Today we're sharing the first in a series of three posts from our leadership team, starting with @mellifluousbox discussing our mission, and priorities for 2026.
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
you mean tor and VPN providers that spy on the people who use it because anyone using that it is flagging their activity as sensitive?
tor was started at the us naval research laboratory for dissidents in countries unfriendly to the usa
you think they don't have enough exit nodes to see what is going on?
and mastodon needs support
i'd almost (i said almost) support the idea of mandatory ccs on sign up with or without id laws
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
great
would you characterize yourself as the average mastodon user? or more broadly, the average social media user?
most people want to sign onto a server, browse, and post
that's it
you can't go after them for that, people don't have the bandwidth or time for the hassles
and we can't become a tiny whisper of a cryptic fringe to adhere to some unnecessary purity test
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
.onion doesn't use exit nodes but it uses rendezvous nodes
and nobody wants to kill tor, the intelligence services love it
the foolishness is people who think something built by the us govt is perfectly anonymous
it *is* anonymous. to most every other entity
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
zero argument
and if you make the services you talk about user friendly enough that the average social media user can point and click and zero hassle, even better
until then, some servers are stuck in unfriendly districts
and that's not their fault
the govt is at fault
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
understood
but we're now very far away from your average normie who just wants to see cat pictures
and that's where this topic truly lies
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
100%
and that's why we can't do purity tests on resistance
purity tests destroy effective resistance
effective resistance that isn't pure is not a betrayal
we resist how we can, in the ways we can
this isn't an argument against your words, i'm just harking back to the argument up higher
-
@ariarhythmic @benroyce @starlily Great, fascism will make good Mastodon instances have the same status as BitTorrent trackers and pirate streaming websites!
Well, the tracker I used to contribute for is still up even today, thus we may think disobedience is fine, they will not go for small instances. On the other hand, it's a false correlation: one thing is Crunchyroll, Netflix and other companies choosing not to go against small groups because they may die out of just from not getting enough donations, other thing is fascist governments. They are already going against individuals, people fear ICE, as an example.
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
i yearly enjoy the services that sometimes say happy birthday to me...
on the fake birthday i've been entering since forever
🤭
@benroyce @LukefromDC @mark @nitrml @meowki @iju @ariarhythmic LOL, yes. I am so used to fake birthdays that I have to make an extra effort to enter the correct one if needed.
I oopsied my birthday for an online plane ticket booking after 9/11. No issue. Got to fly as booked.
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
well yeah
and new gang recruits are asked to shoot someone in the head as they watch for much the same reason
neither of which tell us much about the topic here
-
@ariarhythmic @Mastodon @mellifluousbox
the problem isn't mastodon it's your govt
if mastodon servers don't implement age verification in those jurisdictions that make it law, those servers get shut down by that govt
so you're blaming the wrong entity
are you really asking servers to face legal punishment and then get shut down anyway?
don't get me wrong: be angry
*at your govt*
not mastodon
@benroyce @ariarhythmic @Mastodon @mellifluousbox No, they cannot get shut down by a government they're not operating under. If there's a threat, move legal operations & hosting out of the jurisdiction and obfuscate physical location of servers behind VPNs. Don't fucking comply.
-
@benroyce @ariarhythmic @Mastodon @mellifluousbox No, they cannot get shut down by a government they're not operating under. If there's a threat, move legal operations & hosting out of the jurisdiction and obfuscate physical location of servers behind VPNs. Don't fucking comply.
@dalias @ariarhythmic @Mastodon @mellifluousbox
that's not really true
for many countries you have to follow the laws of *both* your home country and the country where your server resides
of course that's not true for all countries
but if let's say you're a citizen of the germany and your server is hosted in another country, germany just goes after you, it doesn't care
"obfuscate physical location of servers behind VPNs"
no. that's no protection
-
@dalias @ariarhythmic @Mastodon @mellifluousbox
that's not really true
for many countries you have to follow the laws of *both* your home country and the country where your server resides
of course that's not true for all countries
but if let's say you're a citizen of the germany and your server is hosted in another country, germany just goes after you, it doesn't care
"obfuscate physical location of servers behind VPNs"
no. that's no protection
@benroyce @ariarhythmic @Mastodon @mellifluousbox None of that contradicts what I said. You don't run it as a citizen or resident of the hostile jurisdiction. You pass ownership to an entity in a safe location, and you put the fronting IP in a safe location. Physical servers can be somewhere else, but shouldn't be somewhere under the hostile jurisdiction unless you're confident there's no trail to them.
-
@benroyce @ariarhythmic @Mastodon @mellifluousbox None of that contradicts what I said. You don't run it as a citizen or resident of the hostile jurisdiction. You pass ownership to an entity in a safe location, and you put the fronting IP in a safe location. Physical servers can be somewhere else, but shouldn't be somewhere under the hostile jurisdiction unless you're confident there's no trail to them.
