23

I recently made a post about Shinigami Eyes and BlockParty and started thinking about activist tools.

The ones mentioned are of course merely mitigation tools, but speaking of activist tools more broadly, like some people suggest Signal and Tor Browser for activists, as a fine balance between security and a low technical bar for entrance.

I am not really sure that any of these differ substantially from Matrix and Firefox and why they are so special.

The ActivityPub protocol. the one Lemmy uses, is a mature protocol and people have put thought in various aspects of it.

Apart from Lemmy, there are ActivityPub applications that foster activist and IRL communication, like Framasoft's Mobilizon.

The main issue I would think of about ActivityPub instances for community organizing is the lack of specialized features for this type of work, like polling.

And the major issue of course is the pseudonymity/anonymity and completely open signups renders existing apps like Lemmy untenable for community activism organizing.

In your opinion, what would it take for an Activity Pub application to be a secure, efficient tool for community activism?

all 23 comments
sorted by: hot top controversial new old
[-] delirious_owl@discuss.online 20 points 4 months ago* (last edited 4 months ago)

Wut? Social media is for public messages. If you want something to be private, don't use Activity Pub

But its a useful tool for blasting public info for organizers, sure

[-] jlow@beehaw.org 7 points 4 months ago

Exactly, never use social media (Acticity Pup, Insta, Tiktok etc) to organise activism, use it to comminicate with the pubkic, that's what it's made for.

[-] whydudothatdrcrane@lemmy.ml 4 points 4 months ago

Um, does community organizing have to be secret to be immune to trolls and bad actors?

[-] delirious_owl@discuss.online 9 points 4 months ago

It depends what you're organizing

[-] Petter1@lemm.ee 3 points 4 months ago* (last edited 4 months ago)

Well, if you want publicly available discussions, I think a lemmy community would be well suited, since you can block people from posting or commenting stuff there, but block reading does not work. If you want that it is not public, I would say one of the most convenient and save places would be a matrix space. It is like discord just not a service, but a protocol (well matrix organisation does host an own instance) that allows having private e2e encrypted chat rooms and even video call using jitsi. I just fear, that getting people into the space is a bit more difficult compared to the invitation systems of discord using bots.

[-] whydudothatdrcrane@lemmy.ml 0 points 4 months ago

Sure, I understand Matrix fine. On the contrary, I don't get why people find it harder to switch to than Discord?

[-] Petter1@lemm.ee 2 points 4 months ago

Well I have never created a space, it just now came to my mind that you could have the same setup as discord with public and private chats where new blood can write and get approved to join the private stuff 🤔 and thus I agree. It most likely just because many have a discord account and only few a account on a matrix instance

[-] rimu@piefed.social 12 points 4 months ago* (last edited 4 months ago)

Private messages would need to be end-to-end encrypted. No ActivityPub-based platform does this. I've been mulling over how to do it but haven't landed on anything solid yet.

Signs-ups don't have to be open, they can be closed or vetted - it's just a config option that can be changed with a couple of clicks.

PieFed has polls. But it'd be helpful to take inspiration from Loomio and add much richer functionality here to turn a poll into a proper group decision-making tool.

[-] whydudothatdrcrane@lemmy.ml 2 points 4 months ago

add much richer functionality here to turn a poll into a proper group decision-making tool

This wording shapes my thought better than I did in the post.

[-] rikudou 1 points 4 months ago

E2e private messages are easy, you just have to make them locked to the software you're using. Meaning it they were implemented in Lemmy, you could only use them across Lemmy users.

Otherwise an extension of the ActivityPub protocol would be needed.

[-] jeena@piefed.jeena.net 5 points 4 months ago

You can run Lemmy or PieFed (which also has build in polls) non federated as a private instance, this way the content will not be sent to other instances and it's basically a forum. You can also disable open signups and only add users manually.

But then you still need to do something about anonymous access, because both just show the content to people who are not signed in, so you would need to put it behind some extra login or so.

[-] demesisx@programming.dev 2 points 4 months ago

If you find that the fediverse isnt the right tech for this kind of thing, have a look at NOSTR. I recently learned about it in the context of my hypothetical Lemmy fork. For what I am trying to do with it (decentralized retail inventory), NOSTR was much better suited than Lemmy. My only issue with it is that it ties bitcoin lightning walllets into its authentication mechanism (a dealbreaker for me at least). My future uses for it would be FAR different than yours but it also seems more well-suited to activism as well.

[-] whydudothatdrcrane@lemmy.ml 2 points 4 months ago

Sure, the use case is remote to say the least, but the decentralized thing is appealing. I will have to wrap my head around the bitcoin registration thing, since I am not familiar with crypto. But I did imagine something like decentralized exchange or shops as part of community organizing. In that manner you can, for instance, support web creators within a given community etc. So, perhaps the use case not that far as it initially seems.

