My attitude on the Kolektiva breach is close to what my attitude was when I pointed out Riseup's canary had gone dead and then shit blew up.
It's bad. It's not quite as bad as some people imply. Admins fucked up by failing to have better security from get-go, but they're not maliciously or dishonest and some of their moves make some sense. Still. The catastrophe was locked in when radicals accepted community centralization. Probably their greater sin is de facto encouraging that centralization.
Generally in these cases part of the reason the community centralizes is that the admins are elders with wide connections and respect from eons doing shit. This means that they really do care and have generally good practices, and are sincerely trying their best re the trolley problems that involve how much to reveal on certain things.
But goddamn, I'm sick of older anarchist techies like Moxie w Signal embracing centralization.
@rechelon The safest way would be a periodic backup. But backups are resource intensive, and the ones hit with more backups are the ones that people don't think will hold. So it's a self fulfilling prophecy going on.
If there's a way to have a client based backup... Like, an app that doubles as backup, so responsibility (and ownership) of backup is local, then we have something.
@nonlinear @rechelon A user-agent/smart-client centered approach would indeed mitigate much of the issue.
Especially with cryptographic client/identity signatures attached to the messages.
But without gossip federation of messages each instance still represents a unique point of failure due to the current implementation of following.
Alternatively https://mastodon.social/@rechelon/110642536749725453 would allow for a middle-ground without switching to message-oriented.
I'd much prefer a full switch personally.
William Gillis 🏴
nonlinear
LisPi