For passwords: Keepassxc (local) and bitwarden (cloud) are great. Keepassxc can be put into a syncthing folder for multi-device access.

For crypto: get that shit in a multi-sig wallet ASAP. You don’t want to be one compromised key away from losing it.

If you are an American and care about privacy:

• Write your representatives. Your message can be as simple as “I care about privacy”. It’s important they know you are watching their votes.
• Participate in elections, particularly downballot elections. Congressional makeup at the federal and state level matters a lot more for these kinds of things than who is president. Many recent laws like “right to repair” etc have happened at the state level since you can bypass federal congressional gridlock.
• Participate in primaries. Most Americans do not vote, most voters do not vote in primaries. If you don’t like having to choose “the lesser of two evils”, primaries give you much much more choice to express your preferences. As a primary voter, you have an outsized influence on the electoral system and can help determine the options other people get to choose from.
• Donate to PACs and non-profits working to protect your right to privacy. The EFF is an awesome non-profit. One benefit of donating to PACs is that they keep an eye on races across the country and help find and fund candidates who will advanced privacy legislation.
• “Vote with your dollar” when you buy things. In many cases, your purchasing power outweighs the political power of your vote.

It is nonsense that courts can require an online platform to host content from somebody they don’t agree with, this is compelled speech. And we’re cheering it on because X is seen as a political opponent. It sure will be fun when the shoe is on the other foot and courts are thinking they have some right to force lemmy to host or not host certain kinds of content that doesn’t agree w the new party line or is “misinformation”. “COVID was a lab leak” was misinformation until the world government’s decided it might actually have merit as an idea. Handing the government speech control powers like this is dangerous. Democracy relies on people being able to choose what they say and don’t say and share or not share that information.

It would be annoying to lose your instance, true, but you just move to another or roll your own.

This is a problem nostr solved, and I believe bluesky solves as well though idk as much about the protocol. On nostr, your identity and your instance are different things. Relay goes down? There’s no meaningful impact to you. You’re typically connected to several, each of which store your content. You identity isn’t username@somerelay dot com, it’s just username.

As a user, I had this happen to me early in mastodon and it was very frustrating to lose all my follows, followers, tweets, settings, etc. I realize there’s now ways to manually backup etc but properly moving an account requires a cooperative instance which can’t happen if it’s de-federated or just drops offline randomly like mine did.

The Fediverse and ActivityPub will continue to evolve, but unlike SMTP, they were created after the internet became adversarial. This author isn’t the first to try to fearmonger over the future of AP, and they won’t be the last.

This isn’t fearmongering, it’s him reviewing the ways SMTP tried to solve the spam problem and became centralized as a result. These questions of how we tackle spam and moderation are valid, important questions. And Fediverse, at a structural level, is basically the same as SMTP. We have users at instances (e-mail hosts), they can send messages/tweets/links (emails) to users on other instances. Each instance is free to accept/reject messages from other instances based on their own criteria. That’s the whole thing. That’s exactly how SMTP works.

And didn’t know it’s possible to defederate an email provider.

It absolutely is, your mail provider “de-federates” aka blocks mail from plenty of other e-mail providers.

Agreed :)

This is an instance moderation problem. If you’re letting spammers in, you need to use a better application process or something similar to that. A big problem with email spam is that most email services allow anyone to sign up for free without any checks.

Which is one reason, this author is arguing, that e-mail has become so centralized. Doing that kind of manual moderation and curation is expensive, the bigger instances out-compete the smaller ones who don’t have as much resources to dedicate to it. As more and more instances get “de-federated” for not having as good of anti-spam measures as the bigger instances, more users will sign up at big instances to avoid defederation risk. Just like how many people use gmail simply because their email delivery rate is so good. If I send from g-mail, there’s very few servers which will reject my message or throw it in the spam folder. I’d love to run my own mail server, but even as a dedicated sysadmin it’s impossible to get decent delivery rates.

The more anti-spam checks we have, yes we weed out spam, but we also make it accessible to less users as well.

AP has been blessed so far with not having to fight too much spam. Look at very popular, very centralized, very resourced platforms like Facebook, spam is still a problem on their platform despite massive resources put towards fighting it.

Don’t email spammers just spoof the domain or send without a domain?

They do both, depending on the spammer and the type of spam they send. In e-mail, you have an e-mail server, you can use it to send mail to users on other e-mail servers. Each e-mail server can choose to accept or reject email from other e-mail servers based on whatever reason they want. AP/Lemmy/Mastodon is basically identical to this. I’m not sure how exactly bluesky is setup but I get the impression it’s similar. In Nostr, servers aren’t federated (each relay is seperate, if you want to send/recieve content to another user on a different relays you just talk to that relay directly instead of having “your relay” act as an intermediary), but the structure is still pretty similar.

Nostr does have this hashcash type system (requiring proof-of-work to weed out spam), but I haven’t come across any relays that actually enforce it, it will be interesting to see if that changes in time. I also saw a GitHub issue about adding something similar to AP but I think they chose not to implement it.

Domains aren’t free and I don’t think it’s worth it for them to buy a new domain to just be able to spam for a short time again.

Literally what e-mail spammers do.

Agreed defederating can help solve obviously malicious instances, it doesn’t solve spammers abusing good instances. E-mail and AP are very similar at a protocol structure level.