Post 9logVTruR1axOzSVBg by kaniini@pleroma.site
(DIR) More posts by kaniini@pleroma.site
(DIR) Post #9lof8IOYpJF1Cg6zku by flussence@nulled.red
2019-08-12T16:56:58Z
1 likes, 1 repeats
okay who's the patient zero for this “fedi should have no admins” take and why does it sound like something a repressed power-grabber would say
(DIR) Post #9loflOCJBfjsUd1RC4 by ben@mastodon.lubar.me
2019-08-12T16:57:43Z
0 likes, 0 repeats
@flussence sounds a lot like the "Mastodon shouldn't federate blocks" thing someone posted on the issue tracker
(DIR) Post #9loflOQqJdMhDhp2qe by kaniini@pleroma.site
2019-08-12T17:04:45.715721Z
2 likes, 0 repeats
@ben @flussence Mastodon shouldn't federate blocks, it should federate the side effect.
(DIR) Post #9lofvE7RVuIY8BRAIa by alexa@fedi.absturztau.be
2019-08-12T17:06:33.688790Z
1 likes, 0 repeats
@kaniiniIt shouldn't federate either.@ben @flussence
(DIR) Post #9log0AVSNBKKNH1fDE by nik@letsalllovela.in
2019-08-12T17:07:27.283397Z
2 likes, 0 repeats
@alexa @kaniini @ben @flussence side effects are necessary
(DIR) Post #9log5JcDvtHg4de4Y4 by nik@letsalllovela.in
2019-08-12T17:08:23.342261Z
1 likes, 0 repeats
@alexa @ben @flussence @kaniini if i understand correctly, the only time something would federate in this situation is if you blocked a user that follows you
(DIR) Post #9log8ItJ5BsAhC3pMO by alexa@fedi.absturztau.be
2019-08-12T17:08:55.361171Z
3 likes, 2 repeats
@nikI think that trying to prevent people from seeing or interacting with public posts is way more effort than it's worth.@ben @flussence @kaniini
(DIR) Post #9logCgYT2ioxFKP1do by ben@mastodon.lubar.me
2019-08-12T17:08:44Z
0 likes, 0 repeats
@nik @alexa @kaniinibecause all I'm hearing is "Mastodon should remove blocks as a feature" unless someone can explain to me how hiding public posts from one user on another instance would work without telling that instance
(DIR) Post #9logCgqByp008IhBGi by alexa@fedi.absturztau.be
2019-08-12T17:09:42.813324Z
1 likes, 0 repeats
@benNo, that wouldn't and shouldn't work. It's anti-user.@nik @kaniini
(DIR) Post #9logGedc716eSWhboe by alexa@fedi.absturztau.be
2019-08-12T17:10:26.175978Z
1 likes, 0 repeats
@nikThe problem is that Mastodon federates blocks to prevent you from seeing a user's public posts when they block you. Federating the "remove follow" is fine.@ben @flussence @kaniini
(DIR) Post #9logJIhs6nxTJDxKDo by nik@letsalllovela.in
2019-08-12T17:10:54.624582Z
1 likes, 0 repeats
@ben @alexa @kaniini im confused what you're saying here, are you saying that if nik@lall blocks nik@niu.moe, nik@niu.moe will stop seeing nik@lall's posts?because mastodon doesn't do this
(DIR) Post #9logKPtcrbMJtezBce by nik@letsalllovela.in
2019-08-12T17:11:07.078468Z
1 likes, 0 repeats
@alexa @ben @flussence @kaniini this is not what i was talking about
(DIR) Post #9logMRJqXnbctBDOLY by kaniini@pleroma.site
2019-08-12T17:11:24.621501Z
4 likes, 0 repeats
@ben @nik @alexa that isn't a feature, that's trying to impersonate twitter in a network model where it is trivially bypassed (in fact that 'feature' is trivially bypassed on twitter too)the side effect that needs to federate is the unsubscribe part.trying to hide public posts is pointless.
