What do we need to change about how we operate, now that the political environment is darkening?

The overall goals would be to safeguard user identities, ensure communication privacy, and protect against censorship and state surveillance.

User Anonymity and Privacy

  • End-to-end encryption: Encrypt all user communications, private messages, and sensitive data
  • Anonymous accounts: Allow users to create accounts without requiring personally identifiable information (PII), such as email or phone numbers. How can we balance this with the need to combat spam?
  • Tor and VPN Integration: Ensure compatibility with privacy tools like Tor, and provide guidance on using VPNs.

Data Storage

  • Remove or minimize data collection, including IP addresses, geolocation, and device information. No web server logs.
  • Ephemeral content: auto-deleting posts, messages, etc after a set period.
  • Instance chooser that flags which instances are in unsafe countries.
  • Defederate from instances in unsafe countries?

Communities

  • Private communities - currently all are public
  • Communities where every post is encrypted
  • Approval process to join some communities
  • Better opsec around instance owners, admins and moderators

What else?

  • souperk@reddthat.comEnglish
    231·
    5 months ago

    Lemmy is a public forum, if you want to communicate privately exchange matrix handles and communicate there.

  • Ulrich@feddit.orgEnglish
    19·
    5 months ago

    Lemmy is simply not the place for that sort of communication.

    My recommendation would be SimpleX.

  • solrize@lemmy.worldEnglish
    15·
    5 months ago

    Right, like the other person says, Lemmy fundamentally doesn’t work like that. IDK what Piefed is. Ironically, in a sense, 4chan was ahead of us by decades.

    • Cris@lemmy.worldEnglish
      13·
      5 months ago

      Piefed is another fediverse link aggregator project, like lemmy and kbin

      https://piefed.social/

      You’ll periodically see piefed accounts if you pay attention to user instances here :)

    • Lost_My_Mind@lemmy.worldEnglish
      31·
      5 months ago

      I’ve been on Lemmy since May. I’ve never been on 4Chan, but I’ve heard stories of who 4Chan users are, and what their posts are.

      God, I HOPE they aren’t way ahead of us…

      • zecg@lemmy.worldEnglish
        1·
        5 months ago

        I’ve never been on 4Chan, but I’ve heard stories of who 4Chan users are, and what their posts are.

        If Margaret Mead at her age smoked grass

  • burgersc12@mander.xyzEnglish
    10·
    5 months ago

    Lol. Just make a new software at this point, because what you describe is not Lemmy and never will be.

      • burgersc12@mander.xyzEnglish
        2·
        5 months ago

        Piefed also doesn’t really fit his description. He wants something more akin to Signal, since that was designed around E2E encryption. Anything that uses ActivityPub is never gonna be able to fit into his idea for security, since it was designed to do the exact opposite and distribute content to basically anyone who asks for it.

        • cabbage@piefed.socialEnglish
          1·
          5 months ago

          Just to clarify, you are aware that OP is the main developer of PieFed?

          Chances are that PieFed more or less fits his idea of what he wants, considering that’s what he designed it to do.

          • burgersc12@mander.xyzEnglish
            2·
            5 months ago

            Nope, wasn’t aware. Still seems like ActivityPub is the wrong way to go if your priorities include encryption and anonymity.

            • cabbage@piefed.socialEnglish
              2·
              5 months ago

              ActivityPub is absolutely not suited for private communication. I guess you could in theory transfer encrypted content over AP as well, but it’s not what it is designed for and it generally makes little sense for content in a public forum like this. I don’t think anyone thinks otherwise.

              This is not what is proposed though. For E2EE, Rimu suggests the following:

              Encrypt all user communications, private messages, and sensitive data

              So to keep user data encrypted on the server, as well as looking into finding a way to encrypt private messages. I think it’s hard to argue this wouldn’t be at least a minor change for the better, giving instance administrators less insight into the private data of the users (and thereby also making them less vulnerable to law enforcement).

              Of course this wouldn’t make PieFed or Lemmy or whatever a good replacement for Signal. It is not supposed to be. It’s a public forum. But it can still do its best to protect the identity of the users in this public forum, even with the inherent limitations of the format.

