If we serve licensed content over ssh or HTTPS it’s still licensed. Protocols don’t change the legal requirements of the data. Warner Bros will still sue if one of their movies is hosted on a server using the activity pub protocol.

What? I’m saying every federated copy must legally must have the usage restrictions. Just cause it’s copied doesn’t mean it can go into a for-profit LLM.

it can apply across all of them, for example that’s how copy-left works

Sure, but it’s still true that there are legal protections we can add that make it not fair game for Lemmy. At best it would be unfair-game (illegal scraping of Lemmy)

It’s not fair game for for-profit bussinesses training LLM’s. That’s part of why Reddit made the move; so that companies would need to pay Reddit for access to the data for legally training models

Yeah, sorry if I’m not great at communicating. That’s exactly what I’m trying to point out when I said:

Even if we don’t federate with them, Meta can still harvest the data so we should add these protections regardless.

As opposed to a facebook-controlled server being the top search result for Lemmy.

I see why that’s confusing so I edited my comment just now

I think we can give facebook/threads the bad end of the bargin IF we have a data protections.

You know how powerful copy-left was for open source? I think we can do the same for Lemmy servers. We can have users agree (formally) that the data on a particular server cannot be used for training llvm’s advertisements, marketing profiles, etc, and make it legally binding.

Even if we don’t federate with them, Meta can still harvest the data so we should add these protections regardless. Maybe there is already something like this and I’m just unaware of it.

If we do add these protections and we ensure that the largest instance (e.g. Lemmy.world) is community controlled, I think it could work well for bringing more content to Lemmy.

Yeah there’s no such thing as polticially neutral.

There’s bipartisan, there’s a political average, there’s politically apathetic, there’s political abstinence, but not “political and objectively neutral”.

deleted by creator

Two things

1. If you’re able to encrypt; then done case closed. You can even add a “destruct” login where logging in to a secondary account deletes the primary account under the event that the gov forces you to login.
2. If you’re not able to encrypt (e.g. shared system or cameras watching you type, or written documents) then then slang can actually be effective and easier than a whole language. It can be dynamic/fluid, and gives the author the defense of metaphors and misunderandings. It’s basically the only way to have hidden communication with others “in plain sight”.

Finally, governments are practical. If something looks interesting, like a thing labeled “journal” with mysterious words inside, they’re going to spend resources on it. Your best protection can be boringness. Write a novel, like LOTR, have the language be part of the novel, and when characters speak, replace their dialog with your journal entry. Put it on the shelf with other novels, and it becomes something that’s not worth looking into.

I feel dumb for having to ask but what exactly is “active users half year” vs “active uses monthly”?

Is half year just mean one or more comments/upvotes in the last 6months?

Actually, that’s my point we CAN’T rank them.

• on reddit for every 1 post there are 100 or 1000 lurkers voting/ranking the post
• but on Lemmy: there are so many bot posts, that every 1 bot post has like 0.1 Lemmy users voting/ranking it

It is totally impractical for us to correctly/effectively rank the absolute torrent of posts coming from reddit, and the result is that every high quality 1000-reddit-upvote post is surrounded by an ocean of straightup-spam 1-reddit-upvote posts.

Real Lemmy posts in a community are completely drowned out by bot posts. I can’t even find real users posting in a community because there’s so many bot posts.

I feel like any reddit that asks questions should not have a Lemmy bot. Like I just saw a bot for r/whatisthis and I just can’t understand the logic. Who would EVER answer a question when the OP can’t even see the response. I didn’t want to rant about it, but really, how can we get in contact with the bot creators???

Meanwhile, something as simple as calvin and hobbs clips are being manually posted on a daily schedule by a regular Lemmy user.

It avoids the need for cloud storage.

If I’m out somewhere, with no device on me, I can still generate my passwords

The abbreviation method LessPass uses works pretty well. Its usually only a problem with a re-branding, like how wefwef changed to voyager. When that happens it’s not too big of a deal, I just change it to the new thing.

What is a big problem with the URL though is login portals. Like when it’s some conglomerated system that involves a million redirects, and/or a “login with XYZ”. They can get some really weird URLs that have nothing to do with the actual site and those are a real pain.

#3 isn’t true. There’s a username field, so you just put in the username of the alt accounts.

Your point about the master password and two factor is a good one though.

In practice password restrictions are rare (like 1% of sites), but they are problematic when they happen because there’s so many different ways to restrict passwords and trying all combinations is impractical. Needing the counter is exceedingly rare. Remembering the username isn’t a problem, but if you don’t have a consistent policy of always-using-a-username or always-using-the-email (as the lesspass username) it can be difficult to remember that. Similar situation with the URL, if it’s not abbreviated consistently, then it’s a problem.

That said, I still use LessPass for everything and just deal with the edgecase problems.

Despite what others are saying, I’ve been using it for a couple years and it can work great if you’re okay with the trade-offs.

Of the three (Integrity, Confidentiality, Availability) it has better availability than cloud storage which is what I care about. Even when the LessPass site is down, there’s an IPFS version, mirrors, local cache, etc so it’s basically always possible to derive any password.

At a user level, it’s very impractical (and a slight risk) to always retype the master password at every single login screen. However, letting the local autofill save the password doesn’t defeat the point of LessPass. Why? because, if you only use local storage, and you’re traveling and your phone breaks, you’re now locked out of every account. With LessPass, you’re fine as soon as you get an internet connection.

There are a few caveats.

• There’s no global 2factor. Loosing the master password means every site that doesn’t have its own 2factor is instantly fully exposed.
• I do agree there are a few sites where the default options don’t work because of the character restrictions. It’s about 1.2% of websites in my experience, but they are painful exceptions. Basically you have to rely on memory to be able to pick those same settings again. I recently wish there was a unified dataset of which websites had password requirements, and then LessPass would auto check the necessary boxes when the website URL was pasted in. Maybe one day.
• Changing your master password requires changing every single website. If you don’t, then it’s impractical to remember what password was used for what site.

I disagree. Imagine any club or group of people getting together to tackle a problem, with a common vision, a culture, and social values. It can be more than just liking the people, as the group-ideals can kept even as the people cycle in and out.

You can like club/organization for what actions it encourages, what it stands for, the benefit it provides people with, and the lines it collectively agrees not to cross.

Some good organizations have revenue, and we call them businesses.

I agree 99.9% of companies “won’t love you back” but it’s not 100%.

deleted by creator