Just some Internet guy

He/him/them 🏳️‍🌈

  • 1 Post
  • 864 Comments
Joined 2 years ago
cake
Cake day: June 25th, 2023

help-circle


  • The fediverse is plainly just not appropriate for this. The ActivityPub makes too many assumptions that the data is fully public.

    End-to-end encryption: Encrypt all user communications, private messages, and sensitive data

    That could work probably, it’s a lot of work and will break interoperability but could be done. You’d still have to vet your users very well though, which might contradict the next point. It takes one user to leak everything.

    Anonymous accounts: Allow users to create accounts without requiring personally identifiable information (PII), such as email or phone numbers. How can we balance this with the need to combat spam?

    There’s a fair amount of instances already that will let you sign up with a disposable email

    Tor and VPN Integration: Ensure compatibility with privacy tools like Tor, and provide guidance on using VPNs.

    A fair chunk of instances already allow VPN/Tor traffic. The bigger ones don’t because of spam and CSAM and all that crap, but even Reddit is fully functional over a VPN.

    Remove or minimize data collection, including IP addresses, geolocation, and device information. No web server logs.

    That’d be very hard to enforce, and the instance owners have to do some collection for the sake of being able to handle lawsuits and pass the blame. But you can protect yourself using a VPN or Tor.

    Ephemeral content: auto-deleting posts, messages, etc after a set period.

    As an admin, I can literally just restore last month’s backup and undelete everything that got deleted. If someone’s seen it, you must assume it can at minimum have been screenshot.

    Instance chooser that flags which instances are in unsafe countries.

    Anyone can get a VPS in just about any country, so you’d have to personally verify the owner which is PII and probably one of the most vulnerable part of the group. You take down the owner you take down the whole thing.

    Once again however users have plenty of choices already for that, if you trust your instance’s admins.

    Defederate from instances in unsafe countries?

    Same as previous point. Plus, one can still use the API to fetch the content anyway.

    Better opsec around instance owners, admins and moderators

    Also pretty hard to enforce.


  • Lemmy is decentralized, there is no singular Lemmy as a whole unless you’re talking specifically about the server software. As a user you interact with your home instance, in your case lemmy.world.

    Most connectivity problems and slowdowns are instance-specific unless you’re talking about a federation problem specifically, for example you posted but it doesn’t show up on other instances, that’s a problem between your instance and the community’s instance.

    In your case you most likely just hit something on lemmy.world’s side. Lemmy as a whole is way too small for them to even care about it.

    I’ve been having sub second response times consistently on mine. This post submitted instantly.












  • You’re looking for the Nazi Bar

    I tried it myself with my IRC server. No rules, you can say whatever you want to say, unless the majority wants you out then you get kicked out, just to sprinkle some absolute democracy too.

    The end result was basically no messages that didn’t contain at least one of faggot, nigger, retard, or at least a very offensive joke of some kind. Like sure free speech is cool, but it was getting very uncomfortable, nobody was interested in joining anymore because of it, and people were also leaving because it’s just plain unpleasant. Naturally the majority remained the problem until I had to put my foot down and shut down the server because I just don’t want to be hosting that shit anymore.

    You can have free speech without being an asshole and shouting it everywhere possible. That is enforced via rules and moderation. It’s a balancing act.





  • I’d be surprised, unless they somehow managed to train 9 year olds into tricking americans into teaching them english on a live call all basically overnight, at the scale of several thousands of them. If that’s chinese propaganda then man they sure have heartwarming propaganda. I’m sure there’s inherent bias due to culture, it’s still China. But I doubt they were prepared for this at all.

    It also was never really picked with the intent to switch, the meme was to just download it and browse it a bit so it goes at the top of the downloads chart and beats Meta. The happy accident is the part where people browsed it and figured it’s pretty nice on there and turned the whole thing into a mass scale cultural exchange.

    The irony in all that is I haven’t found anything sketchy in it yet. On Android they’re not asking any non-standard permissions, much less than TikTok or even YouTube both of which ask for accessing connected biometric/fitness devices. REDnote asks for the device’s ad ID. All the sensitive ones are runtime permissions it doesn’t ask until you ask for it like access the camera to post a video. I’m sure they track everything you do in-app like everyone else, but nothing that gives me the ick having installed. Facebook Messenger in comparison wants full access to telephony and SMS services, your contacts, start background service on boot, bluetooth and NFC. I haven’t pulled out WireShark yet but from a basic Android permission perspective it doesn’t have access to much of anything to begin with.

    It’s literally just a random chinese app intended for mainland China, and that’s kind of what sticks about it: it’s just not really that evil. There’s no ads, no influencers, no celebrities, those are all bannable offenses even. It’s just… kinda nice and nobody expected that at all.