• 21 Posts
  • 121 Comments
Joined 2 years ago
cake
Cake day: June 28th, 2022

help-circle



  • I would love to put my code where my mouth is. It’s on my long list of projects. The defects I describe in this thread probably do not justify a forking effort and I’m not enthusiastic about learning JavaScript, which is not just a shitty language but also it’s the wrong tool for the job. Although Rust is probbly a decent choice for the backend (but Ada would probably be better).

    The biggest deficiency is that there is no decent threadiverse desktop client. I am just baffled that a majority of threadiverse users are using phones. There are like a dozen different mobile clients to choose from and not a single decent client for the desktop. So if I build anything it will be a proper client for a sensibly sized screen (non-portable).

    As for fixing the defects exposed in this thread, the upstream Lemmy devs are rather stubborn but I think devs of an existing fork (Lenny?) might be more open to improvements.

    Who would use a well-designed variant? You can see from the thread that millennials & gen Zers actually expect designs that prioritise the anti-bot agenda above the needs of both the direct user (the admin) and the end user. A majority of the population does not see how Google, Spamhaus, and Microsoft have broken email. This threadiverse crowd entered after email was already ruined. The emotional attachment to gmail (calling it what it is… there is no generic netneutral email infra anymore) trumps software that avoids the dog food problem. I might be the sole user of such software, especially if I also code it to enforce decentralisation (which would necessarily include anti-centralisation features that would be unpopular).


  • to have not actually had an account yet makes it pretty obvious when you try to login and fail that the application has not been accepted.

    That would be a blunt non-transparent/non-specific message to send. It’s not obvious /why/ the reg was denied.

    If the instance admins wanted to talk about it, they’d have emailed you; or published some means of contacting them outside lemmy.

    Lemmy software is designed as comms software itself with email address disclosure optional. An admin can make it mandatory, but Lemmy’s design should cater for the email-free option regardless of how an admin toggles that setting.

    I wouldn’t expect to receive the reason for refusing the application via any other means than the email I’d provided in that application.

    I get that. People are accustomed to relying on email. But this is not an excuse for software deficiencies.

    That’s the entire purpose of providing an email; so you could be contacted when/if there are updates to your applications status.

    That can be accomplished without email. Email is a convenience at best. Some users have decided email is an inconvenience and do not use it. And Lemmy supports that – partially.

    Let’s be clear about who the software is expected to serve. The comms feature of giving feedback to users without an email account is not to directly serve the end user. Software should serve its user (the Lemmy admin in this case). A Lemmy admin does not want to take the time to express themselves on their decision only to have their msg blackholed. They don’t necessarily know that an email address is disposable. The end user benefits by extension, but it’s about creating software that serves the direct user of the s/w. If you’re an admin who makes email optional, you might still want to be able to get a msg to a user.

    The core purpose of the Lemmy platform is communication. So relying on out-of-band tech is kind of embarrassing. Think of it from the dog food angle. An in-band msg has the advantage that the admin has more control (e.g. they can edit a msg later and they can know whether the msg has been fetched). Lemmy relying on email as a primary means of comms is a dog food problem.

    The only sensible concession I would see to make is that there are a hell of a lot more important things for Lemmy devs to work on because the software has a lot of relatively serious defects. I’m talking about how great software would be coded, but extra diligent handling of denials should have a low triage in the big scheme of the state of where Lemmy is right now.



  • I’m not seeing how this is a good justification for login refusals to lack information and transparency. When you are denied a login, a well designed system tells you why you are denied and the rationale the server gives you should either include enough info to imply a remedial course of action (e.g. “re-apply and tell us more detail about why you like our node”), or at least make it clear that the refusal is final for reasons that are non-remedial. Users should not have to guess about why they are denied a login when countless things can go wrong with email at any moment. The denial rationale should be emailed and also copied into the server records to present upon login attempts.

    The only exception to this would be if they really believe they are blocking a malicious user. Then there is some merit to being non-transparent to threat agents. But the status quo is to treat apps rejected for any arbitrary reason as they would an attacker.







  • I don’t want to be an enabler of the drivel, so without posting the full URL to that article that’s reachable in the open free world, I will just say that medium.com links should never be publicly shared outside of Cloudflare’s walled garden. I realise aussie.zone is also in Cloudflare’s walled garden, but please be aware that it’s federated and reaches audiences who are excluded by Cloudflare.

    The medium.com portion of the URL should be replaced by scribe.rip to make a medium article reachable to everyone. Though I must say this particular article doesn’t need any more reach than it has.


  • A website isn’t a common carrier

    We were talking about network neutrality, not just common carriers (which are only part of the netneutrality problem).

    you cannot argue that a website isn’t allowed to control who they serve their content to.

    Permission wasn’t the argument. When a website violates netneutrality principles, it’s not a problem of acting outside of authority. They are of course permitted to push access inequality assuming we are talking about the private sector where the contract permits it.

    Cloudflare is a tool websites use to exercise that right,

    One man’s freedom is another man’s oppression.

    necessitated by the ever rising prevalence of bots and DDoS attacks.

