this post was submitted on 16 Jun 2024
285 points (94.4% liked)
Fediverse
28523 readers
296 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Oh that sucks. Tbf the entire concept of the Fediverse is an enormous security nightmare regardless: someone was telling me how a person could spin up an instance and share a picture also served up from their machine, then maliciously correlate the incoming IP addresses from the latter of people who viewed it vs. make interactions (voting or comments) in the former to identify you irl. But at least that takes some technical effort, and there seems no reason not to put additional obstacles up to make it harder.
Unfortunately the Lemmy developers seem to have little incentive to add features that are primarily for Westerners who e.g. don't agree that an authoritian admin and/or mod is always correct regardless of the facts. And Westerners don't seem in that much of a hurry to make alternatives - although K/MBin exists already and Sublinks is coming as well. If we want better, we would need to put in the work to make it happen.
It's still a thousand times better than Reddit:-). Except I no longer recommend Lemmy to people that I meet irl - I can't keep doing that in good conscience anymore, until there is an instance that defederates Lemmy.ml. Yes the new person could block many people and even whole instances, but it seems a little similar to recommending that someone use Arch Linux - like, really!? Hopefully the concept of the Fediverse will improve someday soon and I can do that once more, bc I really do want to.
Honestly, I think the future of fediverse advocacy for now should be recommending a specific instance and not explaining the federation part until they are using it
It's the present already.
People want a URL, give them a few if they really want to choose.
Federation should stay behind the scenes
Agreed - as Blaze always says, save the why and how it works (under the hood) for later and for now just show them the goods.
And when a major instance defederates from Lemmy.ml I will start recommending that exact instance to people.
Or, an admin at sh.itjust.works mentioned the possibility of automatically applying a user level block to it for all new users, along with a bot message about how to remove that block. As discussed above, it would be far from perfect (e.g. someone mentions that the genocide going on in Ukraine is bad and gets hit by many downvotes with no clue where they came from bc they are not shown notifications from the people who may reply to say how it is actually good though, bc Russia is the one doing it...), but indeed it would be better than now.
Hard agree. A while ago, Feddit UK nearly lost it's domain and I was a hard advocate of carving our own identity without using terms such as "Reddit", "Lemmy" or "Federation". Basically have our unique identity. As right now all I have told about it see it as a reddit knock-off.
I would actually not go that far - I respect the devs enormously for having written the code and shared it with the entire world. If someone else wants to write new code - K/Mbin and Sublinks come to mind - then sure replace Lemmy for those instances that run that, but e.g. Lemmy.World is definitely a Lemmy and I'm okay with that.
I'm also okay with Fediverse - should I not be? I suppose an alternative is something that implements the ActivityPub protocol, but why not the Fediverse?
Basically I am okay with anything so long as people don't stumble upon it unawares.
But I do see your point that we can't just say that we are a Reddit knockoff, even though that's literally what we are. It should be the start of additional description. So far I call it "social media" - where people share and talk, bc that seems about right. "Link aggregator" doesn't do much for me, and suggests more of a purpose to read news stories rather than make our own posts.
An IP address alone does not identify you. It might identify your general area.
Any other website works the same way. I can go buy a domain, set up a plain html site, and view the IP of anyone who visits the site.
What kind of features are you looking for?
Whoever you'd recommend is already exposed to the lemmy.ml people or worse, it's just through Facebook or Instagram or Reddit. At least here they're a little self-contained.
I don't go to Facebook, X, Instagram, or Reddit. Some people that I talk to irl also don't follow social media. Why should they - what does it offer then? To those people I have been recommending Lemmy in the past, and now I don't do that anymore. I would like to though.
Do you use websites? They can also track your IP.
I think content really should be served on a p2p basis recon it would improve robustness and reduce load on servers also would stop the whole ip vote association. I believe thats how peertube serves its videos but i dont see why it can't be extended to serve all media
I presume that would have security issues of its own:-), and this is just a guess but it might look more like traffic that some ISPs may want to ban, if implemented like that?
I haven't done anything remotely piratey for decades but people say that there are forums that way. I'm not intending to conflate P2P with the likes of TOR that is merely one implementation of that, just saying that apparently the implementations exist.
The security issues are minimised compared to havibg a centralised instance. And yeah some ISP may block/rate limit thats why net neutrality is so important.
Heh, P2P absolutely does not minimize security concerns, especially of your IP being revealed.
Remember how people got DDoSed all the time because of Skype?
It means that each actor can only expose themselves to a subset (more peers less people) of the total network. As opposed to the current situation where u can collect information on more people as a singular actor. But yes you do expose yourself to the peers you connect to.