• 0 Posts
  • 22 Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle
  • I don’t know, man. Unless you’re running on ancient hardware does a few gigs even really matter? I’ve got a 1 TB nvme in my box and I’m using like 300 gigs of it, 200 gigs of which are two Steam games and a few different Proton versions. Surely the 2 gigs shown in that screenshot is almost meaningless in a modern system. I mean you can get a 1 TB Samsung EVO for like 60 bucks on Amazon these days.


  • I think you’re missing the point. Oracle and SUSE have quite successful commercial offerings already. They don’t need to sell a RHEL clone as their core business. I don’t know why you think SUSE is unable to “create or maintain a Linux distribution,” they’re one of the oldest distros out there. SLES and SLED are extremely well regarded, and SUSE is doing further work/research into immutable server distros for the future. They certainly can “create a Linux distribution”. Oracle has a mixed history but certainly anyone could view them as successful overall.

    No, what they’re actually doing is creating a clone for the downstream packagers so they aren’t suddenly cutoff by Red Hat’s (IBM’s) decision. They’re trying to give the community back what was lost. A collaborative effort to mitigate the damage done by commercial interests. They’re not really doing anything other than restoring things to the way they were. Anyone who was using a distro that was downstream of RHEL wasn’t looking for enterprise-level support in the first place so I don’t really understand your complaint there.

    I mean, really, the whole Linux ethos is community. These two companies coming together to give back what the community lost, for free, is what FOSS is all about. Somehow I feel like that has gone right over your head.


  • Sorry if I wasn’t clear about that. My essential thinking with the NAS was: Cloud is nice, but how vulnerable are you if the Cloud provider turns evil?

    With Apple and Google, you’re basically screwed and there is nothing you can do.

    With a NAS, you own the server. You don’t rent it. You own it. You can hold the thing that stores all your private data in your own two hands.

    So what if the data center I host my backups on becomes evil? Well, then they find a bunch of encrypted blobs they can’t access while I move my backups to a different host. I’m not sure even the server hosting you’re talking about is as secure as that. What if they become evil? How much access do they have to your data? All “evil” takes is a single policy change from a suit who has no idea about actual tech. It happens all the time.

    Maybe that comes off as paranoid, but with all the data breaches and enshittification happening lately I feel much more secure having my data literally in my own two hands and a built-in defense against evil policy changes/government overreach for anything that must be hosted externally. Coupled with Tailscale for remote access I believe this as secure as you can get.

    And again, Synology was my choice for ease of use, but you can build a capable NAS from an old Optiplex on ebay for 200 bucks + drives.


  • I don’t really understand your comment.

    PC breaks? House burns down? My data is encrypted in a datacenter. My account gets cancelled? My data is on my NAS.

    I don’t store much data on my PCs or devices at all. Any data that is there I treat as transient. The NAS acts as permanent storage. So if the devices die, I can quite literally restore them to the state they were in within hours of their death from the NAS. If my house is hit by a tornado and my NAS dies, my data is safely encrypted in an external location. I’ve lost nothing. If my NAS, devices, and Wasabi’s data center are all hit by tornadoes at the same time we have bigger problems to worry about. If that ridiculous scenario happened your server would not be immune either.

    I’m not seeing the advantage of your rented server vs having backups in the cloud. Is it because the server will keep running? But if you’ve lost your devices in a fire you still can’t access it whether it’s running or not. When you replace your device you can then connect to your server, but I can simply download my data again. HyperBackup Explorer is available for every platform and can do a full restore back to a NAS, or individual file downloads for anything else.


  • I felt this “prison” very strongly with iCloud. Don’t get me wrong, I think iCloud functions exceptionally well. It’s an extremely well integrated cloud and works seamlessly with all Apple products. It’s just that after a while I start to realize just how much of my life was sitting on Apple servers and what a dependency I had on Apple, hoping they are the good guy (narrator: they were not, in fact, the good guy) or at least, not as bad as the next best option (I feel Google has legitimately become evil at this point). I was constantly reading about security and getting myself worried, etc.

    Finally I just bought a NAS. Synology is my current choice, but use whatever you prefer. A NAS can replicate anything the “cloud” can do, it’s faster, it’s safer, it doesn’t rely on the good graces of any cloud provider. YOU hold the access to your data. As it should be. I still use the “cloud” for my backups with HyperBackup sending encrypted backups to Wasabi, but that is a different matter. Even if Wasabi decided to be evil, my data is encrypted before it ever leaves the NAS and Wasabi could never see my raw data like Apple/Google can.

    The only thing holding people back from this, I guess, is price. Apple charges $0.99/month for 500gigs, while just the NAS itself with no drives will cost you several hundred. But man, not being worried about the latest cloud drama, government overreach, privacy scandals, etc is worth every cent. A Synology NAS with Tailscale is just about the safest place to put my data. All the Snyology mobile apps even pass the gf test for features and ease of use. I recommend a small 2-bay NAS to everyone I can.

    Turn off the cloud, and take your data back.



