My attitude on the Kolektiva breach is close to what my attitude was when I pointed out Riseup's canary had gone dead and then shit blew up.
It's bad. It's not quite as bad as some people imply. Admins fucked up by failing to have better security from get-go, but they're not maliciously or dishonest and some of their moves make some sense. Still. The catastrophe was locked in when radicals accepted community centralization. Probably their greater sin is de facto encouraging that centralization.
Generally in these cases part of the reason the community centralizes is that the admins are elders with wide connections and respect from eons doing shit. This means that they really do care and have generally good practices, and are sincerely trying their best re the trolley problems that involve how much to reveal on certain things.
But goddamn, I'm sick of older anarchist techies like Moxie w Signal embracing centralization.
@rechelon The safest way would be a periodic backup. But backups are resource intensive, and the ones hit with more backups are the ones that people don't think will hold. So it's a self fulfilling prophecy going on.
If there's a way to have a client based backup... Like, an app that doubles as backup, so responsibility (and ownership) of backup is local, then we have something.
Very much agreed, I've thought about precisely this, but don't have the time or free executive function.
@rechelon It's complicated.
The use of backups, that is the insurance users have from instance collapse, brings smaller instances close to collapse.
I've been working on product/usability solutions for peer to peer, distributed systems, and the limitations are always very interesting.
@rechelon If you want, I started a group with others called https://commons.garden
We could do one (and only one) design strategy session, frame the problem correctly or even propose solutions, announce it, and leave it for others to pave the way.
Life is short.
@nonlinear @rechelon A user-agent/smart-client centered approach would indeed mitigate much of the issue.
Especially with cryptographic client/identity signatures attached to the messages.
But without gossip federation of messages each instance still represents a unique point of failure due to the current implementation of following.
Alternatively https://mastodon.social/@rechelon/110642536749725453 would allow for a middle-ground without switching to message-oriented.
I'd much prefer a full switch personally.
Yeah, I mean this should go without saying. Every DM is fed-readable, but still, one standard raid shouldn't pick up a whole database, and when it does it should be fewer people than kolektiva grew to.
@Riyadh144 @rechelon A bit untenable due to uptime & routing complications.
Rather, message-orientation and gossip-peering would work better.
Many people are screwed over by CGNAT and cannot peer without intermediary nodes anyway.
@rechelon Did you try using Freenet / Hyphanet? https://freenetproject.org/pages/download.html
That avoids the centralization completely, and it enables people to go dark with the pure friend-to-friend mode, so itβs not visible in any central place that they are part of the network.
And itβs a project with >20 years history that has withstood quite a few problems already.
William Gillis π΄
nonlinear
LisPi
Daniel
Riyadh Elalamiπ΄
ArneBab
Lizzie Crowdagger 