoroughly❤️. Needless to say,the decision-making power should be in @Not_Oles's hands, and when reporting abusive behavior, one must face Hetzner, which is natural.
Sorry to @Not_Oles🥺,My intention is not to ignore his opinions, but rather to reduce his workload on one hand (It may be too exhausting for him to reassess and approve them one by one alone.……), and on the other hand, those who are approved through collective voting may develop a sense of collective identity and belonging, thereby reducing the likelihood of abuse.
However, I did not consider that the actual number of people participating may not be many, perhaps around a few dozen ? In a group of this size, @Not_Oles's workload may still be manageable (I don't know what he would think🤣), and each person's vote is crucial. If abusers form alliances, it could make things uncontrollable.😱
An anonymous voting scheme may be more effective in groups of several hundred or thousand people, but here, let's forget about it. I agree with your plan!👍
@NodeSeek用户123 said:
Sorry to @Not_Oles🥺,My intention is not to ignore his opinions, but rather to reduce his workload on one hand (It may be too exhausting for him to reassess and approve them one by one alone.……), and on the other hand, those who are approved through collective voting may develop a sense of collective identity and belonging, thereby reducing the likelihood of abuse.
Don't worry, we all know you have his best interest in mind and we are all racking our brains to reduce it as much as possible. Afterall, it is no fun to be fighting on all fronts.
@NodeSeek用户123 said:
However, I did not consider that the actual number of people participating may not be many, perhaps around a few dozen ? In a group of this size, @Not_Oles's workload may still be manageable (I don't know what he would think🤣), and each person's vote is crucial. If abusers form alliances, it could make things uncontrollable.😱
An anonymous voting scheme may be more effective in groups of several hundred or thousand people, but here, let's forget about it. I agree with your plan!👍
I agree with you that if there are hundreds or thousands of people, it makes sense to vote. But since there might not even be 100 people, it wont make sense in the beginning.
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
I'm actually not disputing this,
In case it wasn't really clear I just wasn't clear if open Source here meant running only Linux kvms , running open source code and what not.
Can you maybe elaborate what count as open source and what doesn't?
Anything where the source code is readily available to anyone looking for it is open source. Yes, linux is opensource. Almost all projects on github is also considered opensource.
Windows is not open source as you dont have access to the source code.
If you have any specific software in mind, google for it whether it is open source or not.
Ofcourse you can negotiate final terms with Not_OIes if you need something specific?
@Nubuki said:
I assumed that @Not_Oles could have done so by using cpulimit on the QEMU executable, ensure that a login shell is run with nice so that the child processes will inherit the nice value, or limit with cgroups and or probably create a bash script that checks if a process hogging CPU has run for too long.
It's done that way in those rootless tilde servers (I think)
Sorry, that all passed way over my head
Maybe you can explain it in simpler terms (or a step by step guide) to @Not_Oles ?
Okay! I'll wait till he starts responding to replies then ask him
@Nubuki said:
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
I'm actually not disputing this,
In case it wasn't really clear I just wasn't clear if open Source here meant running only Linux kvms , running open source code and what not.
Can you maybe elaborate what count as open source and what doesn't?
Anything where the source code is readily available to anyone looking for it is open source. Yes, linux is opensource. Almost all projects on github is also considered opensource.
Windows is not open source as you dont have access to the source code.
If you have any specific software in mind, google for it whether it is open source or not.
Ofcourse you can negotiate final terms with Not_OIes if you need something specific?
@Nubuki said:
I assumed that @Not_Oles could have done so by using cpulimit on the QEMU executable, ensure that a login shell is run with nice so that the child processes will inherit the nice value, or limit with cgroups and or probably create a bash script that checks if a process hogging CPU has run for too long.
It's done that way in those rootless tilde servers (I think)
Sorry, that all passed way over my head
Maybe you can explain it in simpler terms (or a step by step guide) to @Not_Oles ?
Okay! I'll wait till he starts responding to replies then ask him
nice is old enough that I know about it. I think I might know what you mean by cpulimit too. I might understand a little about child process inheritance.
Would it be too crazy to imagine that you might want to share a bit about what exactly it is you have been doing on the server and about how you have been doing it? Thanks!
Something really interesting has happened! I have been stuck trying to figure out some ideal system for Neighbor application filtering. You guys have been very kindly helping me. But, unexpectedly, while we all were stuck, one guy quietly provided his identity information by a method that he selected and then asked me if his method was okay. I was interested and impressed that one guy simply and quietly went ahead and did the needful. I'm deliberately not providing details because I don't want to risk compromising his privacy any more than minimally necessary.