          • burgersc12@mander.xyzEnglish
            2·
            5 months ago

            ActivityPub is how federation is accomplished. You cannot “work around” how the system is fundamentally designed. ActivityPub might get E2E encryption on DMs at some point but the rest is simply not possible if you want to be able to interact with the rest of the Fediverse.

            • Rimu@piefed.socialOPEnglish
              2·
              5 months ago

              Theoretically in the future PieFed might not be limited to only using ActivityPub, or only using Lemmy-compatible ActivityPub.

              • burgersc12@mander.xyzEnglish
                2·
                5 months ago

                Hmm that’s fair. I wasn’t aware of the differences between Piefed and Lemmy when I first made my comments, but I do wish you luck with implementing all this! Piefed seems cool, guess I’ll have to check it out a bit more in depth lol

  • Lost_My_Mind@lemmy.worldEnglish
    123·
    5 months ago

    looks left

    looks right

    Hellooooo? Fascists? Are you on Lemmy?

    looks around

    Yeah, I don’t think I’m on the right part of Lemmy where fascists are engaging. Not that I’m complaining. It just feels like you’re living in an igloo complaining that a cactus might grow.

  • Pamasich@kbin.earth
    8·
    5 months ago

    I know you’re a Piefed developer, so you probably know what’s possible and what’s not better than me. But honestly, the encryption part makes me think you probably want a new protocol designed with that in mind from the start. In my opinion, it’s too destructive for compatibility with other ActivityPub software and instances running older versions of them especially.

    Combating spam despite the simplified account creation will probably require the implementation of something like Reddit’s karma system. Which isn’t a very popular idea I think.

    Regarding the ephemeral content… please don’t. It might sound cool on paper, but it just adds FOMO. We shouldn’t promote doomscrolling and brainrot with the addition of features which require you to quickly scroll through shit to not miss out on posts that disappear after a timer has passed.

    • Rimu@piefed.socialOPEnglish
      2·
      5 months ago

      too destructive for compatibility with other ActivityPub software

      Yes, but that’s Ok, not every community needs to federate outside PieFed. There can be a mix of insecure (widely-compatible) and secure (PieFed only) communities. PieFed does not be need to be held back by the limitations of ActivityPub as we know it today.

  • Cris@lemmy.worldEnglish
    5·
    5 months ago

    I think encryption at rest for account data should be a thing, but there are better ways to communicate and organize if that’s what you’re trying to do

    I think the biggest thing would just be making sure that it’s not easy for the government to get user data. So making signups without personally identifiable info would potentially be worthwhile, so that info can’t just be subpoenaed to identify users irl

    • Docus@lemmy.worldEnglish
      3·
      5 months ago

      Glossing over the fact that DOJ can’t subpoena instances like world as they are outside the US (but, like world, may be subject to EU GDPR) having an account without PII if your IP address is all over the servers isn’t going to save you.

      • Cris@lemmy.worldEnglish
        2·
        5 months ago

        You’re right, that’s very true.

        Like I said, I don’t think it’s really what a platform like lemmy is for

  • artificialfish@programming.devEnglish
    5·
    5 months ago

    So something I want to point out: plain text encryption exists. Cyphers and the like. You could have your instance use all the standard stuff but with a really hard cypher, and it would work everywhere. Then you just need a front end to read it… but then the cops could read it… oh public encryption makes no sense.

    • Rimu@piefed.socialOPEnglish
      2·
      5 months ago

      Yes this is a good minimum. We need our instance-chooser guides/websites to surface this information so people can make choices about which instances they join.

      Currently if you go to https://joinmastodon.org/servers or https://join-lemmy.org/instances there is no way to filter for VPN compatibility, allowing disposable email, logging policy or legal jurisdiction (in the case of join-lemmy). Or political alignment, defederation policy…

      • Microw@lemm.eeEnglish
        1·
        5 months ago

        Instances.social surfaces some of the server rules into a nice UI for mastodon instances but yeah, those things you mention would also be nice.

  • zecg@lemmy.worldEnglish
    57·
    5 months ago

    Imagine pasting this LLM bullshit unabashedly as if it’s something people should sagely nod through recognizing how necessary it is to turn this poor man’s reddit into NSA internal messaging forum. “Better opsec around instance owners”, did you even read that before pasting? Who are you writing that for, instance owners’ handlers?