iltg

what os are you going to use on your smartphone if you remove software from google and apple?

aosp, fdroid, no gservices

what VR headset

not into vr so can't say

what telecom

sadly, not a good one. i wish i had a choice, but this isn't software

are you only shopping in local food markets?

sort of? i get fresh stuff from actual markets when i can and when i go for groceries i avoid ultra processed stuff from big multinationals, making sure of the provenance and the maker of the stuff i get, supermarkets also sell stuff from local producers

lemmy creators are bigots

eh, im still leeching off some other person hosting, im not going to host lemmy and im slowly making my own thing

also can you provide examples? i heard it multiple times, I'm not contesting it, just kinda want to see myself, like with vaxry, and not only trust second hand accusations

i don't want to be a cop and background check

no absolutely fine i don't check all my software too, but when i hear a callout i dont hide behind "art and artist" mentality and move off the bigot's stuff

preference is s weak motivation honestly. i prefer google maps yet i still don't want google and make do with OSM

I'm simply interested in having control over my PC

but you don't, you still depend on vaxry. can you maintain, update, fix and recompile hyprland yourself? if so, fork it and start boycotting vaxry. if not, what control are you talking about? it's just preference

this whole argument to me sounds like "i prefer a WM with smooth animations and an active discord so im going to overlook the problematic maintainer im going to give clout to and start depending on"

i'm not on wayland so i can't try any of these, but there are lists you can browse from (https://wiki.archlinux.org/title/Wayland#Compositors for example)

you are setting quite restrictive and arbitrary limits

well supported

what do you mean?

with smooth animations

what counts as "smooth animations"?

if your message boils down to "something which looks really good to me and that has a discord i can go into and ask for help", you may have set the requirements tight enough to only include hyprland, but that's not a valid excuse in my opinion to avoid boycotting problematic developers

your argument is a bit extreme, it doesn't need to only be software from nice folks, it just needs to not be software made by not nice folks

apart from sqlite, i think everything is replaceable with a bit of compromise

what things made by not nice folks are you locked into?

taking care of bad servers is instance admin business, you're conflating the user concerns with the instance owner concerns

generally this thread and previous ones have such bad takes on fedi structure: a federated and decentralized system must delegate responsibility and trust

if you're concerned about spam, that's mostly instance owner business. it's like that with every service: even signal has spam, and signal staff deals with it, not you. you're delegating trust

if you want privacy, on signal you need to delegate privacy to software. on fedi to server owners too, but that's the only extra trust you need to pay

sending private messages is up to you. if i send a note and address it only to you, i'm delegating trust to you to not leak it, to the software to keep it confidential, and to the server owner to not snoop on it. on signal you still need to trust the software and the recipient

this whole "nothing is private on fedi" is a bad black/white answer to a gray issue. nothing is private ever, how can you trust AES and RSA? do you know every computer passing your packet is safe from side chain attacks to break your encryption? you claimed to work in security in another thread, i would expect you to know the concept of "threat modeling"

lemmy's approach still relies on audience targeting for privacy, just like mastodon. using a distinct object type (which is off spec btw) is "more secure" just because nobody else knows what lemmy is doing

it's not unrealistic to keep trust at the server level. following your rationale, you can't trust my reply, or any, because any server could modify the content in transit. or hide posts. or make up posts from actors to make them look bad.

if you assume the network is badly behaved, fedi breaks down. it makes no sense to me that everything is taken for granted, except privacy.

servers will deliver, not modify, not make up stuff, not dos stuff, not spam you, but apparently obviously will leak your content?

fedi models trust at the server level, not user. i dont need to trust you, i need to trust just your server admin, and if i dont i defederate

good reply but private items are not "quite literally blasted out to anyone who listens", AP spec has audience targeting and content gets sent capillarly, like email. a Note for bob gets sent ONLY to bob's server

as:Public content gets broadcasted by some software (relays) and inbox forwarded by others (mastodon, mitra).

linking barely relevant threads is a bit annoying

your complaints on "unlisted vs public" are completely unrelated to the issue at hand

your analysis that relates to this pixelfed flaw is just:

Privacy Enforcement:

• No explicit requirements for how receiving servers should restrict visibility based on audience fields
• No requirements that servers must hide content from non-addressed users

these aren't good analyses: content should be private by default, nowhere is stated otherwise. if you feel like this common sense practice is somewhat arbitrary, it's actually mandated by GDPR and more data protection laws.

if you want to rule lawyer that "acktually spec doesnt EXPLICITLY say that you cant show stuff meant for alice to bob if bob asks" and ignore this web good practice (probably implied by the many privacy remarks in the spec but let's ignore those) which is actually mandated by governments, feel free to still ignore the incompetence displayed by dansup in implementing something that every other fedi software managed, go for it

even if you were right, even if the spec was really that vague, even if it wasn't a good practice and requirement, in a federation parties cooperate. pixelfed breaking a common agreement is defederation worthy, and dansup remains either incompetent for implementing badly something easy or toxic for federating ignoring what the federation requires

you're still not addressing the point, just linking other posts back and forth and moving the goalpost

audience targeting is NOT a new abstraction by mastodon, it's part of ActivitySTREAMS, not even ActivityPUB

rtfm and do NOT give a rest to bad behaving software

how is it a failure of mastodon that pixelfed doesn't respect audience targeting? it's not like it's something that mastodon made up, this isn't about unlisted/public