Are you going to be hosting things for public use? Does it feel like you’re trying to figure out how to emulate what a big company does when hosting services? If so, I’ve been struggling with the same thing. I was recently pointed at NIST 800-207 describing a Zero Trust Architecture. It’s around 50 pages and from August 2020.

Stuff like that, your security architecture, helps describe how you set everything up and what practices you make yourself follow.

s/celebs/weebs/

Fixed :-)

Oh, that makes sense. I’m diabetic and she’s not and there’s definitely a difference in familiarity with injectable medications between us. Maybe I’m seeing dark patterns where they don’t actually exist.

Could be a MUSIC/SP reference. (No I don’t remember how to use it either. I had a letter-letter-number-number %nemomus@academic.nemostate.edu email in college though.)

Or one of those laser “pointers” with crazy high power, 1 watt or higher?

You might be presenting it backwards. We need LLMs to be right-sized for translation between pure logical primitives and human language. Let a theorem prover or logical inference system (probably written in Prolog :-) ) provide the smarts. A LLM can help make the front end usable by regular people.

Really great ideas. I read up a bit on Fediblock and I think you’re absolutely right.

If I could riff off of your ideas a bit: instance-blocking recommendation lists bundle an entire stack of things together:

• statements of fact or intent: this is wrong, this is right, this is insulting and harmful, this is insulting but not harmful if you can laugh at it

• value judgements about those statements: I care about this issue but not that issue, this wrong statement is easily disproven, that wrong statement takes paragraphs to disprove, etc.

• actions to take based on those value judgements: block, tag with a statement, link to an article, etc.

With things bundled, the whole stack has to be a pretty close match for a user’s own values, or else there’s friction. The user can just tolerate the friction, maybe miss out on some content, or they can decide to switch to a whole new list.

Suppose we could unbundle those from each other. Subscribe to the work of a group of volunteers that recommends safe defaults but lets you customize things when you encounter friction points.

Agreed, -10 post. Better Congress critters would help. Less of this uninformed Biden-I-did-this-sticker crap would help.

I’d love to see this become something greater. Consider this challenging problem:

Suppose you have an instance with a community (“C”) that likes to promote subtle but wrong things.

Suppose there’s a community of fact checkers (“F”) who wants to promote actual, verifiable/falsifiable facts by responding to lies with compelling and relevant references. They want to help by directly replying to posts or applying tags in community C, but they are not permitted to contribute by that instance. The community C seems to want their lies to remain unchallenged.

And then suppose there’s some opted-in users (“U”) who want to receive help understanding when posts in community C are not factual. They would like to receive posts or tags from fact checkers, because people they trust have recommended they listen to these fact checkers.

I’d love to see a tagging system that can help “U” and “F” connect, even if the owners of “C” don’t want them to, when browsing content in “C”. Ideally in an extensible way that lets some future implementer come up with novel ways to organize and maintain the fact-checking side of things in response to new threats.

I probably explained this badly, and the letters are probably more pretentious than helpful. But I hope someone smarter can pick this up and run with it, because it’s something the world desperately needs.

For example, nearly ten years ago the FBI arrested Ross Ulbright and seized his encrypted laptop while it was running. One group caused a scene, distracting Ulbright, and another group separated Ulbright from his laptop. That bust was a good thing, and it’s good that Ulbright was convicted for what he had done. But details of the operation make it clear that any adversary - not just law enforcement working against a suspect - can use similar tactics to steal encrypted data.

This tool, along with other security practices, can help at-risk users (yes, including criminals) mitigate this kind of attack.

Is it ok to post about homelab projects and journeys?

I stood up a home server in June of 2000, looking for a bit of that “whee I’m a sysop too!” social interaction I missed out on due to growing up poor. Gave out shell accounts and web hosting to anyone who asked. Surprisingly the server lasted until 2015, despite me being a terrible sysadmin with no idea what he was doing.

I’m trying to bring it back up as something slightly more modern. Recently got OpenLDAP loaded with my old users and mail set up, using seven VMs, each on its own vlan and /30 net: openldap of course, postfix, opendkim, dovecot, roundcube, and two for bind9. I figure I’m certainly going to forget things and get compromised, but hopefully this isolation will minimize how useful a rooted VM is.

I have this hesitation to ask for too much help, as I feel like it’s the same kind of help someone would use for a small business and would need to pay for. I feel like I should write this up and share it, once I get everything working. Most people doing this for commercial reasons wouldn’t share what they did on company time, I feel like.

Or C# :-(

Though constantly updating nuget packages are helping bring break time back.