Extinction looms for FTAV’s Mastodon presence

  • Sinnerman@kbin.social
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    It’s telling that most of their problems were regulatory/legal rather than technical. (they only have one bullet point about “a bunch of techy stuff”.)

    But the whole article has a very strong “how do you do, fellow kids?” vibe. I think the fediverse will manage to survive without the Financial Times’ mastodon server.

    • 0x1C3B00DA@kbin.social
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      There’s also the point about upgrades and storage growing exponentially, which is one of the most recurring complaints about running a fediverse server. Even the ones that are can lighter than mastodon have to contend with huge databases that never stop growing.

  • CloverSi@lemmy.comfysnug.space
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Respect to them for trying something new, can’t blame them for it not working out. Though from the article it doesn’t sound like they had any major issue with mastodon or its administration itself - their primary issue was the legal risks, which really should have been considered before launching. It seems disingenuous to use a headline like that when the main problem wasn’t the running of the site, but a fear of legal repurcussions that could have been easily seen before making the site. That’s my two cents anyway.

    It is sad how regulation of social media seems to affect smaller sites more than the big ones. Legal liability looks very different to a company with flocks of lawyers than someone hosting a small server at home.

  • emeralddawn45
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Mastodon administrators have access to everyone’s private messages? Wtf? Is lemmy like that?

    • CaptainJanegay@kbin.social
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Anyone who owns a server can access all the data stored on it, unless the data is end-to-end encrypted. Whether it’s mastodon, Lemmy, Facebook, twitter, Gmail, vBulletin, whatever.

      If you need to say something that you can’t risk anyone else seeing, use an end-to-end encrypted messaging app, or implement encryption yourself using e.g. PGP.

      • emeralddawn45
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I mean I don’t care I’m not saying anything illegal anyway, and I assumed reddit administration could read messages, I’m just surprised. I assumed because of how lemmy started and the whole idea of taking away drastic overreach by admins that private messages would be set up to be… private.

        • stevecrox@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          The admins to perform upgrades, monitoring, fixes, etc… will require root access to the database. That means they can alter all your posts to say *blah blah blah" if they wanted.

          Similarly passwords will be encrypted within the database and encryption algorithms have to be able to go in both directions. Normally they need a seed value to start random generation. The admin defines the seed as a result an admin can decrypt everything in the database.

          • kspatlas@artemis.camp
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            This is incorrect, passwords should be hashed, not encrypted. Hashing is only one way (unless you use a terrible hashing algorithm or your attackers have access to a quantum computer), these hashes are also often salted, which means adding extra data to the hash to protect against some attacks

          • AnarchoYeasty@beehaw.org
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Please never talk about passwords and encryption again without actually learning what is going on. You have no idea what you are talking about. Passwords are NEVER encrypted because then passwords can be decrypted and stolen. Passwords are salted (a phrase / string of characters is added somewhere in your password) and then hashed. Hashed are one way you cannot convert a hash back into a raw string. The only way to get a password from the hash is to try and hash random passwords until you get one that matches your hash. Hence the salt which is included and different for every account. You’d have to spend forever on each row in order to figure out passwords. If you EVER find someone has stored ENCRYPTED passwords take them out back and beat them up because they are being criminal in their neglect.