(DIR) Post #9logMeLk63qZIpCabg by nik@letsalllovela.in
2019-08-12T17:11:31.265497Z
2 likes, 0 repeats
@alexa @ben @flussence @kaniini if you block someone that follows you, your instance should federate something that will force that user to unfollow you (be it reject follow or block)
(DIR) Post #9logMtXHdQzWOxiWB6 by Xingi@fedi.absturztau.be
2019-08-12T17:11:33.639738Z
0 likes, 0 repeats
@alexa @nik @ben @flussence @kaniini Good morning Alexa, how are you?
(DIR) Post #9logPYBLU6U12hipOK by alexa@fedi.absturztau.be
2019-08-12T17:12:02.598651Z
1 likes, 0 repeats
@nikYep, was confused by what you meant.
(DIR) Post #9logSQNuvmItjEyNhQ by nik@letsalllovela.in
2019-08-12T17:12:33.928105Z
1 likes, 0 repeats
@alexa @ben @flussence @kaniini no, it does not, i just tested it
(DIR) Post #9logVTf9CTO2lPUJIO by ben@mastodon.lubar.me
2019-08-12T17:11:49Z
0 likes, 0 repeats
@nik @alexa @kaniini mastodon does do thatother instance types ignore it, but telling mastodon to stop federating it is telling mastodon to also ignore it
(DIR) Post #9logVTruR1axOzSVBg by kaniini@pleroma.site
2019-08-12T17:13:04.589164Z
6 likes, 1 repeats
@ben @nik @alexa yes, and it should, it's bad design that leads to people adopting bad security postures based on the belief that the security anti-feature is meaningful.security 'features' that can be bypassed simply by viewing the remote profile directly are not 'features'
(DIR) Post #9logWGIqMBf1cQQgpk by nik@letsalllovela.in
2019-08-12T17:13:15.533425Z
1 likes, 0 repeats
@ben @alexa @kaniini wait whati just blocked my niu.moe account and that account can still see my posts here
(DIR) Post #9logZNmd09A9ggqhYO by ben@mastodon.lubar.me
2019-08-12T17:12:41Z
0 likes, 0 repeats
@kaniini @alexa @nik what I'm hearing is "some people can get around the restriction with custom-built software and therefore we should remove the restriction from all existing software"
(DIR) Post #9logZNwuNvO0CZeuZs by kaniini@pleroma.site
2019-08-12T17:13:47.895439Z
1 likes, 0 repeats
@ben @alexa @nik well, that's a stupid take, mastodon should remove the restriction because the restriction is pointless. it needs no further justification than that.
(DIR) Post #9logapvFrlXXFVZrUm by alexa@fedi.absturztau.be
2019-08-12T17:14:03.621124Z
0 likes, 0 repeats
@nikWhat'd you test? That's how it's worked, or at least, how it's supposed to work. @ben @flussence @kaniini
(DIR) Post #9logc0nIvlYVFzQ2jo by nik@letsalllovela.in
2019-08-12T17:14:17.872212Z
2 likes, 1 repeats
@ben @kaniini @alexa no, they're not getting around the restriction with custom built software, they're getting around it by *viewing a person's public profile*
(DIR) Post #9logiXSkNokuJVuqQK by opal@pl.wowana.me
2019-08-12T17:15:26.900995Z
4 likes, 3 repeats
@nik @ben @alexa @kaniini are snowflakes trying to reclaim the word "public" to mean "private" now
(DIR) Post #9logl2CT4apeDuUX4K by ben@mastodon.lubar.me
2019-08-12T17:14:07Z
0 likes, 0 repeats
@kaniini @alexa @nik ... fixing the security feature is the solutionnot deleting it
(DIR) Post #9logl2PEJ92YrUSixc by nik@letsalllovela.in
2019-08-12T17:15:54.794227Z
2 likes, 0 repeats
@ben @kaniini @alexa the security feature we have right now is followers-only posts, it works
(DIR) Post #9loglqYVquAuOlBqN6 by kaniini@pleroma.site
2019-08-12T17:16:03.351870Z
6 likes, 2 repeats
@ben @alexa @nik you cannot fix this "feature."let me explain.if you block me, i can go to https://mastodon.lubar.me/@ben and still browse your posts.nobody who cares enough to stalk you is deterred by this restriction.it's a bad feature. it needs to be removed. it leads people to believe things are safe when they aren't.
