Matt Hamilton [Maryland] @[email protected]

The start of Burr, a federated social networking server: https://github.com/Eriner/burr

Early days; it doesn't do anything yet.

The first milestone will be to add a test suite for Mastodon/Pleroma API implementation. After that, the pain and suffering begins.

Down the road I'd like to implement a GraphQL API to make things easier for FE developers.

"We're all gonna die!!!"

https://extinctionclock.org/

Welcome to the #racklife, @alex

Not pictured are two additional half-size racks that hold switches and two additional SFFPCs.

The sad state of (the persecution of) American investigative #journalism

All of the counter-arguments in this thread can also be applied to the email account and whatever its recovery methods are.

Email is a lot of extra bullshit that isn't needed when we already have a federated system. While the identity portion (or lackthereof) could be improved within the spec, nobody wants to set up an SMTP relay/server/account.

I'd rather improve the experience of server admins to encourage more people to run their own servers.

Another counter-argument is that people lose their 2FA device *and* their codes. I know that 2FA deactivation is a not infrequent moderation task.

On this point, I'm willing to concede that, assuming warnings are prominent and thorough (same as is with BIP seed generation) at some point you can't fix stupid. Others who are careless but not stupid may make the mistake, once.

"We're serious. Go place your written codes somewhere safe. Your account is locked for 15 minutes to allow you the time"

A counter-argument to this is that administrators with open registrations may wish to restrict account creation for a specific person/group.

While domain/email blocks is an obvious "solution", at the end of the day what are you going to do, block @gmail.com? It's an attempt to solve the problem backwards.

The solution isn't domain-based registration restrictions but moving to some invite-only or other externally managed registration system, a la QUIZCHAs.

Considering just not having email in #burr. I can only think of two cases where email-based account recovery is required:

1: The account creator lost the password

2: The account is/was compromised and the creator must regain control.

1 is a problem you can solve server-side with an out-of-band identity source (email). However, doing this also introduces the inverse of 2 (if email is compromised).

Solution: prominent warnings, gen recovery codes on account creation. Email just isn't worth it.

And to be sure that this thread isn't misinterpreted: the denial of global leaders pushing for a "new world order" is just that; denialism. It isn't a "conspiracy theory" and it isn't "antisemitic".

Prepare for the real internet (hosting) schism: once the states begin making laws to set the rules.

Abandoning Sec 230 is abandoning the reason that every major internet company exists within the US.

Will California "go woke" by legislating that people can't say the no-no words?

Will California "go broke" after companies leave their state because they can't feasibly comply with whatever bullshit provisions the CA legislature dreams up?

Tune in next week to 1984: NetChoice vs TX to find out!

Here's my "receipt":

President Biden said, “There’s going to be a new world order out there, and we’ve got to lead it.”

ref: https://www.whitehouse.gov/briefing-room/speeches-remarks/2022/03/21/remarks-by-president-biden-before-business-roundtables-ceo-quarterly-meeting/

Fediblock.org, once one of the many #Lists, is a dead website.

This seems to be an archive of its content: https://schlomp.space/FediBlock/data

Here's the entry for NAS: https://schlomp.space/FediBlock/data/src/branch/main/web-344.json

I have no idea what they're referencing in the description.

This is their "receipt" where someone says NAS is "full of New World Order memes, which is an anti-semetic conspiracy theory": https://godforsaken.website/users/alex/statuses/104858542707683694

lol poa.st is blocked by 305 servers. I thought I was going to be able to crown us kings of the fedi, but no. Poa.st dunked on NAS almost 2x at 305 blocks.

Reminder for everyone out there: touch grass.

@alex gleasonator.com is only up to 141. Gotta pump those numbers up. Those are rookie numbers.

I found a site that collects and displays block rationale for fedi servers.

NAS posts are rejected by 157 servers: https://fba.ryona.agency/?domain=noagendasocial.com

#Twitter

Imagine this hypothetical:

An extranational lunatic petitions a security detail to fire a client.

Security detail says no.

*something*

Two days later the security detail's CEO fires the client.

Two weeks later the client's office is ransacked by a criminal.

--

The lunatic & security detail may or may not be involved in racketeering.

The criminal may or may not be (involved with) the lunatic or security detail.

I would imagine RICO Discovery is a real bitch.

So let me get this straight.

A deranged onliner petitions Cloudflare, a CDN and WAF, to drop kiwifarms.net.

CF releases statement saying "no".

Two days later someone (shareholders, board, payment gateways, etc.) sticks their hand up Matthew Prince's ass and operates him like a puppet to have Cloudflare fire kiwifarms.net as a customer.

Two weeks later kiwifarms.net is hacked via a combination of vulnerabilities that Cloudflare's WAF /may/ have previously been mitigating.

Wow.

I started to write the Group schema and then realized that it's probably smarter to just use Accounts as Groups, just adding "members" and "moderators" edges to the Account.

This way Groups can post publicly and federate all the same (can be blocked/silenced by other servers).

IDK, maybe this is an oversimplification that won't work out. #burr

Beyond feature parity with Mastodon, I'd like to add the following features to #burr which are NOT present in the current release of Mastodon:

* Public Timeline
* Groups
* Events
* Status Editing
* Roles
* Badges (roles, donor status, etc.)
* Emoji reactions (more than just "like")
* Quote Statuses (reblog/boost/retweet with comment)

And some further-out features:

* E2E DM Encryption (Axolotl ratchet or similar)
* Calling (Jitsi or Mumble integration)
* Whole-instance Search (Account Opt-in)