Today we're sharing the first in a series of three posts from our leadership team, starting with @mellifluousbox discussing our mission, and priorities for 2026.
-
@benroyce @meowki @iju @ariarhythmic
1. Mastodon's code already includes a setting which server admins can enable to set a minimum age for their server, which will ask for a date of birth to be entered during sign-up. The date of birth is not stored, only checked once. This has been part of Mastodon's code since multiple months now: https://github.com/mastodon/mastodon/pull/34150
2. What they say in the blog is that they will audit the GmbH's own servers, which probably includes an audit of this feature.
3. The interesting stuff is what that "working group" will come up with.
@nitrml @benroyce @meowki @iju @ariarhythmic Age verification won't, of course, stop someone from setting up their own server.
... which, at least regarding the federation choices this little node will be making... Is enough of its own age-gating process that we will welcome all nodes regardless of age of their admins.
-
@nitrml @benroyce @meowki @iju @ariarhythmic Age verification won't, of course, stop someone from setting up their own server.
... which, at least regarding the federation choices this little node will be making... Is enough of its own age-gating process that we will welcome all nodes regardless of age of their admins.
@mark @nitrml @meowki @iju @ariarhythmic
which is great of you, thank you
...and your stance is dependent upon the legalities of your jurisdiction
so people who do enable the age verification are not assholes, they just don't want their govt coming after them
and your own govt may change its mind, then you have to think about it
the problem is govt
not mastodon admins
-
@mark @nitrml @meowki @iju @ariarhythmic
which is great of you, thank you
...and your stance is dependent upon the legalities of your jurisdiction
so people who do enable the age verification are not assholes, they just don't want their govt coming after them
and your own govt may change its mind, then you have to think about it
the problem is govt
not mastodon admins
@benroyce @nitrml @meowki @iju @ariarhythmic All of this is very good insight.
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
which is all fine and good, because you're talking tactics not emotional grand standing
what you won't do therefore is attack some admin of a server of thousands or more for doing what they *have* to do so the govt doesn't knock on their door
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
what do you think about my post above asking for a credit card?
it achieves the same effect, and no one is getting a credit card without id. no server is getting your id and the security hassle with that, and you're not revealing your id anymore than it already has been
the big benefit: with your cc already attached to your profile, donating to your server becomes a breeze. and more people should be doing that
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
i yearly enjoy the services that sometimes say happy birthday to me...
on the fake birthday i've been entering since forever
๐คญ
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
again that's all fine and good
but if you're asking a server to shut down with thousands of accounts when people can just enter a fake birthday it's far too dramatic
effective resistance is not about purity
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
you mean tor and VPN providers that spy on the people who use it because anyone using that it is flagging their activity as sensitive?
tor was started at the us naval research laboratory for dissidents in countries unfriendly to the usa
you think they don't have enough exit nodes to see what is going on?
and mastodon needs support
i'd almost (i said almost) support the idea of mandatory ccs on sign up with or without id laws
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
great
would you characterize yourself as the average mastodon user? or more broadly, the average social media user?
most people want to sign onto a server, browse, and post
that's it
you can't go after them for that, people don't have the bandwidth or time for the hassles
and we can't become a tiny whisper of a cryptic fringe to adhere to some unnecessary purity test
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
.onion doesn't use exit nodes but it uses rendezvous nodes
and nobody wants to kill tor, the intelligence services love it
the foolishness is people who think something built by the us govt is perfectly anonymous
it *is* anonymous. to most every other entity
-
@LukefromDC @meowki @iju @ariarhythmic @mellifluousbox @Mastodon @MastodonEngineering @Gargron
zero argument
and if you make the services you talk about user friendly enough that the average social media user can point and click and zero hassle, even better
until then, some servers are stuck in unfriendly districts
and that's not their fault
the govt is at fault
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
understood
but we're now very far away from your average normie who just wants to see cat pictures
and that's where this topic truly lies
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
100%
and that's why we can't do purity tests on resistance
purity tests destroy effective resistance
effective resistance that isn't pure is not a betrayal
we resist how we can, in the ways we can
this isn't an argument against your words, i'm just harking back to the argument up higher
-
@ariarhythmic @benroyce @starlily Great, fascism will make good Mastodon instances have the same status as BitTorrent trackers and pirate streaming websites!