    It is /not/ necessary to use a tool as crude and reckless as Cloudflare to defend from attacks with disregard to collateral damage. There are many tools in the toolbox for that and CF is a poor choice favored by lazy admins.

    Your proposed definition of net neutrality would destroy anyone’s ability to deal with these threats.

    Only if you neglect to see admins who have found better ways to counter threats that do not make the security problem someone elses.

    Can you at least provide examples of legitimate users who are hindered by the use of Cloudflare?

    That was enumerated in a list in the linked article you replied to.


  • Interstate commerce is governed by the federal government.

    Not exclusively. Interstate commerce implies that the feds can regulate it, not that they have exclusive power to do so. We see this with MJ laws. The fed believes it has the power to prohibit marijuana on the basis of interstate commerce, but in fact mj can be grown locally, sold locally, and consumed locally. Just like internet service can be.

    Suppose you want to buy a stun gun in New York. You can find stun guns sold via mail order from another state (thus interstate commerce), but New York still managed to ban them despite the role of interstate commerce.

    A close analog would be phone laws. The fed has the TCPA to protect you from telemarketers, but at the same time various states add additional legal protections for consumers w.r.t. telemarketing and those laws have force even if the caller is outside the country. (Collecting on the judgement is another matter).

    Schools now require the internet for kids. ISPs being allowed to be anything more than a dumb pipe means they have the control of what information is sent across their network.

    Education is specifically a duty of the state set out in the Constitution. If you can point to the statute requiring schools to provide internet for students, I believe it will be state law not federal law that you find.

    The internet is now a basic human right in the United States for numerous reasons, one of which is #2.

    I don’t quite follow. Are you saying that because education is a human right, that internet access is a human right? It doesn’t work that way. First of all, people who do not exercise their right to an education would not derive any rights implied by education. As for the students, if a state requires internet in education that does not mean that internet access becomes a human right. E.g. an Amish family might lawfully opt to homeschool their child, without internet. That would satisfy the right to education enshrined in the Unified Declaration of Human Rights (UDHR) just fine. A student attending public school in a state that mandates internet in schools would merely have the incidental privilege of internet access, not an expanded human right that students in other states and countries do not have under the same human rights convocation. If your claim were true, it would mean that California (for example) requiring internet provisions for students would then mean students in Haiti (a country that also signed the UDHR that entitles people to a right to education) or Texas would gain a right to internet access via the state of California’s internal law. A state cannot amend the UDHR willy nilly like that.

    Also, if internet could be construed as a human right by some mechanism that’s escaping me, the fed is not exclusively bound by human rights law. The fed signed the treaty, but all governments therein (state and local) are also bound to uphold human rights. Even private companies are bound to human rights law in the wording of the text, though expectation of enforcement gets shaky.

    ISPs cross state boundaries and should be governed by interstate law.

    I subscribed to internet service from a WISP at one point. A dude in my neighborhood rolled out his own ISP service. His market did not even exceed the city.

    The local ISPs have ISPs themselves and as you climb the supply chain eventually you get into the internet backbone which would be interstate, but that’s not where the netneutrality problem manifests. The netneutrality problem is at the bottom of the supply chain in the last mile of cable where the end user meets their local ISP.

    Also with MJ laws, several states have liberated the use of marijuana despite the feds using the interstate commerce act to ban it.

    An ISP being a business, especially a publicly-traded one, will sacrifice all manner of consumer/user-protection in order to maximize profit. And having the states govern against that will lead to a smattering of laws where it becomes muddy on what can actually be enforced, and where.

    Sure, and if the fed is relaxed because the telecoms feed the warchests of the POTUS and Congress, you have a nationwide shit-show. A progressive state can fix that by imposing netneutrality requirements. Just like many states introduce extra anti-telemarketing laws that give consumers protection above and beyond the TCPA.

    And having the states govern against that will lead to a smattering of laws where it becomes muddy on what can actually be enforced, and where.

    That’s a problem for the ISPs that benefits consumers. If ISPs operating in different states then have to adjust their framework for one state that mandates netneutrality, the cost of maintaining different frameworks in different states becomes a diminishing return. US consumers often benefit from EU law in this way. The EU forced PC makers to make disassembly fast and trivial, so harmful components could quickly and cheaply be removed before trashing obsolete hardware. The US did not impose this. Dell was disturbed because they had to make pro-environment adjustments as a condition to access to the EU market. They calculated that it would be more costly to sell two different versions, so the PCs they made for both the EU market and the US market become more eco-friendly. Thanks to the EU muddying the waters.

    The right to repair will have the same consequences.


  • On a serious note, plenty of people here surely know what net neutrality is. Net neutrality is the guarantee that your ISP doesn’t (de-)prioritize traffic or outright block traffic, all packets are treated equally.

    That’s true but it’s also the common (but overly shallow) take. It’s applicable here and good enough for the thread, but it’s worth noting that netneutrality is conceptually deeper than throttling and pricing games and beyond ISP shenanigans. The meaning was coined by Tim Wu, who spoke about access equality.

