I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward.
-
@vfrmedia @mttaggart @ireneista - this is something to be figured out, but I'm willing to spend some time doing that. Ideally there'd be some kind of network of local co-ops to share best practice in each jurisdiction.
@philcowans @vfrmedia @mttaggart that does sound like the right solution
-
I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward. Every corpo service is eventually going to make you ashamed to use it.
@mttaggart personally, I'd like to start a cooperatively owned Mastodon instance where ownership costs pay for infra, admin, and moderation, with owners all having a voice in operation, governance, and direction. Trying to find models as alternatives to benevolent third parties and pleading for donations.
-
@mttaggart personally, I'd like to start a cooperatively owned Mastodon instance where ownership costs pay for infra, admin, and moderation, with owners all having a voice in operation, governance, and direction. Trying to find models as alternatives to benevolent third parties and pleading for donations.
-
@vfrmedia @philcowans @mttaggart well, you find a solid lawyer as one of your first steps...
but yes, it's a significant barrier to entry
@ireneista @philcowans @mttaggart
I think even a basic hosting service for community organisations /could/ work, but you'd have to set clear boundaries on what it can and can't be used for *and* enforce them - (after all you wouldn't want the local Reform/Restore Britain group or the equivalent in other areas making use of the resources, or its no better than what Mullvad and others are doing and claiming its "free speech")
-
@vfrmedia @philcowans @mttaggart well, you find a solid lawyer as one of your first steps...
but yes, it's a significant barrier to entry
@ireneista @vfrmedia @philcowans It's why you need a legal entity in front of individuals to mitigate liability. But there are costs
And it's a trade-off. You're paying for conscience and choice with risk.
-
@ireneista @philcowans @mttaggart
I think even a basic hosting service for community organisations /could/ work, but you'd have to set clear boundaries on what it can and can't be used for *and* enforce them - (after all you wouldn't want the local Reform/Restore Britain group or the equivalent in other areas making use of the resources, or its no better than what Mullvad and others are doing and claiming its "free speech")
@vfrmedia @philcowans @mttaggart content policy enforcement is a trap though, if you build a mechanism it will be used against you
-
@vfrmedia @philcowans @mttaggart content policy enforcement is a trap though, if you build a mechanism it will be used against you
@vfrmedia @philcowans @mttaggart what we're hoping is of course that knowing the people involved is some sort of solution, but there's a specific type of adversarial modeling we'd need to work through, for how that sort of thing plays out after the usual asshat bad-faith bullshit and a few rounds of legal threats
-
@ireneista @vfrmedia @philcowans It's why you need a legal entity in front of individuals to mitigate liability. But there are costs
And it's a trade-off. You're paying for conscience and choice with risk.
@mttaggart @ireneista @philcowans
There's a similar discussion about this here and the issues involved (at least from a USA perspective)
-
@mttaggart any suggestion on home labbing (two b's?) in this era of crazy hardware prices?
@brahms @mttaggart you can do more than you think with old desktop hardware and 16 gigs of DDR4 RAM. It is also much more energy efficient than server hardware (and much quieter too)
-
@brahms @mttaggart you can do more than you think with old desktop hardware and 16 gigs of DDR4 RAM. It is also much more energy efficient than server hardware (and much quieter too)
@ithoughtisawa2 @brahms Absolutely, especially for individuals or families. When you need to guarantee reliability for a community, things do get more complicated if you're doing it right.
-
@mttaggart I love that. Need to do some more research, but would love to get involved with making a US, or even US regional version of this happen.
-
@vfrmedia @philcowans @mttaggart what we're hoping is of course that knowing the people involved is some sort of solution, but there's a specific type of adversarial modeling we'd need to work through, for how that sort of thing plays out after the usual asshat bad-faith bullshit and a few rounds of legal threats
@ireneista @vfrmedia @philcowans I don't have the full answer but for sure a component is that small services can and should show bad actors the door with haste.
-
@ireneista @vfrmedia @philcowans I don't have the full answer but for sure a component is that small services can and should show bad actors the door with haste.
@mttaggart @vfrmedia @philcowans yes, absolutely
-
@ireneista @vfrmedia @philcowans I don't have the full answer but for sure a component is that small services can and should show bad actors the door with haste.
@mttaggart @ireneista @philcowans
one problem is if the bad actor is stubborn and determined, it can be way more than a small group with limited resources is able to cope with, especially if the project isn't providing a full time paid day job for the people involved *and* legal protection for them..
I don't even get deeply involved in the existing community groups round here nowadays, due to the inevitable conflict and drama that occurs and that it turns out to be more stressful than my day job!
-
@mttaggart @ireneista @philcowans
one problem is if the bad actor is stubborn and determined, it can be way more than a small group with limited resources is able to cope with, especially if the project isn't providing a full time paid day job for the people involved *and* legal protection for them..
I don't even get deeply involved in the existing community groups round here nowadays, due to the inevitable conflict and drama that occurs and that it turns out to be more stressful than my day job!
@vfrmedia @ireneista @philcowans Worth distinguishing external bad actors causing a headache and internal service users for which a provider may be liable. The latter is, I think, the bigger concern and novel problem for most in this proposal.
-
@vfrmedia @ireneista @philcowans Worth distinguishing external bad actors causing a headache and internal service users for which a provider may be liable. The latter is, I think, the bigger concern and novel problem for most in this proposal.
@mttaggart @vfrmedia @philcowans right and like, if you're trying to serve marginalized communities, that's inherently risky because people's existence is politicized and that's beyond their control
and if you're not, what are you even doing
-
@vfrmedia @ireneista @philcowans Worth distinguishing external bad actors causing a headache and internal service users for which a provider may be liable. The latter is, I think, the bigger concern and novel problem for most in this proposal.
@mttaggart @ireneista @philcowans
keeping out external threats is normal cybersecurity stuff and relatively easy to deal with (same as making sure your car or house door is locked and carrying out physical checks or using CCTV if required) - but internal users could be more of a proiblem. Particularly if you are providing "private/secure" services and someone wants to use them for something that is blatantly illegal in your country..
-
@ithoughtisawa2 @brahms Absolutely, especially for individuals or families. When you need to guarantee reliability for a community, things do get more complicated if you're doing it right.
@mttaggart @ithoughtisawa2 @brahms someone who has a friend that converted my shitbox laptop into a server: can confirm shit is amazing, it gave me extra aura, i no longer have to worry that i cant pay the server bill on time and now i can say i have a lot of people in my house (they are in my laptop :3)
-
@mttaggart @ireneista @philcowans
keeping out external threats is normal cybersecurity stuff and relatively easy to deal with (same as making sure your car or house door is locked and carrying out physical checks or using CCTV if required) - but internal users could be more of a proiblem. Particularly if you are providing "private/secure" services and someone wants to use them for something that is blatantly illegal in your country..
@vfrmedia @mttaggart @philcowans the thing we always tell people to consider before creating a corporate entity
which nobody ever wants to do at that stage, and it needs to be then, for all the most realistic mitigations ....
is what will you do if the jurisdiction you operate in makes it illegal, five years from now, to be openly gay or trans?
-
Not for nothing but I've written a very well-regarded guide on home labs if you want to get started.
@mttaggart FYI "Go to Course" returns 404 for https://taggartinstitute.org/c/wireguard-from-scratch/42