(DIR) Post #9logsJxXRXSbKUyzYG by Mikoto@fedi.absturztau.be
2019-08-12T17:17:13.433090Z
2 likes, 0 repeats
@alexa @nik @ben @flussence @kaniini> Federating the "remove follow" is fine.I disagree with that. Federating the remove follow should only work if your user has to manually accept who it can be followed by.
(DIR) Post #9logveKMAi79MvF7ia by opal@pl.wowana.me
2019-08-12T17:17:47.945133Z
1 likes, 0 repeats
@kaniini @ben @alexa @nik retweeted before reading your full post but i still partially agree with the last part. only because fedi works in such a way that makes it work weirdly with conventional web stuff like search engines
(DIR) Post #9logwYOXiKjlG7dG1A by 1iceloops123@shitposter.club
2019-08-12T17:18:00.366223Z
2 likes, 0 repeats
@opal @nik @alexa @ben @kaniini i think the snowflakes should just make their own blog if thats the case.
(DIR) Post #9logxvujktzkUaLfV2 by nik@letsalllovela.in
2019-08-12T17:18:14.907201Z
1 likes, 0 repeats
@Mikoto @alexa @ben @flussence @kaniini why? even on a public account, AP mandates that the newly followed account sends an Accept Follow to confirm the follow
(DIR) Post #9loh0TuALjQ2UZIRXs by ben@mastodon.lubar.me
2019-08-12T17:17:11Z
0 likes, 0 repeats
@kaniini @alexa @nikI could put my instance in whitelist-only mode right now.What exactly is your definition of a block that differs from not having someone follow you, exactly?
(DIR) Post #9loh0UIcsmz7iQjyfg by kaniini@pleroma.site
2019-08-12T17:18:38.701993Z
2 likes, 0 repeats
@ben @alexa @nik okay, and? if you do it, i can still browse your public profile. stalking complete.
(DIR) Post #9loh1NkshRGZhzNoqe by alexa@fedi.absturztau.be
2019-08-12T17:18:52.167893Z
1 likes, 0 repeats
@MikotoYou can remove followers without blocking them now, this is just doing that by default (having a locked account means nothing except for an icon).@ben @flussence @kaniini @nik
(DIR) Post #9loh3L9BMpbKCOgR1c by nik@letsalllovela.in
2019-08-12T17:19:14.204835Z
0 likes, 0 repeats
@alexa @Mikoto @ben @flussence @kaniini wait what, how do you do this
(DIR) Post #9loh50eGYGfLCd1DH6 by Xingi@fedi.absturztau.be
2019-08-12T17:19:32.335517Z
0 likes, 0 repeats
@alexa @Mikoto @ben @flussence @kaniini @nik Thank you Alexa
(DIR) Post #9loh7Vs7R0qScTgxt2 by dielan@shitposter.club
2019-08-12T17:19:58.790619Z
4 likes, 2 repeats
@nikYou don't even need to view in a logged out session like twitter too, literally view the remote profile in s new tabAnd if the softwares want to hide this link from you while logged in because you are blocked you can just look them up on their own server from scratch. Ot doesn't stop anyone lol@ben @alexa @kaniini
(DIR) Post #9loh83TUV5LapwQmDg by alexa@fedi.absturztau.be
2019-08-12T17:20:04.997739Z
1 likes, 0 repeats
@nikNot sure on Pleroma, on Mastodon you can do it in your settings.@Mikoto @ben @flussence @kaniini
(DIR) Post #9loh8fpnsZm3o9A8H2 by Mikoto@fedi.absturztau.be
2019-08-12T17:20:11.830304Z
2 likes, 0 repeats
@ben @kaniini @alexa @nik Said restriction basically requires a shitty DRM-like thing in order to work. It is just useless.
