- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
Decentralized social network Mastodon says it can’t comply with Mississippi’s age verification law — the same law that saw rival Bluesky pull out of the state — because it doesn’t have the means to do so.
The social non-profit explains that Mastodon doesn’t track its users, which makes it difficult to enforce such legislation. Nor does it want to use IP address-based blocks, as those would unfairly impact people who were traveling, it says.
You must log in or register to comment.
Does the law in Mississippi apply to the geographic region and airspace, or only residents?
nobody should comply
There’s going to come a point at which the Feds/States will lean on the ISPs to handle the censorship for them. We’ve had people all over the Nat Sec system staring at the “Great Firewall of China” and asking themselves “Can we get something like this over here?”
staring at the “Great Firewall of China” and asking themselves “Can we get something like this over here?”
I’ve just been assuming that was the goal all along.
Fifteen years ago, I said on Reddit, “The U.S. is trying to become like China before China can become like the U.S.” Of course, I got buried.
If this really about protecting kids, they could’ve done opt in blocking at the ISP level. Just a few new fields with ISPs and they have products that can take care of this already.
This is really about tracking every little thing you do online.
Eventually it will be about restricting what we can access on the web.
This is why it’s perfect time to get some tech literacy regarding tor, i2p, yggdrasil, and shadowsocks. It’s not perfect solution to use tech to circumvent restrictions that shouldn’t be there in the first place, but sometimes it really comes to that point and it’s really nice to have all systems ready!
I’ve tried a few times to check out i2p, it seems to take hours of leaving it running to even get to the point where you can very slowly and inconsistently load even the official pages though.
In my experience, if you have anything but “Network: OK” status (for example, “Network: Firewalled”), it’s not working properly. If you’re behind a VPN, you need to port-forward and properly configure a port in I2P config/settings. Another sign that it’s misconfigured is 0 participating tunnels. This is how properly configured I2P network statistics looks like with high internet bandwidth:
spoiler
Thanks. Somehow the network actually seems to be working pretty well for me now, not sure why it wasn’t before.
The situation does seem quite desperate. I’d like to heed your call. Please advise on most critical systems I should have ready right now today please. I know have a lot of work to do and must stay efficient
-
If the internet were fully controlled, you’d need mesh networks - DIY, decentralized networks using radios, local connections, or other alternative infrastructures. I don’t know all the details, but Yggdrasil is a promising modern project that functions as an alternative “internet” for mesh networks, while also working over the regular internet.
-
Within the normal internet, the most resilient solution against heavy censorship is probably Shadowsocks. It’s widely used in mainland China because it can bypass full-scale DPI (deep packet inspection) by making traffic look like normal HTTPS. There are ways for authorities to detect it, and there are counter-methods, but it remains one of the most reliable tools for evading state-level traffic filtering.
-
Next in line are Tor and I2P. Both are very resilient, and blocking them completely is difficult. It’s a continuous cat-and-mouse game: governments block some bridges or entry nodes, but new ones appear, allowing users to reconnect.
-
Finally, regular VPNs are useful but generally less resilient. They’re the first target for legal restrictions and DPI filtering because their traffic patterns are easier to detect.
Overall, for deep censorship resistance, it’s a hierarchy: mesh networks > Shadowsocks > Tor/I2P > standard VPNs. You can ask chatbots about any of these and usually get accurate, practical advice because the technical principles are public knowledge.
-
Arguably though, at some point they’ll just say “if we can’t read your traffic, you can’t use the Internet.”
Which still isn’t a problem, as I’m sure we can come up with a means to encrypt traffic to make it look entirely legitimate. But it’s going to take a while.
At that point people would probably go to a p2p adhoc wireless meshnet to bypass the ISPs entirely.
Sneakernets, my friend. Never underestimate the bandwidth of a pocket full of microsd cards traveling on the subway.
I don’t know literally ANYTHING, so take that into account when answering this, but why can’t a single person access the “Internet” on their own, without an ISP. Can’t they be their own ISP? Or can’t small groups of people - friends, family, co-conspirators - create their own private ISP?
this is what the mesh networks are that people have mentioned elsewhere in this thread.
It is theoretically possible to create a purely peer-to-peer network where each individual connects to people nearby, and then any individual can in theory communicate with any other, by passing data packets to nearby people on the network who then pass it on themselves until it reaches the other person.
You can probably already grasp a few of the issues here - confidentiality is a big one, and reliability is another. But in theory it could work, and the more people who take part in such networks, the more reliable they become.
But can they only access each other in their own “web?” Can they access the World-Wide Web on their private web? Or does that just expose them to all the other stuff anyway?
