Hello users of hexbear, or shall i say chapo.chat, we fucked up, and i fucked up like three times making this post.
Yes, hexbear.net has expired. Yes, we were aware of this possibility. We have gradually lost contact with the access owner (prior admin) for the domain registration. We attempted to make a migration plan, but we were disarmed by the reappearance of the party in question in September 2024 and repeated assurances that they would a) transfer credentials and b) continue payments until they were able to do the former.
We accept full responsibility for this. We should have been more aggressive about this and continued our alternative despite these reassurances. This is our fuck up, and we can’t offer anything besides our continued apologies and our plan of action going forward and an explanation of what happened:
Over the time of chapo.chat and hexbear.net the admins that purchased the domain, established the donation accounts, and the server accounts have left. One of the primary admins has gone inactive and returned many times, over a year ago some of the newer admins began asking the older admins to give full access to the domain, servers, and donations. These requests were not met, despite warnings of this exact event.
At the moment we do not have access to hexbear.net and there is a strong chance we will not get it back without participating in the auction, which is already over $300. Choosing to abandon the hexbear.net domain will cause federation problems and considerable technical issues which would lead to potential extended downtime.
During this downtime we would be reestablishing access to the new domain (or hexbear.net if we win the auction), access to server ownership, and donation accounts. This would be distributed among a number of admins so that we can prevent this from happening again.
Chapo.chat has the same access problem that led to the current state of hexbear.net so it is to be considered temporary.
I will do my best to answer questions
You must log in or # to comment.
Pinning @piggy@hexbear.net comment:
True Hexbear Fedayeen have hexbear hard coded in their hosts file and are currently enjoying their
On OSX/Linux just add
37.187.73.130 hexbear.netto the bottom of/etc/hostsand you’ll get your back.On Windows its at
C:\Windows\System32\drivers\etc\hostsOn Phones it’s much harder so all your
are lost.IP address is wrong: it should be “37.187.73.130” according to Cloudflare DNS
They just missed the first octet.
Ya I paste like a moron sometimes (when I don’t take my ADHD meds). My bad.
No worries
I’m in talks with IANA rn to obtain the 37/8 block :3
That made me laugh so hard I scared the dogs
8·16 days agoYou what???
We just did a little coup on IANA, they are now known as JDPON-IANA and 16777216 imperial core treatlerites will have to give up their IPv4 addresses for us
spoiler
This is a bit
It’s okay, I’m sure the US DoD will be happy to give up one of their /8s to replace it :3
Why yes we do own 1/256th of the internet. That’s 1/256th of the way to communism.
How much of IANA is still run by the US Government? Trump and Elon have the opportunity to do the funniest thing…
I’d like to reignite the
struggle session to cover for CARCOSA on this oneTHERE IS TOO MUCH BEANISPOSTING ON THIS SITE
What even is a beanis?! You’re driving out the normie posters!
I’m fuckin back babyWhy don’t some emoji work?
How do I do this on android?
I use NextDNS for the adblocking but it also supports DNS rewrites. No local DNS server necessary. It’s working for me atm.
Edit: my.nextdns.io lets you set up an anonymous profile, DNS rewrites are under the “settings” tab. Hexbear.net goes in the top box, 37.187.73.130 in the bottom one.
hell yeah, thanks for the tip
I’m so back
Worked perfectly on an unrooted Android phone
Thank you thank you! I don’t really understand what I just did, but I followed your instructions and now I can see my precious slop again
You can’t unless your phone is rooted.
You could do something like this on your home router, but the instructions vary from router to router and aren’t generic.
Not really doable without a rooted phone, but if you’re tech-savvy and dedicated enough you could rig up a local DNS on your network (like a pi-hole) and override there
Does just bookmarking the IP address work?
Unfortunately no, cloudflare (content delivery network) prevents that (which is a good thing in every circumstance except this one)
Admins can correct me (edit: I stand corrected, see below), I think this should at least kinda work as a temporary bookmark replacement, since it will redirect you to the current legit hexbear domain. Currently, if you go to http://37.187.73.130/ in your browser, it will HTTP redirect to https://chapo.chat/. But emojis and probably some other things won’t work since they’re hardcoded to download from hexbear.net.
