Right now the fediverse is nipping at the heels of the silos.
They know we are here, and they perceive us as a threat. We know this from leaked emails from facebook.
That said, they could attack us in an oblique manner with any number of poisoned waterhole attacks.
Earlier today someone predicted one or more of those platforms just integrate activitypub and crush us by incorporating us.
Another pointed at the potential for procedurally generated instances that just harvest data, or overwhelm our ability to suspend all of the instances they throw up.
When these attacks are adapted to... they'll get concerned, and will try to frame us as part of "the dark web(tm)"...
That's how we'll know we're winning.
I'm interested in brainstorming immune system defenses
beyond our strength as actually real people who can tell the difference between fake and person, usually pretty obvious
I am interested in this as well.
I feel like some sort of new instance registry may be necessary if we see these sorts of co-opting efforts occurring...
Like a low speed probationary period or something...
Registry of instance to a peer to peer shared federated list of instances
and with the moderators and hosts of the
Theres so many already!
Facebook is going to be regulated soon anyway, is my tangible reality goal. They aren't going to be. At all. Go away entirely fb
So I've been brainstorming since the last toot
Is there a mastodon specific security group or instance set up or on chat?
Or just people who are looking for a puzzle?
For corporate applications (which, arguably, most projects on Github are), its interaction model is nearly ideal. It mimics closely enough the centralized VCS organization that it's easy for companies to adopt, but has just enough DVCS features that enables collaboration. I suspect that is why it took off so well.
text too long-mandatory cw Show more
This is how Linux is developed, although though use a mailing list. Git over Email is effective because it is decentralized and does not require developers to create accounts or accept other system's policies to submit patches and bug reports.
Another, extremely simple model of using email for git is creating your own public repo at say, git.example.com/somerepo and sending an email to the maintainer of some software, "Hey, can you please merge my branch 'master-somenewfeature' located at https://git.example.com/somerepo ?"
There is a reason there's an email field to setup when running git config.
How about this
Developers need to get paid enough for food, water, shelter, healthcare, so they can live their ethics and values, avoiding being compromised
Moderators who also need to get paid a bit or donated to can have an allotment of individual accounts number they're ideally responsible for personally verifying person as person and making sure they have the basics of security and data storage in check
Creating and refreshing an open redundant list of the fediverse and all attached instances and users and how many each instance has in overlap can help us identify weak links and see if there's any vulnerabilities in the awareness linkup
Sorta like finding broken packages, only we'd have a list of traits of nonreal cues to watch for and when finding a part, removing it somehow probably by alerting surrounding mods
@mirzaba @thegibson @Food The most elegant solution I saw someone propose (can't remember who though :s) was to auto-block instances hosting more than N users to force decentralisation –and avoid the fate of emails.
But the problem is that we already have too big instances like mastodon.social or pawoo.net. So maybe we're doomed.
Also, if you have a link or source regarding those leaked Facebook emails about federation I'd be interested.
@duck57 @rick_777 @lertsenem @TheGibson @Food
much like a user would look for an invite or apply to an instance, people in said up and coming instances would take it to themselves to make a case for federating with their instance. Or show their ToS or something to ensure they mean business with moderation
@mirzaba @rick_777 @lertsenem @thegibson @Food Maybe the default is muted by default: new instances can follower whomever they like (so long as the account they want to follow isn’t on a strict whitelist instance) but manual approval is necessary for posts and replies from the new instance to reach existing instances.
IMO, to a certain extent, this is a question of what our goals are.
Is our goal to have a federated network which _everyone_ can join with their instance, then we should allow Facebook et al. join us, and we should work on ways to make sure that the joining of Facebook won't cause harm to people on other instances.
If our goal is to have an isolated safe space away from mainstream socnets, then whitelisting would be a good approach, but it wouldn't be "Fediverse" anymore.
But there isn't a single code of conduct governing the whole Fediverse. Every instance has different rules, and most of them can still live peacefully together, despite the differences.
Also, it's not just Mastodon. It's also Pleroma, Pixelfed, Friendica, Hubzilla, Misskey, Peertube...
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore. We are based in the U.S. and we abide by all laws of this nation. We take security and your privacy seriously. We do not use ads, nor sell your information. Your data is not mine to own. Hackers.town is protected by Carbon Black Response and CBDefense. We log any and all attempts to compromise the server.