LemmyWorld is a terrible place for communities to exist. Rationale:

  • Lemmy World is centralized by disproportionately high user count
  • Lemmy World is centralized by #Cloudflare
  • Lemmy World is exclusive because Cloudflare is exclusive

Itā€™s antithetical to the #decentralized #fediverse for one node to be positioned so centrally and revolting that it all happens on the network of a privacy-offender (CF). If #Lemmy World were to go down, a huge number of communities would go with it.

So whatā€™s the solution?

Individual action protocol:

  1. Never post an original thread to #LemmyWorld. Find a free world non-Cloudflare decentralized instance to start new threads. Create a new community if needed. (there are no search tools advanced enough to have a general Cloudflare filter, but #lemmyverse.net is useful because it supports manually filtering out select nodes like LW)
  2. Wait for some engagement, ideally responses.
  3. Cross-post to the relevant Lemmy World community (if user poaching is needed).

This gets some exposure to the content while also tipping off readers of the LW community of alternative venues. LW readers are lazy pragmatists so they will naturally reply in the LW thread rather than the original thread. Hence step 2. If an LW user wants to interact with another responder they must do so on the more free venue. Step 3 can be omitted in situations where the free-world community is populated well enough. If /everything/ gets cross-posted to LW then there is no incentive for people to leave LW.

Better ideas? Would this work as a collective movement?

  • diyrebel@lemmy.dbzer0.comOP
    link
    fedilink
    arrow-up
    1
    arrow-down
    8
    Ā·
    edit-2
    1 year ago

    Itā€™s clear from your disingenuous summary that you donā€™t grasp human rights well since you have summarized the original points in a way that actually omits the critical components of a human rights infringement. Someone who is familiar the UNā€™s Universal Declaration of Human Rights would not know from your summary how CF is violating human rights (answer: students being excluded from educational resources). The mere existence of CF in itself is meaningless in your abstraction. You act like a Cloudflare PR rep.

    Cloudflare are against software freedom because captcha uses Javascript

    Another disingenuous summary. This also demonstrates your misunderstanding of software freedom. Javascript does not inherently undermine software freedom. Javascript that supports the 4 freedoms exists.

    Cloudflare are a burden to the environment because the captcha has images.

    Another disingenuous summary, as it omits how you get from A to B. Vector images would be fine, but itā€™s not vector images that are pushed. Text browsers are treated as robots. Iā€™m not going to repeat the whole article here.

    The article is already written as a concise minimal outline. The only reason to summarize it further as you did is to bring a strawman style of malice by omission.

    but it could be condensed considerably by removing the exxagerated claims.

    Can you cite a specific ā€œexaggeratedā€ claim that is not supported with a cited source?

    Cloudflare was born from a commercial need to protect from malicious DDoS attacks,

    Not my problem. Smarter admins have figured out how to secure Lemmy instances without surreptitiously compromising everyone elseā€™s security. infosec.pub demonstrates this. Users have no need for these Cloudflared instances when there are so many non-CFd instances that operate inclusively.

    I wonder if Cloudflare perform DDoSā€™s on non-Cloudflare sites to drum up more customers.

    That ā€™s covered in the article. Search ā€œbootersā€.

    • lazynooblet
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      Ā·
      1 year ago

      Oh come on, did you write that article? I donā€™t buy the human rights thing at all, itā€™s incredibly far fetched, almost maniacal. In any case, the school decided to implement CF as a tool, why does it make CF to blame?

      The document makes valid claims against CF (Iā€™m against the whole MitM approach), but plucking out things like ā€œsoftware freedomā€ for a commercial product? It is idealistic to a fault.

      exaggerated?

      Ctrl+F ā€œtorā€, highlight matches, wow thats a lot ā€“ could be summarised to a single paragraph of maybe 2 sentences. It repeats so often I started to roll my eyes.

      The article is already written as a concise minimal outline

      A false statement in my opinion, its written in such an exaggerated fashion that there are repeated statements throughout, and is an all out attack on CF that begins to reach for some really minor infractions on idealistic viewpoints; case in point: vector vs bitmap images. It detracts from the real issues.

      Not my problem

      Dismissive because? Yes there are other tools, using similar technologies. Back in the day, a single disgruntled user would need to pool resources to perform a super simple DDoS using bandwidth as a tool alone (ie. smurf). Now the number of users with 1Gbit upload at home is rising (or just rent a few VPS), and the number of pooled resources required is much lower. That doesnā€™t factor in slightly more sophistic DoS using expensive queries. Lemmy is susceptible to this, but the entire federated instances design is a natural defense. But your lone website? An open target that tools like CF come in handy for. The fact that it is implemented as a MitM is unfortunate, and I wish it were better as it makes CF the holder of all the keys.

      My take on the article is:

      MitM is bad, CF are capable of grabbing all our sensitive data. There is no evidence yet that this has been exploited. Tor has been blocked by default. The rest of the document is hyperbole.

      • diyrebel@lemmy.dbzer0.comOP
        link
        fedilink
        arrow-up
        1
        arrow-down
        7
        Ā·
        edit-2
        1 year ago

        I donā€™t buy the human rights thing at all, itā€™s incredibly far fetched, almost maniacal.

