One of the common misnomers around the migration away from toxic tech stacks is that the options are either 1) services managed by a company or 2) everyone #selfhosting themselves.
-
One of the common misnomers around the migration away from toxic tech stacks is that the options are either 1) services managed by a company or 2) everyone #selfhosting themselves.
There is however an often overlooked 3rd option of community-scaled infrastructure. Here a group identifies their needs, plans & deploys to meet them. Much like a community garden, that infrastructure has people skilled & dedicated to its upkeep in providing for that group, working bees & skillshare as needed.
1/n
-
One of the common misnomers around the migration away from toxic tech stacks is that the options are either 1) services managed by a company or 2) everyone #selfhosting themselves.
There is however an often overlooked 3rd option of community-scaled infrastructure. Here a group identifies their needs, plans & deploys to meet them. Much like a community garden, that infrastructure has people skilled & dedicated to its upkeep in providing for that group, working bees & skillshare as needed.
1/n
Here are some examples of this at work, in this case the Slack alternative Mattermost:
1. Our own instance in DE, used for online training
2. My friend's instance served from under her desk, on which I teach her students in CA
3. An instance in CH hosting thousands of environmental defenders that I deployed
4 An instance we deployed in IS hosting a US immigration support NGO, resistant to ICE warrantsThere is no one deployment for all here, each instance meets the unique needs of the group
-
Here are some examples of this at work, in this case the Slack alternative Mattermost:
1. Our own instance in DE, used for online training
2. My friend's instance served from under her desk, on which I teach her students in CA
3. An instance in CH hosting thousands of environmental defenders that I deployed
4 An instance we deployed in IS hosting a US immigration support NGO, resistant to ICE warrantsThere is no one deployment for all here, each instance meets the unique needs of the group
-
@JulianOliver @crew didn‘t mean to recommend them for any of that. just an implementation of what you are talking about, i think: a community running services to meet their members needs. although there are some folks there that sure will support civil disobedience
-
@lechimp @JulianOliver @crew love that they combine their IRL meetups with critical mass!
-
@JulianOliver @crew didn‘t mean to recommend them for any of that. just an implementation of what you are talking about, i think: a community running services to meet their members needs. although there are some folks there that sure will support civil disobedience
@lechimp @crew That is great they are so willing, and I think what they are doing is super.
To unpack what I mean regarding risk it is that warrants for server seizure can implicate all staff looking after that infrastructure and also mean data loss or downtime for others hosted adjacently - even if they are not involved in the org being investigated in any way. It is for this reason an at-risk org is better off running their own stack.
-
Here are some examples of this at work, in this case the Slack alternative Mattermost:
1. Our own instance in DE, used for online training
2. My friend's instance served from under her desk, on which I teach her students in CA
3. An instance in CH hosting thousands of environmental defenders that I deployed
4 An instance we deployed in IS hosting a US immigration support NGO, resistant to ICE warrantsThere is no one deployment for all here, each instance meets the unique needs of the group
Crystelle, co-director of Nīkau, said an interesting thing on this, noting that across history so many human cultures have necessarily localised expertise to meet the needs of their group, building in resilience - whether carpenter, physician, mason, blacksmith, gardener, hunter etc.
She argues that today, with a dependence on complex technical infrastructures readily abused by power, communities need to incorporate system administration & infosec into the skillbase held by the membership.
-
Here are some examples of this at work, in this case the Slack alternative Mattermost:
1. Our own instance in DE, used for online training
2. My friend's instance served from under her desk, on which I teach her students in CA
3. An instance in CH hosting thousands of environmental defenders that I deployed
4 An instance we deployed in IS hosting a US immigration support NGO, resistant to ICE warrantsThere is no one deployment for all here, each instance meets the unique needs of the group
@JulianOliver please use matrix bro. Mattermost isn’t that OpenSource! Most of the good things things are closed and enterprise.
-
Crystelle, co-director of Nīkau, said an interesting thing on this, noting that across history so many human cultures have necessarily localised expertise to meet the needs of their group, building in resilience - whether carpenter, physician, mason, blacksmith, gardener, hunter etc.
She argues that today, with a dependence on complex technical infrastructures readily abused by power, communities need to incorporate system administration & infosec into the skillbase held by the membership.
[...] This is not possible without a re-distribution of expertise, away from where it is largely held captive by the gov, corp and military sectors, often in high-paying jobs.
And not just stuffing services behind a public IP either, & hoping for the best, but deploying with security and server design best practices in mind. Without doing so, the infrastructure will in time be compromised &/or rot out, losing the morale of the membership.
This is a big part of why we're running the trainings
-
@JulianOliver please use matrix bro. Mattermost isn’t that OpenSource! Most of the good things things are closed and enterprise.
@xr1st0ph Matrix/Element is great in many ways (E2EE) but memberships I've deployed for have found it too geeky, whereas alt platform averse can generally smoothly bump from Slack to MM with little to no complaints. Matrix/Element is also too sluggish for big channels of 1k+ members, even on powerful machines. Runs hot & starts to crawl in the thousands, whereas MM cruises through it. Matrix on smaller scales? Fine. I think their Olm, implementation of Double Ratchet holds them back a bit there.
