The metadata in the headers can be avoided using Memoryhole and similar protocols which embed the headers inside the encrypted payload. The problem is again barrier to entry. Low-tech users generally can’t even handle app installs on desktops.

When you say “worry”, that’s not the right word for it. My boycott against Google is not fear-driven. I will not feed Google anything it can profit from as an ethical stance. Even if an expert linux tor user were on Google, I’m not sure we could exchange email in a way that ensures Google gets no profitable data. If we use PGP coupled with Memoryhole to strip out the headers, I’m not sure Google would accept a msg with a missing or bogus From: header. But if so, Google still possibly learns the user’s timezone. Though that may be useless if Google learns nothing else about that user. But we’re talking obscure corner cases at this point. Such an expert user would have no Google dependency anyway.

MS/google-dependent friends are generally extremely low-tech. They don’t know the difference between Firefox and the Internet. They don’t know the difference between Wi-Fi and Internet. Linux – what’s linux? They would say. At best, they just think of it as a mysterious nerd tool to be avoided. So what can I do wholly on my end to reach them via gmail without Google getting a shred of profitable data? Nothing really. So I just don’t connect directly with a large segment of friends and family. Some of them are probably no longer reachable. Some are in touch with people who connect to me via XMPP, so sometimes info/msgs get proxied through the few XMPP users. It’s still a shitshow because Google still gets fed through that proxied inner circle of friends and family. In the past when someone needed to reach me directly, they would create a Hushmail or Protonmail mail account for that temporary purpose (like coordinating a trip somewhere). But that option is mostly dead.

I just had to reach out to plumbers for quotes. All of them are gmail-served. All I could do is refuse to share my email address and push them to use analog mechanisms. They are not hungry enough for business to alter their online workflow or create protonmail accounts.

That’s exactly what I did with hushmail. I would tell low-tech folks to get a hushmail account then I would use hushtools.com to do all the key management, putting my key on the keyring and grabbing their key. So the other person did not need to know anything or take any special steps. That was best option of my time. But last time I checked hushmail was still entirely non-gratis.

Protonmail emerged when HM became non-gratis and messed with hushtools. But PM requires every one of their own users to do key management which creates a barrier to entry. I would have to walk a PM user through adding my key to my record in their address book and walk them through sending me their key. That effort is a show stopper for many. I might as well walk them through setting up a PGP-capable MUA. But then if they keep their gmail or MS acct the metadata still feeds those corps.

This simple answer is no doubt the most overlooked; probably as a consequence of the tyranny of convenience… people too lazy to go to the library.

I give out my XMPP address and offer Snikket accounts. Some go along with it and some do not. I lost touch with some friends. Some people are in contact via phone but that’s not ideal some connections are lost as phone numbers change.

I used to push some people toward Hushmail until they dropped the gratis plans. Then for a while I pressured people onto Protonmail but then distanced myself from PM when the brought in Google reCAPTCHAs and killed off Hydroxide. Tuta is a non-starter because Tuta’s variety of e2ee is incompatible with open standards, thus forcing me to periodically login to a web UI (also due to them sabotaging their Android app by way of forced obsolescence pushed in the most incompetent way).

So it’s a shitty state of affairs. 2024 and simply sending a msg to someone has become a total shitshow.

I refuse to fund my oppressors

Bingo. I live by this philosophy.

Although more precisely: I refuse to fund feed my oppressors. The reason for s/fund/feed/ swap is that our oppressors profit from our data too. So e.g. I won’t even email a gmail user because my data would then feed Google (an oppressor because of how they dictate e-mail terms among other oppressions).

The others are right. Trying to stream from a torrent seems wasteful and complex.

But if you must for some strange reason, perhaps it would work to use webtor.io to produce an http-reachable audio file which could be curl/wget-fetched and piped to an audio decoder/player. I doubt you could make webtor fetch pieces linearly from the beginning. You would likely have to wait until the last piece is fetched to start streaming.

I’ve not fetched subtitles in a while but back when I did, I recall all the websites hosting them were extremely protectionist… more so than any other category of content on the web.

Of course the fix is to have torrents for the subtitle collections, perhaps by language.

Hopefully he asks you to audit a tool you might enjoy using or contributing to.

Sounds good… will be interesting to see if @scratchandgame@lemmy.ml takes you up on the offer!

lemmy.ml (formerly dev.lemmy.ml) was centralized by Cloudflare (after the renaming iirc). It was an embarrassment that the flagship instance was so antithetical to Fedi philosophy. Perhaps due to that well-placed criticism, lemmy.ml eventually dropped CF. But lemmy.ml is still today centralized by disproportionate size. There is also copious political baggage with those admins which has helped drive people off (thus beneficial shrinkage) but which ultimately enabled/led lemmy.world to become the biggest most centralized instance (which is centralized by both factors: Cloudflare and disproportionate size).

