@Hubzilla Support Forum+

What dies this upload filter thing mean for hubzilla? :/

heise online (inoffiziell)heise online (inoffiziell) wrote the following post Wed, 20 Jun 2018 12:09:59 +0200
Online-Plattformen sollen von Nutzern hochgeladene Inhalte überwachen und filtern. Ein fünfjähriges Leistungsschutzrecht wurde auch beschlossen.
EU-Copyright-Reform: Abgeordnete stimmen für Upload-Filter und Leistungsschutzrecht
#Copyright #EU #EU-Parlament #EuropäischesPatentamt #Jusitz #Leistungsschutzrecht #Rechtsausschuss #Upload-Filter #Urheberrecht
I have read that, but hubzilla is neither an encyclopedia, nor a scientific archive, nor a development plattform. Or is it?
  last edited: Wed, 20 Jun 2018 16:05:12 +0200  
Wenn ich die Nachdenkenseiten richtig interpretiere, dann müsste auch ein Hubzilla-Admin potenzielle Rechtsverletzungen maschinell blockieren.

Laut EU-Vorschlag sollen, wie der Branchenverband der Internetwirtschaft Bitkom erklärt, Internetplattformen sämtliche Inhalte einzelner Internetnutzer bereits vor dem Hochladen auf vermeintliche Urheberrechtsverletzungen hin prüfen und bei potenziellen Rechtsverletzungen maschinell blockieren – egal ob Text, Bild, Musik oder Video. Von der Maßnahme betroffen wären laut Bitkom unzählige Plattformen, die Inhalte Dritter speichern, darunter Foren, wo sich z.B. Patienten oder Hobbybastler austauschen, aber auch die großen sozialen Netzwerke wie Facebook und YouTube.

Aktuell sind Betreiber von Plattformen, auf denen nutzergenerierte Inhalte hochgeladen werden können, erst nachträglich verpflichtet, diese zu löschen, sobald eine Verletzung des Urheberrechts gemeldet wurde, wie das Portal „Unternehmen Heute“ erklärt. Die neue Richtlinie schreibe aber eine Kontrolle der Inhalte schon vor dem Hochladen vor. Und setze dabei auf so genannte Upload-Filter, die Inhalte automatisiert auf Urheberrechtsverletzungen untersuchen sollen. Konkret bedeute das: Es finde eine kontinuierliche, umfassende und automatische Überwachung statt, welche Inhalte im Internet hochgeladen werden.

Ein aktueller Fall würde mir gerade einfallen, die Diabetiker, die sich zu den Night Scouts zusammen geschlossen haben und die Geräte für die Blutzuckermessung und Insulinpumpen "hacken".
Sollte das kommen, werde ich wohl meinen Public Hub schließen müssen.
can't post to a user's channell (wall)

  last edited: Wed, 20 Jun 2018 13:02:50 +0200  
!Hubzilla Support Forum

There is at least one user on this instance of ours where we cannot post anything to their wall. We also cannot share any of the posts from their channel. I am not sure why that is. We've had a look at the channel privacy settings and that does not seem to be it ... I'm at a loss, actually. See if you can post to their wall:


Any thoughts?
!Hubzilla Support Forum
try, all the 2, to update (edit connection)  your connections / permissions
perhaps there is a particular combination of permissions, channel role, privacy role, prepared by Tlapil, which leads to this problem / bug.
But, in this case, one should know precisely all the things he/she did, in order to verify and reproduce.

Other thought, his channel has been cloned several times, could it be an anomalous rest of some previous life? Some flag marked wrong?
HubZ - Masto crossposting is doing odd things

Whenever I send a message to one person in hubzilla - it sends that same message as a DM to a whole BUNCH of people in Mastodon?
I get the message as a DM in my Masto, for example (even though I sent the message to whole different person in HubZ), then when I reply in Masto, I see that a whole lot of Masto ppl have been @Mentioned  ....  

Any idea what this might be?

Thanks Mike

Although that thread does not actually explain what's happening, or how to fix/avoid/mitigate the issue. All I did was send a message to a guy - I have no idea what actually causes the message to somehow appear in Masto, or what I should do on this end to prevent that.
The issue is that you've used a privacy group to put an ACL on the post (which may be the default setting for your channel, I don't know what your privacy settings are). In order to deliver these posts to Mastodon we need to mention the recipient. We don't actually know who the recipient is when we build and sign the ActivityPub message so we sort of have to mention everybody in the ACL in order to ensure that everybody on Mastodon that is in the ACL gets the message.

