• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: July 23rd, 2023

help-circle

  • The metadata in the headers can be avoided using Memoryhole and similar protocols which embed the headers inside the encrypted payload. The problem is again barrier to entry. Low-tech users generally can’t even handle app installs on desktops.

    When you say “worry”, that’s not the right word for it. My boycott against Google is not fear-driven. I will not feed Google anything it can profit from as an ethical stance. Even if an expert linux tor user were on Google, I’m not sure we could exchange email in a way that ensures Google gets no profitable data. If we use PGP coupled with Memoryhole to strip out the headers, I’m not sure Google would accept a msg with a missing or bogus From: header. But if so, Google still possibly learns the user’s timezone. Though that may be useless if Google learns nothing else about that user. But we’re talking obscure corner cases at this point. Such an expert user would have no Google dependency anyway.

    MS/google-dependent friends are generally extremely low-tech. They don’t know the difference between Firefox and the Internet. They don’t know the difference between Wi-Fi and Internet. Linux – what’s linux? They would say. At best, they just think of it as a mysterious nerd tool to be avoided. So what can I do wholly on my end to reach them via gmail without Google getting a shred of profitable data? Nothing really. So I just don’t connect directly with a large segment of friends and family. Some of them are probably no longer reachable. Some are in touch with people who connect to me via XMPP, so sometimes info/msgs get proxied through the few XMPP users. It’s still a shitshow because Google still gets fed through that proxied inner circle of friends and family. In the past when someone needed to reach me directly, they would create a Hushmail or Protonmail mail account for that temporary purpose (like coordinating a trip somewhere). But that option is mostly dead.

    I just had to reach out to plumbers for quotes. All of them are gmail-served. All I could do is refuse to share my email address and push them to use analog mechanisms. They are not hungry enough for business to alter their online workflow or create protonmail accounts.


  • That’s exactly what I did with hushmail. I would tell low-tech folks to get a hushmail account then I would use hushtools.com to do all the key management, putting my key on the keyring and grabbing their key. So the other person did not need to know anything or take any special steps. That was best option of my time. But last time I checked hushmail was still entirely non-gratis.

    Protonmail emerged when HM became non-gratis and messed with hushtools. But PM requires every one of their own users to do key management which creates a barrier to entry. I would have to walk a PM user through adding my key to my record in their address book and walk them through sending me their key. That effort is a show stopper for many. I might as well walk them through setting up a PGP-capable MUA. But then if they keep their gmail or MS acct the metadata still feeds those corps.



  • I give out my XMPP address and offer Snikket accounts. Some go along with it and some do not. I lost touch with some friends. Some people are in contact via phone but that’s not ideal some connections are lost as phone numbers change.

    I used to push some people toward Hushmail until they dropped the gratis plans. Then for a while I pressured people onto Protonmail but then distanced myself from PM when the brought in Google reCAPTCHAs and killed off Hydroxide. Tuta is a non-starter because Tuta’s variety of e2ee is incompatible with open standards, thus forcing me to periodically login to a web UI (also due to them sabotaging their Android app by way of forced obsolescence pushed in the most incompetent way).

    So it’s a shitty state of affairs. 2024 and simply sending a msg to someone has become a total shitshow.





  • Perhaps, but your reasoning is a bit too vague to be convincing. So what am I missing? Beehaw registration is open. I had no problem getting an account there; over Tor in fact. I don’t recall if they were using the Q/A interview field back when I signed up. OTOH that screening mechanism has become quite typical these days.

    W.r.t defederation, I only know that Beehaw defederated from centralized instances, which is fair enough from the PoV of those embracing the decentralization principle. I skimmed through their several page long policies which boil down to “don’t be mean”. So I would guess they defederate from hate-rich nodes - not sure. What specifically do you have in mind?

    The Cloudflare instances I listed are walled gardens because they restrict access hard and fast to various demographics with arbitrary exclusion of various groups of people (which IMO is an even harsher form of walled garden than some of the corporate walled gardens). I would not call having a code of conduct indicative of a walled garden, otherwise we would be calling just about every single instance a walled garden and thus not a useful place to draw a line.


  • If you oppose tech giants, then of course these Cloudflare instances are unsuitable and should be avoided:

    • lemmy.world ← Cloudflare
    • sh.itjust.works ← Cloudflare
    • zerobytes.monster ← Cloudflare
    • lemmy.ca ← Cloudflare
    • lemm.ee ← Cloudflare
    • programming.dev ← Cloudflare
    • lemmy.zip ← Cloudflare

    This has nothing to do with your question about blocked threads, but I gather that you want to avoid the enshitification brought by tech giants, and you are on lemmy.zip. Cloudflare is a walled-garden and exclusive club. Not everyone can access Cloudflare-jailed content. CF also sees your username and password. So I suggest choosing an instance other than the above, and favoring communities that are also not on those instances.

    Some free-world non-walled-garden instances are: