Being an old grandpa not that adept at tech, I don’t know how Lemmy works. I mean, I know it’s decentralized and it’s supposed to be better than reddit, but still, how vulnerable is this platform from censors looking to block anything in here?
Are we invisible like those thepiratebay.org instances which jump up the more you try to censor them or are we basically like reddit. In other words, can I reliably access lemmy in China?
A close cousin of Lemmy is Mastodon. If you consider Lemmy a federated version of Reddit, then Mastodon is a federated version of Twitter.
The largest Mastodon server is probably Truth Social, on which former president Trump posts his messages after being banned from Twitter.
Truth Social uses the same protocol as Mastodon of Lemmy: ActivityPub. The difference: the Truth Social administrators blocked the Truth Social server from sending out messages to or receiving messages from other servers. So it’s a private Mastodon.
Bottom line: if you run your own Lemmy server you can block whatever server you want or none at all. And others can block your server if they want. If you create ab account at somebody else’s Lemmy server, the administrator can decide to block other Lemmy servers.
If you use a Mastodon account, it’s very easy to migrate to another server including your followers. Lemmy accounts do not appear to offer that functionality (yet?), but I expect a migration tool will be created in the future. So if an administrator decides to block another Lemmy server, but you don’t like that, you might easily move to another server. As of yet, you can’t however and need to create an account on another Lemmy server.
As of yesterday, the largest is of course Threads. Not sure if it’s actually mastodon, I assume not, but it does use ActivityPub and is part of the fediverse.
Or maybe not as a lot of people have pointed out that it isn’t actually federated with anything yet, so maybe it isn’t activitypub.
And, of course, it is (or will soon be) defederated by much of the Fediverse since we want nothing to do with Meta/Facebook.
We’ll have to wait and see what actually happens. People went and signed NDAs with Meta. It’s up to the instance owners ultimately, and the big ones will inevitably start a cascading effect one way or the other.
My gut tells me we’re gonna see federation with Meta
I pre-emptively defederated it from my instance.
I mean maybe. Part of the beauty of this is that I also get to consume Threads content without being subject to any of their data collection outside of what I post and interact with. I can consume their content, they of course can consume mine, but they can’t actually track what I consume.
I am skeptical about this. Not confronting your point nor offering a refutation but I am concerned about Meta collecting data on threads their users are participating in which may include user’s messages outside of their instances. I don’t know if this is a real potential or not, privacy experts may be able to weigh-in better but Meta’s track record concerns me.
No question they’re scumny. But because I’m not browsing their instance logged into their platform, they can’t see what i grab. Maybe they can fingerprint requests my client makes to load images, but the text of posts is going to be grabbed from the federated instance I’m logged into.
They won’t inherently be able to tell me from any other lemmy.world user I don’t think.
Of course anything I post that goes over there as part of federation will be tagged to my user, but they won’t be able to track me across the entire internet from that the way they can if I were logged into their service.
I don’t know the exact privacy implications but I do know that I haven’t accepted their privacy policy which certainly limits what they can do (because they haven’t gotten me to agree that they can do anything they want).
Ah that makes more sense. Thanks!
A bit off topic ,but fun fact: I read that any site that uses Facebook analytics gets user data harvested. so even though you have no accounts with any meta products, you are, in theory, vulnerable to Meta data harvesting.
Threads does not use activitypub yet.
Oh interesting, I thought I had read that it did.
Threads isn’t anything yet. It might use ActivityPub under the covers but we don’t know because they’ve not attempted to connect to anything else yet.
Oh interesting. I thought it was.
Supposedly it might be in the future, we don’t really know
can I reliably access lemmy in China?
Not really, you would only be able to access instances that China hasn’t blocked.
Are you sure? There are multiple sites where you can check if a site is blocked in china. I’ve put a few lemmy instances in the first 3 sites i found and they all claim they’re accessible. I’m not sure how ‘reliable’ that would be, but seems as of now they aren’t censored.
I mean in the end it’s a server somewhere like any other website. If your decide to block all traffic that goes to that site, yiu blocked it. The thing with lemmy is just that it’s decentralized and technically you could just another instance and acces the cache and interact ther from what I understand.
So if if China works with a Blocklist and not an Allowlist, instances might go up faster than they can block them?
Yes, exactly. On the other hand the list of lemmy instances is public. And we even have websites that help new users to find a suitable one from the list of all known instances.
I bet a censor like china has people or program(mer)s to to go through such a list and block each and every known instance. I’m not an expert on china. I wouldn’t be surprised if somebody told me they’re already doing it like that for other federated or distributed platforms.
Yeah I guess my point is that China could block Lemmy instances.
Unless China blocks all activitypub traffic, that’s a losing game of whack-a-mole. Or I guess they could scrape the federations of the instances they want to block and add them in real time.
But yeah, you’re right it isn’t designed to evade state level censorship.
Unless China blocks all activitypub traffic, that’s a losing game of whack-a-mole.
I would say the same about the entire china firewall.
Unfortunately, China’s firewall is a extremely robust technology. It is much more than just a DNS sink hole.
For example, it can block IP addresses (probably dynamically), like digital ocean or AWS. It can even block internet protocols, like TLS1.3 https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/ . It can even block tor, a inernet protocol designed for anonymity and prevent censorship https://www.technologyreview.com/2012/04/04/186902/how-china-blocks-the-tor-anonymity-network/
It is truely disheartenng to see talented engineers working on this piece of oppressive technology. I imagine if they want to, it would be rather trivial to block most activitypub instance.
Yeah I mean, deep packet inspection at that scale is certainly an impressive feat. But that doesn’t change the fact that it’s a game of whack-a-mole. Tor entry relays get detected? Tor devs change the handshake or use purified to reach the entry nodes: https://support.torproject.org/censorship/connecting-from-china/
A friend of mine was able to bypass the firewall there a few years ago using unlisted VPN endpoints he got from his VPN provider.
They can block most things for most uninformed users. But they’ll never be able to make it impenetrable without cutting off access to the larger internet completely.
How many instances are there? I can if I need to create my own instance right? So, it’s just like pirate bay I suppose, you close one instance another will take it’s place or am I mistaken?
Yeah true. It would require some additional work if you wanted to federate with blocked instances though. Same goes for if you wanted to migrate the federated data in the event the instance gets blocked.
But you could access from the unblocked China instance to the world couldn’t you?
Yeah, unless that unblocked instance resides in China then it’s probably subject to the same restriction as you. Unless they proxy the federation traffic.
Images are an issue though, as those don’t get cached by the local instance but are just links to the remote instance.
lemmygrad.ml might actually be China. But each instance gives a list of the instances it federates with, so it should be easy for China to block them all. Lemmy has no features specifically for evading state censorship.
Some governmental agency/agencies & psyops definitely at play there. And not only there.
there is a page about this on the lemmy docs: https://join-lemmy.org/docs/users/05-censorship-resistance.html
As long as an instance that is federated with the instances you want is not blocked, you can access it.
If they want to block all instances, there’s no reason they can’t.
lemmy instances can be published through the onion network too
can’t block those unless they block the tor network, but then you have bigger problems.
To block a specific content from an instance, they have to block all instances because your instance is going to get that content from other instance instead of you. You are not even going to connect to that instance.
But if they want to completely block the federation, they can.
I don’t think lemmy is made to circumvent censorships. There are other platforms for that. This is okay because sometimes this and being easy to use contradict each other.
However. I think it’s doing a decent job. But admins of the individual instances will probably censor things that are against the law, because they are liable for that.