Recent searches
Search options
okay but fr, I don't see why this is shocking news.
#mastodon, by default, works under the assumption that every instance is good unless proven otherwise. this is also true for many other Fediverse software.
the result is that anyone can get a new domain and mastodon will presume they're a new friendly neighborhood instance. most instances block both gab dot com and gabfed dot com for this exact reason.
(1/2)
https://wedistribute.org/2023/12/authorized-fetch-circumvented
@Yuvalne It's inaccurate and disingenuous to call this "authorized fetch circumvented" — it suggests there's something flawed with #authorized_fetch, when there's no way any system would miraculously know to block a different domain because it happens to be used by the same person as a domain that is already blocked.
This is just the same whackamole problem that presents itself with all blacklist rather than whitelist systems, not a problem with #authorizedFetch.
@tokyo_0
Was wondering about your take on this. The chatter going round these parts seems to suggest two things: 1) It's still worth it to advocate for AF, which at least lifts the low-hanging fruit higher 2) Ultimately, true safety awaits us in an allow-list based federation. What do you think?
@Yuvalne
@ophiocephalic 1 - yes, 2 - not so sure about that. I think it's best to let individual instances decide rather than advocate for one approach everywhere. But one thing that is becoming apparently me is the need for a consistent place on an instance (like the about page) or a reference somewhere for these choices instances are now having to make, like whether to federate with Threads, what level of authorization to use, whether to blacklist or whitelist etc. @Yuvalne
@ophiocephalic I think whitelisting might be a good choice for instances that have a focus on serving particularly vulnerable communities where abuse is a persistent problem. For general purpose instances I don't personally think it's the right choice. You're basically talking about pulling up the drawbridge to small independent instances, which isn't what all this is supposed to be about. @Yuvalne
@ophiocephalic It would still be building in exclusivity, because then what if you're not associated with the fedifam? I don't think whitelists are the way to go (outside of vulnerable communities). Yes, there's overhead in not using a whitelist... yes, there's overhead in not just signing up with Threads/X etc. There's an overhead in the whole thing. The point is it's being done to achieve something better... i.e. the overhead is worthwhile. @Yuvalne
@tokyo_0 @Yuvalne
The answer to your question is the caracol. Here's a further elaboration. This is a longer one, but there's "Meta is coming" material at the beginning which is now redundant, so that can be skipped: https://kolektiva.social/@ophiocephalic/110980369577922721 (edit: corrected link)
tldr: Fedifams then form trust-treaties with other fedifams which ease federation out from the fam. The treaties can have their own terms, e.g. probationary or limited federation
@ophiocephalic I think the kind of cooperative groups you're talking about are a good idea, and if they individually (in those groups) decide to use a whitelist that's their prerogative. I just don't think advocating whitelists as a fediverse default is the right approach. @Yuvalne