        Again, it would do you some good to read the UNā€™s Universal Declaration of Human Rights (#UDHR).

        Article 21 Ā¶2: ā€œEveryone has the right of equal access to public service in his country.ā€

        Article 26: ā€œEveryone has the right to education. ā€¦ higher education shall be equally accessible to allā€

        Do you understand what that means? Does it say ā€œEveryone in Denmark except those who are excluded by the private US corporation Cloudflare or donā€™t agree with the terms of US corporation Proquestā€?

        What about public schools that force students to agree to Googleā€™s terms of service and patronize Google Inc as a condition of class participation? Do you see a human rights problem there (assuming youā€™ve read and understand the above two UDHR paragraphs)?

        the school decided to implement CF as a tool, why does it make CF to blame?

        Thereā€™s enough blame to go around to the school and all entities involved. Cloudflare gets blame for their defaults. Do a search on the #powerOfDefaults if you donā€™t grasp the importance of defaults.

        but plucking out things like ā€œsoftware freedomā€ for a commercial product?

        This so-called ā€œcommercialā€ product is being used in the public sector, which means people who need public service are being forced to execute non-free software.

        exaggerated?

        Ctrl+F ā€œtorā€, highlight matches, wow thats a lot ā€“ could be summarised to a single paragraph of maybe 2 sentences. It repeats so often I started to roll my eyes. ā€¦ its written in such an exaggerated fashion that there are repeated statements throughout,

        This logic doesnā€™t follow. First of all, repetition and exaggeration are completely different attributes. You seem to be claiming both yet cannot pin down either. Which claim is redundant? Which claim is exaggerated? Itā€™s better if you copy exact statements here if you want to make any sense. So far youā€™re just generalizing and hand-waving. When I search for ā€œTorā€ in that article, I see no false statements. Be specific.

        case in point: vector vs bitmap images. It detracts from the real issues.

        Thereā€™s no such distinction in the article between those types of images. The distinction was only made in this thread to illustrate the failure of your strawman by critical omission.

        Dismissive because? Yes there are other tools, using similar technologies.

        Not at all. infosec.pub is not using Cloudflare or anything like it. infosec.pub demonstrates how to avoid anything like CF.

        There is no evidence yet that this has been exploited.

        This is like saying I donā€™t need to lock my car/house door because the lack of security has not been exploited. Of course itā€™s foolish to extend needless trust. In security we act on potential not just react to what has occurred. We lock our door even if weā€™ve not witnessed an intrusion.

        • lazynooblet
          link
          fedilink
          English
          arrow-up
          6
          Ā·
          1 year ago

          Do you understand what that means?

          Yes. It means you canā€™t access the resource using the technology you prefer (seriously, who use wget to browse the web?), but it doesnā€™t stop you from reaching the resource as a person. Hence human rights being the thing, not wget/tor rights.

          Google used in class; Do you see a human rights problem there?

          I donā€™t, for the same reason as I have to register at the library before taking a book.

          if you donā€™t grasp

          No, Iā€™m not uninformed. I just donā€™t agree with you.

          which means people who need public service are being forced to execute non-free software

          Ah, okay, I understand your view point here. I donā€™t care much for that.

          Thereā€™s no such distinction in the article between those types of images

          You brought it up, it was your example. The document says the fact CF use images, that they are a blight on the environment. Its like an onion article title. šŸ™„

          infosec.pub demonstrates how to avoid anything like CF

          Good for them.

          • diyrebel@lemmy.dbzer0.comOP
            link
            fedilink
            arrow-up
            1
            arrow-down
            6
            Ā·
            edit-2
            1 year ago

            Yes. It means you canā€™t access the resource using the technology you prefer (seriously, who use wget to browse the web?), but it doesnā€™t stop you from reaching the resource as a person. Hence human rights being the thing, not wget/tor rights.

            (emphasis mine) This is not about preferencesĀ¹. If your ISP uses CGNAT because youā€™re too poor to afford a subscription that gives you a unique unshared IP address, you are blocked from Cloudflare sites regardless of which browser you use. Itā€™s also not down to preference if you canā€™t afford to maintain a platform that supports the latest GUI browser. Libraries are also blocked and users of libraries have no control over the libraries IP or installed browser. The elitism you endorse is of course at the expense of excluding human beings.

            1: what you perceive as a ā€œpreferenceā€ is perversely broad. I donā€™t use Chromium not because I have a persnickety problem with the UI or UX, but because it includes Google spyware. I object to privacy abuse. A vast majority of the population uses Chromium and so a vast majority of websites cater for Chromium & ultimately marginalizing non-Chromium users who object to the #privacy intrusion. Itā€™s worth noting that privacy abuse is also a human rights issue in itself:

            UDHR article 12: ā€œNo one shall be subjected to arbitrary interference with his privacy, family, home or correspondence,ā€¦ā€

            So when a public service imposes a means of access that arbitrarily abuses someoneā€™s privacy, that is also a violation of human rights.

            I donā€™t, for the same reason as I have to register at the library before taking a book.