All the great ideas about community voting on new applicants and complex systems of user monitoring are great for a large community. But I'm just one guy with extra server capacity on one or a couple of servers.
I've been tasting the Low End market for awhile now. I've seen some really great guys fade away! I'm still here. For my own needs I easily could go to the Cloud. But, that wouldn't be metal, would it? Servers are getting more and more expensive. For a while longer I can enjoy using maybe 1% or 2% my i9-13900's capacity. It's great with me if a few nice folks come aboard alongside. 💖 But it's just a single clueless™ guy's thing.
@RtedPro said:
Hello @Not_Oles
Could you add my ssh key again? ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAdxnYG6YQ7yl/JpMl1v2+NS9fnaf+NiWWyWLsC7PUcg
Want to provide identity information?
Can i also ask you about the vms (if they are allowed or no?) simply whats not allowed real quick if you can.
I don't want to have a bunch of rules about what is and isn't allowed. Right now I'm thinking about asking guys to run only open source software and not automatically adding new Neighbors to the kvm group.
Have a good day! Thanks for your continuing interest!
@Encoders said:
Whoah, I posted a thing on page 2, not interested in a free account but wondering how you'd be dealing with abuse, after 20 pages shits going down really quick, so around a month, i guess.
in the previous pages, there's already a post that mentions doing stages of verification to get more privileges or move to a more 'important' server, but imo if you really want to cut the headache, do what hetzner did: verify them using idenfy
another option is to do a similar thing like freeshell (verify using postcards, don't forget to make a nice blog with those scans; i'm sure it's interesting to get in touch with LESbians), they provided free accounts for years, albeit with no root access, but you can request to install stuff. still, it proves that they managed to handle the abuse issues.
on the other hand, I found it interesting that Tom still treats his free vps members like humans (it's really admirable), if i were him, I'd already used my custom kernel to log every user's activity (shell command history is just a small portion of it), and treat them like pieces of data that 'somehow' behave like sentient programs.
goddamn that sounds like a psycho, but if I were giving away free stuff, i'd highly desire more interesting results instead of having to deal with abuse nonsense.
Yeah, nice guy that runs ctrl-c.club. I kinda took another quick look over there a couple days ago. Also sdf.org. And thc.org. I should take a look at freeshell. Been years!
I found it interesting that Tom still treats his free vps members like humans (it's really admirable)
You made my day! Thank you! I'm gonna add this to the green links at the bottom of my LES ad OPs!
my custom kernel
Is it Open Source? May we please have a link! Wink!
@somik said: So what kind of verification do you suggest? If telegram is out, whatsapp and discord follows it. Only social media with "followers" are now considered, but given that you can "buy" followers, doubt it is a good way either...
I think setting up a Telegram group is just a preliminary verification, and we do not expect it to be the sole means of verifying users. What I have in mind is to gradually deepen our understanding of users through chatting, and finally decide whether to let them use it through anonymous voting.
Users who have contributed to this node and ctively helped others are eligible to enter the KVM group, while those who have provided necessary identity proof materials on the basis of their contributions are eligible to enter the sudo group. Whether they can ultimately qualify depends on the results of anonymous voting.
Nothing against Telegram, but, for what it's worth, I've been using Signal App. And PMs here, plus the email address on my profile.
I posted earlier today about how small MetalVPS is. I want MetalVPS to feel free and unlimited. I want MetalVPS to be simple.
Neighbors from certain countries may have to overcome increased challenges to providing identity verification. These neighbors need additional support. But, how?
Comments
That looks too easy!
What about serving Neighbor's BYO neighbor-example.com from /home/neighbor/www? 
I hope everyone gets the servers they want!
Hmmmm, maybe the no transfer of account might be a good idea
KVM group deferred? Yes, that would open up a issue to legit users
sudo group deferred? The same thing as KVM group
In that case, you need to define a vhost (virutal host).
Create a new file:
/etc/apache2/sites-available/all_user_directory.confAnd edit it as so:
EDIT:
forgot to mention, make a soft link to sites-enabled before restarting apache:
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
In that case, why not defer the access to KVM and/or sudo unless the user provides personal identifications? That way you can either provide the info to immediately get access or wait for it while gaining trust through other means?
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
This is a good idea to be honest
Yep,If someone doesn't want to use their real phone number, they can purchase SMS services. Although not expensive, it's still better than using unlimited free email registrations, right? Furthermore, virtual numbers are often reused, and accounts registered with them have a risk of being banned by the official platform. 🤔
This barrier may not stop people who are determined to do bad things, but it can deter a large group of people who are just looking to play pranks or take advantage of the service without caring about it.🤔
Ok... did not consider that... even though I myself have used virtual numbers with skype to reduce costs of overseas calls... I guess I never used it with SMS so that's why that didn't even cross my mind.
