MudMan

Yeah, see, I’m not a lawyer, but I am confident enough that “committing crimes in another country remotely is safe” is absolutely terrible legal advice. Don’t do that. I am confident enough in my understanding of legal matters to issue that recommendation.

I mean, I’ve given Rochko crap here for not thinking things through when he incorrectly suggested more decentralization would make Masto behave differently than Bluesky in this issue. I don’t for a second assume he meant “because fuck it, fine me if you can, USA” or I would be giving him way more crap and closing my Masto account just in case for good measure.

If you run a social media platform that hosts American users they actually might.

Same as the bar for whether GDPR applies to you isn’t whether your server is physically in the EU, it’s whether you’re processing data from EU users. Or, in fact, how you’re supposed to get explicit permission from EU users to host their data anywhere outside the EU in the first place.

Now, I’m not a lawyer in Mississippi, so I’m not gonna give you legal advice, but I would definitely look into it if I’m setting up a public instance. The same way I’d be looking into what compliance things I need to do to host people’s data, both due to GDPR and due to other privacy laws around the world. It’s one thing to set up for friends and family, but if you’re hosting data from outsiders you probably need to understand what you’re doing.

I’ve also not looked into what happens if you are sharing data with a noncompliant server in a restricted territory (so someone is self hosting in Mississippi and then federating with your server elsewhere). I don’t think the legislators who wrote this dumb rule know, either. They clearly haven’t thought that far ahead. Common sense dictates that the outside server would be fine and it’d be the local server’s problem to be compliant. I presume that’s what Bluesky is counting on (i.e. that someone will set up a local instance and act as an ingest bridge for them without it having to be them). Then again, you have British legislators now claiming that all VPNs need to have age controls, so I am not taking common sense for granted when it comes to these things.

Yeah, Mastodon gGmbH also hosts mastodon.social, as far as I can tell. Or… I mean, at least that’s the address and company info they show in mastodon.social’s about page (not Mastodon, but mastodon.social, there are two separate About pages, both reference Mastodon’s gGmbH’s address).

The one thing I’ll give you is that the statement they issued is talking about Mastodon software overall not having the technical tools to comply with the law in the first place and are explicitly refusing to comment on what mastodon.social will specifically do about it.

Which is irrelevant because, one presumes, if the answer was to build the tools to be able to comply with the age verification law they would have said that and put them into the Mastodon software, not just kept them exclusively for mastodon.social.

Yeah, well, remind me not to do business with you under any circumstances.

Self hosting is cool and all, but if you think decentralized networks and services are a get out of jail free to bypass regulations applying to their centralized counterparts you shouldn’t be hosting decentralized networks and services.

For one thing if you have no understanding of legal compliance I don’t want you to store any of my data at all.

No, the article is about Mastodon.social’s nonprofit following up with an official statement after not responding when approached about the original report.

Eugen himself was just shitting on Bluesky, his entire comment was that Bluesky leaving showed “why true decentralization is important”. Ironically, that whole pissing match ended up hinging about how much Eugen was focusing on Bluesky rather than their protocol, too. Turns out to be a popular deflection and it turns out to not change anything practical.

You are retroactively trying to reinterpret the subject matter here to save face and I’m too tired right this minute to entertain it. We don’t have to have a conversation, man, no hard feelings, but if you insist on having one here I’d appreciate if it wasn’t about something else entirely.

We are focusing on mastodon.social because you jumped on a thread about mastodon.social confirming they won’t be complying with Mississippi’s age verification law, which in turn is a follow up to coverage of Bluesky doing the same thing. And also because Eugen Rochko jumped into that announcement to claim that Bluesky stepping away from that territory was an example of how Fedi’s wider decentralization was an advantage, even though it turned out to no be an advantage at all.

Why would we be talking about anything else? That’s literally the topic. You may be looking for a different thread. If anything, the uncontrolled impulse to talk about the ways in which AP is more decentralized than AT whether that’s relevant to the conversation or not is the exact communication mistake Eugen made. Which makes doing that again even weirder.

To be clear, it doesn’t matter where your instance is hosted. Mastodon.social is not hosted in Mississippi, either, it’s hosted in Berlin. You’re still taking on a TON of potential liability if you don’t comply with their age verification or block that territory from access if the law stays in the books, just like you’re risking a ton of liability if you breach GDPR even if your site isn’t in the EU.