    People fixate on performance which I find annoying in face of Cloudflare, who is not an ISP but who has done by far the most substantial damage to netneutrality worldwide by controlling who gets access to ~50%+ of world’s websites. The general public will never come to grasp Cloudflare’s oppression or the scale of it, much less relate it to netneutrality, for various reasons:

    • Cloudflare is invisible to those allowed inside the walled garden, so its existence is mostly unknown
    • The masses can only understand simple concepts about their speed being throttled. Understanding the nuts and bolts of discrimination based on IP address reputation is lost on most.
    • The US gov is obviously pleased that half the world’s padlocked web traffic is trivially within their unwarranted surveillance view via just one corporation in California. They don’t want people to realize the harm CF does to netneutrality and pressure lawmakers to draft netneutrality policy in a way that’s not narrowly ISP-focused.

    Which means netneutrality policy is doomed to ignore Cloudflare and focus on ISPs.

    Most people at least have some control over which ISP they select. Competition is paltry, but we all have zero control over whether a website they want to use is in Cloudflare’s exclusive walled garden.




  • It’s worth noting that the FCC’s so-called “Open” Internet Advisory Committee (#OIAC) tragically gives two seats on the board to:

    • Cloudflare
    • Comcast

    Both of whom are abusers of #netneutrality, especially Cloudflare. A well-informed Trump-free administration should be showing Cloudflare and Comcast the door ASAP.

    Sure, Trump would just bring them back. But it’d at least be a good symbolic move.

    Indeed, as someone else pointed out, the needed change should come from pro-netneutrality legislation. And the legislation needs to be broad enough to block Cloudflare’s broad discriminatory arbitrary attack on access equality, not just tinker with speeds at the ISP consumer level.


  • It’s not a topic issue. The discussions are largely around platforms and custodians. They bring lots of ethical problems. Anything on this page is relevant to personal finance:

    https://git.disroot.org/cyberMonk/liberethos_paradigm/src/branch/master/usa_banks.md

    If someone managing their personal finances wants to ask how to avoid the bad players and still achieve their goals, it’s relevant. But Bogleheads is not keen. I don’t recall the particulars (it was over a decade ago) but it wasn’t topic related. It was just a conservative moderator or crowd who don’t want ethics getting in their way or cluttering their view.

    Tor. I wonder if that is a more fraud or trolling concern. Or maybe for financial houses more of a US law concern.

    Certainly not a legal issue in the US. Tor works ATM on Bogleheads. Cloudflare is often chosen out of ignorance by admins who don’t even know what Tor is, or at least don’t know that most Tor traffic is legit. It’s usually a lazy move. I don’t recall the details about Boglehead’s tor hostility but they’re reachable over Tor right now.


  • I used the Bogleheads forum over 15 years ago. It eventually turned sour and I left.

    One of my issues is that the banking and finance sector and consumers engaging in it are conservatives. So if you want to ask a question like “where can I find a relatively ethical bank/investment firm that does not invest in fossil fuels?” it’s alienating to right-wingers to consider ethics. They don’t see the ethical problems that plague the industry and at the same time they don’t recognize the concept of ethical consumption. They just expect everyone to look after number 1. Bogleheads had little tolerance for politics, which inherently forces a narrow discussion of what financial products bring what value to the selfish types of consumers who neglect ethics. They don’t want someone exposing JP Morgan’s investment in private prisons or fossil fuels, or even how JPM Chase has a sneaky anti-Tor policy to discover which of their customers use Tor. Bogleheads did not kill my account… it was just that ethical topics either had crickets or hostility, and censorship. IIRC what ultimately drove me off was Bogleheads started blocking Tor or using Cloudflare or something that demonstrated disrespect for digital rights. But apparently they re-liberated their forums since it seems Tor is permitted again.



  • There is [email protected], which would be somewhat related to personal tax. There is also a Lemmy instance dedicated to finance. I don’t recall it off the top of my head but the instance joined Cloudflare so I immediately abandoned it.

    For the record, lemmy.ml is a terrible place to discuss tax or personal finance. The admins of that instance treat personal finance questions as spam and even go over the heads of moderators to censor such discussion because of their political baggage. IMO sopuli.xyz might be a good place to create an account and create finance communities.



  • You’re talking about Republicans but then saying “state” is a generic word.

    I’m saying when I personally used the word “state” in the bit that you quoted, I was using the generic meaning of state. It’s an overloaded word (multiple meanings). What I mean by the “generic meaning” is that I was not referring to the state level jurisdiction. E.g. if the context were Texas, my use of the word “state” was not the state of Texas in that quote. The word state can simply mean government at any level. A federal government (aka nation state) can also generically be referred to as the “state”, even though it’s not state as the jurisdictional construct that composes the United States.

    Likewise, even a local government like a city or county can be generically called the “state”. So to answer your question, the state of Texas can ban welfare checks from the state level in the whole state of Texas, but a lower (non-republican controlled) government can circumvent that by offering food and shelter instead of checks.

    Welfare can happen at any level. I went to the emergency room and racked up a 4-figure hospital bill, and said “I have no insurance or income”. It was no problem… the county had financial aid that I qualified for. The county paid the bill for me, not the state¹ or fed.

    1. in that case, I mean state in the sense of a jurisdictional construct.