@dalias @ariarhythmic @Mastodon @mellifluousbox
if you're already in a safe jurisdiction, yes, get your servers out of a bad jurisdiction, absolutely
but if you're in an unsafe jurisdiction, it doesn't matter where your servers are. if they want to target you, they'll target you, and no amount of obfuscation will protect you from that
of course if you're a small fish doing small fish things, you'll probably be fine for a long time
-
@dalias @ariarhythmic @Mastodon @mellifluousbox
if you're already in a safe jurisdiction, yes, get your servers out of a bad jurisdiction, absolutely
but if you're in an unsafe jurisdiction, it doesn't matter where your servers are. if they want to target you, they'll target you, and no amount of obfuscation will protect you from that
of course if you're a small fish doing small fish things, you'll probably be fine for a long time
@benroyce @ariarhythmic @Mastodon @mellifluousbox You just make it so it's no longer you running it. It's been passed off to an entity legally incorporated someplace else, and your involvement is as a volunteer or contractor working with a foreign entity for which you have no authority to implement the type of "age verification" your government wants them to impose.
-
@benroyce @ariarhythmic @Mastodon @mellifluousbox You just make it so it's no longer you running it. It's been passed off to an entity legally incorporated someplace else, and your involvement is as a volunteer or contractor working with a foreign entity for which you have no authority to implement the type of "age verification" your government wants them to impose.
@dalias @ariarhythmic @Mastodon @mellifluousbox
so let's say i'm in the uk. you expect me to set up in let's say canada
under someone else's name? what? you have those kinds of connections?
nevermind the added cost
also the effort will trigger more interest in you than if you never tried it. when they find out you're just trying to avoid age verification they'll laugh
you think govts aren't used to this kind of intrigue from dealing with crypto/ gambling/ silkroad/ pedophile rings/ etc?
-
@iju @ariarhythmic @mellifluousbox
i have a better idea:
do what valve does
you need a credit card
they run a $0 authorization
*no id docs needed*
the server doesn't deal with sensitive data
even better:
now your cc is attached to your mastodon profile
your cc is right there for donating to the server later
as more people should be doing
snag:
germany doesn't consider a cc legally acceptable
but other jurisdictions do
Steam UK users will now need a credit card to access mature content due to the Online Safety Act
Valve recently put up a new support page, detailing the steps they've taken to comply with the UK Online Safety Act.
GamingOnLinux (www.gamingonlinux.com)
@benroyce @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron it is to utter idea, I don’t want to have amd I know a lot of people who doesn’t want to have credit cards and are completely ok with Debit Cards. 1. There are people who do not want to be formally in debt, 2. There are people who do not want to be formally in higher loan to salary ratio. (Yes when I was asking for mortgage, I got rid of CC, because it was literally increasing my debt to salary ratio even when it is not used, by its credit limits) and as last thing asking gamers (and yes gaming is addictive) when there are games with concept of in game payments for credit card is just wrong. It shall be regulated the same way as online gambling is.
-
@LukefromDC @benroyce @mark @nitrml @meowki @iju @ariarhythmic In case of mastodon you don’t need to possess ID, there are several KYC services, who verifies your customer and issue proof he is eg age verified. And you never posses any ID, CC etc. I would say this will be smaller burden (perhaps even cheaper) that setting whole payment infrastructure.
-
@benroyce @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron it is to utter idea, I don’t want to have amd I know a lot of people who doesn’t want to have credit cards and are completely ok with Debit Cards. 1. There are people who do not want to be formally in debt, 2. There are people who do not want to be formally in higher loan to salary ratio. (Yes when I was asking for mortgage, I got rid of CC, because it was literally increasing my debt to salary ratio even when it is not used, by its credit limits) and as last thing asking gamers (and yes gaming is addictive) when there are games with concept of in game payments for credit card is just wrong. It shall be regulated the same way as online gambling is.
@janantos @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
It's entirely possible to own a credit card and not use it
The point is to solve the problem of age verification without asking anyone's age, and using cc solves that problem
But you also want to solve the problem of addictive personalities who wind up stuck on gambling?
What
You ask far too much
Nothing can function in this world on this level of concern
Scope your concerns to reasonable goals please
-
@LukefromDC @benroyce @mark @nitrml @meowki @iju @ariarhythmic In case of mastodon you don’t need to possess ID, there are several KYC services, who verifies your customer and issue proof he is eg age verified. And you never posses any ID, CC etc. I would say this will be smaller burden (perhaps even cheaper) that setting whole payment infrastructure.
@janantos @LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
You're talking about decentralized identity
You can see vestiges of that in the project's history
So it looks like they abandoned that
Perhaps because it's not up to snuff yet?
But I don't know, I'm not up to speed
-
@benroyce @ariarhythmic @Mastodon @mellifluousbox You just make it so it's no longer you running it. It's been passed off to an entity legally incorporated someplace else, and your involvement is as a volunteer or contractor working with a foreign entity for which you have no authority to implement the type of "age verification" your government wants them to impose.
@dalias
Thank you for standing up for what is right. It is terrible seeing the excuses.