It doesn’t matter, though. They all have the same choice to make: comply, shut down in that territory… or be fined an insane amount.

Eugen argued… well, pretty much what you are arguing now. The question Bluesky guy posed to him is what Mastodon.social would do and how would the presence of smaller instances prevent the issue, especially for instances without the resources to comply at all in the first place.

Eugen did not respond to that, but Mastodon.social just did, and the answer is… Mastodon.social will do the same thing as Bluesky and so will every other instance.

Because of course it’s pretty obvious that having a decentralized platform doesn’t help with stupid regulation, because stupid regulation applies to every instance. There’s no reason decentralization would bypass a blanket requirement unless the legal requirement has carved an exception for smaller platforms (and even then there’s a question of what counts as a platform in that scenario).

And the thing is… I’m okay with you not having though that through, but Eugen certainly must have. Right? I mean, they had a pretty well thought out answer for Techcrunch in 24 hours, they must have given it some thought. It’s an unforced communication error.

“The bad guy” is not a thing I’ve thought about anybody since I was 12 years old.

I think Eugen jumped onto a common talking point among Fedi people when they try to highlight the difference between Masto and Bluesky and he didn’t think it through.

Like I said, I’m surprised he messed that up. He certainly should know the impression he was giving wasn’t accurate.

So in this whole embarrassing dick measuring contest Eugen was wrong and Mike Masnick was right, then. Turns out “real decentralization” or not, Masto/Fedi’s structure doesn’t do anything to bypass this nonsense.

This is not new. People constanty claim AP and Fedi have benefits or features just for being decentralized that they absolutely do not have, but I have to admit I’m kinda shocked that Eugen will do that exact thing without any more self-awareness than the average Masto user. He should know better.

My Windows machines seem to be just fine with the couple of NFS shares I use for easier cross-platform mounting on boot. It comes at the cost of some security, though, so I use it to share unimportant stuff I want to mount very freely, like some media libraries. I use SMB for the rest.

I’m curious, what’s the issue with NFS on Windows for you?

No, it cannot.

They are confronting what is obvious, effective tools to undermine democracy with some weird experiment that is at best a niche effort to do online social engineering much more than it is social media.

Social media is a destructive force. By nature. Yes, Fedi as well.

You learn to manage in society, maybe. Like you do addiction and cancer and crime. The techno-optimism stuff is borderline delusional at this point.

Cool.

But the pitch wasn’t “everything will be interoperable unless the company doesn’t mean it or wants to make money or we aren’t “morally aligned”, whatever that means”.

I don’t understand how you can be a “walled garden” and still feature interoperability with a set of open source platforms under a pre-established set protocol. This is not an ethical problem or a problem of ideology, those two things are mutually exclusive.

This also sounds a whole lot like it disproves skrlet13’s point on the heterogeneous Fedi where everything fits under different but overlapping bubbles. Seems to me you think Fedi has the one moral and ethical position on this.

Yeah, we’re almost there. If you buy a pre-packaged box with Home Assistant you’re most of the way there. If you look under the hood most commercial NAS options and even some routers are scraping that territory as well.

I think the way it needs to work to go mainstream is you buy some box that you plug in to your router and it just sets up a handful of (what looks to you) like web services you can access from anywhere. No more steps needed.

The biggest blockers right now are that everybody in that space is too worried giving you the appearance of control and customizability to go that hard towards end-user focus… and that for some reason we as a planet are still dragging our feet on easily accessible permanent addresses for average users and still relying on hacks and workarounds.

The tech is there, though. You could be selling home server alternatives to the could leaning into enshittification annoyance with the tech we have today. There’s just nobody trying to do an iServe because everybody is chasing that subscription money instead, and those who aren’t are FOSS nerds that want their home server stuff to look weird and custom and hard.

Yeah, that’s exactly where it comes from. And it fits just fine for people like you, doing it for a living. It’s just a bit obnoxious when us normies dabbling with what is now fairly approachable hobbyist home networking try to cosplay as that. I mean, come on, Brad, you’re not unwinding after work with more server stuff, you just have a Plex and a Pi-hole you mess around with while avoiding having actual face time with your family.

