I don’t like this. Everything you’re saying is true, but this argument isn’t persuasive, it’s dehumanizing. Making people feel bad for disagreeing doesn’t convince them to stop disagreeing.

A more enlightened perspective might be “this might be true or it might not be, so I’m keeping an open mind and waiting for more evidence to arrive in the future.”

Judges can act.

These systems all have disaster recovery plans. We can’t possibly know how competent their admins are or how up to date their backups are. But it’s not our job to know this. Debating details isn’t the point, and there’s zero amount of online discussion that will make the worry and anxiety go away. Just remember there are backups and be calm.

Personally I know that media companies, who use their content to sell ads, will not protect me from this “worry and anxiety denial of service” that’s going on. They sell more ads when people doom scroll. So I have to protect myself. I want you to protect yourself as well.

I try to recognize when there are things I can’t do anything about, but that I know good people are still working to protect.

Scrooge McDuck is an employee of his companies too.

BBS software. Nerds always find a way. I guess if I have to be a sysop now…

I think I communicated part of this badly. My intent was to address “what is this speech?” classification, to make moderation scale better. I might have misunderstood you but I think you’re talking about a “who is speaking?” problem. That would be solved by something different.

I mentioned this in another comment, but we need to somehow move away from free form text. So here’s a super flawed makes-you-think idea to start the conversation:

Suppose you had an alternative kind of Lemmy instance where every post has to include both the post like normal and a “Simple English” summary of your own post. (Like, using only the “ten hundred most common words” Simple English) If your summary doesn’t match your text, that’s bannable. (It’s a hypothetical, just go with me on this.)

Now you have simple text you can search against, use automated moderation tools on, and run scripts against. If there’s a debate, code can follow the conversation and intervene if someone is being dishonest. If lots of users are saying the same thing, their statements can be merged to avoid duplicate effort. If someone is breaking the rules, rule enforcement can be automated.

Ok so obviously this idea as written can never work. (Though I love the idea of brand new users only being allowed to post in Simple English until they are allow-listed, to avoid spam, but that’s a different thing.) But the essence and meaning of a post can be represented in some way. Analyze things automatically with an LLM, make people diagram their sentences like English class, I don’t know.

My own “we need” list, from a dork who stood up a web server nearly 25 years ago to host weeb crap for friends on IRC:

We need a baseline security architecture recipe people can follow, to cover the huge gap in needs between “I’m running one thing for the general public and I hope it doesn’t get hacked” and “I’m running a hundred things in different VMs and containers and I don’t want to lose everything when just one of them gets hacked.”

(I’m slowly building something like this for mspencer.net but it’s difficult. I’ll happily share what I learn for others to copy, since I have no proprietary interest in it, but I kinda suck at this and someone else succeeding first is far more likely)

We need innovative ways to represent the various ideas, contributions, debates, informative replies, and everything else we share, beyond just free form text with an image. Private communities get drowned in spam and “brain resource exhaustion attacks” without it. Decompose the task of moderation into pieces that can be divided up and audited, where right now they’re all very top down.

Distributed identity management (original 90s PGP web of trust type stuff) can allow moderating users without mass-judging entire instances or network services. Users have keys and sign stuff, and those cryptographic signatures can be used to prove “you said you would honor rule X, but you broke that rule here, as attested to by these signing users.” So people or communities that care about rule X know to maybe not trust that user to follow that rule.

I feel like objecting to the “General advice about email is don’t” thing but I don’t know if I understand the objections well enough to refute them. I self host email for mspencer.net (meaning all requests including DNS are served from hardware in my living space) and I have literally zero spam and can’t remember the last time I had to intervene on my mail server.

On one hand: My emails are received without issue by major providers (outlook, gmail, etc) and I get nearly zero spam. (Two spam senders were using legitimate email services, I reported them, and got human-seeming replies from administrators saying they would take care of it.) And I get amusing pflogsumm (summarizes postfix logs) emails daily showing like 5 emails delivered, 45 rejected, with all of the things that were tried but didn’t work.

On the other: most of the spam prevention comes from greylist, making all new senders retry after a few minutes (because generally a legit MTA will retry while a spammer will not) and that delays most emails by a few minutes. And it was a bear to set up. I used a like 18 step walkthrough on linuxbabe dot com I think, but added some difficulty by storing some use and alias databases on OpenLDAP / slapd instead of in flat files.

But hey, unlimited mail aliases, and I’m thinking of configuring things so emails bounce if they seem to contain just a notification that terms and conditions are updated somewhere. I don’t know, cause some chaos I guess.

And I have no idea if my situation is persuasive for anyone because I don’t know what the general advice means. And I worry it’ll have the unfortunate side effect of making self hosting type nerds like me start forgetting how to run their own email, causing control of email to become more centralized. And I strongly dislike that.

I’m surprised I’m the first comment saying this, but all I see is a user who needs help expressing their needs but who is not getting that help. Sure they don’t have our experience with decomposing problems and anticipating technical issues, but that’s normal and expected.

Yep, mspencer dot net (what little of it is currently up, I suck at ops stuff) is 2012-vintage hardware, four boxes totaling 704 GB RAM, 8x10TB SAS disks, and a still-unused LTO-3 tape drive. I’ll upgrade further when I finally figure out how to make proper use of what I already have. Until then it’s all a fancy heated cat tree, more or less.

I couldn’t find the clip, but first thing that came to mind was the StarTalk Live with Buzz Aldrin and John Hodgman.

Hodgman: “maybe they’ll find H 2 2 2 2 O!”

Edit: crap, I have to call myself out. I failed to read completely, thought the screenshotted poster accidentally changed one part of the comparison, instead of deliberately changing both parts. If the original was molecules in a cubic inch of water vs stars in the observable universe, I read this post as atoms in a molecule vs stars in the observable universe.

Apologies, I discovered I was a fool and was excited to share my discovery.

Same. Went from radiks.net dial-up to US-West business DSL. Registered my domain at the same time, mspencer.net

I think image generators in general work by iteratively changing random noise and checking it with a classifier, until the resulting image has a stronger and stronger finding of “cat” or “best quality” or “realistic”.

If this classifier provides fine grained descriptive attributes, that’s a nightmare. If it just detects yes or no, that’s probably fine.

I have an iPhone and a gl.inet gl-e750 portable cell router, and my SIM card stays in the router. I don’t actually restrict my phone the way you’re talking about, but this gives me vpn to my home network without needing the vpn running on each client device. And if I wanted to block connections to big tech company services, I could do that.

Hmm, you have uncovered a problem with both of our ideas. Steam’s leverage is reduced after they have deposited sales proceeds, and is gone after the publisher isn’t selling games on the platform any longer.

(I’m griping about Rockstar specifically but my point is still flawed in the general case.)

Deceased users’ estates still haven’t agreed to the new terms, have they?

Now punish publishers who try to change the terms of sale after sale. “Want to play the single player game you bought a decade ago? Agree to this new arbitration clause.”

deleted by creator

Are you going to be hosting things for public use? Does it feel like you’re trying to figure out how to emulate what a big company does when hosting services? If so, I’ve been struggling with the same thing. I was recently pointed at NIST 800-207 describing a Zero Trust Architecture. It’s around 50 pages and from August 2020.

Stuff like that, your security architecture, helps describe how you set everything up and what practices you make yourself follow.