Fediverse

29634 readers

674 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Follow the general Lemmy.world rules.

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago

MODERATORS

[email protected]

Changes to Lemmy/PieFed to adjust to living under fascism (piefed.social)

submitted 16 hours ago by [email protected] to c/[email protected]

46 comments fedilink hide all child comments

What do we need to change about how we operate, now that the political environment is darkening?

The overall goals would be to safeguard user identities, ensure communication privacy, and protect against censorship and state surveillance.

User Anonymity and Privacy

End-to-end encryption: Encrypt all user communications, private messages, and sensitive data
Anonymous accounts: Allow users to create accounts without requiring personally identifiable information (PII), such as email or phone numbers. How can we balance this with the need to combat spam?
Tor and VPN Integration: Ensure compatibility with privacy tools like Tor, and provide guidance on using VPNs.

Data Storage

Remove or minimize data collection, including IP addresses, geolocation, and device information. No web server logs.
Ephemeral content: auto-deleting posts, messages, etc after a set period.
Instance chooser that flags which instances are in unsafe countries.
Defederate from instances in unsafe countries?

Communities

Private communities - currently all are public
Communities where every post is encrypted
Approval process to join some communities
Better opsec around instance owners, admins and moderators

What else?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 5 hours ago (1 children)

You don't need to go full p2p. You can still have servers and you can still have operators who work to prevent issues at the edges, but the servers need to be only blind communication relays and routers.

[–] [email protected] 1 points 5 hours ago (1 children)

There is no such thing as a blind relay. There will always be meta-data accumulation at such points in the network.

It is possible to try to minimize the meta-data accumulation and obfuscate it further and there are certainly some interesting theorectical concepts for that in systems like SimpleX, Nostr etc. but in the end most of these are just giving a false sense of security.

In addition many of these systems engage in what I call "trust-washing", i.e. them proudly proclaming: "there is no need to trust us, bro!" When in reality there are multiple points of failure in their pretend to be trustless system that they just chose to ignore or try to distract you from.

And when it comes to the real-world, tried and battle tested system like Tor are where I would put my safety, not some brand new crypto-bro dondogle that is funded by venture capital investors (like SimpleX).

[–] [email protected] 1 points 5 hours ago

Even with Tor you also have to trust the exit nodes. So, yes, I agree you will still need to trust someone, but we can control/design to have less things depending on this trust.

Specifically with ActivityPub, everything is designed around the idea that the server owns it all. It doesn't have to be all-or-nothing.