Melmi

But how will you get a “universal” view of the fediverse? No single authoritative view exists.

You yourself acknowledge that this is complicated, but I honestly don’t understand what appeal a hacked together fake centralized system would have for people if they don’t care about decentralization in the first place. Any such solution is almost inevitably gonna end up being janky and hacked together just to present a façade of worse Reddit.

Lemmy’s strength is its decentralization and federation. It’s not a problem to be solved, it’s a feature that’s attractive in its own right. It doesn’t need mass appeal, it’s a niche project and probably always will be. I don’t think papering over the fundamental design of the software will make it meaningfully more attractive to the non-technically minded.

Yes, but only if your firewall is set to reject instead of drop. The documentation you linked mentions this; that’s why open ports are listed as open|filtered because any port that’s “open” might actually be being filtered (dropped).

On a modern firewall, an nmap scan will show every port as open|filtered, regardless of whether it’s open or not.

Edit: Here’s the relevant bit from the documentation:

The most curious element of this table may be the open|filtered state. It is a symptom of the biggest challenges with UDP scanning: open ports rarely respond to empty probes. Those ports for which Nmap has a protocol-specific payload are more likely to get a response and be marked open, but for the rest, the target TCP/IP stack simply passes the empty packet up to a listening application, which usually discards it immediately as invalid. If ports in all other states would respond, then open ports could all be deduced by elimination. Unfortunately, firewalls and filtering devices are also known to drop packets without responding. So when Nmap receives no response after several attempts, it cannot determine whether the port is open or filtered. When Nmap was released, filtering devices were rare enough that Nmap could (and did) simply assume that the port was open. The Internet is better guarded now, so Nmap changed in 2004 (version 3.70) to report non-responsive UDP ports as open|filtered instead.

WG uses UDP, so as long as your firewall is configured correctly it should be impossible to scan the open port. Any packet hitting the open port that isn’t valid or doesn’t have a valid key is just dropped, same as any ports that are closed.

Most modern firewalls default to dropping packets, so you won’t be showing up in scans even with an open WG port.

It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.

If only

Goes to show I don’t know much about SSO I suppose. Time to do some more research

I had issues connecting to Nextcloud from mobile clients when using Authelia, they didn’t like it, but if there’s a workaround for that that’s great

Most things should be behind Authelia. It’s hard to know how to help without knowing what exactly you’re doing with it but generally speaking Authelia means you can have SSO+2FA for every app, even apps that don’t provide it by default.

It also means that if you have users, you don’t need them to store a bunch of passwords.

One big thing to keep in mind is that anything with its own login system may be more involved to get working behind Authelia, like Nextcloud.

That’s I guess why CSEM is used, because if the images are being shared around exploitation has clearly occurred. I can see where you’re coming from though.

What I will say is that there are some weird laws around it, and there have even been cases where kids have been convicted of producing child pornography… of themselves. It’s a bizarre situation. If anything, seems like abuse of the court system at that point.

Luckily a lot of places have been patching the holes in their laws.

CSAM is supposed to be more explicit that the images are essentially crime scene photographs, and to emphasize that it is Abuse first and foremost and not merely pornography.

CP is a morally neutral term, or at least the components words themselves are. CSAM is not, and is explicitly negative.

My analogy was off the mark a bit, you’re right. But for example, have you seen some of the stuff people have made on Shadertoy? Incredible art, made from pure shader code.

I can understand the concern with the ethics of AI art and plagiarism, but you’re painting with a broad brush when you say that computer engineering can’t be art.

Without considering AI, you can certainly make art through code. Math can be beautiful. Shaders in particular are a ripe avenue for programmatically generating art.

There are a lot of artists out there creating art through code, and there have been for significantly longer than the AI fad has been around. The act of creating the art is simply in writing the code, rather than in picking up a paintbrush. I doubt you accuse people who paint in Photoshop of “letting the computer paint for them”, even if they use filters or something like the bucket fill tool. That’s code creating art right there. But someone still had to input creativity, and writing code to create art that looks good requires creativity and effort and is absolutely art.

AI art has different problems with it, but “programming isn’t art” isn’t one of those reasons.

Why would a random browser extension take it upon itself to snoop on your traffic to ensure that the websites you’re using can’t be used for illegal things, and then intentionally break it if it detects something it thinks it’s illegitimate? That’s a huge breach of privacy. It’s just malware at that point. It’s not like a court of law would hold your browser extensions responsible for your piracy. That’s like blaming a cup holder because the car was used in a robbery.

No, I think this is just a bug. Especially since people have reported that the extension breaks other websites too.

So this is just a thing now? Removing media from the world?

They found out it works so now it’s gonna become a trend.

The microblog side of the fediverse is really hostile to scraping or indexing of any kind. On the one hand, I get the idea of safe spaces and not wanting your data to be public, but then why are you on an instance that federates openly?