Currently the best solution/workaround is to not put Mastodon people into private groups.  Eventually when somebody decides it's important enough, the ActivityPub generator should be re-written to specify what site it is being delivered to so that the mention list can be limited to just those people on each site. Another alternative is to not deliver private posts to Mastodon; although this isn't necessarily a problem if the privacy group is small. The best solution by far is if Mastodon fixes the bug so that we don't need to resort to this hack; but I'm not expecting that to happen any time soon.
I'm testing (right now) a change to ignore Mastodon folks in privacy groups by default; but also to let you decide. You can still deliver private posts to them by including the Mastodon channels individually in the ACL or using 'private mentions'. Or you can flip the switch and include them in privacy groups, but put up with the long list of mentions.

Here's the Mastodon issue if anybody wants to track it or boost it:


Please note that current Mastodon behaviour will not work with examples 2,3,4, and 5 of the ActivityPub spec which describe basic (private) communications.
!!Hubzilla Support Forum: How do I add an RSS feed to a channel? I've enabled the "Allow feeds as channel source" in the admin settings, but trying to add it to a channel either as a channel source (which seems to be what I want,) or a connection fails with an error popup.

When trying to add is as a channel source, it says "Failed to create source. No channel selected." And when I try adding it as a connection I get "Remote channel or protocol unavailable." In both cases I add it as [rss]https://url_to_my_feed

Anything I'm missing?

@Haakon Meland Eriksen (Els Mussols) Sounds like an interesting channel to follow! Let me know if you set it up again.

I also created a separate channel, added the feed I wanted it to represent as a contact, and then set that contact as the channel source. For now an experiment for my own sake, but if it turns ou the way I want I'll promote the channel a bit when it has some content :)
Will do, Harald. :-)
Note: with great number of feeds comes great responsibility for your (friend's) hub's resources if the feeds have a high frequency of items.
Missing pictures in diaspora posts

Hello !Hubzilla Support Forum !

I cannot see pictures in some Diaspora posts anymore (e.g. from @incontinenciasuma@joindiaspora.com ). Others seem to be still fine (e.g. from @Deerbard ). Is this a problem with the Diaspora plugin or with the Diaspora server? Confusing thing is that both accounts are on joindiaspora.com.

Was something changed with the Diaspora plugin lately? Did I miss some setup option?
 from Diaspora
Gracias por echarme en falta, espero y deseo que el problema se solucione pronto, si puedo ayudar en algo, no dejes de decirmelo.
After an utils/udall (on master) it works fine, again.


Problems that are already solved are the best ;)
 from Diaspora
!Hubzilla Support Forum

Can we implement Remote Storage over HubZilla?
Certainly, for sufficiently motivated values of 'we'.
@Hubzilla Support Forum+

Someone answered a private post of mine from Mastodon over activitypub which basically lead to them @-mentioning everyone who could see my post. Is this a Mastodon or Hubzilla problem?
Mastodon have four options. The last one is DM or you may call it private message. I don't know how safe it is,after reading the above conversation. I am really fed up of using Mastodon. I always feel that I am not in control of my own post called  as "Toots" and tracking the conversation is hard too. Its just good for people who needs mass publish updates on regular intervals.
I am done many more posts on Mastodon,but I must say there is no constructive talk there.
We were discussing the possibility of restricting the mentions to only those connections on a particular server. I haven't researched further but I believe this is possible. It doesn't fix the problem (only Mastodon can do that), but it reduces the exposure a bit.
@Mike Macgirvin
When I comment on the reshare  of connected Mastodon connection the comment never appear on the Mastodon if I am not connected to the person who's post is reshared. This is known or this is happening to me only?
blog/list mode

  last edited: Fri, 15 Jun 2018 16:25:45 +0200  
!Hubzilla Support Forum

If  “blog/list mode”  is activated  in   Display settings > Content Setting  I have to click on the button at the end of a post to see the Comments. If I do so – a new page will open to show the thread.
I would be nicer if just a layer with the Comments would pop up. If this is to complicated  it would help if the thread would open in a new tab so that a quick return to the main page is any time possible
Affinity Tool

  last edited: Thu, 14 Jun 2018 11:53:16 +0200  
!Hubzilla Support Forum

Lets say I set the affinity  of  two contacts to 95  and the rest of my contact to 80
the  Default maximum affinity level is set to 80.

Now If I want to see just the posts of the two contacts with affinity set to 95  I drag the slider to
minimum affinity level =81
the  maximum affinity level = 96

but this does not work - this does not give me a result– why not??
my idea (in truth a desire since I do not have the knowledge to make it happen :-) ) is to meet and make this work also with and using privacy groups, in order to set up in groups directly and not only contact by contact.
we can 'edit'  a privacy group , and it would also be nice (or maybe more useful) to set the thing in this level and not at the level of a single contact in the edit connection .
I opened this https://framagit.org/hubzilla/core/issues/1226

so perhaps we can know the reasons or the difficulties to realize or not to realize.
Unable to delete a Dispora connection

!Hubzilla Support Forum
I have a connection from Diaspora which I am unable to delete. The page keeps on loading forever till it gives 500 error on pressing the delete button. I am getting the feeds from this channel but the connection shows the red minus sign.
How can I force delete it ? And what to see in the logs for the errors?
In logs I see no error. Only a line
connections.php:347:contact_remove: removing contact 7 for channel 2
256M? I think needs more...