But long term, bookmarking a static IP address isn’t as safe as using the domain name, because a) there’s no verification that the machine serving you 37.187.73.130 is the one who can prove it owns hexbear.net (or chapo.chat), leaving you open to a variety of attacks, b) the hexbear IP doesn’t have to stay static. The safest way is to navigate to the domain name and use HTTPS so that your browser checks that the server giving you the page also can prove it’s the server that owns the name.
Won’t work in all cases because when you connect via HTTP you send the server the IP/Domain as part of the request to see the page.
CloudFlare IPs host multiple domains, and if you send the IP CloudFlare won’t know where to actually send you.
ah that makes sense! I didn’t realize it was some shared IP/tunnel situation
yay it worked. Had to close the browser completely afterwards
edit: ok nm mostly works but still have random emojis turning into 'visit hexbear.net"
but at least i can see some and everybody’s beautiful pfps
You have to add a second line as follows:
37.187.73.130 www.hexbear.net
Can I do something similar from my router? Or is it only the OS that can change the hosts file?
Yeah your router might have a hosts functionality. All routers are a bit different so I can’t give direct instructions.
You can also try setting up your own custom DNS there’s a post in the comments here somewhere describing how.
If your router allows you to enter static DNS records, yes. I’ve done that.
Thank you, I can see images again. :)
Adding a static DNS entry on your router also works.
Call me silly, tell me to touch grass, but hexbear has been a big part of my life for a few years now.
I don’t want to see anyone go away, and i have faith we’ll be back up in whatever form before long. Yall have given me so much over the years, and been by my side as I grow, through all my ups and downs.
Idk, feels like i had more to say, but lost my train of thought. Outside hangin with the corgi rn.
I love you all, and can’t wait until we’re back in whatever form.
USAID funding gets slashed
Hexbear mysteriously loses access to the site owner
hmmm
Please reply to this comment with name suggestions in the event we have to change from hexbear.net
I don’t think it’s really a big deal beyond the work it’ll take to fix things, honestly don’t let yourselves get dragged into a bidding war with some lib or something that wants to fuck with us.
that is my personal stance, and i want to see what the community wants to be named
I propose hasan.lib
citations.needed
here are some domains that are unregistered:
hexbear.xyz hexbear.chat hexbear.red hexbear.space hexbear.club hexbear.love hexbear.lol hexbear.earth hexbear.farm hexbear.fun hexbear.gg hexbear.land hexbear.life hexbear.quest hex.horseIf it becomes hex.horse I’ll photoshop a hexagonal horse. This is my pledge to the community.
I grabbed hexbear.zone if anyone wants to have that.
Edit: I also noticed when I was looking that beanis.zone is available as well.
Personally the name hardly matters to me at all, we just need to move on quickly
A potential side effect of a new domain would be being unbanned in China, right? Because we’re only banned there because they thought hexbear.net was related to some crypto scam by the same name?
correct
Would be a fun twist
Instead of hexagonal bears… how about we go with… monkeys… struggling with boredom…
jojamart.com already taken
are most or all the participants in the auction outsiders?
as far as i know
Can we still get
lib.rehab?sadly lemmy.world has it
… they know who they are, right?
Well, here’s a few of my suggestions :)
https://lemmygrad.ml/pictrs/image/351941ba-c4cd-42d9-9ec7-12802d1d9d4f.png
- honeybear.space
- honeybear.site
- hexbean.net
With honeybear, honey.tube could be bought for around $100 but the yearly cost will be $22.
honeypot.fed
this is the correct one. Our collective handlers will enjoy this.
Lib.vote
I love the flag but I am way too Spanish and English brained to remember the name zheleznogorsk lol
Oh that flag is cool as hell
can dirt.owl be a domain?
I dont think .owl is a thing
dirto.wl
I mean, perhaps if the domain is cheap enough, just wait until the last minute to snipe it.
its currently at 300 dollars so it would be a costly one
Lotta folks who will find it very funny to redirect the bear to whatever, and I can’t say I blame them.
