Post 2438408 by sungo@hackers.town
(DIR) More posts by sungo@hackers.town
(DIR) Post #2424690 by thegibson@hackers.town
2018-12-30T05:52:18Z
7 likes, 13 repeats
Right now the fediverse is nipping at the heels of the silos.They know we are here, and they perceive us as a threat. We know this from leaked emails from facebook.That said, they could attack us in an oblique manner with any number of poisoned waterhole attacks.Earlier today someone predicted one or more of those platforms just integrate activitypub and crush us by incorporating us.Another pointed at the potential for procedurally generated instances that just harvest data, or overwhelm our ability to suspend all of the instances they throw up.When these attacks are adapted to... they'll get concerned, and will try to frame us as part of "the dark web(tm)"...That's how we'll know we're winning.
(DIR) Post #2424851 by Food@mastodon.art
2018-12-30T06:01:36Z
0 likes, 0 repeats
@TheGibsonI'm interested in brainstorming immune system defenses beyond our strength as actually real people who can tell the difference between fake and person, usually pretty obvious
(DIR) Post #2424945 by thegibson@hackers.town
2018-12-30T06:06:32Z
0 likes, 0 repeats
@Food I am interested in this as well.I feel like some sort of new instance registry may be necessary if we see these sorts of co-opting efforts occurring...Like a low speed probationary period or something...
(DIR) Post #2425024 by Food@mastodon.art
2018-12-30T06:11:12Z
0 likes, 0 repeats
@TheGibsonRegistry of instance to a peer to peer shared federated list of instances and with the moderators and hosts of the Theres so many already!Facebook is going to be regulated soon anyway, is my tangible reality goal. They aren't going to be. At all. Go away entirely fb
(DIR) Post #2425198 by oct2pus@catgirl.science
2018-12-30T06:14:12.784286Z
0 likes, 0 repeats
@thegibson source this please
(DIR) Post #2425199 by thegibson@hackers.town
2018-12-30T06:19:49Z
0 likes, 1 repeats
@oct2pus Source what?The leak was from 2012.They have been waiting for this model to show up, and they are completely aware of the surge that's occurred over the past two years.According to an email written by exec Sam Lessin in 2012 addressed to Zuckerberg, it's not one rival site or app - it's lots of them."The number one threat to Facebook is not another scale social network, it is the fracturing of information / death by a thousand small vertical apps which are loosely integrated together," he wrote.
(DIR) Post #2425258 by oct2pus@catgirl.science
2018-12-30T06:21:49.198926Z
0 likes, 0 repeats
@thegibson source your leak, you can't just SAY things as though they are true and expect me to believe you immediately.
(DIR) Post #2425259 by thegibson@hackers.town
2018-12-30T06:24:08Z
0 likes, 1 repeats
@oct2pus Sure, I can search for that and provide you with this... the message was from 2012, the actual leak reported on this month.Glad I could assist.https://www.google.com/amp/s/amp.businessinsider.com/facebook-emails-leak-key-details-2018-12
(DIR) Post #2425343 by oct2pus@catgirl.science
2018-12-30T06:25:20.871054Z
0 likes, 0 repeats
@thegibson alright, thank you.
(DIR) Post #2425344 by thegibson@hackers.town
2018-12-30T06:28:40Z
0 likes, 0 repeats
@oct2pus You are always welcome. :max:
(DIR) Post #2425479 by z428@social.tchncs.de
2018-12-30T06:35:13Z
0 likes, 0 repeats
@TheGibson They could attack us by inspiring or pushing for legislations that make running #fediverse nodes risky to individuals. Or they actually could attack us by pointing out that, in a distributed environment with many different actors and values, establishing a common, agreed-upon set of rules in example for moderation or privacy is pretty much impossible. Among some other ways.
(DIR) Post #2425739 by vertigo@mastodon.social
2018-12-30T06:48:46Z
0 likes, 0 repeats
@thegibson @Food The other thing to look out for are large quantities of instances on related IP blocks. Major corporations often pay for large IP address spaces, in part to work around spam blacklists.
(DIR) Post #2426077 by mirzaba@cybre.space
2018-12-30T07:04:00Z
0 likes, 1 repeats
@TheGibson @Food For one, whitelisting needs to be more of the norm, and people are going to have to be selective about who they federate with anyways even among normal instances.
(DIR) Post #2426410 by Xyc0@mastodon.social
2018-12-30T07:20:10Z
1 likes, 0 repeats
@thegibson i don't know if it would "crush us" by federating with us but i would bet there is already an instance federating that ingests all of our public content.
(DIR) Post #2426822 by PhoneBoy@noagendasocial.com
2018-12-30T07:36:53Z
0 likes, 1 repeats
@TheGibson I have ultimate faith the Internet will route around whatever damage is caused by Facebook or any of the others big sochnets. They're going to make it tough for sure, but they are dealing with sysadmins. https://xkcd.com/705/
(DIR) Post #2427231 by SouthernGothHick@radical.town
2018-12-30T08:00:18Z
1 likes, 0 repeats
@thegibson Mastodon dark web? More like, Mastodon After Dark Web
(DIR) Post #2427522 by AzureKingfisher@mastodonten.de
2018-12-30T08:17:40Z
0 likes, 0 repeats
@thegibson what's your source?
(DIR) Post #2429391 by ayy@soc.h4x.group
2018-12-30T09:57:27.220313Z
0 likes, 0 repeats
@thegibson what email
(DIR) Post #2432477 by faehnrich@mastodon.social
2018-12-30T12:09:11Z
0 likes, 0 repeats
@thegibson yeah I been wondering when a walled garden will start peaking over its parapets at ushttps://mastodon.social/web/statuses/101190317683778719
(DIR) Post #2433287 by fox@empoknor.speedfox.co.uk
2018-12-30T12:44:05Z
1 likes, 0 repeats
@thegibson My fear is that it'll be done in a simpler way than that. Governments want to regulate social media and Big Social Media want the fediverse gone. So, Big Social Media could agree to submit to regulation in return for governments shutting down the fediverse.