And that’s alright, by the way. I think part of why the nomenclature makes me snarky is that I actually think we’re on the cusp of this stuff being very doable by everybody at scale. People are still running small services in dedicated Raspberry Pis and buying proprietary NASs that can do a bunch of one-button self-hosting. If you gave it a good push you could start marketing self-contained home server boxes as a mainstream product, it’s just that the people doing that are more concerned with selling you a bunch of hard drives and the current batch of midcore users like me are more than happy to go on about their “homelab” and pretend they’re doing a lot more work than they actually are to keep their couple of docker containers running.

Yeah, well, don’t tell them. The fields of Mastodon are still full of the debris of the Great Threads Arguments. Seemed to me everybody thought they had the correct and only Fedi.

I am more surprised than I should be at how quickly the Fedi pitch went from “we want a future where everything is interoperable everywhere” to “we don’t want any interaction with for profit companies”.

I don’t mind either way, it’s all bad and I shouldn’t be here in the first place, but… you know, it’s weird seeing social patterns develop in real time.

Yeeeeah, I have less of a problem for that, because… well yeah, people host stuff for you all the time, right? Any time you’re a client the host is someone else. Self-hosting makes some sense for services where you’re both the host and the client.

Technically you’re not self hosting anything for your family in that case, you’re just… hosting it, but I can live with it.

I do think this would all go down easier if we had a nice marketable name for it. I don’t know, power-internetting, or “the information superdriveway”. This was all easier in the 90s, I guess is what I’m accidentally saying.

This is a me thing and not related to this video specifically, but I absolutely hate that we’ve settled on “homelab” as a term for “I have software in some computer I expose to my home network”.

It makes sense if you are also a system administrator of an online service and you’re testing stuff before you deploy it, but a home server isn’t a “lab” for anything, it’s the final server you’re using and don’t plan to do anything else with. Your kitchen isn’t a “test kitchen” just because you’re serving food to your family.

Sorry, pet peeve over. The video is actually ok.

I think your read on what people typically do with Plex probably doesn’t align with reality. I also think in the end you’re way less optimistic about the potential of open source software than I am. There are multiple areas where OSS options are either dominant or very competitive, but I am also clearly way less picky about how that gradient of openness to commerciality than you are. We can agree that it’s fine that there are options for both or all steps in that gradient, but there is a ton of snark and all-or-nothing attitude in that community as well.

I will say that If you have a commercial option like Plex and a couple of open alternatives (say Kodi and Jellyfin for the sake of argument) I would prefer one of those to have the type of UX that can compete with the closed commercial product because you can compete with open alternatives.

If jellyfin adopted HA’s model of paid development, I’d be thrilled. But HA’s strategy is actually pretty unique, it’ll take time for that structure to be stress-tested and propagate.

Well, hey, there we agree, then. I’d say that the setup for HA is actually fairly Mozilla-like, and people don’t seem thrilled with THAT, so it wasn’t a given you’d agree. Plex certainly isn’t that. For one thing it’s commercial and closed source. But crucially HA’s commercial branch WILL have a bunch of your data, including voice processing and login info, if you do buy into their paid subscription service.

As for the rest of the argument, most is redundant so I’m not gonna go through the loop again, I am actually busy. But I will add a few things. For one thing, whether I think FOSS is worth “any level of inconvenience” is irrelevant. I do, and I do live with the inconvenience in some cases. But if the goal is for FOSS to be mainstream and a primary choice (and it can absolutely be, there are plenty of examples), then it doesn’t matter what I think. The reason the privacy tradeoffs make sense for Plex is that Plex is an app your family is likely to use. Mine does, and they sure won’t put up with bad UX for the sake of using an open alternative. OBS didn’t crush Xsplit out of the market because of ideology, it did it because it became more powerful, usable and reliable.

And let me clarify I don’t “blow smoke for Plex”. I opened this whole subthread by saying I wanted to use Jellyfin (hence all the testing we’ve been nitpicking about) but couldn’t justify it. I’ve said this above. I’d drop Plex in a heartbeat if Jellyfin was just as good to use for me and the rest of my household. But it isn’t. There’s no reason to blow smoke for Plex, but there is a reason to not delusionally pretend that open source alterantives are better than they are. You’re not going to gaslight normies into using them that way and the complacency just makes it less likely for them to succeed at what they’re trying to do. It is, after all, the year of Linux desktop.