(DIR) Post #9lohA6BpNPgBpw8xou by ben@mastodon.lubar.me
2019-08-12T17:19:19Z
0 likes, 0 repeats
@kaniini @alexa @nikI don't think you understand what I just saidthere doesn't need to be a public profileMastodon already supports turning it off
(DIR) Post #9lohA6Xo3hGCw6QW4u by nik@letsalllovela.in
2019-08-12T17:20:26.854328Z
2 likes, 0 repeats
@ben @kaniini @alexa
(DIR) Post #9lohBGxUp8ahWd037I by kaniini@pleroma.site
2019-08-12T17:20:37.367997Z
3 likes, 0 repeats
@Mikoto @alexa @ben @flussence @nik as:manuallyApprovesFollowers is a UX hint only.all relationships are ACKed by the server, and you are explicitly disallowed from following users who have blocked you in the AP spec. blocks must deny any interaction.
(DIR) Post #9lohC9irDGYrN9ZdR2 by Xingi@fedi.absturztau.be
2019-08-12T17:20:48.809171Z
0 likes, 0 repeats
@Mikoto @ben @alexa @kaniini @nik Then use misskey
(DIR) Post #9lohCsRMx8JK3wjnvM by Mikoto@fedi.absturztau.be
2019-08-12T17:20:54.805369Z
1 likes, 0 repeats
@kaniini @ben @alexa @nik> it's a bad feature. it needs to be removedJust wondering, why don't you remove it then?
(DIR) Post #9lohFky9BgIJl9RUjA by ben@mastodon.lubar.me
2019-08-12T17:21:06Z
0 likes, 0 repeats
@nik @alexa @kaniini ok, want me to turn that part off, then?
(DIR) Post #9lohFlK7rxsKrJj2zA by nik@letsalllovela.in
2019-08-12T17:21:27.548954Z
1 likes, 0 repeats
@ben @alexa @kaniini turning this part off would break federation
(DIR) Post #9lohFqxeuPT8LNGBnc by 1iceloops123@shitposter.club
2019-08-12T17:21:29.429429Z
2 likes, 0 repeats
@dielan @nik @alexa @ben @kaniini i think the blocks should be on a user level
(DIR) Post #9lohHvLVZsbMWPP2kC by alexa@fedi.absturztau.be
2019-08-12T17:21:50.675655Z
1 likes, 0 repeats
@nikI swear his next argument is that you don’t need to address it to as:Public and it’s like, yes, that’s the point.@ben @kaniini
(DIR) Post #9lohIjO3WgLfimymem by kaniini@pleroma.site
2019-08-12T17:21:58.021480Z
0 likes, 0 repeats
@Mikoto @alexa @ben @nik Pleroma does not implement that feature.
(DIR) Post #9lohJTtsah8XyoDqe8 by Xingi@fedi.absturztau.be
2019-08-12T17:22:04.737450Z
0 likes, 0 repeats
@1iceloops123 @dielan @alexa @ben @kaniini @nik Hello iceloops
(DIR) Post #9lohLrxu5aILC9F9Sy by ben@mastodon.lubar.me
2019-08-12T17:21:40Z
0 likes, 0 repeats
@nik @alexa @kaniini nope
(DIR) Post #9lohLs7pUgEbgvt4wC by nik@letsalllovela.in
2019-08-12T17:22:34.390082Z
2 likes, 0 repeats
@ben @alexa @kaniini i.............whatif Objects cannot be accessed via GET, it would break so much
(DIR) Post #9lohOTqkCqpFGr8inY by nik@letsalllovela.in
2019-08-12T17:23:03.382758Z
1 likes, 0 repeats
@ben @alexa @kaniini unless you're dealing only with followers-only posts, which makes all of these other "security features" unnecessary
(DIR) Post #9lohPwMlfTuy0EoZCy by 361.xj9@social.sunshinegardens.org
2019-08-12T17:23:18.833015Z
1 likes, 0 repeats
@flussence i've been saying that for years t. an anarchistimo federation is doomed by design#p2p solutions are the future; change my mind.