In the big scheme of things, AFAICT beehaw is federated and reachable from other Fedi-principles-respecting instances. I can reach it from other non-walled-garden instances I listed. Grouping beehaw with the walled garden instances is a weird place to draw a line. I’ve only heard about beehaw defederating from instances that are antithetical to the fediverse spirit. But I only know w.r.t the big instances… feel free to point out counter examples. There probably wouldn’t be much chatter about defederation from small instances.

The biggest problem is self-contradiction. These two statements are incompatible:

• “This [auditing] is NOT the most important benefit.”
• “‘open source’ is good, firstly, because it permits auditing the source code”

@loudWaterHombre@lemmy.dbzer0.com or @loudWaterEnjoyer@lemmy.dbzer0.com can audit for you.

Seriously, that’s what you’re missing. Bob the non-coder can trust Microsoft not to plant spyware in MS products, or Bob can trust some portion of the public (limited to ~8 billion people) to audit the code. It’s easier to trust the public than it is to trust a corporation. It’s not just about quantity of eyes, but having eyes that are more aligned with your interests.

When I first read this, I thought you were referring to threads in the generic sense – that your instance was blocking specific discussions. You should have capitalized Threads™, and ideally have the TM.

Wow… Fuck #Facebook for hi-jacking a common word. We really need to replace FB Threads™ with an unambiguous word that does not fuck up conversation.

Perhaps, but your reasoning is a bit too vague to be convincing. So what am I missing? Beehaw registration is open. I had no problem getting an account there; over Tor in fact. I don’t recall if they were using the Q/A interview field back when I signed up. OTOH that screening mechanism has become quite typical these days.

W.r.t defederation, I only know that Beehaw defederated from centralized instances, which is fair enough from the PoV of those embracing the decentralization principle. I skimmed through their several page long policies which boil down to “don’t be mean”. So I would guess they defederate from hate-rich nodes - not sure. What specifically do you have in mind?

The Cloudflare instances I listed are walled gardens because they restrict access hard and fast to various demographics with arbitrary exclusion of various groups of people (which IMO is an even harsher form of walled garden than some of the corporate walled gardens). I would not call having a code of conduct indicative of a walled garden, otherwise we would be calling just about every single instance a walled garden and thus not a useful place to draw a line.

If you oppose tech giants, then of course these Cloudflare instances are unsuitable and should be avoided:

• lemmy.world ← Cloudflare
• sh.itjust.works ← Cloudflare
• zerobytes.monster ← Cloudflare
• lemmy.ca ← Cloudflare
• lemm.ee ← Cloudflare
• programming.dev ← Cloudflare
• lemmy.zip ← Cloudflare

This has nothing to do with your question about blocked threads, but I gather that you want to avoid the enshitification brought by tech giants, and you are on lemmy.zip. Cloudflare is a walled-garden and exclusive club. Not everyone can access Cloudflare-jailed content. CF also sees your username and password. So I suggest choosing an instance other than the above, and favoring communities that are also not on those instances.

Some free-world non-walled-garden instances are:

• fedia.io
• sopuli.xyz
• beehaw.org
• infosec.pub
• lemmy.dbzer0.com
• slrpnk.net
• links.hackliberty.org
• mander.xyz

It basically is saying that if you have more money then you have more “votes”.

That’s simply true. It doesn’t do anyone any good to disregard the facts.

Or to put it in another way: If you have more money you matter more.

That abstraction doesn’t help much. And first of all, it’s more accurate to derive the statement “If you have more money then you have more influence”.

It’s still a shitty status quo, but it is what it is. The worse thing you can do is tell people not to boycott shit products on the basis of rejecting reality. It’d be like telling people not to vote in elections because their vote is a drop in the ocean.

Some people vote for democrats, then they cancel their own vote by getting their internet service from Spectrum, buying fuel from Chevron for their car, shipping their packages using FedEx, getting their phone service from AT&T, banking at PNC Bank, flying on Boeing planes, shopping on Amazon, doing their web searches on a Microsoft syndicate’s site (e.g. DDG), buying Sony devices… etc. They either have no clue that most of their voting is actually for the republicans, or they think that drop-in-the-ocean vote that comes once in 4 years somehow carries more weight than the daily votes they cast with reckless disregard.

Greg Abbott’s war chest is mostly fed by oil companies. If you buy fuel for a car, you help Greg Abbott and other republicans. And if you buy from Chevron, you give the greatest support to republicans (Chevron is an ALEC member).

You might let her know that she can borrow DVDs from the public library at no cost. Another little-known gratis option is freesat and terrestrial broadcast. I recently started using MythTV as a PVR to record broadcast TV and was pleasantly surprised to find no commercial interruptions (but if there are commercials in her region, MythTV can cut them out).