It seems to me that anything that’s being federated out by ActivityPub is public by nature. If you don’t want it to be public, you should use an allowlist, or just don’t post publicly.

I guess I just assume that everything I’m posting is being scraped and archived forever, because there’s no way to ensure it’s not. It’s ironic that the fediverse is so hostile to this fundamental fact of the internet when ActivityPub is basically designed to just hand out information to whoever asks. It seems like there’s a conflict between the protocol and the culture.

Harry Potter spaces are not unique in creating structure. There are tons of fandoms, with millions of members. It’s not the first modern fandom by any means either. It’s not like if HP suddenly disappeared there wouldn’t be any fandoms of equivalent or larger size to provide “structure” to vulnerable people. Lots of them have more queer people in them too, and less transphobia.

I’m not sure what makes Harry Potter uniquely digital in your mind either. I’m sure you can interpret it as being about that, but I don’t think that’s the interpretation most people walk away with. Even if it really is a lens some people use to understand the Internet or whatnot, I certainly don’t think it’s the first story to be used in that way… There are a lot of stories that can claim that title that far predate Harry Potter, many of which have fandoms of their own.

I just don’t think HP is an essential backbone of culture. It’s important to a lot of people, for sure. And I can’t imagine what it’s like to realize that the creator of a work that’s so important to you is a terrible person. That has got to be a really shitty situation to be in. But there are other fandoms out there. There’s other great fiction, written by authors who won’t weaponize your consumption against minorities. It’s not a dichotomy of either you embrace Harry Potter or you must write your own.

I don’t think it’s particularly hard to find authors who aren’t actively spreading hate, actually. And I don’t think Rowling’s level of transphobia is a particularly specific purity test.

Plus, Rowling takes an active role in promoting hate. She’s loud about it. She has a big platform because HP is so popular, and I think that makes her especially dangerous.

She certainly seems to put her money where her mouth is too.

I love to be able to reclaim works from their hateful authors, especially cultural ones. I’m a big fan of Lovecraft, and that dude was hateful. He makes JK Rowling look sweet and kindly. But it’s a lot easier to reclaim the narrative and make it a part of our culture when the author is literally dead.

Lovecraft is a cornerstone of modern fiction, despite being a bigot. We can acknowledge how he was a terrible person, even analyze it, but we know that our enjoyment of Lovecraftian fiction isn’t benefiting Lovecraft’s hateful causes, especially because the work is public domain.

In contrast, JK Rowling is not only still alive, she is active and vocal about her hatred, how she spends her money towards hate, and how she considers support of Harry Potter in light of her hate to be support of her vile views.

Consumption of media is not a passive action. Even if you do not actively give any money to the franchise, promoting the franchise encourages other people to do so, and then their money goes to fund hate.

I understand that HP is important to a lot of people. It was a cultural phenomenon. But we aren’t leaving it behind just because JK Rowling said something offensive. We’re leaving it behind because the author is actively using our consumption to fund hate and campaigning to deny rights to trans people.

There are plenty of other forms of media, new and old, that aren’t being piloted by known bigots. If you want a cultural backbone, using one that is currently controlled by a bigot will probably make a lot of trans people feel unwelcome at best and at worst, if HP continues to be a cultural phenomenon on a large scale JK Rowling will use the platform and the money to further the oppression of transgender rights.

The fundamental problem is that all this data needs to be hosted somewhere. P2P systems have the issue of persistence: either posts only stick around as long as the people who posted them keep their server online, which is then a burden on anyone who wants to be active in the community, or everyone shares the responsibility for hosting, and then what happens if someone posts CP? Is it just mirrored across the entire P2P system, and each person has to individually root out the CP or just be okay with hosting CP?

Torrents work because you have to actively join a torrent. But discoverability is handled from the outside, through trackers. Trackers choose what they want to host.

Tor or really I2P are the closest equivalents, but they work because everything is encrypted going through them. It’s a privacy thing. With social media, everything is public by design.

There’s a difference between defederation policy and ban policy. You could have a server that is very slow to defederate, only defederating for abuse and illegal content that can’t be stopped through moderation, while implementing a standard or even fairly aggressive enforcement policy for individuals, both local users as well as remote users. The idea is that you ban offending users, while only defederating when the instance itself is the problem.

Defederation splits the network apart. Trying to make defederation a last resort doesn’t necessarily mean one is a freeze peach instance. Defederation policy is an entirely different beast from moderation.

That said, my understanding is that Lemmy’s moderation tools are pretty lackluster at the moment, and so a big part of the reason that some instances are quick to defederate is that it’s difficult to moderate between poor mod tools and small volunteer mod teams. It’s easier to just defederate.

I agree though that the freedom of FOSS moreso lies with admins, as they’re the ones deploying the software so they can choose how to run their instance, whether that means federating with everyone or just running a completely defederated Lemmy instance with no peer instances.