Last week, this strange mention appeared on my Mastodon feed. After a bit of clicking around, I figured out what had happened. A user on the Kbin social network had linked to my Mastodon profile. Thanks to the magic of the ActivityPub protocol, it filtered into my mentions - even though I've never even heard [...]
I’ve been on the Fediverse since 2016, and I still get a little mixed up by how things work.
I believe the developers on Kbin and Lemmy have moderation tools in their backlog. I think it will be interesting to see how they implement those and how it will work in the fediverse.
If instances get stricter about federation, I really hope small instances are still allowed to federate with the large ones. For example, I’m running my own Lemmy server just for me, and had no trouble federating. That’s what I really like about the fediverse - my little server is essentially treated no differently to the massive ones. That’s really the point of the fediverse.
It’s very unlikely that big instances will start blocking small ones. It can certainly happen, but I think most people running Lemmy instances are more likely to want to federate. If they don’t they’ll probably run one of the forks that explicitly disable it, so you’ll never know that they exist from your instance.
It’s working well! I already had a VPS that was only running Mastodon and had plenty of spare capacity, so I just installed Lemmy on the same server.
One of the hosts I use (GreenCloudVPS) was having a 9th birthday sale where they were offering a VPS with 9 cores (old Intel Xeon E5 though), 9GB RAM, 99GB NVMe disk space for $99 every three years ($33/year). It wasn’t doing much until I installed Mastodon on it.
The possible problem with that is someone will eventually write a script that starts up new instances and then runs spambots on them. It’s what happened with email. I think you can still self-host an email server, though, it’s just a matter of running it well and communicating with the people that run blacklists if you get on one.
eventually write a script that starts up new instances and then runs spambots on them.
Spammers wouldn’t even have to run Lemmy to spam, as they could have a spamming script that uses ActivityPub directly. I really hope that doesn’t become widespread…
I think as long as you don’t give them reason to, they won’t have any reason to block you. They’d have to explicitly block you, after all. If they aren’t noticing any problems then I don’t see why they’d take the time to block you.
So basically, you should be fine.
I’m also planning on hosting my own Lemmy instance at some point too.
What I’m concerned about is if the large instances move from a blocklist model (like they have now) to instead use an allowlist model, where only explicitly approved instances are allowed to federate with them.
That’s true, that’s a good point. Well I guess the only thing you can do is hope that doesn’t happen lol
Setting up a Lemmy instance isn’t the easiest thing, and automating it is even more challenging, so I don’t necessarily think it’s the kind of thing that can be done so easily. It’s like 100x harder than creating a new account so I feel like It’s not something that would be abused as much as like creating new accounts would be. I think it’ll probably be fine.
I don’t really understand the whole “choose who you federate with”, federation is a server-to-server thing as far as I am aware, and banning whole servers results in some of your users becoming unable to reach all of theirs, incurring a penalty on both sides. I don’t think blocking users based on whoever hosts their account ever makes sense in the general case (it’s a weak argument to prove someone “guilty by association”), and is incredibly unfair (the statement being made is that all users on that instance, without exception, should suffer the consequences of the actions of a few).
Unfortunately there isn’t a finer grained tool. You can ban users, but if the instance they’re from has open sign ups the banned user can just create a new account and return to harassing people on the server. This is the reason that Beehaw defederated with the two earlier this week. They tried everything they could before then, but the tools just aren’t there yet to not punish the whole instance if the instance’s admin isn’t willing to meet part way.
Think about it this way. In real life, you choose who you associate with for many reasons. Do the same in the Fediverse. If your instance gets blocked look at your fellow users as to why, and to the admin policies of your instance administrators. The biggest issue is when Federation ends because that is disruptive. Keep in mind instances mostly never federate with all other nodes. They cannot. Some are illegal, others just full of bad actors and trolls.
I agree that it should be a last resort and it usually is. But when it happens look to your instance not the one de-federating.
Think about it this way. In real life, you choose who you associate with for many reasons. Do the same in the Fediverse.
Hard disagree:
the fediverse is inherently pseudonymous, you can’t tell for sure who your peers actually are (and that’s a good thing)
Even if you could, it’s not practical to background check every single individual on your instance
Even if you could, you might find some people with diverging opinions without knowing for sure if that is sufficient ground for your whole instance to be banned by others (and whom)
Even if not, you can’t predict future behaviour of people on your instance
Even if you could, it doesn’t matter because ultimately only your own doing (and not that of others) should determine who gets to interact with you
and banning whole servers results in some of your users becoming unable to reach all of theirs, incurring a penalty on both sides.
Which is good, so the incentive is to federate more than not.
To give an example of a technology that works the same way but is mature, there’s email. You can send an email between hotmail and gmail seamlessly, but to set up an account on one of those two you need to provide something traceable to meatspace. That’s because a server with open signups would instantly be flooded with spam accounts, and would get on the giant blacklists of domains that have existed for a long time.
