If there are problems with an instance, can posts about it be specific?
Without working search aside from hashtags, Mastodon doesn’t function as well as a whisper network like Twitter.
I just want to know if I need to download my archive quickly.
Conversation
Notices
-
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:28:05 JST 
Wren Reilly
-
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:27:57 JST 
pettter
@dymaxion @akareilly I fully understand people not wanting anything to do with companies on a medium they intend to use for personal and social conversations.
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:27:59 JST 
Eleanor Saitta
@akareilly
If you're taking about defederation announcements, I think it's basically "there are companies there". A small instance I still have my alt on has defederated basically the entire security community at this point. I'm not impressed. -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:36:12 JST
pettter
@dymaxion I think the defederate-rather-than-mute thing comes mostly from people wanting to stop their own data from reaching too far or being stolen/used for other purposes, which, again, valid imo. Not sure if there's a good solution to that that doesn't just rely even more on Good Faith. @akareilly
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:36:14 JST
Eleanor Saitta
@pettter
I don't care about them not wanting to talk to them, but the bit where the addressability of the network is destroyed by it is pretty fucking dumb. I understand the goals of the design, and I think the architecture doesn't serve them well.
@akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:41:20 JST
pettter
Why would you need Mastodon federation to get in touch with a company and tell them about critical vulnerabilities? That sounds like the worst possible medium to use for that sort of comms.
-
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:41:21 JST
Wren Reilly
As someone with data out there, I want companies to be in touch with people who can tell them about critical vulnerabilities.
Look, I get that public ownership of digital infrastructure is the goal. I support this.
We are not there yet, and just shaming people for acknowledging the status quo is not going to work. Harm reduction is a valid approach. Wishes don’t prevent breaches.
-
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:45:16 JST
pettter
@dymaxion @akareilly I'll definitely agree that defederation sometimes happens more because of politics than anything else.
I don't think that defending just against the less sophisticated thing, or just against your stuff being blasted out into a context you didn't want it to end up in, is a bad motivation.
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:45:17 JST
Eleanor Saitta
@pettter
It doesn't really stop it though? It just means you have to be very marginally more sophisticated about it? And no, I've seen it done explicitly only for the reason that an instance has corporate accounts. Likewise, government accounts. Hell, I saw eupolicy.social get defederated for "promoting European nationalism". Shit be crazy.
@akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:47:29 JST
pettter
@akareilly @dymaxion How much does having a pair of reduntant servers at every 50th home (or even every home) impact the construction and distribution of the rest of city infrastructure?
-
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:47:30 JST
Wren Reilly
@dymaxion There are also no energy savings to be had. We should make data centers less like trains and more like cars.
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:47:32 JST
Eleanor Saitta
@akareilly
It's ok, we don't need the cloud, it's easy for a small company to replicate the security and reliability they need without it being much more expensive!(Sure, once you're at a hundred engineers and a thousand servers...)
-
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:47:33 JST
Wren Reilly
Cue the data abstinence brigade “There’s no need to have our data on commercial systems! Just don’t!” Tell me you don’t have health problems or other marginalizations without telling me.
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:47:34 JST
Eleanor Saitta
@akareilly
Yup. Also "oh no, we have vulnerabilities! Please won't the security community we've banished help us" -
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:47:35 JST
Wren Reilly
@dymaxion well it’s a good thing most data centers and other critical infrastructure have been replaced by 100% pure open source free libre coded-by-actual-penguins 3D printed and powered by potato battery own cloud instances and we need never talk to the for-profit unbelievers again. ALL HAIL TUX!
-
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:47:56 JST
pettter
@akareilly @dymaxion I'm asking why does Mastodon have to be That Place? Why does _one_ Mastodon instance have to be that place?
-
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:47:57 JST
Wren Reilly
You’re basically asking why a public discussion of security is useful at all.
Why even have social networks? Just use email.
Why make anything discoverable?
Why have a place where companies that already have our data and will continue to have our data can be pressured into responding to breaches? -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:49:24 JST
pettter
@dymaxion @akareilly Does this include thinking that you can dictate why and how people use defederation?
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:49:26 JST
Eleanor Saitta
@pettter
People collaborate with companies here? It's a tech support medium? People do work together in public? It's a lot of different things.One of the big mistakes about designing a social tool is thinking that you can dictate what your users are going to use it for. Yes, you can ban certain kinds of behavior, but there are limits to how much that will work without extraordinary mod efforts.
@akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:56:34 JST
pettter
@dymaxion @akareilly Not going to disagree that a lot of the decisions made in Masto development weren't thought through properly. I'm still not sure dropping everything-is-public was a good idea, but that's definitely been a killer feature to get more people in, so what do I know?
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:56:35 JST
Eleanor Saitta
@pettter It would be trivial to have a version of masto that maintained addressability and allowed people to see content and maintain subscriptions if they wanted to while still allowing community moderation decisions. They chose not to. This was dumb.
@akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 19:59:03 JST
pettter
@dymaxion @akareilly If I thought good ideas were welcome in Masto development I'd tell you to make a patch/issue/proposal, but as is, I guess going to other parts of the AP ecosystem is more likely to lead to success.
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 19:59:04 JST
Eleanor Saitta
@akareilly
Hell, create more account attribute types. Instance allowing company accounts that don't have the corporate type attribute? Sure, defederate for a clear governance violation. There are so many ways to do this properly.