  • Most people don’t understand what this is or why it’s important. And that’s not their fault. The kneejerk reaction to having data collected is justified due the amount of companies who abuse it. I mean the amount of stuff you have to turn off (and block the stuff you can’t turn off) just to use Windows in a reasonable manner is insane.

    I don’t fault people for reacting to this news, even though it’s not even really news. Developers need to know how people use their products if they want to make them better. And it’s opt-in, which is the right way to do it. 1Password certainly knows this and the fact they’re trying to be so transparent shows that they know they need to prove what they claim.

    1Password has built a lot of trust with it’s users over the years. There was some controversy over switching to a subscription model, but realistically $3.50/month to have the most important data you possess hosted securely (and they’ve been super transparent about that security too) seems like a no-brainer. To my mind, 1Password isn’t going to do anything to jeopardize their place in the market when there are free and self-hosted services out there. Probably they want to use their app, which is already the best of any password manager I’ve ever used, to be the thing that sets them apart from the competition. And to do that, they need to know how people use it to know what could be better.


  • At this point it’s not even about the API changes anymore. Spez would need to be replaced to even consider it. He’s shown what he thinks of the community, he’s made a tour of all the tech news sites outright lying and misrepresenting how users feel, he’s killed several small businesses for app developers, and is currently authorizing the removal of entire teams of mods (and locking their accounts).

    All of the problems with Reddit start at the top. No band-aids are going to fix that problem. Spez is the disease, and Reddit is the rot that follows. Twitter can never recover under Elon, and Reddit will continue to decline under Spez.

    I’m out. If any Lemmy/kbin admin pulls some shit like Elon or Spez, you just move to another instance. I’m done with the Silicon Valley style “burn it down for the payday” mind set because VC firms have the CEO by the balls.



  • That’s a fair point that I didn’t consider - saving something you’ve downvoted. It’s not something I’ve ever done and it didn’t even cross my mind. You’re right that there isn’t a specific save function, and the Favorites feature is limited in this case. Also the boosts button in my profile is broken (gives me an error) so I can’t keep track of what I’ve boosted, currently.

    Having a separate space that isn’t tied to either of this would be more ideal. I’ve mostly been using upvotes sparingly, and boosts more liberally, in order to keep my Favorites clean. I understand boosting ties a thread publicly to my username so there may be things you’d want to upvote but not have associated with you to the general public, but in that case your Favorites would get messy.



  • Thank you for the clarification there. I hope you don’t mind having this conversation with me, I’m learning a lot by interacting with people on this topic. I don’t want you to feel like I’m arguing with you though. So the GDPR seems fairly bullet proof, but it only applies within the EU. So how about a scenario like this:

    Your instance is hosted in the EU and has the full protection of the GDPR. My instance is hosted in the US where the GDRP does not apply. Your instance federates with mine. I federate with Meta. Meta now has your data but they didn’t get it from a GDPR protected source. You consented to give it to me, and I consented to give it to them. They have no obligation to uphold the GDPR because they’ve had no interaction with your instance whatsoever, they’ve simply accepted what I gave them and that transaction occurred within the jurisdiction of the US.

    Maybe the GDPR still works here, I don’t know. But I guess my point is that if I can come up with endless scenarios like this, lawyers can too, and they know infinitely more about the law than I do. Hell, they can even come up with their own interpretations of law and act on them for years, only changing their practices when they’re forced to by someone actually suing them. Which by then they’ve already collected and sold millions worth of data.


  • Thank you for your clarification! I don’t know any of the legal specifics of this stuff and I very much appreciate you taking the time to help educate me and anyone else who needs it. I can only give a conceptual argument based on the history I’ve seen with these companies, but not any sort of specific knowledge of law.

    The gist of what you’re saying, and what we’ve actually seen play out recently, is technically they shouldn’t be able to do this, but they’re going to lawyer it in such a way that they’ll get away with it unless/until someone actually sues them which is prohibitively expensive. We have recently seen class action suits against Meta, but realistically the damage has already been done, the money has already been made, and they go on with finding the next cash cow. Even a multimillion dollar settlement is a drop in the bucket, simply the cost of doing business for these people.


  • Yes, this is exactly the sticky issue we get into. And I’m wondering if lawyers would be able to make a case that using ActivityPub alone automatically gives your consent to have your data exist on an instance outside your own. Once they have data you’ve consented to give they can do with it as they please, essentially arguing you’ve become a consenting party when you consented to federation. I don’t know the GDPR well enough to have any answers, but you can bet Meta lawyers do.

    I don’t think Facebook would be having high level NDA-protected talks with Mastodon people if they weren’t trying to work all this out. And by work out, I mean how to monetize/data mine. I’ve been talking about this with people all day, many of whom didn’t see a problem with this, but eventually all of them have had the lightbulb turn on when they realize the potential abuse Meta could do with/to ActivityPub.

    If, by some miracle, Meta wants to be the good guy for a change, let them prove it. I would love to see defederation by default, and let Meta prove they’re trustworthy to federate to. And even then, have a really itchy defederate trigger finger if they even hint at pulling another Cambridge Analytica fiasco. But getting everyone on-board with that is probably impossible, especially if Meta starts throwing money around.


