pleroma.debian.social

pleroma.debian.social

jlines | @jlines@pleroma.debian.social

.

Mark Wyner Won’t Comply vm markwyner@mas.to

This is bound to bring some joy to your day. Everything about it is delightful.

(And the engineering is amazing.)

jlines jlines
@vkc @kasperd For some time I have felt that some form of federated ActivityPub based security system would be beneficial. This would be aimed at being produced and consumed primarily by computers, but should be readable by humans for verification. Things like fail2ban from a computer attack level, sharing spam sources and sharing info on objectionable content origins. Web of trust and similar content policies would apply.

john john@social.paladyn.org
Unicorns
I am constantly bombarded by companies trying to sell me things I don't want, but there are things I would buy, if somebody made them. I am calling them #unicorns. There doesn't seem to be a good mechanism to let companies know they exist.

https://blog.wp.paladyn.org/category/unicorns/

jlines jlines
@nixCraft I would like to see more organisations/companies setting up their own Fediverse (I use pleroma for my personal Fedi - as does Debian - server diversity is good). This deals with a lot of the issues of identity confusion, once people start to see more accounts like @news@bbc.co.uk (does not exist, but hard to fake, and fewer @thisIsTheBBCNewsHonest@mastadon.social (also does not exist).
https://wordpress.debian.social/jlines/2021/01/12/it-is-good-to-be-a-tree/

jlines jlines
@JamesBaker Beyond this, once a digital means of proving your identity goes out of your control who is to prevent it being re-used. I wrote https://blog.wp.paladyn.org/2024/11/14/the-proof-of-identity-problem/ about this, and I believe it is a hard, but important problem.

jlines jlines
Who owns 'your' contacts

I am seeing TV advertising for WhatsApp, emphasising how private the message data is, which is probably true, but misleading, as the issue is that people have to share their contact metadata.

https://wordpress.debian.social/jlines/2025/07/04/who-owns-your-contacts/ suggests #XMPP, possibly @snikket_im

@xmpp

jlines jlines
@johncarlosbaez @mansr Time for a new list of highly cited researchers caught engaging in bad practice - or would that just encourage them ?

jlines jlines

@mikebroberts For me the issue is that Slack/Discord and the like act, in ecological terms, like an invasive species, such as Ground Elder "It can pose an ecological threat owing to its invasive nature, with potential to crowd out native species." Once they have a foothold they are hard to dislodge.

jlines jlines

@bkuhn I spent far more time than I should have done reading Groklaw - It was fascinating to be able to follow a complex case in such detail.

jlines jlines

@OpenTech_AUC I suggest investigating #XMPP, but in particular snikket as the Instant Messenger/chat equivalent to WhatsApp. It is fully open source, and built out of standard components. You can run up your own server quickly and federate with all the other XMPP servers. Note that WhatsApp is basically an XMPP server (eJabberd) which does not federate. For a University College running your own XMPP server(s) lets you undertsand IM by doing

Björn Staschen bjoernsta@eimsbuettel.social

Really, @EUCommission? It's great that you are here on Mastodon, but why not show it proudly instead of linking out only to those Big-Tech-Silos?

@_elena, me and other people at thought, you should change that please.

Will you?

Screenshot from European commission website showing share buttons to Facebook, Instagram, X, LinkedIn and a Link button.

jlines jlines
@amy certainly agree on your points, and also concerned at the way that SMTP is becoming/has become defederated in practice. I believe an effort to educate the law makers would be more productive than asking Meta to be nice. I wish the tech giants who do not have a stake in the Instant Messaging and Social Media spaces would see that there can be value to them in promoting the open standards. Ideally the foundations would have financial support from more than 1 company.

jlines jlines
@fencepost @GossiTheDog It is a very poor UI decision to hide information from a user for the sake of convenience which would allow them to make security decisions. This is not restricted to Instant Messengers.

jlines jlines
@fencepost @GossiTheDog I think the inherent 'flatness' of Signal, and other non-federated IM systems is a weakness in that it fails to make use of the information you get for free from the tree structured nature of the DNS. If the other members of the group had all been on the republican.org, or whitehouse.gov server (or a mixture), then the presence of a jeffrey.goldberg@theatlantic.com would/should have been glaring obvious.

jlines jlines
@Viss so if your internet is down you wont be able to, for example "Alexa turn the light on", turn the heating up or down etc.

jlines jlines

@ireneista @contrapunctus @grimalkina @Lunaphied Clicking on the ellipsis at the bottom right of Daniel's post and selecting 'Expand this post' show other replies, but the one from @winfriedtilanus is the most useful.

jlines jlines

@adamhotep @snopes rather than using Signal, I suggest self hosting an #XMPP server with accounts for key people. Create a group for sharing MFA keys and keep this sensitive information under your control. If your xmpp server was, say chat.snopes.com, then you can leverage DNS security to have confidential discussions with external people too. See [It is good to be a tree}(https://wordpress.debian.social/jlines/2021/01/12/it-is-good-to-be-a-tree/)

jlines jlines

@ireneista @contrapunctus @grimalkina @Lunaphied There is an interesting thread here on Federated Metadata privacy

jlines jlines

@thevril @contrapunctus @snikket_im @grimalkina I do like that list too, and use Conversations (via #fdroid and donate via @mastadon.xyz@liberapay). My aim is to inform people that alternatives to monolithic Instant Messengers exist, and encourage more mainstream use.

jlines jlines

@ireneista @contrapunctus @grimalkina @Lunaphied I am concerned about the risks associated with metadata for some time, specifically in the context of Who pays for WhatsApp, but any centralised system, e.g. Signal, or Telegram - even if well intentioned, will be vulnerable to insiders being bribed of coerced. Federation limits the insider information scope.

»