(DIR) Post #2433584 by severak@tiny.tilde.website
2018-12-30T12:58:58Z
0 likes, 0 repeats
@TheGibson I don't understand what they get with proceduraly generated instances
(DIR) Post #2435032 by bob@soc.freedombone.net
2018-12-30T07:51:48.411946Z
0 likes, 1 repeats
@z428 @thegibson The legislative angle is the most likely threat I think, because they would be playing to their strengths. Facebook has a lot of lobbying power, and the softball manner in which congress treated Zuck is an indicator that he can most likely purchase whatever legislation he needs.
(DIR) Post #2435033 by sciss@octodon.social
2018-12-30T11:29:12Z
1 likes, 0 repeats
@bob @TheGibson @z428 the EU's new copyright directive may play out exactly like that. I wrote to MEPs ahead of first vote in July (that was then unsuccessful), specifically asking about the definition of "platform" and whether they wouldn't see it as a threat to non-commercial players. From those favouring the directive (mostly EPP block), I didn't get a single relevant reply addressing this concern. They want to limit FB influence but may end up achieving the opposite.https://www.theverge.com/2018/9/12/17849868/eu-internet-copyright-reform-article-11-13-approved
(DIR) Post #2435733 by thegibson@hackers.town
2018-12-30T14:48:09Z
0 likes, 0 repeats
@Xyc0 It would crush us... but it would swallow us whole.
(DIR) Post #2435758 by remotenemesis@hackers.town
2018-12-30T14:49:48Z
0 likes, 0 repeats
@thegibson Facebook is pushing hard into being the interface for meatspace activities for those with low-technical literacy.Some anecdotes from an intelligent, well-educated, non-technical (and now infosec curious) friend, who is a light user of Facebook:1. After I pointed out the data-harvesting behaviors of Facebook Messenger, she eagerly deleted the app. When trying to make an appointment for a hair-cut, her stylist was flummoxed that my friend wasn't using Messenger to make the appointment. "Just this once". 2. Apparently Facebook is eating ebay's lunch with people selling their 2nd-hand stuff on local Facebook groups.The social graph is their base asset and these hooks are dependence multipliers.
(DIR) Post #2435778 by remotenemesis@hackers.town
2018-12-30T14:50:09Z
2 likes, 1 repeats
@thegibson Facebook is pushing hard into being the interface for meatspace activities for those with low-technical literacy.Some anecdotes from an intelligent, well-educated, non-technical (and now infosec curious) friend, who is a light user of Facebook:1. After I pointed out the data-harvesting behaviors of Facebook Messenger, she eagerly deleted the app. When trying to make an appointment for a hair-cut, her stylist was flummoxed that my friend wasn't using Messenger to make the appointment. "Just this once". 2. Apparently Facebook is eating ebay's lunch with people selling their 2nd-hand stuff on local Facebook groups.The social graph is their base asset and these hooks are dependence multipliers.
(DIR) Post #2435805 by thegibson@hackers.town
2018-12-30T14:51:29Z
0 likes, 0 repeats
@remotenemesis So we need federated solutions...
(DIR) Post #2435822 by remotenemesis@hackers.town
2018-12-30T14:52:17Z
0 likes, 0 repeats
@thegibson applications!
(DIR) Post #2435841 by thegibson@hackers.town
2018-12-30T14:53:00Z
0 likes, 0 repeats
@remotenemesis Solutions!
(DIR) Post #2435856 by Food@mastodon.art
2018-12-30T06:54:48Z
0 likes, 1 repeats
@vertigo@TheGibsonHow about thisDevelopers need to get paid enough for food, water, shelter, healthcare, so they can live their ethics and values, avoiding being compromisedModerators who also need to get paid a bit or donated to can have an allotment of individual accounts number they're ideally responsible for personally verifying person as person and making sure they have the basics of security and data storage in check
(DIR) Post #2435887 by clacke@libranet.de
2018-12-30T14:56:47Z
0 likes, 2 repeats
@sciss @bob @thegibson @z428 I worry that there will be "fake news" legislation. Just like the new copyright rules it will be aimed at Facebook and other big players, and just like the new copyright rules it will benefit Facebook and other big players.
(DIR) Post #2435906 by Food@mastodon.art
2018-12-30T06:57:23Z
0 likes, 0 repeats
@vertigo @TheGibsonBackups of data have to be places that are redundant, and owners hosting instances need to make sure they're on top of the management of the small bits of security that add up. Also would be good to pay them @hugo setup comes to mind
(DIR) Post #2435907 by Food@mastodon.art
2018-12-30T07:00:19Z
0 likes, 0 repeats
@vertigo @TheGibson @hugoCreating and refreshing an open redundant list of the fediverse and all attached instances and users and how many each instance has in overlap can help us identify weak links and see if there's any vulnerabilities in the awareness linkupSorta like finding broken packages, only we'd have a list of traits of nonreal cues to watch for and when finding a part, removing it somehow probably by alerting surrounding mods
(DIR) Post #2435908 by Food@mastodon.art
2018-12-30T07:02:21Z
0 likes, 1 repeats
@vertigo @TheGibson @hugoThinking of vulnerabilities of servers hosted on proprietary or at least insecure hosts, how to encourage hostings on places that are guaranteed to be as close to values and ethics in running server as possibleAnd having identified list of those server instance spots
(DIR) Post #2435923 by remotenemesis@hackers.town
2018-12-30T14:55:13Z
0 likes, 0 repeats
@thegibson something a home user or small business can spin up with the click of a button. A bunch of checkboxes for the features they want to run.
(DIR) Post #2435960 by Naleid@pleroma.site
2018-12-30T06:56:11.052872Z
0 likes, 1 repeats
@thegibson I unironically believe that the powers that be are trying to pit us against each other already with all the nazi drama. Trying to get us to divide and implode before we are a problem for them.
(DIR) Post #2436043 by pettter@social.umeahackerspace.se
2018-12-30T09:09:29+00:00
0 likes, 0 repeats
@thegibson > Earlier today someone predicted one or more of those platforms just integrate activitypub and crush us by incorporating us. See also: Google Talk and XMPP
(DIR) Post #2436044 by pettter@social.umeahackerspace.se
2018-12-30T09:09:43+00:00
0 likes, 0 repeats
@thegibson Also Google Reader and RSS.
(DIR) Post #2436045 by bob@soc.freedombone.net
2018-12-30T09:35:02.693954Z
0 likes, 1 repeats
@pettter @thegibson Google Talk and Reader were all created during the first phase of Google when they still supported open standards and were still somewhat engineer lead. I'm not sure they would be able to go back to that, because it would mean they lose control over ad delivery.Unexpected things always happen, but I don't see Google trying to crush the fediverse. The fediverse doesn't compete with any of their core products.
(DIR) Post #2436058 by thegibson@hackers.town
2018-12-30T15:00:10Z
1 likes, 0 repeats
@severak It's like poisoning the waterhole.If you shotgun out enough points of relay, a few are going to stick.Then they flood the fediverse with crap.We can easily handle this with moderation tools when it's a few servers.... but when it's a thousand?A million?
(DIR) Post #2436084 by clacke@libranet.de
2018-12-30T15:00:43Z
0 likes, 1 repeats
@ayy @thegibson @thor Yes, these leaked facebook emails, are they available anywhere? Or at least as third hand information in some news article?
(DIR) Post #2436091 by remotenemesis@hackers.town
2018-12-30T14:59:48Z
0 likes, 1 repeats
@thegibson forms of text, photo, video feed, calendaring, reservations... that would go a long way, and we're close.
(DIR) Post #2436123 by remotenemesis@hackers.town
2018-12-30T15:02:41Z
0 likes, 1 repeats
@pettter @thegibson attitudes toward Google are shifting now.We've seen how they are employing embrace-and-replace. They are increasingly no longer perceived as the cool internet friendly poster-child they once pretended to be.
(DIR) Post #2436139 by matilde@cybre.space
2018-12-30T15:05:34Z
0 likes, 1 repeats
@TheGibson @remotenemesis gonna hit up my hairdresser on xmpp
(DIR) Post #2436273 by bhtooefr@mastodon.social
2018-12-30T15:05:37Z
0 likes, 1 repeats
@remotenemesis @thegibson Also, a lot of restaurants in my area... if they have a website, it's barely more than a domain parking page, and maybe you get a menu from 5 years ago when they first got a website.If you want their current menu, or their specials, or whether they're closing early or open at all for a holiday? You have to find their Facebook page, and they only post that stuff there.
(DIR) Post #2436274 by bhtooefr@mastodon.social
2018-12-30T15:09:18Z
0 likes, 0 repeats
@remotenemesis @thegibson This is something I've harped on a lot, but FrontPage was actually good.Relatively easy to use to keep a website updated - if you could use a word processor, you could make something perfectly serviceable - and it made navigable sites almost automatically, too.And the result was static or used very little dynamic content, too, with almost no JavaScript. Far lighter than the modern internet.
(DIR) Post #2436275 by remotenemesis@hackers.town
2018-12-30T15:11:12Z
0 likes, 1 repeats
@bhtooefr @thegibson 💯 :valid: I'm also a proponent of bringing back some kind of federated web-native hypercard-like thing. I think the Fediverse is backing into multi-application clients.
(DIR) Post #2436293 by remotenemesis@hackers.town
2018-12-30T15:07:27Z
0 likes, 1 repeats
@bhtooefr @thegibson This is really what we're up against. Facebook is turning everything outside of their silo into a dead-zone.I think these folks are late-adopters on the tech adoption curve. They'll go where the users are as long as it is easy.
(DIR) Post #2436359 by bhtooefr@mastodon.social
2018-12-30T15:12:32Z
0 likes, 1 repeats
@remotenemesis @thegibson But no, the HTML it generated was "not good enough", so a lot of people mocked FrontPage users, and pushed maintenance-heavy CMSes.I mean, really, was WordPress Pages *ever* better than FrontPage?Then, when people got their shit hacked, hey, Facebook exists, they're already on it, everyone they know is already on it, use it, and not have to worry about things.
(DIR) Post #2436403 by remotenemesis@hackers.town
2018-12-30T15:18:53Z
0 likes, 1 repeats
@thegibson @oct2pus There's also another possible outcome where open protocols win again, and Facebook, and hopefully others, are forced to play nicely to remain viable.In some ways that's a more insidious threat because no stake is driven through the heart of the monster.
(DIR) Post #2436445 by SoniEx2@cybre.space
2018-12-30T15:19:27Z
0 likes, 0 repeats
@TheGibson just go SCTP
(DIR) Post #2436620 by remotenemesis@hackers.town
2018-12-30T15:27:14Z
0 likes, 2 repeats
@bhtooefr @thegibson (one more thing!)I think the Facebook debacle is showing us that a lot of people really don't care about running a site with strong branding. They want a low-touch online presence where lots of users can find and interact with them easily.Food for thought, that.
(DIR) Post #2436723 by bhtooefr@mastodon.social
2018-12-30T15:28:55Z
0 likes, 1 repeats
@remotenemesis @thegibson Branding is fundamentally a megacorp marketing exercise, to expand even more.For a local business, "branding" doesn't do shit (and in fact can come off as insincere), word of mouth is everything, and Facebook has inserted itself into the word of mouth process uniquely well.
(DIR) Post #2436822 by chartier@toot.cafe
2018-12-30T15:35:51Z
0 likes, 0 repeats
@TheGibson @Are0h Whoa. I wonder if this is something admins could coordinate on. Now I’m all paranoid about this. 😄Also, got any links about FB emails and Masto?
(DIR) Post #2436920 by thegibson@hackers.town
2018-12-30T15:40:13Z
0 likes, 0 repeats
@chartier @Are0h Not directly related to Masto... there Is a link that I posted in this thread last night...They describe federated solutions as their greatest threat...
(DIR) Post #2437054 by phoe@functional.cafe
2018-12-30T15:47:10Z
0 likes, 0 repeats
@thegibson Which Facebook emails are you referring to?
(DIR) Post #2437092 by thegibson@hackers.town
2018-12-30T15:48:39Z
0 likes, 0 repeats
@phoe Go back up the thread.link's in there.
(DIR) Post #2437172 by Wolf480pl@niu.moe
2018-12-30T15:53:13Z
0 likes, 1 repeats
@TheGibson @Food >Instance registry>looks at eris.Berkeley.EDU>looks at Q-line>looks at EFNethistory likes to repeat itself, doesn't it? :P
(DIR) Post #2437235 by Food@mastodon.art
2018-12-30T15:55:22Z
0 likes, 1 repeats
@Wolf480pl@TheGibsonHence I'm proposing the owners and moderators get to know each other as people lolConferences for mastodon doubling as a user's convention
(DIR) Post #2437243 by thegibson@hackers.town
2018-12-30T15:55:35Z
0 likes, 0 repeats
@Wolf480pl @Food I am not necessarily suggesting it as the solution... but I don't know how we make ourselves resilient to abuse of the open system without some sort of whitelisting.That said, yes... we tend to repeat ourselves.🤔
(DIR) Post #2437310 by Food@mastodon.art
2018-12-30T15:56:36Z
0 likes, 0 repeats
@TheGibson@Wolf480plIts good to look through all the ideas for sureWhat we have that the centralized dont is individuals who are people who are more than paid to care
(DIR) Post #2437371 by Wolf480pl@niu.moe
2018-12-30T16:00:21Z
1 likes, 0 repeats
@TheGibson @Food IMO, to a certain extent, this is a question of what our goals are.Is our goal to have a federated network which _everyone_ can join with their instance, then we should allow Facebook et al. join us, and we should work on ways to make sure that the joining of Facebook won't cause harm to people on other instances.If our goal is to have an isolated safe space away from mainstream socnets, then whitelisting would be a good approach, but it wouldn't be "Fediverse" anymore.
(DIR) Post #2437448 by Wolf480pl@niu.moe
2018-12-30T16:03:42Z
1 likes, 0 repeats
@TheGibson @Food Keep in mind that for many people a rule like "if you want your instance to join the Fediverse, you need to contact a *real person* who already has an instance and have them vet your application"would be a showstopper.
(DIR) Post #2437454 by Food@mastodon.art
2018-12-30T16:03:58Z
0 likes, 0 repeats
@Wolf480pl@TheGibsonFocusing on having people here as people and throwing out organizational associations or brands and such is my view. The benefit of being here is it isnt about someone elses agendaI think approaching security in this way, person to person at their degree of responsibility and clearly defined roles and code of conduct and people running the servers that are aware of each other, being aware of the people theyre near
(DIR) Post #2437477 by thegibson@hackers.town
2018-12-30T16:04:48Z
0 likes, 0 repeats
@Wolf480pl @Food I don't have a problem with them joining the fediverse... we can block their instances...What I am concerned about is the potential for a concerted effort to poison the fediverse at large with a large number of junk instances.
(DIR) Post #2437482 by Food@mastodon.art
2018-12-30T16:05:15Z
0 likes, 0 repeats
@Wolf480pl@TheGibsonI'm for whatever instances from whoever person or not, as long as they're able to enforce code of conduct and uphold really being mastodon socially
(DIR) Post #2437488 by Wolf480pl@niu.moe
2018-12-30T16:05:27Z
0 likes, 0 repeats
@TheGibson @Food IOW Sybil attack?
(DIR) Post #2437504 by thegibson@hackers.town
2018-12-30T16:05:54Z
0 likes, 0 repeats
@Wolf480pl @Food I agree, which is why I don't know that a register is a good idea.
(DIR) Post #2437536 by Gaynebula@girlcock.club
2018-12-30T16:07:55Z
0 likes, 0 repeats
@thegibsonPlease, care about neurodivergent peoples' access to info like this enough to add a cw. It's one button away and takes maybe at most a minute or two.
(DIR) Post #2437547 by Food@mastodon.art
2018-12-30T16:09:33Z
0 likes, 0 repeats
@Wolf480pl@TheGibsonThe verification process would be a little behind the computer part of the system. Like, literally, humans interactingThat would mean for every user there would be at least one assigned modAnd instances that are large would require, ideally, mods for every set of users number. And then we can be really tight socially without loose ends or weird 'idk what this is its just here' and it turns into death
(DIR) Post #2437574 by jerry@infosec.exchange
2018-12-30T16:11:41Z
0 likes, 0 repeats
@Wolf480pl @TheGibson @Food if FB decided to federate, I doubt any existing fediverse instance could survive without blocking FB. I don’t see this is a philosophical question, but rather a technical and economic one. FB probably has 3 orders of magnitude more users and 4 to 5 orders of magnitude more traffic than does the fediverse. Even if pleroma/mastodon/etc could scale to that level of traffic without major changes, it would be too expensive to operate.
(DIR) Post #2437578 by Food@mastodon.art
2018-12-30T16:11:47Z
0 likes, 0 repeats
@Wolf480pl@TheGibsonWhat@cypherpunk@mastodon.social is saying about distributed networks piques my interest because then there's no 'up'However the host computer would have to always be on and always be connected to the internet, or there would have to be some sort of in-outbox online always
(DIR) Post #2437580 by Wolf480pl@niu.moe
2018-12-30T16:11:53Z
0 likes, 0 repeats
@Food @TheGibson But there isn't a single code of conduct governing the whole Fediverse. Every instance has different rules, and most of them can still live peacefully together, despite the differences.Also, it's not just Mastodon. It's also Pleroma, Pixelfed, Friendica, Hubzilla, Misskey, Peertube...
(DIR) Post #2437603 by thegibson@hackers.town
2018-12-30T16:12:54Z
0 likes, 0 repeats
@jerry @Wolf480pl @Food Exactly.
(DIR) Post #2437628 by Food@mastodon.art
2018-12-30T16:13:53Z
0 likes, 0 repeats
@Wolf480pl@TheGibsonHeh this is where religious sects branch off and allCalvin, church of england, reformists vs that-word-that-means-strictly-the-same
(DIR) Post #2437650 by thegibson@hackers.town
2018-12-30T16:14:35Z
0 likes, 0 repeats
@Food @Wolf480pl It wouldn't be the first fediverse schism.
(DIR) Post #2437672 by Wolf480pl@niu.moe
2018-12-30T16:15:27Z
0 likes, 0 repeats
@Food @TheGibson But as it is right now, the Fediverse isn't tight socially, and I don't think it's possible to have this many people be tight socially.I don't think it's even desirable. In such a large amount of people it's very easy to find 2 individuals who just don't like each other and would rather not be forced to talk to each other.
(DIR) Post #2437718 by Food@mastodon.art
2018-12-30T16:17:14Z
0 likes, 0 repeats
@Wolf480pl@TheGibsonHm yeahAt the beginning of thinking of this all, I was thinking of the difference between making an audio signal chain and just having an infinite fractal and is this something that we even have power over and I came to the conclusion individuals have power in here, and not much higher does it go
(DIR) Post #2437729 by Wolf480pl@niu.moe
2018-12-30T16:17:50Z
0 likes, 0 repeats
@jerry @TheGibson @Food Only if people from your instance follow people from FB. And only to the extent they follow people from FB.AFAIK, if people from my instance follow total of 5 people from .social, then my instance will only receive posts of 5 people from .social, not all posts from everyone on .social.(if it's not the case then the protocol is terribly broken)Now, do you think people from your instance would suddenly follow everyone from FB?
(DIR) Post #2437742 by thegibson@hackers.town
2018-12-30T16:18:37Z
0 likes, 0 repeats
@Wolf480pl @jerry @Food Your federated timeline, and thereby your required storage will explode.
(DIR) Post #2437766 by Wolf480pl@niu.moe
2018-12-30T16:19:37Z
0 likes, 0 repeats
@jerry @TheGibson @Food And even if people from your instance followed a lot of people from FB, that'd mean they'd follow the same amount of people if all of them were on Fediverse instead of FB. So you'd get the same amount of traffic.If fedi can't deal with the traffic your users want from FB, it means fedi is not a good replacement for FB.
(DIR) Post #2437816 by Food@mastodon.art
2018-12-30T16:21:35Z
0 likes, 0 repeats
@Wolf480pl@jerry @TheGibsonFb's its own world to me, one I want nothing to do with how they built it
(DIR) Post #2437823 by thegibson@hackers.town
2018-12-30T16:21:55Z
0 likes, 0 repeats
@Wolf480pl @jerry @Food It's not the raw traffic necessarily. It's the individual servers being hosted at the cost of the admin that wouldn't be able to afford the cost of running.And/or they just pump trash into the fediverse by procedurally generating instances and flooding everything.
(DIR) Post #2437929 by Wolf480pl@niu.moe
2018-12-30T16:25:09Z
0 likes, 0 repeats
@TheGibson @jerry @Food but federated timeline shows only posts from people who are followed by someone on your instance.
(DIR) Post #2437971 by Food@mastodon.art
2018-12-30T16:22:18Z
0 likes, 0 repeats
@Wolf480pl @jerry @TheGibsonI think it's like going to a different country. Mastodon just works differently on a structural component and a cultural component
(DIR) Post #2437972 by Wolf480pl@niu.moe
2018-12-30T16:26:25Z
0 likes, 0 repeats
@Food @jerry @TheGibson yeah, but the question is, do we want everyone to eventually move to our country, or do we think some people deserve to stay forever in North Korea / US / <insert-your-faviourite-opressive-regime-here>?
(DIR) Post #2438056 by thegibson@hackers.town
2018-12-30T16:29:13Z
0 likes, 0 repeats
@Wolf480pl @jerry @Food If I were an attacker, I would have accounts on prominent servers that would scriptomatically follow the accounts I wanted on the compromised servers.
(DIR) Post #2438067 by Food@mastodon.art
2018-12-30T16:29:44Z
0 likes, 0 repeats
@Wolf480pl@jerry @TheGibsonWellThats the terrifyingly beautiful part.These tools to communicate are for people who are looking to communicateThey've got a finite reach in an infinitely complex organic worldThe server is a direct reflection of the mods tending and the users beingTheres probably a N Korea and an Egypt and a USA set of instances and USA blocked N Korea or something
(DIR) Post #2438106 by Wolf480pl@niu.moe
2018-12-30T16:30:38Z
0 likes, 0 repeats
@Food @jerry @TheGibson I'm thinking of FB as an N Korea, successively brainwashing
(DIR) Post #2438148 by Wolf480pl@niu.moe
2018-12-30T16:31:20Z
0 likes, 0 repeats
@Food @jerry @TheGibson oops, I accidentally hit enter in the middle of a post...
(DIR) Post #2438314 by Wolf480pl@niu.moe
2018-12-30T16:36:00Z
0 likes, 1 repeats
@Food @jerry @TheGibson I'm thinking of FB as a North Korea of socnets, successively brainwashing everyone who uses it.Also, it's a problem when someone you want (a friend) or need (a classmate with whom you're doing a pair project) to communicate with uses only FB and expects everyone to be on FB.If you're on FB, FB will abuse you and your data.If you're not on FB, you won't have a way to communicate with people.This is why we need to replace FB.Why we need everyone to use sth else.
(DIR) Post #2438366 by rick_777@cybre.space
2018-12-30T16:36:56Z
0 likes, 0 repeats
@TheGibsonWhy even give them the chance? We should start implementing white or grey listing right now.
(DIR) Post #2438372 by Food@mastodon.art
2018-12-30T16:37:19Z
0 likes, 0 repeats
@Wolf480pl@jerry @TheGibsonAbsolutely true in my viewYou could also ask for a phone number or meeting up in person and just be assertive about that and needs no explanation
(DIR) Post #2438394 by minimoon@pl.smuglo.li
2018-12-30T16:38:10.099403Z
0 likes, 0 repeats
@Wolf480pl @thegibson @jerry @Food fb shadow profilest too, if all your friends are on it it constructs an identity for you as well. it abuses your data even if you're not on it.
(DIR) Post #2438399 by Food@mastodon.art
2018-12-30T16:38:16Z
0 likes, 0 repeats
@Wolf480pl@jerry @TheGibsonI do think fb makes an incredibly droll homogenous fragile culture. This is why I'm not there lol: they're Brisket Boring , no offense to brisket lol
(DIR) Post #2438408 by sungo@hackers.town
2018-12-30T16:38:38Z
0 likes, 0 repeats
@thegibson @Food @Wolf480pl Everyone wave at awoo.space
(DIR) Post #2438421 by Wolf480pl@niu.moe
2018-12-30T16:39:09Z
0 likes, 0 repeats
@TheGibson @jerry @Food Now we're talking!This is a very interesting attack scenario.So the key here is to distinguish a legit user following profiles from <bigInstance> from a bot following profiles from <bigInstance> in order to fill your disk.Or is it?Even if it's a real user following too many people from <bigInstnace> that can cause trouble for the admin. 1/2
(DIR) Post #2438466 by Food@mastodon.art
2018-12-30T16:40:24Z
0 likes, 0 repeats
@Wolf480pl@TheGibson @jerryWhat's the trace?
(DIR) Post #2438490 by thegibson@hackers.town
2018-12-30T16:40:16Z
0 likes, 0 repeats
@Wolf480pl @jerry @Food This is the scenario when I refer to a poisoning scenario.
(DIR) Post #2438511 by rick_777@cybre.space
2018-12-30T16:41:02Z
1 likes, 0 repeats
@TheGibsonWhat leaked emails? I'm curious :blobcat:
(DIR) Post #2438513 by Wolf480pl@niu.moe
2018-12-30T16:42:04Z
0 likes, 0 repeats
@TheGibson @jerry @Food So we need a method in place for admins to identify users who cause too much load on the server and either politely ask them to move somewhere else, or to reduce the load they're causing, or have them cover part of the costs of the server, or find some other solution.Either way, AFAIU, only people on your server can cause load on it (or, for that matter, other issues), and you need a way to monitor which of your users are causing issues.
(DIR) Post #2438588 by thegibson@hackers.town
2018-12-30T16:42:14Z
0 likes, 0 repeats
@rick_777 https://www.google.com/amp/s/amp.businessinsider.com/facebook-emails-leak-key-details-2018-12
(DIR) Post #2438601 by Wolf480pl@niu.moe
2018-12-30T16:44:12Z
0 likes, 0 repeats
@Food @jerry @TheGibson Yes, you can.But it doesn't always work, and is not as convenient as having them on IRC :PMeanwhile the student's council still announces the most important announcements only on FB group, even though the university provides a mailing list on which all students are subscribed automatically, and which is a much better channel for official announcements.
(DIR) Post #2438612 by rick_777@cybre.space
2018-12-30T16:44:10Z
0 likes, 0 repeats
@TheGibsonOh.@oct2pus
(DIR) Post #2438633 by thegibson@hackers.town
2018-12-30T16:44:45Z
0 likes, 0 repeats
@Wolf480pl @jerry @Food So, kind of....Let's say I have a compromised account on your server. I follow a bunch of accounts from a thousand different instances that are mostly quiet.Those accounts at some point start to all post heavy video content.All of it comes to the federated timeline on your server.Poof.
(DIR) Post #2438718 by Food@mastodon.art
2018-12-30T16:48:00Z
0 likes, 0 repeats
@Wolf480pl@TheGibson @jerryMy helpful admin has contacted me personally when I was on a posting spree and let me know it would dominate the tlThat was helpfulI stopped doing it quite like that
(DIR) Post #2438721 by Wolf480pl@niu.moe
2018-12-30T16:48:14Z
0 likes, 0 repeats
@TheGibson @jerry @Food hmm... yeah, sounds like something that can be solved by manual intervention, but will cause downtime anyway, and a well prepared attacker can repeat the attack with different accounts over and over again.Maybe some per-user rate limits for downloading content from other instances? This way other users of the instance wouldn't be affected by the compromised account.
(DIR) Post #2438926 by thegibson@hackers.town
2018-12-30T16:54:41Z
1 likes, 0 repeats
@Wolf480pl @jerry @Food Also, perhaps a NON-federated mode that the server can be brought up in to analyze the problem.
(DIR) Post #2439023 by banjofox@elekk.xyz
2018-12-30T16:57:30Z
0 likes, 0 repeats
@TheGibson activitypub silos would effectively strengthen the network.protecting against "spawned" harvesters is simply a matter of white listing federated servers.
(DIR) Post #2439214 by thegibson@hackers.town
2018-12-30T17:04:00Z
0 likes, 0 repeats
@Wolf480pl @jerry @Food I suppose you could just block the IP from accessing the internet.
(DIR) Post #2439298 by Wolf480pl@niu.moe
2018-12-30T17:07:47Z
0 likes, 0 repeats
@TheGibson @jerry @Food that could accidentally block lots of other things which are useful when diagnosing the issue.OTOH, blocking server-to-server endpoints at reverse proxy level (think nginx) would probably be an effective measure.
(DIR) Post #2439683 by rick_777@cybre.space
2018-12-30T17:19:34Z
0 likes, 0 repeats
@gargron we need to be prepared against a sudden wave of malicious instances spamming us, because they'll be coming here sooner or later.@TheGibson
(DIR) Post #2440671 by zladuric@mastodon.technology
2018-12-30T17:50:06Z
0 likes, 0 repeats
@TheGibson in a way, it's like bitcoin and blockchain. The technology behind fediverse, activitypub is like blockchain. Everybody, including greedy corporations is now using blockchain. But it's still possible to do e.g. direct or anonymous transaction. I'd say yes, our privacy is in danger of greedy American corporations, but it's not the end.
(DIR) Post #2441039 by severak@tiny.tilde.website
2018-12-30T18:00:54Z
0 likes, 0 repeats
@TheGibson for this looks more like scenario with 4chan will come. Facebook will not did this, because this cannot bring them $$$.
(DIR) Post #2441079 by thegibson@hackers.town
2018-12-30T18:01:36Z
0 likes, 0 repeats
@severak It is less about bringing them money, and more about eliminating competitive solutions.
(DIR) Post #2441124 by thegibson@hackers.town
2018-12-30T18:02:34Z
0 likes, 0 repeats
@severak 4chan would need a massive amount of resources to do this on an effective scale... I don't think they could overwhelm us.
(DIR) Post #2441782 by severak@tiny.tilde.website
2018-12-30T18:21:53Z
0 likes, 0 repeats
@TheGibson 4chan has shitloads of time.
(DIR) Post #2442656 by Shamar@mastodon.social
2018-12-30T19:00:25Z
0 likes, 0 repeats
@Wolf480pl @gilscottfitzgerald @thegibson @Food #Hackers + #kids + #education: that's the solution.
(DIR) Post #2443625 by gemlog@mastodonten.de
2018-12-30T19:48:33Z
0 likes, 1 repeats
@Wolf480pl @Food @jerry @thegibson No only "This is why we need to replace FB. Why we need everyone to use sth else." But *many* something'S' else. Many other 'things' on many other servers, all federated. - mastodon- nextcloud- pleroma- pixelfed- peertube- more all the time!Fediverse software platforms:https://en.wikipedia.org/wiki/Fediverse#Fediverse_software_platforms
(DIR) Post #2443894 by Wolf480pl@niu.moe
2018-12-30T20:07:12Z
0 likes, 0 repeats
@gemlog @Food @jerry @TheGibson Actually, I think we should get them to use more than one protocol at the same time, to get used to the fact that not everyone is on the same network.
(DIR) Post #2443977 by gemlog@mastodonten.de
2018-12-30T20:10:51Z
0 likes, 0 repeats
@Wolf480pl @Food @jerry @thegibson Some projects do support more than one protocol - it's not quite one ring to rule them all. Yet.Which, yeah, might bring the same disaster as smtp for example.
(DIR) Post #2444100 by Xyc0@mastodon.social
2018-12-30T20:15:15Z
0 likes, 0 repeats
@thegibson there are two paths we can go with this, DRM and a walled garden for ourselves or open and free publishing that is incorporated.I wouldn't even need my own instance to tap into a federated feed for curated data to train on.The choice we made in the fediverse the control of what information WE consume.
(DIR) Post #2444302 by Wolf480pl@niu.moe
2018-12-30T20:24:14Z
0 likes, 0 repeats
@gemlog @Food @jerry @TheGibson No no no, what I mean is, people should be used to the fact that they have to use 2 (or more) different, mutually incompatible applications, for accessing 2 or more separate networks, because there's no network that is used by everyone.
(DIR) Post #2444353 by Wolf480pl@niu.moe
2018-12-30T20:26:29Z
0 likes, 0 repeats
@gemlog @Food @jerry @TheGibson It used to be that you needed 5 IMs because none of them alone would let you reach everyone. Nowadays, people assume everyone can be reached through FB.Replacing that by a belief that everyone can be reached by <some-federated-thing> would be better but still far from ideal.Ideally, we'd have people believe that no IM or socnet can let them reach everyone, and than using multiple in parallel is normal and expected.
(DIR) Post #2444365 by Wolf480pl@niu.moe
2018-12-30T20:26:49Z
0 likes, 0 repeats
@gemlog @Food @jerry @TheGibson IOW, we need more fragmentation.
(DIR) Post #2446867 by Xyc0@mastodon.social
2018-12-30T20:18:52Z
0 likes, 0 repeats
@thegibson There's no reason we can't feed off of Facebook / Twitter either.Using Facebook Login api we could have a real name instance that has restricts posts to unlisted.It would break public federation but check all the boxes for most people in the Facebook workflow.Now imagine thousands of these instances.Facebook would never be able to revoke all of their API tokens.
(DIR) Post #2446868 by thegibson@hackers.town
2018-12-30T22:21:26Z
0 likes, 0 repeats
@Xyc0 That's actually an interesting idea.Not one I'm quite willing to commit to... but very interesting.
(DIR) Post #2446921 by gemlog@mastodonten.de
2018-12-30T19:01:57Z
0 likes, 1 repeats
@remotenemesis @thegibson This: "2. Apparently Facebook is eating ebay's lunch with people selling their 2nd-hand stuff on local Facebook groups."I've never used fb, but my friends and i need to ask an fb-er about local stuff. That's very sad and hard to combat.
(DIR) Post #2448005 by Xyc0@mastodon.social
2018-12-30T22:54:29Z
0 likes, 0 repeats
@thegibson same, I'm still trying talk myself into setting up a federated instance on thejoyo.com.it's the domain I use on business cards so I don't have a clear audience, coworkers and defconers alike.maybe I should disable the feed on the home page.
(DIR) Post #2449497 by gemlog@mastodonten.de
2018-12-30T23:47:05Z
0 likes, 0 repeats
@Wolf480pl @Food @jerry @thegibson I know that sounds funny.
(DIR) Post #2452010 by geotechland@mastodon.social
2018-12-31T01:14:56Z
0 likes, 0 repeats
@thegibson im curious about where i can read their leaked emails? Not surprised because just like windows sees linux as a threat, the social media giants will see the fediverse as a threat
(DIR) Post #2453165 by thefishcrow@cybre.space
2018-12-31T01:53:17Z
0 likes, 0 repeats
@sungo @TheGibson fuck you
(DIR) Post #2453196 by sungo@hackers.town
2018-12-31T01:54:29Z
0 likes, 0 repeats
@thefishcrow @thegibson
(DIR) Post #2453220 by thefishcrow@cybre.space
2018-12-31T01:55:10Z
0 likes, 0 repeats
@sungo @TheGibson like you have a fucking issue with with Awoo space??? So fuck off???
(DIR) Post #2453282 by sungo@hackers.town
2018-12-31T01:57:44Z
0 likes, 0 repeats
@thefishcrow @thegibson Not sure why you're coming at me like this. I think it's fair to say that they represent a sizeable schism in the fediverse. "schism" doesn't particularly mean "bad". Just that they broke off and went off on their own.
(DIR) Post #2453368 by thefishcrow@cybre.space
2018-12-31T02:00:59Z
0 likes, 0 repeats
@sungo @TheGibson I’m just mad today, it’s not you then
(DIR) Post #2453408 by sungo@hackers.town
2018-12-31T02:02:32Z
0 likes, 0 repeats
@thefishcrow @thegibson Alrighty. Well, I hope things improve for you.
(DIR) Post #2454690 by lertsenem@mastodon.lertsenem.com
2018-12-30T10:55:44Z
0 likes, 0 repeats
@mirzaba @thegibson @Food The most elegant solution I saw someone propose (can't remember who though :s) was to auto-block instances hosting more than N users to force decentralisation –and avoid the fate of emails.But the problem is that we already have too big instances like mastodon.social or pawoo.net. So maybe we're doomed.¯\_(ツ)_/¯Also, if you have a link or source regarding those leaked Facebook emails about federation I'd be interested.
(DIR) Post #2454691 by rick_777@cybre.space
2018-12-30T16:38:25Z
0 likes, 0 repeats
@lertsenemAuto block with white listing could be one way.@mirzaba @TheGibson @Food
(DIR) Post #2454692 by duck57@mastodon.social
2018-12-31T02:46:52Z
0 likes, 0 repeats
@rick_777 @lertsenem @mirzaba @thegibson @Food How should a new instance establish itself if it can’t federate without first being on a whitelist?
(DIR) Post #2454693 by thegibson@hackers.town
2018-12-31T02:48:52Z
0 likes, 0 repeats
@duck57 @rick_777 @lertsenem @mirzaba @Food a problem...After some thought... maybe the natural way an instance slowly federates is enough to make it un-economical to abuse.but I feel like this could be scriptomatically overcome by selective high value follows...
(DIR) Post #2458708 by remotenemesis@hackers.town
2018-12-30T14:52:10Z
1 likes, 0 repeats
@thegibson I'm not convinced we're going to pry everyone willingly out of the silos. We might, however, cause enough loss of use to eat into profitability and trigger a death spiral.The trick, is going to be federated applications.Just like the internet was supposed to be.
(DIR) Post #2478287 by clacke@libranet.de
2018-12-31T18:14:47Z
0 likes, 0 repeats
I don't see it, on libranet.de/display/4381cc584a… nor on hackers.town/@thegibson/101328….
(DIR) Post #2481711 by huertanix@cybre.space
2018-12-31T20:23:02Z
0 likes, 0 repeats
@TheGibson Hello I am interested in reading these leaked Facebook emails.
(DIR) Post #2690066 by agris@dragon.style
2019-01-06T02:50:02Z
0 likes, 0 repeats
@thegibson >Another pointed at the potential for procedurally generated instances that just harvest data, or overwhelm our ability to suspend all of the instances they throw up.Isn't DDOSing illegal?> those platforms just integrate activitypubDoesn't that mean we win? Like when Google Talk implemented XMPP federation, and then removed it shorty after>will try to frame us as part of "the dark web(tm)"...You mean like any person not running Google Chrome on Microsoft WIndows?
(DIR) Post #2690067 by maiyannah@community.highlandarrow.com
2019-01-06T02:52:05+00:00
0 likes, 0 repeats
@agris @thegibson Oh yes, something being illegal will definitely stop people from doing the bad things.
(DIR) Post #2693858 by Food@mastodon.art
2018-12-30T06:51:01Z
0 likes, 0 repeats
@vertigo@TheGibsonI'm looking for a solution about how GitHub's parent company is now MicrosoftSomething we can use as #foss and such that has nothing to do with that recent company grab
(DIR) Post #2693859 by waterbear@sunbeam.city
2018-12-30T17:06:10Z
0 likes, 0 repeats
@Food @vertigo @thegibson well there's gitlab. It has a self-hosted option.Github is unfortunately so entrenched because of the discoverability it offers its users.
(DIR) Post #2693860 by agris@dragon.style
2019-01-06T02:53:06Z
0 likes, 0 repeats
@waterbear @Food @vertigo @thegibson github is not open. It's not very good either, as it requires running massive amounts of javascript to work at all, and still doesn't accept email for pull requests.
(DIR) Post #2693861 by agris@dragon.style
2019-01-06T02:53:30Z
0 likes, 0 repeats
@waterbear @Food @vertigo @thegibson *gitlab
(DIR) Post #2693862 by vertigo@mastodon.social
2019-01-06T05:04:18Z
0 likes, 0 repeats
@agris @waterbear @Food @thegibson I'm not familiar with using email based workflows with raw git. Is there an online workflow description that works through how it's done? Thanks!
(DIR) Post #2693863 by thegibson@hackers.town
2019-01-06T05:25:18Z
0 likes, 0 repeats
@vertigo @agris @waterbear @Food Gitlab is the current play.
(DIR) Post #2693864 by remotenemesis@hackers.town
2019-01-06T05:28:57Z
0 likes, 0 repeats
@thegibson @vertigo @agris @waterbear @Food no love for gitea?
(DIR) Post #2693865 by thegibson@hackers.town
2019-01-06T05:31:41Z
0 likes, 0 repeats
@remotenemesis @vertigo @agris @waterbear @Food Gitea is fine... I just don't see as many dev's moving to it as gitlab.
(DIR) Post #2693866 by remotenemesis@hackers.town
2019-01-06T05:32:46Z
0 likes, 0 repeats
@thegibson @vertigo @agris @waterbear @Food gotta fix that. gitlab is another github waiting to happen.
(DIR) Post #2693867 by thegibson@hackers.town
2019-01-06T05:34:28Z
0 likes, 0 repeats
@remotenemesis @vertigo @agris @waterbear @Food Explain.. I am not aware of why... I thought it was not centralized.
(DIR) Post #2693868 by remotenemesis@hackers.town
2019-01-06T05:37:09Z
0 likes, 0 repeats
@thegibson @vertigo @agris @waterbear @Food Google is an investor. Not again.gitea is supported by @cloud, although I haven't tried their containerized install yet.I got mine and hope to share soon.https://gitea.luckybytepalace.net
(DIR) Post #2693869 by thegibson@hackers.town
2019-01-06T05:38:09Z
0 likes, 0 repeats
@remotenemesis @vertigo @agris @waterbear @Food All I needed to do know... gitea it is.
(DIR) Post #2693870 by uranther@cybre.space
2019-01-06T05:43:22Z
0 likes, 0 repeats
@TheGibson good choice. GitLab is a behemoth but gitea is a sprite
(DIR) Post #9r2aLVndPPvLO8rbO4 by tofuwabohu@social.tchncs.de
2020-01-15T17:59:38Z
1 likes, 0 repeats
@thegibson Thanks a lot! I didn't hear about the emails and looked it up. In case this is news for someone else, here is an article containing parts of the emails (search for fracturing).https://www.businessinsider.com/facebook-emails-leak-key-details-2018-12?r=DE&IR=T#6-zuckerberg-suggested-users-data-was-worth-10-cents-a-year-6