  • What I’m taking issue with is essentially the same thing that is getting Reddit into hot water. Spez is acting like all the content on Reddit is exclusively his. And legally, it probably is, since it exists on his servers. Now if you extrapolate that out to Meta on ActivityHub, any instance that federates with them immediately puts all of your content directly onto Meta’s servers. Once it’s in their possession, it’s legally theirs to do with as they please. If they want to pull a Facebook or Reddit, using your data, they can with no way for you to opt-out. Sure, nothing is stopping people from doing it already, but Meta does not have your best interest in mind. Ever. They’ve shown it again and again. So I think people are preemptively wanting to cut off this spigot of user data to Meta because their abuse of it is a matter of when, not if. Any other company might deserve the benefit of the doubt, but Meta? We know who they are already.

    Also, as I said elsewhere, Meta could already use a bot to scrape Lemmy instances, but you can’t sell a bot to investors. But you can sell a platform. Meta will build a slick platform to sell to investors and sit back while federation fills up their instance with data which they’ll turn around and sell the same way they do on Facebook. And the insidious part of it is that they’ll take your data even though you didn’t use their platform. Right now I can decide not to be data mined by Meta simply by not using Facebook. To do that here if instances start federating your data onto Meta servers, you’d have to not use ActivityPub at all. Either that or the fediverse fractures into Meta and not-Meta, which also sucks.

    This is really a lot more than simply setting up an RSS feed.


  • it’s either about ruining the ethos, stealing the data and/or changing the protocol.

    Honestly, it’s probably all 3 and more we haven’t even though of yet. I don’t think anyone could have predicted all the scandals Facebook has been involved in regarding misuse of user data, and that was just on their own platform. ActivityPub literally hands them the keys to the castle. Add in all the toxic political stuff and… it just makes my head hurt.

    Anyway, I appreciate having the conversation with you. Discussing it has helped solidify my feelings about it.


  • You’re right of course. People will flock to Meta, it will probably become the poster boy of the Fediverse over a few years, and then little by little the evil will creep in until it’s so established we just accept it, same as we’ve done with Facebook. The terrible thing is that it will not be something we can just op-out of. I can chose not to use Facebook. With this situation, I would have to chose not to use the entire ActivityPub protocol, not just Meta’s platform.

    It’s a disaster waiting to happen. Like you said, I don’t think we can do much, and even if we try, it’ll fracture the whole fediverse concept. But when you ask “Why are people concerned about Meta using ActivityPub?” this is why.


  • Sure, but you can’t get investors interested in a bot. You can sell them a platform though. Meta will make the flashiest UI the fediverse has ever seen and sell that to investors, while harvesting and selling everything on the fediverse whether you use their platform or not. The only possible way to keep your data out of Meta’s hands is to defederate anyone and everything associated with them. I know it sounds tinfoil hat, but honestly evaluate how Facebook does business and then imagine how ripe ActivityPub is for that sort of exploitation. If I used Facebook I have agreed to allow myself to be data mined, but if I use kbin I have not agreed, and yet, Meta can still do it if even one mutual server has agreed (been paid) to federate to both platforms.


  • I feel a little lame quoting myself, but I was just having this discussion elsewhere so I’m just going to copy/paste my thoughts rather then thinking of a different way to say it this time.

    Say you have 10 servers. 7 are Lemmy, 3 are kbin. Great, each admin has control over those servers. Then you have Meta. They’ll run 1 huge server. When the 10 other servers enable Federation, Meta now has 10 servers of content that isn’t even on their own platform that they can sell. Your data will literally exist on the Meta server because your data is not contained within your instance/platform once it’s Federated. Meta can then harvest the entire Fediverse for data like this. It’s like an absolute wet dream for them. They don’t even have to coax people to use their own platform!

    If your instance has defederated from Meta, but is federated with an instance that does federate with Meta, then Meta still has access to all your data through that mutual server. So not only would people have to defederate from Meta, they’d have to defederate with anyone who does federate with Meta. If everyone isn’t on board with this, it’ll cause a huge fracture to form.

    Make no mistake: Meta wants to sell your data. They know all it takes is one server to federate with them and they’ve unlocked the entire fediverse to be harvested. I would not be shocked to see large amounts of cash flowing in exchange for federation rights.

    Meta must be defederated the second they so much as dip a toe into the Fediverse or everything you’ve ever done, or do, on any ActivityHub platform will be scooped up and sold.

    I’ll just add that Meta will state that anything on their server is their property, and Federation will put your data directly on their server, even if you’re not a member of their platform.


  • The problem is that the blocking will have to be layers deep. If your instance has defederated from Meta, but is federated with an instance that does federate with Meta, then Meta still has access to all your data through that mutual server. So not only would people have to defederate from Meta, they’d have to defederate with anyone who does federate with Meta. If everyone isn’t on board with this, it’ll cause a huge fracture to form.

    Make no mistake: Meta wants to sell your data. They know all it takes is one server to federate with them and they’ve unlocked the entire fediverse to be harvested. I would not be shocked to see large amounts of cash flowing in exchange for federation rights.