I need every infosec person to understand that surveillance capitalism is structural, not individual, and we are not going to ethically-consume our way out of it please and thank


Like take whatever measures that help you reduce your and others' exposure to surveillance, share information, give advice and organize, that's all great work! But don't assume others who use insecure corporate services are ignorant sinners in need of a sermon and conversion. Harassing people who are just trying to live and organize, doing some little good in a horrible world, does Not make anyone safer or more secure.

and if you don't like the comparison to evangelism in the above post... then don't fucking act that way

So I don't have a Soundcloud but please send money to Black and Indigenous people!

Indigenous queer household of 4 in need of household expenses: rage.love/@unfitmisfit/1086257

Help a Black Indigenous Caribeña artist get stable while they work on their Ph.D.: gofundme.com/f/help-marcia-get

Black, disabled, and cute enby in need of help to pay the bills: social.computerfox.xyz/@melani

@ljwrites A relevant post that I wrote a while ago, aimed at folks in the "privacy community": https://gist.github.com/joepie91/6a5f50b27965c711436f5b566f97960d -- I've had *some* success with linking people to that when they're being pushy/insufferable evangelists.

@ljwrites In many cases you can't opt out. My university uses office 365. If I want university emails, even if I want to publish, my orcid has to linked to a uni account afaik.

@esty yup lots of workplaces have that kind of technological lock-in :( Even as a freelancer I've been ducking, weaving, and cheating around my clients' de facto requirement for Windows and MS Office.

@ljwrites I have always tried to avoid them in my personal life but I found that, particularly when I was in 'dire straits' (which happens once in a while) I can't afford to maintain my own servers etcetera. Plus I move between countries so frequently that I can't host at home. Now with free/cheap alternatives it is a little easier but for a long time the choice really was gmail or hotmail if you were poor.

@esty yeah the hardcore techbro insistence that "everyone" can maintain their own server is... oblivious at best.

@ljwrites Yes, and while I have friends who can host for me, not everyone has tech friends, plus in the absence of widespread and easy to use crypto, it almost feels less private than a corporation hosting you. And any falling out with the friend could leave you uncontactable. It's pretty precarious.

@ljwrites Back in the day a lot of stuff was hosted by the community. I am not sure what happened to that. E.g. things like "squat.net" ( https://en.squat.net/about/ ) would host sites for any squat activism and host a calendar too, from waaaay back. But these are all backed up by real life communities, with a long meatspace history prior to this more recent more virtual era

@esty @ljwrites there is still some stuff out there for example noblogs.org for hosting blogs or riseup.net for email, pads and many other tools. Also radar.squat.net was started up for sharing events and there's quite some activity there.
Here in germany there is senfcall.de who host bigbluebutton conferences for free and with data protection in mind.

Many thanks to all the people who are taking care of this infrastructure!

@ljwrites @esty My workplace is deeply embedded in the Google ecosystem.

@naga @ljwrites Is google really better? I remember do no evil but it's not been their slogan for a while now.

@esty @ljwrites the company isn't necessarily better. Outlook is horrible.

@naga @ljwrites I can see that. We have the lot, teams, onedrive, outlook etc. Thankfully there's tools/apps that can connect to it, but it's pretty bad.

But then the other half of my collaborators use google for everything, co-authored manuscripts, shared drives, etc.

And zoom, and slack and, and and.. I think especially in academia, it's impossible to work without selling yourself (your data) to all of them.

@esty @ljwrites An IT admin can also block outside apps from connecting to the work's Outlook, which has been more my experience with it, so yeah....

@naga @ljwrites Yeah I think smtp and imap etc have to be enabled and might be disabled by default, but half the campus uses apple mail so not sure that having it of was a feasible situation.

@esty @ljwrites My most recent context was a US government employer, so they had no problems forcing uniformity.

@naga @ljwrites

I can see that.. I mean, I don't believe in having everything accessible on home systems when it's HIPAA (or equivalent elsewhere) data or other sensitive stuff, but then they should also offer a device preinstalled and configured with whatever they want,, rather than you needing to modify your home setup.

Yup. HIPAA data were behind other layers of security, but they had filters on the email (this may have been why they locked it to Outlook) that blocked any outgoing messages that included anything that looked like it might be, say, a Social Security number.


> surveillance capitalism is structural, not individual

> Harassing people [...] does Not make anyone safer or more secure.

💯 More people need to hear this.

I would like to also offer a bit of my own rant and optimistic take on how the structural/systemic issues at hand here can be addressed.

IMO a lot of the "structure" at work here comes from economic forces that poured endless investment cash into research & effort on how to make client software and webapps usable by everyone.

Meanwhile the usability of the server applications / web infrastructure stuff is still stuck in the 80/90s for the most part.

I think tech folks with the resources and time can (and should!!) strike at the root of the problem. To me that mostly means trying to improve the usability of server software and make it more accessible to more people.

I don't mean everyone should run a server.

But as servers become more and more like web browsers (they "just work" on the first try and don't break when they update themselves automatically) it will become more and more likely that everyone will know someone, or a friend of a friend in their community who _does_ run a server.

I liked the "TL;DR" from homebrewserver.club:

> Take the ‘home’ in homebrew literally and the ‘self’ in self-hosting figuratively

> That means we try to host from our homes rather than from data centres - a.k.a. ‘the cloud’ - and we try to host for and with our communities rather than just for ourselves.

I think the fediverse software and similar networks have sorta succeeded in that regard despite continued rampant usability problems on the server/admin side. Its encouraging to me that something like mastodon which is far from perfect can still gain traction and continues to attract new users and inspire new projects.

Basically I want to be a home server evangelist but if the thing I would be evangelizing still costs money, takes time to set up, and still fails 99% of the time, what's the point?

Just need to get the software / systems to a point where they don't annoy ppl much, they can be easily shared with friends, and they fulfill a need. For example they provide a sense of data custody and belonging within a local community, something folks'll never get from Google, Facebook or AWS.

Yes, its a tall order, its insanely hard / no one knows if this is even possible. But I feel like I would be doing myself and everyone else a disservice if I didn't try.

@forestjohnson I think something like YunoHost is a great step in that direction. When I used it I was amazed by how it made the admin experience more browser-like, literally an interface in the browser. I ended up uninstalling it because it felt like another layer of complexity when I needed to debug something, but getting to install and try out multiple apps in several clicks was a big help and I know experienced admins who swear by it.


Yeah I feel similar about YunoHost. My two biggest wishes for a system like YunoHost are

1. Built to support replication/failover
2. Built to support multiple users

By "support multiple users" I mean similar to how Mastodon/Matrix servers do the "1 admin per ~100 users" model.

So for example I can share my server with my friend, create an account for them, and then they can get their feet wet and try out hosting something themselves without expending too much effort.

But at the same time, since it supports replication & failover, there's a reasonable path to those "experiments" becoming well loved and frequented destinations with reliability / longevity. When one admin falls (loses interest) another can rise to take their place without much fuss.

So I think that's what I'll work on next :)

Sign in to participate in the conversation

Generalist Hometown instance with a strong focus on community standards. No TERF, no SWERF, no Nazi, no Centrist.