How value should I do?
Somebody else had a problem deleting connections recently, running out of memory. There's only one query that could cause a problem, where we check if a post was 'filed' by you, but apparently this can exhaust memory for connections who add lots of tags to their posts and sites that rarely or never expire their connection's posts. I don't know what to tell you except I've just done some work to improve the efficiency of that query (should land in Hubzilla dev in a couple of days). Otherwise raise memory as high as you can to delete the connection and then put it back to whatever you had it originally. You just need the process to survive this one tag query.
 my house near the sea 
it seems (I see in vilarejo hub) that after we moved from github
$vmaster and $vdev do not know where to catch

at least in admin page

Repository version (master) ?.?
Repository version (dev) ?.?

!Hubzilla Support Forum
I had this before doing a git pull from the new repo but not after.
good to know, so is just vilarejo that need to update.
!Hubzilla Support Forum

Hi all.
Now that #Hubzilla has moved its repo to #framagit - how do I do updates on my install? Is there something in the git config that I can edit, or some other #Git magic that I can use to change/update the repo URL and other potential associated settings?
Security in Hubzilla

!Hubzilla Support Forum browsed the hubzilla annouce channel and wondered how the Hubzilla community handles security issues and security fixes. I am not experienced with using PHP software. I tried to avoid it because of its long and outstanding history of security flaws. I heard about regular security fixes for Wordpress, Drupal and other PHP based software. Lately there were reports that a lot of Drupal sites are not yet fixed. So my concern is twofold.
  • Is there a process of announcing securiy bugs and rolling out security fixes
  • Given that I fix my hubzilla site. Can a not fixed hubzilla site affect my site? What are the risks of being connected to a hacked hubzilla site?
Of course this will not help if your admin compromised the JS used to encrypt your post/comment. But this leads us back to.... you are in the hand of your admin.
If you are aware of a security issue, please send a private message or DM to one or more project developers.

Watch Hubzilla Announce. If you see an announcement for a release to master, upgrade. Assume that every release to master contains security upgrades. Very few of them actually do, but we tend to not divulge all security fixes in public announcements. This is for the most part a network of hobbyists and there are still people running RedMatrix and early hubzilla releases which we *did* announce critical security fixes for. We're not at all trying to be secretive, but I see no need to put these sites in danger by telling people how to exploit them.

I have not yet seen a security issue which federates to other sites. It's entirely possible, and if this happens we'll try to work with site admins to patch their sites before we announce anything at all.

It's all about working together.
I should probably mention that the best solution for node admins is to automate your updates (daily). This may not be ideal for people using the dev tree as it exposes you to increased instability, but for the master tree it's the best solution we have to keep your patch level current. Also update manually if you see an announced release and you know the automated update is some hours away. If you are using dev, I'd recommend that you read and review the checkin messages (and code) and update as frequently as you find comfortable and understand that you have chosen to encounter more instability in order to be on the bleeding edge.

PHP does indeed have a bad reputation in this regard, but there is no such thing as a "secure language".  Web application security is hard and using elixir or java or ruby doesn't make it any easier.
Autoposting bot

!Hubzilla Support Forum
I wonder if something like this exists already. I', looking for a bot that would autopost things from RSS feed. I know you can do that with a feed account on hubzilla. The problem I noticed is that such account basically reposts rss feed, which means you cannot see those posts from other networks like diaspora/friendica and mastodon/gnusocial.
Using bot would probably solve it. Unless there is even more clever way.
This may be because the feed content is attributed to the original author and not the channel. The diaspora and activitypub protocols do not allow federation from 3rd parties. You can probably make it work for diaspora by enabling the 'sign unsigned posts' option, which delivers them as reshares. There's no solution for activitypub.
in your specific case ( https://state.disroot.org ) , since the posts per week are really very few, you can manually reshare in a new  channel that you can create specifically for this function, and then the others in the federation should read the reshares created by the channel (reshares created by hand every time)

1 you create a channel named xxxxx

2 you add as connection

3 you reshare (by hand) the posts from your connection

4 the others (mastodon and diaspora) need to add xxxxx channel

5 you do not take too much stress because you will have to do this little job a few times ina day or week that is not tiring (although not automatic unfortunately)
We had a mechanism to make this kind of thing work in Friendica using a setting called 'remote_self' or in layman's terms "this author is really me posting from another site". In that case we can discard the original author attribution and assign it to the channel importing the post. This mechanism is fraught with ways to do malicious stuff and could get you in a lot of legal (copyright) trouble if the source isn't actually you - and there's no way to prove that it is. I'm just mentioning this because it would get around the federation issues via the walled garden protocols and wouldn't be a lot of trouble to implement. The only trouble would come from trying to implement it in a way that wouldn't get rampantly abused.
New posts only