So what kind of verification do you suggest? If telegram is out, whatsapp and discord follows it. Only social media with "followers" are now considered, but given that you can "buy" followers, doubt it is a good way either...
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
@Not_Oles forgot to mention, but please ensure that apache is not running as "root". It should be running as user "www-data" and group "www-data", otherwise certain scripts can be used to get shell access to the server as root user.
Do not enable cgi-bin or perl scripts for apache for the same reason.
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
Why when I connect it says potential security breach
I agree with the formulation of rules based on what is allowed and what isn't, a telegram chat group, the open source restrictions (though I'm not really sure how to approach that).
Also isn't there a way to limit the amount of cpu/ amount of time a large amount of CPU can be used by a shared user?
Teehee!
Cause the server was wiped and OS was reinstalled, so the server signature changed. Yes, your data is gone. No, you are requried to keep own backups.
The server itself is free and open to people. So having a small limitations like only open source is a good thing. You can always get a server from hetzner and do what you want on it
No, because he isn't using any panels. So there is no monitoring going on. Only limitations are number of cores and max amount of RAM, which @Not_Oles isn't willing to enforce.
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
Thanks
@Not_Oles Can you put back m account? AAAAC3NzaC1lZDI1NTE5AAAAIBUp/JhS4fx3Ht9SSaZaeC/OGP9vGwZ31j+Kwakh
VDxR
FYI, you can always just click the tanks button bellow the username instead of a comment to just say thanks. Ofcourse it's ok to comment if you have some other comments or questions
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
I am personally willing to accept this.
But I would like to know how to implement it.
I strongly agree with this point.
sudo group membership deferred?
Yep, postponing membership is necessary. It takes time to implement security measures and observe and consider users. In short, I believe there is no rush to open membership.🤔
I'm actually not disputing this,
In case it wasn't really clear I just wasn't clear if open Source here meant running only Linux kvms , running open source code and what not.
Can you maybe elaborate what count as open source and what doesn't?
I assumed that @Not_Oles could have done so by using cpulimit on the QEMU executable, ensure that a login shell is run with nice so that the child processes will inherit the nice value, or limit with cgroups and or probably create a bash script that checks if a process hogging CPU has run for too long.
It's done that way in those rootless tilde servers (I think)
Teehee!
Anything where the source code is readily available to anyone looking for it is open source. Yes, linux is opensource. Almost all projects on github is also considered opensource.
Windows is not open source as you dont have access to the source code.
If you have any specific software in mind, google for it whether it is open source or not.
Ofcourse you can negotiate final terms with Not_OIes if you need something specific?
Sorry, that all passed way over my head
Maybe you can explain it in simpler terms (or a step by step guide) to @Not_Oles ?
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
I think setting up a Telegram group is just a preliminary verification, and we do not expect it to be the sole means of verifying users. What I have in mind is to gradually deepen our understanding of users through chatting, and finally decide whether to let them use it through anonymous voting.
Users who have contributed to this node and ctively helped others are eligible to enter the KVM group, while those who have provided necessary identity proof materials on the basis of their contributions are eligible to enter the sudo group. Whether they can ultimately qualify depends on the results of anonymous voting.
The issue with voting is that once a certain group becomes the majority, they can influence the outcome. Lets say there are 20 users on the server. In that list, 5 users belongs to the "abuse" group. Then when a new "abuser" joins, those 5 can all vote "yes" and they will only need 33% of the remaining people to vote yes to get the new abuser in. Once that happens, this can go until they become the majority.
Thus, in this case, I think that instead of voting, leave the decision making to @Not_Oles as in the end, it is him who is paying for the server and it is him who have to face Hetzner when abuse gets reported. What do you think?
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
Whoah, I posted a thing on page 2, not interested in a free account but wondering how you'd be dealing with abuse, after 20 pages shits going down really quick, so around a month, i guess.
in the previous pages, there's already a post that mentions doing stages of verification to get more privileges or move to a more 'important' server, but imo if you really want to cut the headache, do what hetzner did: verify them using idenfy
another option is to do a similar thing like freeshell (verify using postcards, don't forget to make a nice blog with those scans; i'm sure it's interesting to get in touch with LESbians), they provided free accounts for years, albeit with no root access, but you can request to install stuff. still, it proves that they managed to handle the abuse issues.
on the other hand, I found it interesting that Tom still treats his free vps members like humans (it's really admirable), if i were him, I'd already used my custom kernel to log every user's activity (shell command history is just a small portion of it), and treat them like pieces of data that 'somehow' behave like sentient programs.
goddamn that sounds like a psycho, but if I were giving away free stuff, i'd highly desire more interesting results instead of having to deal with abuse nonsense.