            This logic doesnā€™t follow. To recap with emphasis the paragraph that applies to public libraries:

            Article 21 Ā¶2: ā€œEveryone has the right of equal access to public service in his country.ā€

            Library registration in Europe is inclusive does not exclude people who do not agree with the terms of service of a US corporation like Google. It ensures eligibility by verifying residency. If library reg were to exclude locals who Google excludes by requiring a Google login/interaction, it would indeed by a human rights violation for the same reason.

            Thereā€™s no such distinction in the article between those types of images

            You brought it up, it was your example.

            Thatā€™s what I said. Itā€™s my example, not the authorā€™s. And it was an example that exposed your strawman attempt. The example did the job it was meant for.

            The document says the fact CF use images, that they are a blight on the environment. Its like an onion article title.

            CAPTCHA images are raster images. Did you follow the citation? The logic follows. Graphics are far heavier than text.

            BTW, I personally disable images in my GUI browser. It makes me look more like a bot & get treated as such but I consume far less bandwidth - thus less energy.

            • lazynooblet
              link
              fedilink
              English
              arrow-up
              7
              Ā·
              1 year ago

              If your ISP uses CGNAT because youā€™re too poor to afford a subscription that gives you a unique unshared IP address, you are blocked from Cloudflare sites regardless of which browser you use.

              I have several customers on CGNAT and they are not blocked from Cloudflare. Which puts the rest of your point on the back foot.

              This logic doesnā€™t follow.

              Of course it does. You missed the distinction between excluding a person and a means. If the user couldnā€™t access a site from their current location, they could use another one that isnā€™t blocked. Therefore the person isnā€™t blocked, no human rights violation. Which is totally absurd, I canā€™t beleive we are talking about human rights violation in this context.

              Thatā€™s what I said. Itā€™s my example, not the authorā€™s.

              Right, and in the document they just say images are a blight on the environment, which is laughable. Your attempt to clarify it, just made it look even weaker. No strawman rhetoric here, just calling it out to be a muted point.

              BTW, I personally disable images in my GUI browser.

              And on that point I think you are in the extreme. An extremist that ā€œcanā€™t be bargained with, it canā€™t be reasoned with, it doesnā€™t feel pity or remorse or fear, and it absolutely will not stopā€¦ EVERā€

              Putting a stop to this now, the effort far outstrips the fun factor.

              • diyrebel@lemmy.dbzer0.comOP
                link
                fedilink
                arrow-up
                1
                arrow-down
                6
                Ā·
                edit-2
                1 year ago

                I have several customers on CGNAT and they are not blocked from Cloudflare. Which puts the rest of your point on the back foot.

                1. Your users donā€™t necessarily behave in a way that would earn a bad IP reputation
                2. A bad IP reputation does not necessarily contaminate the whole IP pool.
                3. Your users donā€™t necessarily know what CGNAT is, what an IP address is, or that they are exposed to CGNAT collective punishment
                4. Your users donā€™t necessarily report blockades to you. Many non-tor users report hitting the CF blockade and they have no idea why. CFā€™s error messages are typically deceptively worded to deliberately mislead and point blame on the user themselves. If some sites are blocked but not others, the ISP is not going to be the focus of complaints - if any. They are more likely to complain in social media than they are to the ISP.
                5. Most users have been conditioned to accept CAPTCHAs, not report them as abusive or malicious to anyone. But when they do, the website owner gets the complaint not the ISP.

                Of course it does. You missed the distinction between excluding a person and a means.

                The nuance is lost on your part. When you exclude a personā€™s only means of access, you exclude the person. When you make public service conditional on agreeing to the terms of a private corporation, you also exclude the people who disagree with the terms. Cloudflare is also non-transparent and never tells those they marginalize why they are being marginalized. The marginalized donā€™t even necessarily know there is an unblocked means of access or what that means of access entails.

                If the user couldnā€™t access a site from their current location, they could use another one that isnā€™t blocked.

                You donā€™t know what ā€œblockā€ means. A block is an obstruction. Itā€™s not necessarily absolute. If the road is blocked by a fence, of course you can circumvent the block by climbing the fence. This does not mean the roadblock ceases to exist. Anyone who is either unfit to climb the fence or unwilling remains blocked. The discriminatory denial of access to a public service is a human rights violation. If a black person is denied access to a library, we donā€™t say: ā€œwell they can paint their skin white and then they can get access, thus there is no human rights violation hereā€.

                No strawman rhetoric here, just calling it out to be a muted point.

                Itā€™s a strawman because you misrepresented the original claim by leaving out critical details. Had you quoted the claim it would not have been a strawman. Or if you had been wise enough to know which details are too critical in the thesis for omission, you would not have created a strawman. But itā€™s clear that your goal was simply to smear the article so the strawman was obviously intentional.

                And on that point I think you are in the extreme.

                When I load images it will sucks dry my limited monthly bandwidth credit. An unlimited connection would cost me more than triple the fees. And yet you call it ā€œextremistā€ to be frugal & pro-environment/socially responsible rather than wastefully indulgent. This tendency to look to smear people who are either socially responsible or not corporate pushovers is apparently why you have this pro-repressive tech giant attitude that doesnā€™t mind marginalizing people.