!Hubzilla Support Forum

Is there any way to list and automatic update the stream with new posts only?
Even the activity order with posted date shows old post with new comments after a while.
Actually I'm using /network?f=&order=post and automatic updates on.
Okay - I think this could be misunderstood too :(

I want a stream with new posts only. In /network?f=&order=post and automatic updates on, there appear old posts with new comments also.
curious, years ago one of the reasons (there were many others of course) because I left the diaspora is because there was no longer a "/network?f=&order=post" similar  thing , those who remember well diaspora in the early days also remember that this was possible , then a little the opposite of what you want.
Diaspora no longer has this function, so the new and interesting comments that happen in discussions where you have not participated you do not notice and do not see them...argh
Account is shown as archived on all the know zot nodes

!Hubzilla Support Forum
My server got crashed and I installed the hub on the same domain address with same account(without import). Now all the previous connected zot nodes have archived me and I don't receive there posts and notification on my instance. Is there a way to send request to each zot node to refresh my account with my new account?
In the current Hubzilla implementation you basically have an identity for life. The way this could've worked is if you had backed up the channel at any point prior to re-installing the server and imported it to the new server instance. Then any relationships which existed when the account was backed up would still be intact.  

In zot6 you will be able to link a new identity to a previous one (providing you still have the keys to the old one). This work is still in progress.

If you still have the old keys available somewhere, you can craft a 'change key' message and probably get this to work but it will take a bit of code, as this uses some very early development code for zot6 which exist in hubzilla today. If you don't have the previous keys there's no current solution.
I don't have the keys :dead
Now question is how can I check which of my contacts are connected to my old keys? And if I message them to delete my account and reconnect with me, will my new identity  work then? What about the federated account?
On Mastodon to who ever I connect to , I see my old account pic when leaving a comment on there post.
Diaspora doesn't work well with re-installed servers. I don't know about Mastodon.
Animated emoticons

!Hubzilla Support Forum

How can I have these moving emoticons(Bunnyflowers looks broken though.)? And from where can I see all the list of emoticons available for the particular hub that will work for it?
:football  :shaka  :alienmonster :alienfight <img class=flowers" />
Yes, Thanks for the link.
In answer to the first question, most of the animated emoticons are provided by the smiley_pack addon.
Thanks or the these wonderful animated emoticons.
How to automatically subscribe user to a channel

 Map last edited: Sun, 10 Jun 2018 13:57:51 +0200  
!Hubzilla Support Forum
I want to automatically subscribe freshly registered users to a certain channel on my server.
Is it possible to do?
@Alex Only main admin channel or I can choose any existing channel?
Any channel
Found this in docs
    Make the first channel of an account auto-follow channels listed here - comma separated list of webbies (member@hub addresses).

So seems something like
util/config system auto_follow mychannel@example.com
should work.
!Hubzilla Support Forum When I edit an old article and click on the body text field the old text disappears.
This is probably something you will need to provide log data for help debugging.
@Jan Ulrich Hasecke is on version 3.2.2
Can't remember anyone observing something like that back then. Since it is an "on click" issue it has likely to do something with javascript or a certain browser plugin you use. That is a wild guess though...
I get this in Firefox and Chromium so I guess it's not a browser issue. I don't have access to the logs, I'll ask the admin.
New git

  last edited: Sat, 09 Jun 2018 16:07:28 +0200  
!Hubzilla Support Forum
My procedure to update was
git pull
util/update_addon_repo hzaddons

I followed the instruction to move the new git

cd into your Hubzilla root directory and execute this command:
git remote set-url origin https://framagit.org/hubzilla/core.git

For the addons: cd into your Hubzilla addons directory (probably extend/addon/hzaddons) and execute this command:
git remote set-url origin https://framagit.org/hubzilla/addons.git

Please do the same for the widget https://framagit.org/hubzilla/widgets.git and theme https://framagit.org/hubzilla/themes.git repos if you already added those from GitHub.

I stop at widget because I did not find any widget directory and I don't use repo for theme

then I start :

git pull ok all is good
util/update_addon_repo hzaddons
Username for 'https://github.com':

something is wrong
@Michael I get
$ git remote -v
origin    https://framagit.org/hubzilla/themes.git (fetch)
origin    https://framagit.org/hubzilla/themes.git (push)
Oh, found my mistake!
I did
cd extend/addon/hzaddon
git pull
and it is ok