thenexusofprivacy

Thanks for the feedback -- and thanks for reading them despite the bristling. I couldn't come up with a better way to put them ... I know they'll cause some people to tune out, but oh well, what can you do.

I don't think these solutions are inherently unscalable, it's more that there hasn't ever been a lot of effort put into figuring out how to make things scalable so we don't have any great suggestions yet. I wrote about this some in The free fediverses should focus on consent (including consent-based federation), privacy, and safety (the article is focused on instances that don't federate with Threads, but much of it including this section is true more generally):

There aren't yet a lot of good tools to make consent-based federation convenient scalable, but that's starting to change. Instance catalogs like The Bad Space and Fediseer, and emerging projects like the FIRES recommendation system. FSEP's design for an"approve followers" tool, could also easily be adapted for approving federation requests. ActivityPub spec co-author Erin Shepherd's suggestion of "letters of introduction", or something along the lines of the IndieWeb Vouch protocol, could also work well at the federation level. Db0's Can we improve the Fediverse Allow-List Model? and the the "fedifams" and caracoles I discuss in The free fediverses should support concentric federations of instances could help with scalability and making it easier for new instances to plug into a consent-based network.

(The post itself has links for most of these.)

Thanks! Here's how it looks:

Great example of how there isn't any one right answer here, it's different for different instances. Can I quote this in the "What will instances do? Opinions differ!" section of https://privacy.thenexus.today/should-the-fediverse-welcome-surveillance-capitalism ?

Agreed that there isn't one particular model that's right or wrong for everybody, and that a split is likely -- a region like today's fedi and that welcomes Threads, and a more safety-focused region (with more blocking, a more consent-based federation).

There have been other waves, it's just that once they get shut down everybody loses interest and moves on. The PR for the one of the changes Mastodon just made was implemented in May 2023 after the Doge spam wave. And here's a June 2019 post talking about exactly the same kind of attack: "The problem we are experiencing is the spammer signing up on random open instances and sending spam remotely."

A very good idea! https://startrek.website/ took this approach, it'd be intersting to check in with them to see what they learned.

I had shared the draft version here a few weeks ago, and this incorporates some of the feedback -- including "This goes against everything the Fediverse stands for" 😎

Yep. But, even though I didn't suggest it, I didn't explicitly say that it didn't mean global blocklists. So I clarified it, and added a footnote with more detial.

As Instance-level federation decisions reflect norms, policies, interpretations, and (sometimes) strategy discusses, opinions differ on the definition of "bad actor." So the best approach is probably going to present the admin of a new instance with a range of recommendations to choose between based on their preference. Software platforms should provide an initial vetted list (along with enough information for a new admin to do something sensible), and hosting companies and third-party recommenders should also be able provide alternatives.

Yes, at least on Lemmy. It's the icon with two boxes.

No, as the article says at the very beginning, it's that I think a big reason that fediverse isn't growing is its failure to deal with safety.

Nonsense. Instance blocklists are used across the fediverse today. They're certainly not a perfect solution but they have the advantage of actually existing. See Blocklists in the fediverse for a lot more discussion.

Fediblockhole does something along those lines for on Mastodon ... not sure if there's an equivlaent in the Lemmy world.