Changes to Lemmy/PieFed to adjust to living under fascism

rglullis@communick.news

You don't need to go full p2p. You can still have servers and you can still have operators who work to prevent issues at the edges, but the servers need to be only blind communication relays and routers.

rglullis@communick.news

The problem is the inverse. There are times where you don't want to be connected to any message.

Nostr is being developed by stupid bitcoiners, and it suffers from the same stupid mistakes as BTC. Pseudonymous transactions is not enough for a payment network. Just like pseudonymous messaging is not enough for secure communication.

rglullis@communick.news

This is also why I get so pissed about the Fediverse "don't scrape me bro" crybabies and their whole talk about "consent-based following".

Malicious actors do not ask for consent. Malicious actors know how to bypass authorized fetch. Malicious actors will have absolute no qualms creating accounts on the same server as you just to be able to follow you. You can even argue that malicious actors will even build an instance that you find super appealing in order to be able to collect your communication.

It doesn't matter how you feel you are entitled to a "safe space", if you are talking in public. People might ignore you, but they are never go around with their ears covered just because you are asking them to.

cris_color@lemmy.world

That's very true.

Like I said, I don't think it's really what a platform like lemmy is for

povoq@slrpnk.net

There is no such thing as a blind relay. There will always be meta-data accumulation at such points in the network.

It is possible to try to minimize the meta-data accumulation and obfuscate it further and there are certainly some interesting theorectical concepts for that in systems like SimpleX, Nostr etc. but in the end most of these are just giving a false sense of security.

In addition many of these systems engage in what I call "trust-washing", i.e. them proudly proclaming: "there is no need to trust us, bro!" When in reality there are multiple points of failure in their pretend to be trustless system that they just chose to ignore or try to distract you from.

And when it comes to the real-world, tried and battle tested system like Tor are where I would put my safety, not some brand new crypto-bro dondogle that is funded by venture capital investors (like SimpleX).

rglullis@communick.news

Even with Tor you also have to trust the exit nodes. So, yes, I agree you will still need to trust someone, but we can control/design to have less things depending on this trust.

Specifically with ActivityPub, everything is designed around the idea that the server owns it all. It doesn't have to be all-or-nothing.

rimu@piefed.social

too destructive for compatibility with other ActivityPub software

Yes, but that's Ok, not every community needs to federate outside PieFed. There can be a mix of insecure (widely-compatible) and secure (PieFed only) communities. PieFed does not be need to be held back by the limitations of ActivityPub as we know it today.

rimu@piefed.social

Yes this is a good minimum. We need our instance-chooser guides/websites to surface this information so people can make choices about which instances they join.

Currently if you go to https://joinmastodon.org/servers or https://join-lemmy.org/instances there is no way to filter for VPN compatibility, allowing disposable email, logging policy or legal jurisdiction (in the case of join-lemmy). Or political alignment, defederation policy...

rimu@piefed.social

I hope you feel better soon.

microw@lemm.ee

Instances.social surfaces some of the server rules into a nice UI for mastodon instances but yeah, those things you mention would also be nice.

iopq@lemmy.world

Then use a key you never used before to encrypt it

falseprophet@fedia.io

Well he is already doing that with piefed

burgersc12@mander.xyz

Piefed also doesn't really fit his description. He wants something more akin to Signal, since that was designed around E2E encryption. Anything that uses ActivityPub is never gonna be able to fit into his idea for security, since it was designed to do the exact opposite and distribute content to basically anyone who asks for it.

falseprophet@fedia.io

Maybe, I am not very familiar how activitypub works. Maybe he can work around it.

burgersc12@mander.xyz

ActivityPub is how federation is accomplished. You cannot "work around" how the system is fundamentally designed. ActivityPub might get E2E encryption on DMs at some point but the rest is simply not possible if you want to be able to interact with the rest of the Fediverse.

cabbage@piefed.social

Just to clarify, you are aware that OP is the developer of PieFed?

Chances are that PieFed more or less fits his idea of what he wants, considering that's what he designed it to do.

burgersc12@mander.xyz

Nope, wasn't aware. Still seems like ActivityPub is the wrong way to go if your priorities include encryption and anonymity.

rimu@piefed.social

Theoretically in the future PieFed might not be limited to only using ActivityPub, or only using Lemmy-compatible ActivityPub.

burgersc12@mander.xyz

Hmm that's fair. I wasn't aware of the differences between Piefed and Lemmy when I first made my comments, but I do wish you luck with implementing all this! Piefed seems cool, guess I'll have to check it out a bit more in depth lol

cabbage@piefed.social

ActivityPub is absolutely not suited for private communication. I guess you could in theory transfer encrypted content over AP as well, but it's not what it is designed for and it generally makes little sense for content in a public forum like this. I don't think anyone thinks otherwise.

This is not what is proposed though. For E2EE, Rimu suggests the following:

Encrypt all user communications, private messages, and sensitive data

So to keep user data encrypted on the server, as well as looking into finding a way to encrypt private messages. I think it's hard to argue this wouldn't be at least a minor change for the better, giving instance administrators less insight into the private data of the users (and thereby also making them less vulnerable to law enforcement).

Of course this wouldn't make PieFed or Lemmy or whatever a good replacement for Signal. It is not supposed to be. It's a public forum. But it can still do its best to protect the identity of the users in this public forum, even with the inherent limitations of the format.