(DIR) Post #9lohS3K8lqecA1aong by Mikoto@fedi.absturztau.be
2019-08-12T17:23:41.350815Z
0 likes, 0 repeats
@kaniini @alexa @ben @flussence @nik I see. IMO, it would only make sense to have manual approves and force-unfollows only if there was an implementation of manual approves that also encrypted every follower-only post with a key shared only between the manually approved followers. Otherwise I think that both manually approved followers and the existence of block itself is an anti-feature that can be circumvented by just running your own modified server software.
(DIR) Post #9lohSn0utebprix7Ds by alexa@fedi.absturztau.be
2019-08-12T17:23:50.032804Z
0 likes, 0 repeats
@benHow do you think federation works? If you do this, you’re lying if you claim your post is as:Public, as it’ll effectively be followers only @nik @kaniini
(DIR) Post #9lohW6w5Hd94WOHAI4 by ben@mastodon.lubar.me
2019-08-12T17:23:18Z
0 likes, 0 repeats
@nik @alexa @kaniini try the fetch again
(DIR) Post #9lohW79uSECjDGkCq8 by nik@letsalllovela.in
2019-08-12T17:24:25.908039Z
0 likes, 0 repeats
@ben @alexa @kaniini
(DIR) Post #9lohXdRXuIAHdBicNc by kaniini@pleroma.site
2019-08-12T17:24:41.539114Z
2 likes, 0 repeats
@ben @nik @alexa fundamentally, the feature is broken from a security POV anyway, because it depends on the recipient server *lying* to the recipient about the existence of your data.
(DIR) Post #9lohlT2jN67jQghuoy by alexa@fedi.absturztau.be
2019-08-12T17:27:08.362013Z
0 likes, 0 repeats
@benWhat env variable did you set? Disable_federation=true?@nik @kaniini
(DIR) Post #9lohnVUPFN81b0cnS4 by nik@letsalllovela.in
2019-08-12T17:27:34.792868Z
0 likes, 0 repeats
@alexa @ben @kaniini oh he enabled OCAPdidn't know mastodon already implemented that, my bad
(DIR) Post #9lohpwX7fa1U3A3b9M by nik@letsalllovela.in
2019-08-12T17:28:01.270506Z
0 likes, 0 repeats
@alexa @ben @kaniini but this means that instances that don't support OCAP yet can't fully federate with him
(DIR) Post #9lohr5zxxoHXhB68Su by nik@letsalllovela.in
2019-08-12T17:28:13.731757Z
0 likes, 0 repeats
@alexa @ben @kaniini so yes, this is still breaking federation
(DIR) Post #9lohrpnTgZcnjlboO0 by Mikoto@fedi.absturztau.be
2019-08-12T17:28:20.716878Z
1 likes, 0 repeats
@nik @alexa @ben @kaniini How does OCAP work?
(DIR) Post #9lohsxOkuTRTbMa3ZQ by nik@letsalllovela.in
2019-08-12T17:28:33.913831Z
0 likes, 0 repeats
@Mikoto @alexa @ben @kaniini GET requests have to be signed
(DIR) Post #9lohuRt52OMcS3TZbs by flussence@nulled.red
2019-08-12T17:27:59Z
0 likes, 1 repeats
@xj9 “every man for himself and the weak will perish” is not a sustainable model for any kind of human interaction.
