• 141 Posts
  • 190 Comments
Joined 3 years ago
cake
Cake day: July 30th, 2023

help-circle


  • If you require something that couldn’t be used over CloudFlare, that cedes a whole lot of power to what they choose to support

    Power is excessively unreasonably ceded when Cloudflare is in the loop. To avoid CF is to put power back where it belongs. Cloudflare-incompatible tech ensures CF does not wield inappropriate power.

    any networking could, in theory, be run by proxy.

    Indeed, and this frustrates sigsec. Connecting to someone requires trusting them not to do something stupid like hand their keys to a giant centralised corporate overlord. At least avoiding Cloudflare is low-hanging fruit. It’s usually easy to detect when CF is in the loop, apart from a few rare shenanigans where CF uses some IPs that are not in CF’s ASN records.

















  • Strengths

    Works well in browsers with images disabled. Interesting to see vector graphics pay off.

    Weaknesses

    The most important info is here:

    https://infosec.pub/c/isitdown

    I don’t care about small variations in performance. I care when a server admin pulls the plug. Lengthy downtime can be infuriating, particularly without news… without knowing what happened and whether your msgs are lost permanently.

    The presentation unfairly makes nodes centralised on Cloudflare look good. Cloudflare obviously makes a site perform well but the price we pay in sovereignty, loss of privacy, and netneutrality makes those nodes unacceptable. Centralisation defeats the purpose of the fedi. So the CF nodes should be delisted. Or well marked with a warning.

    Potentials

    An open dataset might be useful.

    You might want to harvest and present !isitdown info somehow.



  • Mods should also be able to manage their communities as they see fit unless they break the instance rules.

    That’s already the case. And it would not change. Mods would not lose any power.

    (TBH, it seems you underestimate the dedication to shit posting that some trolls have.)

    Can you elaborate? The underestimation you speak of supports the status quo. I’ve seen how rampant it is. Which is exactly why the job is unsurmountable for just the mod.

    What would you have the mod do in the thread I linked to solve the problem? Do you expect mods to read every post, work out the thesis, and determine whether each comment is conducive to the purpose of the thread?

    I moderate a dozen communities just on this instance; not to mention other instances. I don’t have time for that. I rely heavily on someone to send me an alert. And when I get an alert about something relatively minor, I’m annoyed by my time being wasted. The OPs are bigger stakeholders in their own threads than I am. The OPs care more about getting the feedback they are after in their own thread than I do as a mod.

    It’s not my job as moderator to care whether OPs get the feedback they are after, given the tools as they are. I care abstractly at a high level (hence the purpose of this thread), but certainly not enough to read every comment, only to face an overly blunt corrective tool.


  • Perhaps comments are the non-censorship way to combat comments that provide little value.

    Two problems with this:

    • engaging threadcrappers and trolls stimulates them (“don’t feed the trolls”). Even downvotes are a positive for them b/c they know they triggered someone.
    • when the thread becomes trashed, this discourages intellectuals. They step into a place of garbage and think “I’m not going to put energy into a comment that will be buried in a hot mess of other garbage and possibly have to fend off assholes myself”. IOW, it’s not just the OP who is damaged – it’s all those who want a civil discussion.

    Readers don’t have time to pick through garbage, but the OP does (as they get notifications).

    But it sounds like your solution would force your preferred paradigm on everyone.

    Everyone already is forced by a paradigm – one of a single master with limited time and blunt tools.

    The OP is a stakeholder who invested constructively into the thread. If an OP does not value their own investment in time and labor, they would not have to use a platform that empowers them to organise clowns and hecklers into a separate branch of visiblity. The popularity of the idea would be evident in who chooses to post under that paradigm.

    In fact, it could be configured on a post-by-post basis. If you create a new post, you could have a tickbox “do you want to have clown control?” If they tick the YES box, the trolls may not even bother with such threads (good!). If they tick the NO box, the OP gets more engagement (but they may not like the result).



  • Thanks for the link.

    “Small-volume braille printers cost between $1,800 and $5,000 and large-volume ones may cost between $10,000 and $80,000.”

    Well, I guess that settles that option. Perhaps a print shop would have one, but I suppose it would not be cheap to use if they have to recover their investement. I would have to know that my recipient were blind to take that option.

    OTOH, I also thought: I could record my voice (either reading my letter or giving a summary), then post on the web with a password, and put a QR code in the letter to an URL that includes the pw as an argument. But a blind person wouldn’t see the QR code. So that kills that idea. In principle, such a practice could theoretically be standardised with the QR code in an expected position.





  • Whether it’s a good idea to present the DL to ICE depends on whether there is a legal obligation to do so – hence the question about jurisdiction.

    If you legally must present a state DL on-demand to feds, then it’s a question of consequences. Refusing to present your DL to a local cop who pulls you over could probably lead to legit confiscation (effectively, loss of driving privs). If the feds take your DL and it’s unlawful, then the confiscation has no legal effect because you are still licensed to drive. You would just have the inconvenience of reporting a stolen ID to the DMV and waiting for a replacement.

    One legal theory I would like answered is if you can refuse the DL to feds, then would they have to call a local cop to demand your DL by proxy in the scenario of following a legal procedure? This could be interesting because local cops may not be happy to respond to such calls.





  • This page covers CF as a walled garden generally:

    https://thefreeworld.noblogs.org/post/2024/03/18/cloudflare-has-created-the-largest-most-rigidly-exclusive-walled-garden-in-the-world/

    W.r.t the fedi, Cloudflare blocks Tor and VPNs by default. So if you wanted to run your own Lemmy node, it would be unable to federate to Cloudflare nodes over Tor or VPNs. Lemmy end users are also oppressed by CF because images come from the source and are not cached. So if someone posts an image on a CF node and I use Tor to connect to slrpnk.net, I can only see the text and not the pics.

    Users of CF nodes tend to be ignorant about the exclusivity of many clearnet sites, so they often unwittingly post links to tor-hostile sites.

    Are you talking about a pure matter of size?

    That too. The fedi is designed to make decentralisation /possible/. But obvisouly if network effect causes a majority of people to pile onto a single host, that’s not decentralised. Lemmy was not designed to be smart about this.

    There are several node operators who do not give a shit about decentralisation or the balance that that requires. They just want to have a disproportionate amount of power over users so they can control the narrative through selective censorship. So they grow nodes that are obscenely large. Lemmy World goes to the extreme of using Cloudflare to circumvent the natural control of resource limitations, to grow out of control.

    Some non-CF nodes also don’t know when to quit new registrations. I track them by calculating the average node size. If a node has more than 2 standard deviations above the avg number of users, I consider them centralised and avoid posting in their communities, just as I avoid posting in Cloudflare’s walled garden.