[-] demesisx@programming.dev 2 points 4 months ago* (last edited 4 months ago)

If you want to have a go at using that NOSTR tech but stripping the lightning wallet thing out for another (less BTC maximalist but equally or even more secure) form of authentication, I’d be very interested. I’m obviously not going to roll my own auth from scratch….but as I see it, tying BTC to it could prevent MANY people from giving an otherwise very promising tech a chance. Besides, there are already far more secure cryptographic elliptical curves in use by other cryptocurrencies that NOSTR conspicuously passed over in favor of BTC’s.

I probably don’t have the resources nor experience to do it myself but I’d love for this tech to exist.

[-] whydudothatdrcrane@lemmy.ml 2 points 4 months ago

orm of authentication, I’d be very interested. I’m obviously not going to roll my own auth from scratch….but as I see it, tying BTC to it could prevent MANY people from giving an otherwise very promising tech a chance.

I am not quite familiar with the overlap between Bitcoin and authentication. In fact it seems I assume they are totally separate things. If you care to explain further or point me to the right resources?

[-] demesisx@programming.dev 2 points 4 months ago

Perhaps I’m the one who’s mistaken.

I came to this conclusion because: From my initial cursory investigation of NOSTR, in all of the instructions to get started I found, the first step was to create a lightning wallet. Maybe I’m incorrect but, from what I understood, BTC’s authentication is one and the same with NOSTR’s authentication.

[-] whydudothatdrcrane@lemmy.ml 2 points 4 months ago

If that is the case, then it arguably be an extra step for new people to join. I fear that not many will unless already familiar with Bitcoin etc.

[-] demesisx@programming.dev 1 points 4 months ago

I’m a fan of crypto but I happen to hold the strong opinion that BTC’s authentication algorithm shouldn’t have been chosen because it’s not secure enough for future proofing. Furthermore, that BTC tie-in will alienate many people including myself. Anyway, I’d love some help forking NOSTR to NOT use BTC authentication because that task is FAR beyond my skills.

[-] whydudothatdrcrane@lemmy.ml 1 points 4 months ago

About the technical side of my response. I have difficulty understanding your concern, because from what I have seen so far, NOSTR is a protocol and has different implementations. As a protocol it is very liberal since it mostly goes on to specify the structure of the "event" data type. In the specification I saw that it specifies signing and verifying notes with private/public key pairs, but I haven't seen yet where on the protocol level it requires Bitcoin Lightning. Is it possible that you have looked into a specific implementation which elected to use such cryptographic keys as to make it interoperate with the Bitcoin blockchain to start with? In that case, the articles linked by the project mention that the protocol is simple and can be implemented "in a weekend". That means that instead of even forking it at all you can roll your own in your chosen framework?

[-] demesisx@programming.dev 1 points 4 months ago

Sounds great! Thanks for looking into that. I’m a bit of a jack of all trades. So, I tend to try and thoroughly vet a technology before I really dive in and commit my blood, sweat, and tears.

A couple of weeks ago, I found a previous implementation in Haskell. If I were really approaching the stack that I think will be best for the future, perhaps I should fork that one. I’m wishing Purescript was ready for prime time (was popular enough to have more educational material) because that would be a no brainer…especially the work they’ve recently been doing with a Chez Scheme back end.

I’ll start to look into it more in the coming week. Thank you so much! I have a community setup for this idea at https://infosec.pub/c/Lemventory

I may change it, though, since this is no longer Lemmy-related. As I realized, inventory is just not suited to Pub/Sub due to the need to have varying levels of security for the information being broadcast and subscribed to.

[-] whydudothatdrcrane@lemmy.ml 1 points 4 months ago

I have had a look into Nostr. My remarks perhaps will start a whole other thread but I will express them. For one thing, I had a quick look at odysh some time ago, and I have left with a sour taste about the connotations of 'censorship resistant'. Don't get me wrong I am of course against state censorship, but I (unironically-please say otherwise) wonder if there is more to this phrase than nazi dogwhistling. Within censorship resistant social networks is there a) the possibility to mass block, mitigate harassment brigades, tag nazis, and combat other types of toxic trolling and brigading? b) is there absolutely any level of moderation possible, including and going beyond the possibility to go back and delete stuff posted by trolls, or even illegal stuff like slander, hate speech, revenge porn and worse? I can't start a discussion about censorship resistant networks if these conditions are not met, because so much dogwhistling has, well, "smuggled" these meanings into the term, and I am reluctant towards it.

[-] geolaw@lemmygrad.ml 2 points 4 months ago
this post was submitted on 07 Aug 2024
23 points (87.1% liked)

Open Source

31736 readers
128 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS