Post 9k6yFGe9jAvbfqD4hE by rick_777@cybre.space
(DIR) More posts by rick_777@cybre.space
(DIR) Post #9k6vbZzWBaeqB79KSW by thegibson@hackers.town
2019-06-22T03:45:57Z
0 likes, 0 repeats
We are only safe because people are following the rules.
(DIR) Post #9k6vbaCzNVQuqtS5SK by jeff@social.i2p.rocks
2019-06-22T16:42:51.412977Z
0 likes, 0 repeats
@thegibson so we should start encrypting and signing everything then?
(DIR) Post #9k6yFEBiruzo34tL6G by sungo@hackers.town
2019-06-22T03:52:20Z
0 likes, 0 repeats
@thegibson We only think we're safe. We assume that rule-breaking folks are always doing it with neon signs and press releases. I'm more concerned with the quiet ones, the "persistent" in APT
(DIR) Post #9k6yFELIIKeUWlMz1E by SinaCutie@hackers.town
2019-06-22T03:56:54Z
0 likes, 0 repeats
@sungo @thegibson The ones who have been here, and still are, but abide the rules and play nice, or just.. observe and collect.They've been a part of this place for a while, but people just don't want to accept that.
(DIR) Post #9k6yFEatML83J8fRKa by sungo@hackers.town
2019-06-22T04:00:38Z
0 likes, 0 repeats
@SinaCutie @thegibson All the way back to statusnet, they've been here. They do provide helpful fodder for the sections of fedi that need to have a weekly "THE FEDI IS BURNING" freak out. At least they're contributing something back.
(DIR) Post #9k6yFEnIcD3NvcTLfc by remotenemesis@hackers.town
2019-06-22T04:29:10Z
0 likes, 0 repeats
@sungo @SinaCutie @thegibson I think we're about to be tested.I wonder if there's some good to be done in helping to harden instances...
(DIR) Post #9k6yFF17mo72cUwODg by feonixrift@hackers.town
2019-06-22T11:41:35Z
0 likes, 0 repeats
@remotenemesis'Harden' is something of a joke when dealing with an optimistically federated protocol. This is email 2.0, a little bit louder and a little bit worse.@sungo @SinaCutie @thegibson
(DIR) Post #9k6yFFHQoB9lR4ZPdY by remotenemesis@hackers.town
2019-06-22T12:12:46Z
0 likes, 0 repeats
@feonixrift @sungo @SinaCutie @thegibson I totally agree.I was thinking more at the host level... but you're right the damage is going to be done through federation at application level.
(DIR) Post #9k6yFFTq43563YNJya by thegibson@hackers.town
2019-06-22T15:23:13Z
0 likes, 0 repeats
@remotenemesis @feonixrift @sungo @SinaCutie That’s the whole issue.The protocol is weak, even if the infrastructure is not.To fix this, we require a tighter control on federation.
(DIR) Post #9k6yFFdlT91MYL1FRo by sungo@hackers.town
2019-06-22T15:31:07Z
0 likes, 0 repeats
@thegibson @remotenemesis @SinaCutie You require a lack of federation. As @feonixrift said, AP is functionally similar enough to email that the same rules apply. Bad actors can be identified and blacklisted but not prevented. The other direction is pure whitelisting but then you're not really federated anymore.
(DIR) Post #9k6yFFqWhhEHBuzRL6 by rick_777@cybre.space
2019-06-22T15:42:26Z
0 likes, 0 repeats
@sungoShouldn't that be the default?Start with a list of trusted servers to prevent bad actors.@TheGibson @remotenemesis @SinaCutie @feonixrift
(DIR) Post #9k6yFG2E0CaRmCSmZc by remotenemesis@hackers.town
2019-06-22T15:45:43Z
0 likes, 0 repeats
@rick_777 Trusted by whom?@sungo @thegibson @SinaCutie @feonixrift
(DIR) Post #9k6yFGDvIhwcMTw7o8 by rick_777@cybre.space
2019-06-22T15:50:09Z
0 likes, 0 repeats
@remotenemesisBy the admins. Which instances do they currently trust?But maybe greylisting is what we need?@sungo @TheGibson @SinaCutie @feonixrift
(DIR) Post #9k6yFGOudqjcuZ4tw8 by remotenemesis@hackers.town
2019-06-22T15:50:51Z
0 likes, 0 repeats
@rick_777 @sungo @thegibson @SinaCutie @feonixrift Which admins? Are you advocating for a central body?
(DIR) Post #9k6yFGe9jAvbfqD4hE by rick_777@cybre.space
2019-06-22T17:05:28Z
0 likes, 0 repeats
@remotenemesisIndividually. If you know an admin you trust, you whitelist him. The trusted network will grow organically. @TheGibson @SinaCutie @feonixrift
(DIR) Post #9k6yFGqD0MZMHDqhU0 by remotenemesis@hackers.town
2019-06-22T17:06:12Z
0 likes, 0 repeats
@rick_777 @thegibson @SinaCutie @feonixrift how do you get to trust new instances?
(DIR) Post #9k6yFH1YKBdwqP9lAG by thegibson@hackers.town
2019-06-22T17:07:50Z
0 likes, 0 repeats
@remotenemesis @rick_777 @SinaCutie @feonixrift therein lies the issue.In the model we are proposing here, it is a model of social credit.If you trust the other admin, anyone looking to join in would need someone to vouch for them to relay them in.
(DIR) Post #9k6yFHBphxrnMHxyBk by feonixrift@hackers.town
2019-06-22T17:10:12Z
1 likes, 0 repeats
@thegibson@remotenemesis @rick_777 @SinaCutiePart of how Mastodon grew so fast, and I think part of why it avoided features like local-only, is that you just barely touch having an account .. and you're in the river of posts. It succeeds by encouraging a level of raw promiscuity from everyday users that I haven't seen since yahoo chats.
(DIR) Post #9k6yN5eGVEC5sczVhY by thegibson@hackers.town
2019-06-22T15:32:26Z
0 likes, 0 repeats
@sungo @remotenemesis @SinaCutie @feonixrift yeah.The fediverse will have to grow up.
(DIR) Post #9k6yN5mQ0uiSHuo1PU by sungo@hackers.town
2019-06-22T15:40:42Z
0 likes, 0 repeats
@thegibson @remotenemesis @SinaCutie @feonixrift The tooling has to grow up. Masto is .. a ridiculous piece of software. We need some there servers and tools designed for the real world, one where a lot of the users are specifically targeted by hate groups and assholes. I'm not sure the community will accept the server side actions that are required for advanced filtering though. It requires a fairly invasive analysis and data collection of the payloads. Masto is already insane to admin. I continue to think that the answers will come from a different platform
(DIR) Post #9k6yN5t9bs6UcnxOuO by thegibson@hackers.town
2019-06-22T16:07:40Z
0 likes, 0 repeats
@sungo @remotenemesis @SinaCutie @feonixrift I agree.I wonder if some of these feature could go into Glitch-Soc or Florence.
(DIR) Post #9k6yN5ztCpUWxh6mPI by feonixrift@hackers.town
2019-06-22T16:25:50Z
0 likes, 0 repeats
@thegibson @remotenemesis @SinaCutieThe Florence community sounds very interested in features for targeted users. But I'm not sure their dev pace will keep up with requirements.
(DIR) Post #9k6yN66ymTA9JgQRSS by remotenemesis@hackers.town
2019-06-22T16:29:04Z
0 likes, 0 repeats
@feonixrift @thegibson @SinaCutieI might be interested if I didn't dislike Ruby so much.I'm wondering whether a headless server is the way to go here.Let the client apps be good at their thing.
(DIR) Post #9k6yN6DiNQYBeZZoxM by feonixrift@hackers.town
2019-06-22T16:37:11Z
0 likes, 0 repeats
@remotenemesisThe future doesn't have to be a Mastodon fork. I'm following some of what Kaniini discusses with future alternatives to ActivityPub in extending federation with better controls and it sounds preliminary but really solid.@thegibson @SinaCutie
(DIR) Post #9k6yN6Knx4Do0YtU0W by remotenemesis@hackers.town
2019-06-22T16:51:29Z
0 likes, 0 repeats
@feonixrift 100% with you. I'd like to see a de facto client API so UI could be a separate concern. Still a dauntingly large project.@thegibson @SinaCutie
(DIR) Post #9k6yN6RtWhtQMYD93g by feonixrift@hackers.town
2019-06-22T17:00:06Z
1 likes, 0 repeats
@remotenemesisUI, imho, needs to be split off entirely and collated among our multitude of personal firehoses. Definitely its own API to expose that .. but it already appears to have several?@thegibson @SinaCutie