Skip to main content


This entry was edited (1 year ago)
in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

you are not seeing the point. It's designed #4opens this is why it works.

What you wont to do is a different project (#4closes) which is fine. Have you thought about doing a bridged companion project.

Both paths have value, but they are different.

This entry was edited (1 year ago)
in reply to vagabond

@Hamishcampbell At this point the fediverse is about 15 years old, and so political naivety is not something which it can realistically be accused of. The kinds of features it has - peculiar though some may seem to Twitter users - are the outcome of numerous battles, scandals and exoduses.

If I am interpreting your lingo correctly then I agree that the right response to scandal is not to go into locked down fully encrypted p2p mode. Making it all "technically secure" against nation state adversaries means that end users have to manage their keys on their own endpoint devices and practice scrupulous opsec. This is something which the average person is never going to manage, and which even experts often fail at. So if you want a public fediverse there are some tradeoffs which have to be accepted.

in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

This text reads like a vanguardist path, based on #mainstreaming reading and narrow #geekproblem thinking. It's missing the paths that hold value in #4opens horizontal activist paths we are taking but. But yes, getting lost on in our the growing #fedivers and the wide spread of #openweb diversity projects.

What it does highlight is the need for social and political thinking is needed, the is value there.

Can you see any of this feedback?

This entry was edited (1 year ago)
in reply to vagabond

@Hamishcampbell @bob Frankly, there's nothing "vanguardist" in the text. You can claim that the fediverse is not intended to be private and that users should be aware of that, but at the end of the day what matters is not intent, but outcomes. The reality is that a large percentage of users engage in political organising via ActivityPub. The fediverse is positioned as an activist-driven political tool and is being used as such. That makes it unequivocally dangerous. To argue this -- in a thread about one of the largest instances getting seized by a federal police force no less, -- is to deny what is actually happening.
in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

@bob

For the last 15 years most activists have been organising direct action in the #dotcons so a step to the #openweb is a good step.

I was involved in the setting up of the instance we are talking about, when pushing this I pushed it was #4opens after it was out of the hands of #submedia the talk of "hardening" began, and is still ongoing bad pushing of a foles agenda. It's #openweb not #closedweb

They are different paths with only slight overlap.

vagabond reshared this.

in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

@Hamishcampbell @bob The fediverse has been around for too long to be considered the vanguard of anything now. It's really just a public communication and general socialising and occasional mutual aid system. It has never been a high security organising tool for people at the highest risk of state oppression. If you need that level of security then it is possible to run instances on onion addresses and use overlay pgp encryption where the server never gets the private key. But that's far beyond what most people are familiar with.
in reply to Bob Mottram βœ…

@bob
Was talking about the text being vanguardist. Best to in courage people to use encrypted p2p chat or better offline for anything that actually needs security.
in reply to Bob Mottram βœ…

@bob @Hamishcampbell
It's hard to stress how "niave" meany devs on the #fedivers are after 15 years is exactly what I have been saying for 20 years.

#openweb #4opens is about building human trust, hard security is a very slightly overlapping but easy to see different path for building non "trust" based connections.

Some surprisingly hard to build bridges might help with this ongoing mess.

in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

This entry was edited (1 year ago)
in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

This entry was edited (1 year ago)
Unknown parent

Ed Summers
@rm4 I wonder, do you think it would help if Mastodon removed DM functionality until such a time that it is e2e encrypted? It's not like this problem doesn't exist in centralized social media platforms too, so maybe that's a confusing part of the messaging.
This entry was edited (1 year ago)
Unknown parent

Ed Summers
@rm4 and you don't see removing DMs as an intervention along those lines?
Unknown parent

@edsu @rm4 I don't propose sticking to the realm of critique, rather that intervention has to be focused and informed, emboldened by nuance to embrace the complexity inherent to these problems.
Unknown parent

Ed Summers
@rm4 understood, I think it would be more of a mitigation than a solution? Pure critique definitely has its place, but it also has its limits.
This entry was edited (1 year ago)
Unknown parent

@rm4 @edsu I am not yet interested in punting about solutions because we haven't even documented the risks, let alone the actual, real-world bad outcomes.
in reply to Ed Summers

@edsu @rm4 Oh, I agree entirely, I think DMs should've been jettisoned years ago. I am frustrated because the response to the essay and my arguments about p2p systems overwhelmingly veers into debate and speculation around immediate solutions. The majority of which (such as removing DMs completely, or encrypting everything) will never be implemented.
Unknown parent

Ed Summers
@rm4 this is evergreen I guess https://github.com/mastodon/mastodon/issues/6945
in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

@rm4 I didn't realize you had explicitly called for that already, apologies! I know it must be frustrating/infuriating, but you & NDC have raised awareness and shared Knowledge which have definitely had real material impacts.
in reply to 𝔰π”₯π”¦π”Ÿπ” π”¬

@bob
This mess you talk about is not solved by more tech we already have most of what we need.

* Open media is #4opens based on trust, the current ActivertyPub is a relatively #KISS good example of this.

* Privacy is encrypted p2p chat, which the are meany good #UX mature #FOSS projects you can find

The change we need is social, getting people to use the different approaches for different needs, this is surprisingly difficult.

Bridges while dangerous are needed.

This entry was edited (1 year ago)
in reply to vagabond

@Hamishcampbell @edsu @rm4 @bob Another dimension is that implementing the strongest technical security is hard, and increasing the difficulty of implementation then ensures that implementations can only go ahead with significant resources of expertise/time/money/auditing. So it has been my view since BM (Before Mastodon) that end-to-end secure messaging should be left for other apps which are dedicated for that purpose (eg. Briar). Trying to retrofit that to ActivityPub instances would likely result in tears.
in reply to Bob Mottram βœ…

@bob@epicyon.libreserver.org @edsu @rm4 @bob@soc.freedombone.net

Yes at the moment as it's a #OMN based on the #4opens you have very low barrier to running or even developing an instance this is where the value is.

Adding security generally makes a HUGE barriers to Dev and #DIY running an instance.

The #geekproblem has no idea of the damage they do when pushing there "common sense". This creates a signal to noise issue that has been blocking alt for 20 years.

Just stop comes to mind

vagabond reshared this.

Lo, thar be cookies on this site to keep track of your login. By clicking 'okay', you are CONSENTING to this.

⇧