A reminder that users can just join another instance, so if they’re legitimate users and can prove it it’s more of an inconvenience than anything.
Choosing who you federate with and then moderating abusive people that slip through anyway is going to be very important.
I believe the developers on Kbin and Lemmy have moderation tools in their backlog. I think it will be interesting to see how they implement those and how it will work in the fediverse.
Yes. There’s basic functionality now, but there’s no automod or similar.
Yup. Wanted to add that I’m glad there is modlog on on these platforms and that they are visible to everyone. Love the transparency.
If instances get stricter about federation, I really hope small instances are still allowed to federate with the large ones. For example, I’m running my own Lemmy server just for me, and had no trouble federating. That’s what I really like about the fediverse - my little server is essentially treated no differently to the massive ones. That’s really the point of the fediverse.
It’s very unlikely that big instances will start blocking small ones. It can certainly happen, but I think most people running Lemmy instances are more likely to want to federate. If they don’t they’ll probably run one of the forks that explicitly disable it, so you’ll never know that they exist from your instance.
What’s it like running your own instance for yourself? Do you need to have a server running and a bunch of storage space?
It’s working well! I already had a VPS that was only running Mastodon and had plenty of spare capacity, so I just installed Lemmy on the same server.
One of the hosts I use (GreenCloudVPS) was having a 9th birthday sale where they were offering a VPS with 9 cores (old Intel Xeon E5 though), 9GB RAM, 99GB NVMe disk space for $99 every three years ($33/year). It wasn’t doing much until I installed Mastodon on it.
The possible problem with that is someone will eventually write a script that starts up new instances and then runs spambots on them. It’s what happened with email. I think you can still self-host an email server, though, it’s just a matter of running it well and communicating with the people that run blacklists if you get on one.
Spammers wouldn’t even have to run Lemmy to spam, as they could have a spamming script that uses ActivityPub directly. I really hope that doesn’t become widespread…
I think as long as you don’t give them reason to, they won’t have any reason to block you. They’d have to explicitly block you, after all. If they aren’t noticing any problems then I don’t see why they’d take the time to block you.
So basically, you should be fine.
I’m also planning on hosting my own Lemmy instance at some point too.
What I’m concerned about is if the large instances move from a blocklist model (like they have now) to instead use an allowlist model, where only explicitly approved instances are allowed to federate with them.
That’s true, that’s a good point. Well I guess the only thing you can do is hope that doesn’t happen lol
Setting up a Lemmy instance isn’t the easiest thing, and automating it is even more challenging, so I don’t necessarily think it’s the kind of thing that can be done so easily. It’s like 100x harder than creating a new account so I feel like It’s not something that would be abused as much as like creating new accounts would be. I think it’ll probably be fine.
I don’t really understand the whole “choose who you federate with”, federation is a server-to-server thing as far as I am aware, and banning whole servers results in some of your users becoming unable to reach all of theirs, incurring a penalty on both sides. I don’t think blocking users based on whoever hosts their account ever makes sense in the general case (it’s a weak argument to prove someone “guilty by association”), and is incredibly unfair (the statement being made is that all users on that instance, without exception, should suffer the consequences of the actions of a few).
Unfortunately there isn’t a finer grained tool. You can ban users, but if the instance they’re from has open sign ups the banned user can just create a new account and return to harassing people on the server. This is the reason that Beehaw defederated with the two earlier this week. They tried everything they could before then, but the tools just aren’t there yet to not punish the whole instance if the instance’s admin isn’t willing to meet part way.
Yup, that’s dramatic. The fediverse still has a long way to go.
Think about it this way. In real life, you choose who you associate with for many reasons. Do the same in the Fediverse. If your instance gets blocked look at your fellow users as to why, and to the admin policies of your instance administrators. The biggest issue is when Federation ends because that is disruptive. Keep in mind instances mostly never federate with all other nodes. They cannot. Some are illegal, others just full of bad actors and trolls.
I agree that it should be a last resort and it usually is. But when it happens look to your instance not the one de-federating.
Hard disagree:
the fediverse is inherently pseudonymous, you can’t tell for sure who your peers actually are (and that’s a good thing)
Even if you could, it’s not practical to background check every single individual on your instance
Even if you could, you might find some people with diverging opinions without knowing for sure if that is sufficient ground for your whole instance to be banned by others (and whom)
Even if not, you can’t predict future behaviour of people on your instance
Even if you could, it doesn’t matter because ultimately only your own doing (and not that of others) should determine who gets to interact with you
Which is good, so the incentive is to federate more than not.
To give an example of a technology that works the same way but is mature, there’s email. You can send an email between hotmail and gmail seamlessly, but to set up an account on one of those two you need to provide something traceable to meatspace. That’s because a server with open signups would instantly be flooded with spam accounts, and would get on the giant blacklists of domains that have existed for a long time.
A reminder that users can just join another instance, so if they’re legitimate users and can prove it it’s more of an inconvenience than anything.