Fuck this 24/7 internet spew of trivia and celebrity bullshit.
Woa, wasn't even thinking that as a option... freeshell looks interesting too!
You and me both. Follow what the big corporations do. If it works for them, thats more then proof enough that it works
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
Hello @Not_Oles
Could you add my ssh key again? ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAdxnYG6YQ7yl/JpMl1v2+NS9fnaf+NiWWyWLsC7PUcg
Can i also ask you about the vms (if they are allowed or no?) simply whats not allowed real quick if you can.
You are always able to consider things thoughtfully and thoroughly❤️. Needless to say,the decision-making power should be in @Not_Oles's hands, and when reporting abusive behavior, one must face Hetzner, which is natural.
Sorry to @Not_Oles🥺,My intention is not to ignore his opinions, but rather to reduce his workload on one hand (It may be too exhausting for him to reassess and approve them one by one alone.……), and on the other hand, those who are approved through collective voting may develop a sense of collective identity and belonging, thereby reducing the likelihood of abuse.
However, I did not consider that the actual number of people participating may not be many, perhaps around a few dozen ? In a group of this size, @Not_Oles's workload may still be manageable (I don't know what he would think🤣), and each person's vote is crucial. If abusers form alliances, it could make things uncontrollable.😱
An anonymous voting scheme may be more effective in groups of several hundred or thousand people, but here, let's forget about it. I agree with your plan!👍
Don't worry, we all know you have his best interest in mind and we are all racking our brains to reduce it as much as possible. Afterall, it is no fun to be fighting on all fronts.
I agree with you that if there are hundreds or thousands of people, it makes sense to vote. But since there might not even be 100 people, it wont make sense in the beginning.
If it’s not broken, keep fixing it until it is. Blink twice if you agree.
Okay! I'll wait till he starts responding to replies then ask him
Teehee!
Hi @Nubuki!
niceis old enough that I know about it.cpulimittoo. I might understand a little about child process inheritance.Would it be too crazy to imagine that you might want to share a bit about what exactly it is you have been doing on the server and about how you have been doing it?
Thanks!
Best wishes!
Tom
I hope everyone gets the servers they want!
Guys!
Something really interesting has happened! I have been stuck trying to figure out some ideal system for Neighbor application filtering. You guys have been very kindly helping me. But, unexpectedly, while we all were stuck, one guy quietly provided his identity information by a method that he selected and then asked me if his method was okay. I was interested and impressed that one guy simply and quietly went ahead and did the needful. I'm deliberately not providing details because I don't want to risk compromising his privacy any more than minimally necessary.
All the great ideas about community voting on new applicants and complex systems of user monitoring are great for a large community. But I'm just one guy with extra server capacity on one or a couple of servers.
I've been tasting the Low End market for awhile now. I've seen some really great guys fade away! I'm still here. For my own needs I easily could go to the Cloud. But, that wouldn't be metal, would it? Servers are getting more and more expensive. For a while longer I can enjoy using maybe 1% or 2% my i9-13900's capacity. It's great with me if a few nice folks come aboard alongside. 💖 But it's just a single clueless™ guy's thing.
Best wishes!
Tom
I hope everyone gets the servers they want!
Want to provide identity information?
I don't want to have a bunch of rules about what is and isn't allowed. Right now I'm thinking about asking guys to run only open source software and not automatically adding new Neighbors to the kvm group.
Have a good day! Thanks for your continuing interest!
I hope everyone gets the servers they want!
I didn't know about Idenfy or that Hetzner might use idenfy. Thanks for telling us!
Yeah, nice guy that runs ctrl-c.club. I kinda took another quick look over there a couple days ago. Also sdf.org. And thc.org. I should take a look at freeshell. Been years!
You made my day! Thank you! I'm gonna add this to the green links at the bottom of my LES ad OPs!
Is it Open Source?
May we please have a link! 
Wink! 
I hope everyone gets the servers they want!
Nothing against Telegram, but, for what it's worth, I've been using Signal App. And PMs here, plus the email address on my profile.
I posted earlier today about how small MetalVPS is. I want MetalVPS to feel free and unlimited. I want MetalVPS to be simple.
Neighbors from certain countries may have to overcome increased challenges to providing identity verification. These neighbors need additional support. But, how?
I hope everyone gets the servers they want!