I didn’t see the OP’s pic but these groups generally work against enshitification of the world:

• !asshole_crappy_design@slrpnk.net
• !activist_investing@lemmy.whynotdrs.org
• !escapebigtech@lemmy.escapebigtech.info
• !cyber_activism@sopuli.xyz
• !netneutrality@sopuli.xyz
• !right_to_unplug@sopuli.xyz
• !buyitforlife@slrpnk.net
• !anticonsumption@sopuli.xyz
• !fightforprivacy@feddit.ch
• !offgrid@slrpnk.net
• !foss@beehaw.net
• !privacy@links.hackliberty.org
• !climate_action_individual@slrpnk.net

Notice that none of those communities are on Cloudflared instances (thus also avoid propagating the enshitified portion of the fedi).

Ending capitalism is not the /only/ way. Within a capitalistic system, you can boycott shit. Most consumers are pushovers but it doesn’t have to be that way. I’m boycotting hundreds of shitty companies. Off the top of my head:

• Amazon
• Cloudflare
• Microsoft
• Facebook
• Google
• Apple
• (surveillance advertisers in general)
• (all closed-source s/w)
• HP
• Proctor & Gamble
• Unilever
• all ALEC members (American Express, Anheuser Busch, Boeing, CenturyLink, Charter Communications, Chevron, FedEx, Motorola, PNC bank, Sony, TimeWarner)
• many shitty banks
• Paypal
• AT&T
• GMA members (Coke, Pepsi, Kraft - Heinz, Kellogg’s, General Mills, McCormick, Hormel, Smucker)
• BetterThanCashAlliance.org members (visa, mastercard, unilever) – war on cash
• Bayar-Monsanto
• Dupont
• Hershey
• Nestlé
• Exxon/Mobil
• Comcast
• Koch
• Home Depot
• Lowes
• …etc

Those are all shitty companies that significantly worsen the world. Giving money or data to any of them contributes to enshitification of the world.

Of course it’s an option to stop supporting assholes. Become ethical. Be the change you want to see.

All law compliance is voluntary on the threat of consequences, that is a bad point, because since all compliance is voluntary, then you are saying that all laws are largely useless.

Yes, but this only muddies the waters to mention. You’ve forgotten what I said previously. I’m not saying it’s voluntary on the trivial basis that all actions are voluntary. I’m saying compliance is voluntary because (as I have established and you failed to counter) the GDPR is not being enforced for the most part. You have ONE fine every THREE WEEKS by each DPA. How is your math not sorting that out? I will lay it out here:

52 weeks/yr ÷ 3 weeks × 23 DPAs × 5 years = 1993 + ⅓

That’s absurdly deadbeat on the DPA’s part. As one individual I am personally encountering violations at nearly that rate just on my own as one person. On average the DPA in one country is doing enough workload for one single victim. Scale that to a nation of people and the result is they’re doing fuck all.

My anecdotal experience reflects that of others and in fact mirrors the big picture. But you need not take my word for it. Read about it (“Fines are few and far between…Enforcement is, at best, patchy and inconsistent.”). Though I must say your lack of awareness makes your background questionable. You should know about the lack of enforcement problem if your career is tied to it. After all, your own numbers reflects this you’re just neglecting to do the math.

You’ve tried shifting the focus onto the revenue from the fines, which is irrelevant to the probability of getting a fine. The absurdity of that attempt is that “Meta…. accounted for 80% [of last year’s total fines], with its largest fine reaching €405 million.”

Outliers don’t make the law moot,

They do when the statistical outliers actually reflect cases of fines, as opposed to the cases of inaction. Again, 1 fine every 3 weeks for a whole country. That’s what makes the law moot from an enforcement perspective. You throw out the outliers and you’re left with no enforcement in the remaining dataset.

What you are saying is that due to the fact that corruption exists, your govs are not taking the law seriously.

I didn’t exactly assert corruption. That’d be slightly overstated. There is certainly a conflict of interest when gov agencies are accountable to DPAs of the same country. You can use your own judgement as to whether to outright assert “corruption”. Either way, that’s only a factor when the GDPR offender is a gov agency. Lack of enforcement is bigger than that. As I said, the law itself is the problem because it’s not motivational. Again, there is no enforcement clause to force DPAs to honor article 77 reports. That’s the problem which you continue to ignore. It also doesn’t help that “DPAs complain about a lack of budget and personnel. While German DPAs employ around 1200 staff, Belgian, Croatian, and Romanian DPAs average only 50.” (from the same article) So the other problem is that the GDPR does not require member states to allocate sufficient resources for the workload – though that problem would take care of itself if there were a penalty for member states who fail to uphold art.77.