Command Line MagicNov 23, 2022
I think the shift by the general public to Mastodon may be historically significant beyond just social media because it's a shift away from centralization and back towards distributed services. I'm hoping this trend continues in general for Internet services.
Show threadStefano MarinelliNov 23, 2022
@climagic I hope it will happen for e-mail hosting, too. And for centralised services like AWS, Google Cloud, Azure and SPOF like Cloudflare, etc. Let's go back to connected islands!
Show threadMark Gardner
@climagic @stefano Er, email is quite decentralized. Kind of the point of SMTP
Dec 2, 2022 at 4:19pmWeb
Show threadCommand Line MagicDec 2, 2022
@mjgardner @stefano I think what he is saying though is that in the last decade or two (or really since the net became popular in the 90s) there have been strong pushes to centralize it and they have been mostly successful. Setting up your own server these days is quite challenging due to the external rules you must follow and know about beyond just the config.
Show threadMark GardnerDec 2, 2022

@stefano @climagic Well, only centralized in the same way a network of #Mastodon instances is centralized.

Decentralization doesn’t necessarily mean everything is peer-to-peer. Those are different concepts

Show threadStefano MarinelliDec 2, 2022
@mjgardner @climagic I know. But there are a lot of problems managing emails as the “big ones” are the ones who play the game. Quite a challenge in the last years. Many of my historical mail servers are working fine, but as soon as you start with a new one you must be prepared to be spam marked by the big ones like Microsoft and (but less) Google and for a long time, even it you set everything following their standards
Show threadCommand Line MagicDec 2, 2022
@stefano @mjgardner I just dealt with that problem today for someone else's important email as they moved accounts and found out the hard way.
Show threadMark GardnerDec 2, 2022
@stefano @climagic It’s only a matter of time before similar #spam mitigation techniques will need to be bolted onto #ActivityPub as spammers, scammers, and malware developers discover the #fediverse. If I’m reading things right, the spec just punts things to HTTP Signatures and Linked Data Signatures with #Mastodon adding some unique properties and behavior. I’m skeptical about that remaining sufficient.
Show threadMark GardnerDec 3, 2022
@stefano @climagic …and I’ve already seen reports over the last day of a #spam flood / #DDoS attack. The “just set up #fail2ban“ advice isn’t being heeded or isn’t working
Show threadStefano MarinelliDec 3, 2022
@mjgardner @climagic I see a lot of toots about it. More users -> more attention -> more nasty people trying to do nasty things
Show threadMark GardnerDec 4, 2022
@stefano @climagic Yep, I have also seen peanut-gallery comments from #InfoSec and #NetworkOperations people saying this was entirely predictable with well-known mitigations, but #Mastodon admins and developers seem to be trying to reinvent them from first principles