kosmos.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
kosmos.social is run by the Kosmos open-source co-operative, and is open for new members via invitation by existing ones.

Server stats:

23
active users

Râu Cao ⚡

People: "LOL, politicians have no idea how the Internet works at all."

The same people: "It's a great idea that the EU tries to regulate the entire Internet via unlimited chains of responsibility among companies across borders. We as citizens should be legally forbidden to make our own decisions about what servers and people we connect to, for our own good."

@raucao IT sector is clearly not going to fix itself, and boy does it need fixing.

So if you have a better proposal, please go educate politicians, or run for office and push it.

It's super-easy to poke fun at things. It's way harder to actually come up with positive proposals. Let me know when you take up the challenge of doing the latter.

Also:
gdprexplained.eu

gdprexplained.euGDPR | GDPR explained. What’s the GDPR? What does the new regulation mean for you as an individual? What does it mean for you as a company or organisation? Read our FAQs to find out more, or send us a question and we’ll try and answer it here!

@raucao Also also, somehow it's okay for huge tech companies that have access to all our private data to "move fast and break things" (and do the things break!), but any attempt at regulation, regardless of how long in the making and how much debated to death, is by definition bad?

Please.

@rysiek I'm not poking fun at things. This helps nobody. People with guns are preventing me from making my own decisions and are responsible for companies who want to be legal shutting down service to EU users right now. I did not ask for this, and hell no, I'm not going to ask the people with guns to force someone else to do something equally stupid.

I don't need further explanations of this, as I've been researching it for way too long now. It's a trainwreck, and the evil corps are laughing.

@raucao I still fail to see any positive proposals though.

@rysiek We don't need new laws proposed. People are working on decentralized data storage and p2p apps everywhere.

@raucao fair enough, p2p is a pretty decent answer and I am looking forward to more of it.

Here's a thing: GDPR is making p2p more viable simply because p2p almost completely avoids the privacy related problems. Matrix is already moving this way *because* of GDPR: matrix.org/blog/2018/05/08/gdp

I am not saying GDPR is perfect. But I do appreciate it as an important first step.

Matrix.orgGDPR Compliance in Matrix | Matrix.orgBy Matthew Hodgson

@rysiek It's not. It will be legal hell for anyone providing hubs in decentralized networks.

@rysiek Case in points: try to have your data deleted by a Mastodon instance admin.

@rysiek (If it's not possible to provide hubs as a company or coop, and not as a private person doing it on the side, eventually burning out, then it won't reach mass market adoption.)

@raucao @rysiek The fact that Mastodon is run by a community of volunteers doesn't mean the people running it don't have obligations to their users. If complying with #GDPR is hard, then Mastodon needs fixing.

@HerraBRE @rysiek I'd say "then the GDPR needs fixing", but ok. :)

@raucao @HerraBRE both. Why shouldn't we be able to ask a Mastodon admin to delete our data if we so choose?

@rysiek @HerraBRE That's not my point. Deleting data on one instance is easy. Deleting your toots on the entire fediverse/Internet is impossible.

@rysiek @HerraBRE Same with profile data, DMs, etc.

@raucao @rysiek Is it? Deleting toots is already possible, there's a protocol for that. The #GDPR is just advising us that instances which don't correctly implement that protocol and honor the request - are actually in violation of the law. That sounds like a feature to me.

@HerraBRE @rysiek Again, that's not how the Internet works. There's no guarantee you can give as an instance admin that another instance you're federating with is compliant. And if you cannot *guarantee* that, then you yourself are not compliant. You would be legally forbidden to federate with any instance that is not compliant, and you would need data-processing agreements with all instance operators you federate with.

@HerraBRE @rysiek This is why GDPR is utterly unviable and trying to cut off European companies from non-EU ones. There's absolutely no way for a non-EU company to actually guarantee that all its processors and the processors of its processors are compliant and stay so. The best thing about the Internet, permissionless innovation without borders, has just been crippled severely for everyone who wants to operate legally.

@HerraBRE @rysiek Hence, the only legal way to do it, is to shut down service to anyone you suspect to be in the EU from their IP address. Like e.g. Instapaper did. Most other companies are fake-compliant.

@raucao @rysiek I am not sure that is a reasonable reading of the law, part of what you are doing for your users is broadcasting things out of your sphere of control, that's literally your job as an instance admin, that's the service you are providing.

If that's clear up front, I am pretty sure you can be compliant.

E-mail isn't being shut down just because an SMTP server admin can't force recipients to delete mail.

@HerraBRE @rysiek Yes, for publishing this might work. But not everything has to be published. Ideally we can have the same privacy controls as Facebook eventually.

@raucao @rysiek Maybe!

Maybe such things are all misfeatures because they encourage oversharing and put users at risk? 🤔

Maybe truly sensitive stuff should always be e2e encrypted and/or p2p only. That feels right to me.

But this is more of a philosophical question.

@HerraBRE @raucao @rysiek
If you really care about security, don't tell anyone.

If you have to tell someone, at least don't put it in writing.

If you must write, then not on computer.

If you have to put it on computer, then make it offline.

If it's online, it's not secret any more. Zero days that we don't know about are already hoarded by bad actors worldwide.

Hoping otherwise is just wishful thinking.

Don't put important data online - and have a plan for the inevitable compromise.

@raucao @rysiek on unrelated note: new pleroma does have a button for account deletion
Screenshot-2018-5-21 Pleroma So…

@raucao that's a valid concern, too. But Fediverse, at least, does not force you to use your real name, etc.