Well, the tracker I used to contribute for is still up even today, thus we may think disobedience is fine, they will not go for small instances. On the other hand, it's a false correlation: one thing is Crunchyroll, Netflix and other companies choosing not to go against small groups because they may die out of just from not getting enough donations, other thing is fascist governments. They are already going against individuals, people fear ICE, as an example.
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
i yearly enjoy the services that sometimes say happy birthday to me...
on the fake birthday i've been entering since forever
๐คญ
@benroyce @LukefromDC @mark @nitrml @meowki @iju @ariarhythmic LOL, yes. I am so used to fake birthdays that I have to make an extra effort to enter the correct one if needed.
I oopsied my birthday for an online plane ticket booking after 9/11. No issue. Got to fly as booked.
-
@LukefromDC @mark @nitrml @meowki @iju @ariarhythmic
well yeah
and new gang recruits are asked to shoot someone in the head as they watch for much the same reason
neither of which tell us much about the topic here
-
@ariarhythmic @Mastodon @mellifluousbox
the problem isn't mastodon it's your govt
if mastodon servers don't implement age verification in those jurisdictions that make it law, those servers get shut down by that govt
so you're blaming the wrong entity
are you really asking servers to face legal punishment and then get shut down anyway?
don't get me wrong: be angry
*at your govt*
not mastodon
@benroyce @ariarhythmic @Mastodon @mellifluousbox No, they cannot get shut down by a government they're not operating under. If there's a threat, move legal operations & hosting out of the jurisdiction and obfuscate physical location of servers behind VPNs. Don't fucking comply.
-
@benroyce @ariarhythmic @Mastodon @mellifluousbox No, they cannot get shut down by a government they're not operating under. If there's a threat, move legal operations & hosting out of the jurisdiction and obfuscate physical location of servers behind VPNs. Don't fucking comply.
@dalias @ariarhythmic @Mastodon @mellifluousbox
that's not really true
for many countries you have to follow the laws of *both* your home country and the country where your server resides
of course that's not true for all countries
but if let's say you're a citizen of the germany and your server is hosted in another country, germany just goes after you, it doesn't care
"obfuscate physical location of servers behind VPNs"
no. that's no protection
-
@dalias @ariarhythmic @Mastodon @mellifluousbox
that's not really true
for many countries you have to follow the laws of *both* your home country and the country where your server resides
of course that's not true for all countries
but if let's say you're a citizen of the germany and your server is hosted in another country, germany just goes after you, it doesn't care
"obfuscate physical location of servers behind VPNs"
no. that's no protection
@benroyce @ariarhythmic @Mastodon @mellifluousbox None of that contradicts what I said. You don't run it as a citizen or resident of the hostile jurisdiction. You pass ownership to an entity in a safe location, and you put the fronting IP in a safe location. Physical servers can be somewhere else, but shouldn't be somewhere under the hostile jurisdiction unless you're confident there's no trail to them.
-
@benroyce @ariarhythmic @Mastodon @mellifluousbox None of that contradicts what I said. You don't run it as a citizen or resident of the hostile jurisdiction. You pass ownership to an entity in a safe location, and you put the fronting IP in a safe location. Physical servers can be somewhere else, but shouldn't be somewhere under the hostile jurisdiction unless you're confident there's no trail to them.
@dalias @ariarhythmic @Mastodon @mellifluousbox
if you're already in a safe jurisdiction, yes, get your servers out of a bad jurisdiction, absolutely
but if you're in an unsafe jurisdiction, it doesn't matter where your servers are. if they want to target you, they'll target you, and no amount of obfuscation will protect you from that
of course if you're a small fish doing small fish things, you'll probably be fine for a long time