(DIR) Post #9lohufT0Y7pKZFNwum by alexa@fedi.absturztau.be
2019-08-12T17:28:52.368061Z
1 likes, 0 repeats
@nik(Thank God, he's insufferable)
(DIR) Post #9lohuuDbhfQ8JpIMUa by nik@letsalllovela.in
2019-08-12T17:28:55.007733Z
1 likes, 0 repeats
@Mikoto @alexa @ben @kaniini maybe OCAP is the wrong term actually kaniini would correct me (or maybe signed fetches are a part of OCAP)
(DIR) Post #9lohz5u6CQIricASBM by Mikoto@fedi.absturztau.be
2019-08-12T17:29:40.355061Z
1 likes, 0 repeats
@nik @alexa @ben @kaniini And they only accept certain signatures, right? Like a whitelist of the servers that can fetch a certain post?
(DIR) Post #9loi0AwYwn5HdeprpA by alexa@fedi.absturztau.be
2019-08-12T17:29:51.729163Z
0 likes, 0 repeats
@nikYeah that's not OCAP and it's not even much of a security measure unless you whitelist in which case go back to Twitter.@Mikoto @ben @kaniini
(DIR) Post #9loi3YcdMpvBwf7uuu by nik@letsalllovela.in
2019-08-12T17:30:28.545998Z
2 likes, 0 repeats
@Mikoto @alexa @ben @kaniini signatures dont require whitelisting, only that an AP server (theoretically) is doing the fetching
(DIR) Post #9loi84l9p56umBGg4m by nik@letsalllovela.in
2019-08-12T17:31:16.900538Z
0 likes, 0 repeats
@ben @alexa @kaniini yeah, but now the other instance i admin can't see your posts
(DIR) Post #9loiAS429GYRdIEKPI by Mikoto@fedi.absturztau.be
2019-08-12T17:31:43.615468Z
0 likes, 0 repeats
@nik @alexa @ben @kaniini Ah, I assumed that it was something similar like opensshs authorized_keys.
(DIR) Post #9loiDnNLMxzqb7rAkC by nik@letsalllovela.in
2019-08-12T17:32:19.866897Z
1 likes, 0 repeats
@Mikoto @alexa @ben @kaniini well, this is in theoryim not sure on mastodon's implementation
(DIR) Post #9loiEQf5IwMQRRSOJM by kaniini@pleroma.site
2019-08-12T17:32:25.550842Z
3 likes, 0 repeats
@alexa @nik @Mikoto @ben authorized fetches are OCAP.signed fetches are a method of gaining that authority (using a signature proof to gain a temporal capability), but signed fetches are lame.in general, signed fetches are the bandaid.
(DIR) Post #9loiEehN7EVbyadPou by alexa@fedi.absturztau.be
2019-08-12T17:32:27.079960Z
1 likes, 0 repeats
@benSo? Why break so much stuff just to make it marginally harder for blocked users to see your supposedly public posts? Why even post publicly?@nik @kaniini
(DIR) Post #9loiHMdGk338oW0VkW by nik@letsalllovela.in
2019-08-12T17:32:57.756193Z
1 likes, 0 repeats
@ben @alexa @kaniini intentionally blocking certain users != breaking federation with a lot of fedi software
(DIR) Post #9loiOPLf2fcfGS87TU by kaniini@pleroma.site
2019-08-12T17:34:13.796646Z
1 likes, 0 repeats
@alexa @ben @nik it actually does not really break anything (other than no software before Mastodon 2.9 and Pleroma develop being equipped to generate these requests, anyway). AP spec is silent on authorized fetches in any form (OCAP or signature-based).
(DIR) Post #9loiP6y6ravaY9RvsG by nik@letsalllovela.in
2019-08-12T17:34:16.702084Z
1 likes, 0 repeats
@ben @alexa @kaniini that instance can't see your post not because it's blocked, but because it doesn't support signed fetches
(DIR) Post #9loiRdkNxqEin3EgmO by nik@letsalllovela.in
2019-08-12T17:34:49.077238Z
0 likes, 0 repeats
@ben @alexa @kaniini yeah, which breaks a lot of things, like joining in threads from a server where no one follows you, and boosts
(DIR) Post #9loiTJnr5Qo5Vvevcu by nik@letsalllovela.in
2019-08-12T17:35:07.356499Z
0 likes, 0 repeats
@ben @alexa @kaniini i know, and it didn't send it to that instance because no one there follows you/is tagged in this thread
(DIR) Post #9loiZlgaKefFjDKlpQ by kaniini@pleroma.site
2019-08-12T17:36:16.969788Z
0 likes, 0 repeats
@nik @ben @alexa it breaks nothing. AP spec allows for this.
