The LAP can issue loads to addresses that have never been accessed architecturally and transiently forward the values to younger instructions in an unprecedentedly large window," the researchers wrote. “We demonstrate that, despite their benefits to performance, LAPs open new attack surfaces that are exploitable in the real world by an adversary. That is, they allow broad out-of-bounds reads, disrupt control flow under speculation, disclose the ASLR slide, and even compromise the security of Safari.”

SLAP affects Apple CPUs starting with the M2/A15, which were the first to feature LAP. The researchers said that they suspect chips from other manufacturers also use LVP and LAP and may be vulnerable to similar attacks. They also said they don’t know if browsers such as Firefox are affected because they weren’t tested in the research.

The most economically illiterate speech she has ever hear so far.

Very long wind up to a fucking ad.

Let me get this straight. A contributor was only temporarily traveling in a US-sanctioned region, they didn’t attempt to push a commit while they were there, only that they visited the region?

I’m out of the loop. Why did github “block” Organic Maps?

Can this run on UTM SE?

Run k3s on top and run your stateless services on a lightweight kubernetes, then you won’t care you have to reboot your hosts to apply updates?

You’re on a 50 Gbps connection and you want more?

Where can I find the protocol specifications?

Partially.

Great question! Unlike Lemmy, which relies on federation with dedicated servers, Plebbit is fully peer-to-peer (P2P) and does not have a central server or even instances. Instead, storage happens via a combination of IPFS and users seeding data. Here’s how it works:

Where Is Plebbit’s Data Stored?

1. Subplebbit Owners Host the Data (Like Torrent Seeders)

   • Each subplebbit owner runs a Plebbit node that stores and republishes their own community’s data.
   • Their device (or a server, if they choose) must be online 24/7 to ensure the subplebbit remains accessible.
   • If a subplebbit owner goes offline, their community disappears unless others seed it—very similar to how torrents work.

2. Users Act as Temporary Seeders

   • Any user who visits a subplebbit automatically stores and seeds the content they read.
   • This means active users help distribute content, like in BitTorrent.
   • If a user closes their app and no one else is seeding the content, it becomes unavailable until the owner comes back online.

3. IPFS for Content Addressing

   • Posts and comments are stored in IPFS, which ensures that popular content remains available longer.
   • Unlike a blockchain, there is no permanent historical ledger—if no one is seeding, the data is gone.
   • Each post has a content address (CID), meaning that as long as someone has the data, it can be re-fetched.

4. PubSub for Live Updates

   • Plebbit uses peer-to-peer pubsub (publish-subscribe messaging) to broadcast new content between nodes in real-time.
   • This helps users see new posts without needing a central server to pull updates from.

What Happens If Everyone Goes Offline?

• If no one’s online to seed a subplebbit, it’s as if it never existed.
• This is a trade-off for infinite scalability—it removes the need for central databases but relies on community participation.
• Think of it like a dead torrent—no seeders, no content.

Comparison With Lemmy

Bottom Line: No Servers, Just Users

• With Lemmy: The instance owner has to host everything themselves like a mini-Reddit admin.
• With Plebbit: The subplebbit owner AND users seed the content—no one has to host a centralized database.
• If something is popular, it stays alive.
• If something isn’t seeded, it disappears, just like torrents.

It’s a radical trade-off for decentralization and censorship resistance, but if no one cares about a community, the content naturally dies off. No server, no mods deleting you from a database—just pure P2P.

Hope that clears it up! 🚀

Plebbit only hosts text. Images from google and other sites can be linked/embedded in posts. This fixes the issue of hosting any nefarious content.

Nowhere in the project whitepaper or FAQ does it talk about banning image hosting. Base64 encoding images in the text post is trivial, so maybe OP is the one projecting this intent or feature?

I applaud your efforts for speaking your mind and letting people know of a perceived threat. I’m not sure you’re really asking for a rational discussion on this topic, so I’ll keep this short.

If your ideals do not align with the host you are on, I suggest you look around and fine one that does and/or start your own server.