DNS registrars can face the wall
Hexbear is also a cryptocoin so it might be someone who wants it for that bidding
If you have a look at the How Auctions Work page on there, you’ll discover that the rat bastards have set it up so that the auction only ends 5 mins after the final bid is placed, meaning it’s impossible to truly snipe it if someone else is watching at the end.
deleted by creator
There’s one thing I’m sure of, when this is all over, “visit hexbear.net” is going to be added as an emote
Please don’t spend a single cent recovering the domain. The closing bid is probably going to be >$1000, which most of you probably couldn’t afford anyways. What’s done is done.
The way forward is to accept the lost of the domain name, come up with internal processes to make sure that retiring admins have to fork over the credentials, and either come up with another site name or reuse chapo.chat. Please don’t try to attempt to outbid these libs and definitely do not make some humiliating backroom deal with those libs over the administration of this site for the sake of getting the domain back.
At least we outlived kissinger
Doesn’t seem worth it to buy the domain again and it sounds like we’re looking at downtime no matter what.
On the bright side we have the opportunity to absolutely lose our fucking minds over renaming the site again.
Is it a coincidence that Matt Christman rejoined the podcast this year? And ChaCha rises again?
I think not. Trust the plan.
largeadult.son???
Wait shit he’s back on?
Yeah, although only to interject a few comments here and there
Personally fond of onesixone (numeric abbreviation for anti-fascist action in case yall didn’t know) as a name. Just goes hard imo
On the bright side we have the opportunity to absolutely lose our fucking minds over renaming the site again.
I still remember making my account intended as a bit campaigning for the site name to stay chapo and then just never making another account
letting the domain expire as a joke was not ok
Are you sure this is not DOGE cutting the funding off like they did with USAID?
About the donations, should people stop contributing to the liberapay/hexbear account?
yes
So hexbear.club is available, you can just
s/hexbear.net/hexbear.club/gin the lemmy setup for federation shit. Annoying I’m sure but not the end of the world.In practice what I want to suggest to you guys is when you’re rebuilding the hosting accounts/stack to use either something OSS like KeepassXC or a service like 1Password (which may be easier to admin vs playing around with multiple vaults/access levels for Keepass) so you can manage access to various sites you need to keep the service up.
we had that, however when we had issues with the Keepass the admin would not be available to restore access despite stating they would do so
This is pretty easy to work around:
- Host a core file on
hexbear.netitself in a magical secret directory and turn off directory access. - When creating the database there’s a screen that asks “How long do you want to wait to decrypt” set that to the maximum.
- Make a really long password that’s easy to remember for example a stanza from a song.
- Add a Keyfile to distribute only to admins.
It’s hard to collect all this data.
Even if you find the database you won’t crack it in this lifetime.
Even if you find the database and know the password you need the key file.
Even if you find the database and have a keyfile you need the password.
Ideally this data shouldn’t change, in practice try to find hosts like AWS that allow you to set up orgs and link accounts and only hold the “root account” details in the database.
Stanza from a song is a bad idea, shit like that got cracked when people used such text for so-called Bitcoin “brain wallets” like a decade ago, and hardware is a lot faster now. Passwords/passphrases absolutely must be randomly generated to be truly secure.
It’s formatting should be unique enough that it won’t match a rainbow table sure, but overall that’s not a hard problem. You just need a small salt. Key file also works as the salt in this case
- Host a core file on
Annoying I’m sure but not the end of the world.
not the end of the world.
whois hexbear.world Domain not found.
Nice thanks, also should probably remove the liberapay link from the <3 logo in the site header
i will, thank you
Will you be taking donations to win the domain back in the auction?
My personal stance is that we should try to change domains and use the hundreds it would take to win the auction for !mutual_aid@hexbear.net posts instead
What about the patreon
same
Hope the other 22 contributors see this comment
This is the dumbest shit
The intersection of capitalist exploitation and leftist infighting; a microcosm
I’ve seen this happen to actual companies. In various different ways Domains / SSL Certs / Hosting Bills. Happens at least once in a startup’s lifetime.
pouring one out for all of the hexbears who don’t know how to reconnect with the site
hope they find their way back to us some day
If it stays under $500 USD out the door I will buy it, and give it to someone here.
How do I go about doing so and retaining my semi anonymity?