@pettter -
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 19:59:05 JST
Wren Reilly
IF “no companies for me”
THEN “block companies for me”Not
IF “no companies for me”
THEN “block companies for everyone” -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 20:01:46 JST
pettter
@dymaxion @akareilly Everything should just be torrents once it goes viral tbh
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 20:01:47 JST
Eleanor Saitta
@pettter
In terms of power usage? A lot if those systems are going to be able to deal with content getting even mildly popular. And let's not forget that that degree of micro-federation really wildly doesn't scale, so you're not just paying the penalty of having to overspec the hardware, you're also dealing with geometrically more requests.
@akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 20:22:32 JST
pettter
@dymaxion @akareilly to be clear: i wasn't exactly serious
-
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 20:22:33 JST
Eleanor Saitta
@pettter
But it won't be, because virality exists in the context of the medium it came from, including all of the API affordances like boosts, follows, RTs, etc. If you turn it into torrents, you e.g. eliminate the possibility of someone editing or deleting a viral post, which are critical safety features. So no, it isn't easy and there basically are no shortcuts. @akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 21:19:29 JST
pettter
@stribika @dymaxion @akareilly Sometimes it makes sense to defederate a server that doesn't ban a specific user though?
People absolutely would defederate a RO instance, since the issue is quite often that they don't want their toots to go out of a (socially) trusted context easily.
-
Embed this notice
stribika (stribika@infosec.exchange)'s status on Wednesday, 08-Mar-2023 21:19:35 JST 
stribika
@dymaxion @pettter @akareilly I've seen discussions between admins that basically amounted to "ban this user or be defederated". Maybe it would be helpful to have a read-only instance that doesn't allow any toots, so people don't feel the urge to defederate it. It would have to filter illegal stuff and spam, but nothing else.
This way we could have separate RO and RW accounts.
-
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 21:36:52 JST
pettter
@stribika You don't see taking active part of the governance of your instance as an alternative? Running it as a democratically steered association or cooperative, for example? @dymaxion @akareilly
-
Embed this notice
stribika (stribika@infosec.exchange)'s status on Wednesday, 08-Mar-2023 21:36:53 JST
stribika
@pettter @dymaxion @akareilly Sure, it could make sense. Then again, it could just be a one time internet beef permanently disrupting communication between everyone on those instances. Currently I see 3 ways around this:
- my own single user instance. If someone wants to block me.specifically, fine, do that.
- setting up a billion accounts on all the instances, and patching a client so that it merges the timelines.
- the RO instance, which would be the most scalable, but seems to be not an option.
-
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 21:49:36 JST
pettter
@dymaxion Hundreds of hours? Who said anything about direct democracy? What?
@stribika @akareilly -
Embed this notice
Eleanor Saitta (dymaxion@infosec.exchange)'s status on Wednesday, 08-Mar-2023 21:49:37 JST
Eleanor Saitta
@pettter
When the choices are "devote hundreds of hours to trying to manage direct democracy for one single communication system out of a dozen I use in an ecosystem where the tooling is actively not supporting good outcomes" that's... really not great? I already run a web and email server and I'm well aware that this is already a very dumb choice, adding not-well-hardened complex, heavyweight services that I need to deal with HA for is wildly more expensive than any reasonable payment into an established instance. That's why I'm here, on a server where a bunch of my professional community is local. A bunch of small instances are also blocked any large instance, either for the mods not reading every post and instead relying on reports (laughably unscalable), or simply because they're large. Which means eventually they'll block any instance that allows people to just sign up. Fragmentation and the governance and technical structures that encourage it as a first resort are a critical vulnerability to the health of the ecosystem.
@stribika @akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 21:55:26 JST
pettter
@stribika It works like that on some servers. In some countries you can quite easily set up a democratic association to own and manage domain names and servers and other infrastructure, with bylaws and yearly or biyearly meetings for all members where you elect a board and possibly the admin/mod teams. You might even pay electees from membership fees if that's your fancy.
Some instances do votes in the full membership for defederations, specifically. @dymaxion @akareilly
-
Embed this notice
stribika (stribika@infosec.exchange)'s status on Wednesday, 08-Mar-2023 21:55:27 JST
stribika
@pettter Not really. Not anymore than I would have argued with twitter support about banning an account I follow. It's also not how it works afaik. I can't vote on defederations, or elect admins, it's some guy's website, what they say goes. I could try to convince the admins but I don't have time, energy, or skill to do that. And even if I did, I'm still affected by the actions of other instance admins.
(Sorry am I supposed to untag?)
@dymaxion @akareilly -
Embed this notice
pettter (pettter@mastodon.acc.umu.se)'s status on Wednesday, 08-Mar-2023 22:01:16 JST
pettter
@stribika Of course, this is easier to manage with a smaller and more well-defined community (a village, hackerspace, political grouping, extended family, etc.), since social interactions are fractally complex, but can absolutely be managed for larger groups as well, depending on your particular material and social conditions, and if you have good enough group cohesion and social responsibility. @dymaxion @akareilly
-
Embed this notice
Wren Reilly (akareilly@hachyderm.io)'s status on Wednesday, 08-Mar-2023 22:16:38 JST
Wren Reilly
This is the sort of structure that utterly failed to deal with gendered violence.
I don’t the same people who opposed codes of conduct in hacker spaces deciding who I get to see on federated social media because the only social norm they’re willing to defend consistently is “making money with computer bad.”
-
Embed this notice
All GNU social JP content and data are available under the