(DIR) Post #9loiaiqYNEh9DDS43c by nik@letsalllovela.in
2019-08-12T17:36:27.796262Z
1 likes, 0 repeats
@kaniini @alexa @ben ah i wasn't aware
(DIR) Post #9loicNfS5W126c39YO by nik@letsalllovela.in
2019-08-12T17:36:46.455629Z
0 likes, 0 repeats
@kaniini @alexa @ben does pleroma support signed fetches?
(DIR) Post #9loihvnqbJ87QGciOm by alexa@fedi.absturztau.be
2019-08-12T17:37:45.883334Z
0 likes, 0 repeats
@kaniiniIt makes instance blocks two way, something that is not a good thing.@nik @ben
(DIR) Post #9loils8ACEMTBw0NwO by alexa@fedi.absturztau.be
2019-08-12T17:38:29.192793Z
0 likes, 0 repeats
@kaniini @ben @nik(Not to mention it's very easy to bypass)
(DIR) Post #9loiparqK3YwoD974a by nik@letsalllovela.in
2019-08-12T17:39:09.737178Z
0 likes, 0 repeats
@alexa @ben @kaniini if you disabled public profiles + enabled signed fetching, there's no way to bypass it
(DIR) Post #9loiuUDGUVjfcOV01w by kaniini@pleroma.site
2019-08-12T17:39:59.832898Z
0 likes, 0 repeats
@nik @alexa @ben sure there is. you just don't use Mastodon.
(DIR) Post #9loiwNi9dSxo24qovA by nik@letsalllovela.in
2019-08-12T17:40:23.327732Z
0 likes, 0 repeats
@kaniini @alexa @ben so you would go to another server that has the post public available?
(DIR) Post #9loiwkD5z6mloPUqCe by alexa@fedi.absturztau.be
2019-08-12T17:40:26.073252Z
1 likes, 0 repeats
@nikLet's say pleroma.site blocks letsalllovela.in. Sign your request with the key from nomoresha.me. Boom, block bypassed.@ben @kaniini
(DIR) Post #9loiyNX7GhoS3kdkvo by nik@letsalllovela.in
2019-08-12T17:40:44.982409Z
0 likes, 0 repeats
@alexa @ben @kaniini true
(DIR) Post #9loj3k3Aygj5LKC2zo by lain@pleroma.soykaf.com
2019-08-12T17:41:32.063222Z
3 likes, 0 repeats
@kaniini @alexa @ben @nik AP spec is silent about pretty much any kind of signing... except for 'yeah would be a good idea'
(DIR) Post #9loj5crseUD5eAoB8K by kaniini@pleroma.site
2019-08-12T17:41:59.617453Z
1 likes, 0 repeats
@alexa @nik @ben so, that's what they call "capability delegation."and so, what one can do is block nomoresha.me if they are caught handing out their keys.in OCAP you would just revoke the fetch capability.
(DIR) Post #9lojDZlC5gnGKCTIem by kaniini@pleroma.site
2019-08-12T17:43:28.639471Z
1 likes, 1 repeats
@lain @alexa @ben @nik it all comes down to this...Screenshot_20190812_124309.png…
(DIR) Post #9lojKIlzeACtfR3KIS by lain@pleroma.soykaf.com
2019-08-12T17:44:33.323861Z
2 likes, 0 repeats
@kaniini @alexa @ben @nik *record scratch* *freeze frame* yup, that's me. I'm sure you're wondering how I got into that situation.