-
@xr1st0ph Matrix/Element is great in many ways (E2EE) but memberships I've deployed for have found it too geeky, whereas alt platform averse can generally smoothly bump from Slack to MM with little to no complaints. Matrix/Element is also too sluggish for big channels of 1k+ members, even on powerful machines. Runs hot & starts to crawl in the thousands, whereas MM cruises through it. Matrix on smaller scales? Fine. I think their Olm, implementation of Double Ratchet holds them back a bit there.
@xr1st0ph MM Team Edition is FLOSS. Enterprise not so.
-
@xr1st0ph Matrix/Element is great in many ways (E2EE) but memberships I've deployed for have found it too geeky, whereas alt platform averse can generally smoothly bump from Slack to MM with little to no complaints. Matrix/Element is also too sluggish for big channels of 1k+ members, even on powerful machines. Runs hot & starts to crawl in the thousands, whereas MM cruises through it. Matrix on smaller scales? Fine. I think their Olm, implementation of Double Ratchet holds them back a bit there.
@JulianOliver we moved from rocket chat to matrix 2 yr ago. we have alot of groups. some with over 1k+ users. Our userbase is 60+. it works. Not saying it is all smooth. but mattermost is us based, and isnt real open. you have to pay the http://sso.tax/ ... yea the nice ui ... ok but element is getting there. the element X app is so good!
remarkable, that in your sphere of influence, UX is more important than opsec to you. why? -
@JulianOliver we moved from rocket chat to matrix 2 yr ago. we have alot of groups. some with over 1k+ users. Our userbase is 60+. it works. Not saying it is all smooth. but mattermost is us based, and isnt real open. you have to pay the http://sso.tax/ ... yea the nice ui ... ok but element is getting there. the element X app is so good!
remarkable, that in your sphere of influence, UX is more important than opsec to you. why? -
@xr1st0ph Can compile that out easily if handy with Go, or just use the drop in binary from Frama:
-
@JulianOliver we moved from rocket chat to matrix 2 yr ago. we have alot of groups. some with over 1k+ users. Our userbase is 60+. it works. Not saying it is all smooth. but mattermost is us based, and isnt real open. you have to pay the http://sso.tax/ ... yea the nice ui ... ok but element is getting there. the element X app is so good!
remarkable, that in your sphere of influence, UX is more important than opsec to you. why?@xr1st0ph The opsec with Mattermost is great when self-hosted & push notifications running through your own push server. Metadata quiet on the wire & FLOSS (team edition).
Again, we have deployed Matrix for groups, but IME it is a higher risk migration target with more ontraining req. Many are coming from Slack too, so for this case esp MM is by far the smoother journey.
If tech-averse get cold feet they will never move again & stay on US bigtech.
You either listen to people or you lose them
-
@xr1st0ph The opsec with Mattermost is great when self-hosted & push notifications running through your own push server. Metadata quiet on the wire & FLOSS (team edition).
Again, we have deployed Matrix for groups, but IME it is a higher risk migration target with more ontraining req. Many are coming from Slack too, so for this case esp MM is by far the smoother journey.
If tech-averse get cold feet they will never move again & stay on US bigtech.
You either listen to people or you lose them
@xr1st0ph I use Matrix every day btw (with Element). As for SSO, we urge groups that choose MM to steer clear of it. Rather 2FA to email, ideally at their selfhosted MTA.
However some employ OAuth2 for auth flow from selfhosted platforms like GitLab, Nextcloud etc. This can work very well.
-
@xr1st0ph Can compile that out easily if handy with Go, or just use the drop in binary from Frama:
@JulianOliver there is no active upstream or someone maintaining this. thats honestly cant be a good or safe way for infrastructure.
-
@xr1st0ph The opsec with Mattermost is great when self-hosted & push notifications running through your own push server. Metadata quiet on the wire & FLOSS (team edition).
Again, we have deployed Matrix for groups, but IME it is a higher risk migration target with more ontraining req. Many are coming from Slack too, so for this case esp MM is by far the smoother journey.
If tech-averse get cold feet they will never move again & stay on US bigtech.
You either listen to people or you lose them
@JulianOliver thats kindof true. but you really only have to convince a small group and the rest will follow.
No E2EE in Mattermost would be a no go in infra for activism for me. people should and must learn how to protect their communictaion. You should educate not lower the bar.
Make some youtube videos and a good wiki entry and people will use it or ask someone. my experience.We proclaim it as a WhatsApp replacement, and it works well. people help out each other.
-
@xr1st0ph I use Matrix every day btw (with Element). As for SSO, we urge groups that choose MM to steer clear of it. Rather 2FA to email, ideally at their selfhosted MTA.
However some employ OAuth2 for auth flow from selfhosted platforms like GitLab, Nextcloud etc. This can work very well.
@JulianOliver yea there is this hack right? is it still possible to use the gitlab in the teams version for some keycloak i.e.?
️ 