(DIR) Post #9lojYqU76XrEHBcmem by kaniini@pleroma.site
2019-08-12T17:47:19.261711Z
2 likes, 0 repeats
@nik @alexa @ben to clarify: Mastodon secure mode is not (presently) OCAP.
(DIR) Post #9lojdVDRbpF5lB33IW by 361.xj9@social.sunshinegardens.org
2019-08-12T17:48:10.588033Z
0 likes, 0 repeats
@flussencenice rebuttal, but we actually agree on that point.
(DIR) Post #9lojqeZc84EcXwglVI by flussence@nulled.red
2019-08-12T17:49:21Z
0 likes, 0 repeats
@xj9 yeah well I know what Real Anarchy is supposed to look like, but that's never going to happen with the current human condition.
(DIR) Post #9lojqerh2qhFS19CgS by 361.xj9@social.sunshinegardens.org
2019-08-12T17:50:32.199258Z
1 likes, 0 repeats
@flussence > syndicates/cooperatives are impossible hmm i don't think the facts support your assertion
(DIR) Post #9lolWSqqCaAoJ8FOtc by flussence@nulled.red
2019-08-12T17:55:59Z
0 likes, 0 repeats
@xj9 as a social network on this scale, yeah they kinda are. Without designated mediators empowered to get shit done, dealing with assholes becomes an O(n) problem.You can't vote with your feet if you're surgically shortened to the same height as everyone else.
(DIR) Post #9lolWUfvQ8d7xr9i9w by 361.xj9@social.sunshinegardens.org
2019-08-12T18:09:15.926409Z
0 likes, 0 repeats
@flussence depends on the design of the social network, honestly. have fun :)
(DIR) Post #9loqTc8tkiVoAC0kqm by BillShortening@pieville.net
2019-08-12T19:04:48Z
0 likes, 0 repeats
@nik @alexa @ben @flussence @kaniini > if you block someone that follows you, your instance should federate something that will force that user to unfollow you (be it reject follow or block)Good idea, then these can be detected and drive a bot that screenshots their public posts and posts them to be made fun of.
(DIR) Post #9lorGeCure2akzGtAe by nik@letsalllovela.in
2019-08-12T19:13:41.493473Z
1 likes, 0 repeats
@BillShortening @alexa @ben @flussence @kaniini okay, let's not federate anything, and allow the user you just blocked to continue seeing your new followers only posts
(DIR) Post #9losujFvc41zx6MA3E by BillShortening@pieville.net
2019-08-12T19:32:07Z
0 likes, 0 repeats
@nik @alexa @ben @flussence @kaniini Now you're talking. This is what happens anyway
(DIR) Post #9lotSCCozzTVILrTn6 by alexa@fedi.absturztau.be
2019-08-12T19:38:10.900371Z
1 likes, 0 repeats
@kaniiniSo? If you're not whitelisting servers, you can get 1000 .ga domains for free, and fetch to your heart's content.@ben @nik
(DIR) Post #9lotXmnIOMEoDfaUgC by nik@letsalllovela.in
2019-08-12T19:39:10.602639Z
1 likes, 0 repeats
@BillShortening @alexa @ben @flussence @kaniini no it doesn't, because currently, federated blocks force an unfollow
(DIR) Post #9lotblL9jtUYrvK0bw by nik@letsalllovela.in
2019-08-12T19:39:55.062317Z
1 likes, 0 repeats
@BillShortening @alexa @ben @flussence @kaniini the discussion here was the idea of switching from federating a Block to every user you blocked (bad) to sending a Reject Follow to users that are following you that you block (and nothing to users that aren't following you)
(DIR) Post #9lq3SnjGgJ7GN4vR20 by maxim@sivokon.me
2019-08-13T09:05:02.450028Z
0 likes, 0 repeats
@kaniini @ben is there a way (in theory or in the future) to make your instance unreadable from browser (unless authorised)? Like with “you need to sign in to read this user’s posts” pop up or something like that?