You can have nodes on a mesh network which act as gateways to the internet, but such nodes are going to have to go through an ISP. There’s no other way to connect to the internet at large unfortunately.
The p2p meshnet that they were referring to basically is a local/small group ISP.
As for why a single person cannot (effectively) become their own ISP? It’s complicated. Really complicated. ISPs have to pay other ISPs just like you and I do, unless they’re a Tier-1 ISP/Network. Otherwise you’re always going to be paying to connect to (and generally paying for bandwidth) another network that has access to a network that then has access to a T1 network. T1s are basically the largest networks that hold (or can directly access) the majority of people on the internet. Top of the food chain, so to speak.
So in theory, yeah, you can become your own ISP - but you’ll still need to pay and be at the mercy of other ISPs. Datacenters are typically their own ISP, but they have to pay others to get online just like we do.
Imagine the internet is a network of roads. The ISPs in some parts of town control the roads, in other parts they only control the stop lights. You can build your own road through private land to avoid the stop lights but it’s expensive. The isps can put traffic cops at the stop lights and monitor and stop you if they want. The only way to get around it is to build a road all the way to the destination.
To some degree you could, but you’d either rely on Tier1 transits to access the entire internet (costly), or you’d use IXPs (keeping your traffic local to other IX participants).
This doesn’t account for how’d you’d actually go into purchasing a port for your residential home, which would probably entail laying your own fiber to a data center nearby.
You mean “at which point, people will just say ‘oh, ok’”. (Assuming they even notice)
“People” will just comply. Tech savvy people like us are the only ones that could circumvent it
Except if the topic is wifi meshnets, no amount of tech savvyness will get you around an absence of other nodes nearby. General apathy is actually a huge problem here.
One… Disappointing fact is that means at least the Internet will go back to the pre-social media era.
You can feel it here on Lemmy still. It exists.
Yes it has its perks
Like Metastatic on LoRA?
Or maybe we’ll use software defined radios (SDR) to transmit on other unregulated bands (as a hacker, you can often force the software to believe it’s in the wrong region to transmit on bands the FTC didn’t approve, as long as it’s legal somewhere.)
Meshtastic will never replicate anything like the modern internet. It’s slower than 1980s dialup data speeds. Text messaging, maybe…but you ain’t sending a video through it, that’s for sure.
I didn’t know there were unregulated bands. I thought pretty much everything except 2.4Ghz and 5Ghz required licensing and those two were technically unlicensed, but still regulated.
What’s in a name? Legally speaking, your brain and nervous system would be classified as an ‘unintentional radiator’ (MRIs work because of this fact) and as such would fall under regulated devices if we weren’t legal persons.
I used ‘unregulated’ (errantly if you insist) to mean both unlicensed and also use cases where FCC isn’t actively enforcing the regulations on the books, cause technically virtually everything is ‘regulated’.
Ok, that makes sense. Thanks!
That’s probably a better idea. I haven’t actually looked into how that works.
If you mean an HTTPS ban, it’s technically possible, but even mainland China and Russia haven’t gone that far. One major reason is that it would completely undermine basic internet security. It would instantly make man-in-the-middle attacks trivial, letting anyone sniff purchases, transactions, and more. Buying anything online - or using a credit card at all - would suddenly become extremely risky.
I have absolutely no idea what any of that is after tor. I have heard of i2p but I forget
- Tor is optimized for accessing the regular internet anonymously. It uses onion routing with a small number of long-lived relays, and you exit back to the clearnet through an exit node. Hidden services (now called onion services) exist, but they’re secondary to Tor’s main use case.
- I2P is designed primarily for internal services (called eepsites, torrents, chat, etc.) inside the I2P network itself. It doesn’t rely on exits the way Tor does. It uses garlic routing (a variant of onion routing with bundled messages), and every participant is both a client and a router, making it more peer-to-peer.
Me either, so I’m searching up what I can and bookmarking it to read later. There’s always more to learn!
Country level internet and passport control before you visit another country domain is inevitable. That’s just like people want it or at least sociopaths.
I agree with mastodon, even though eventually Texas will enact similar legislation forcing me to use a vpn to read it
Woudn’t it be smarter to just leave the hellhole that is Texas? Either to the north or to the south, leaving is a win.
Rather than encourage people to leave, we should encourage more enlightened people to move there, and change the political climate. A lot of states are closer to flipping than people think, and Texas is one of them.
So far their efforts in various forms of voter suppression have prevented that, and at the same time more people equals more congressional seats.
deleted by creator
Sometimes there’s family or other things you just can’t take with you. Support structures you might not have somewhere else. Friends and neighbors. Mutual aid.
There can be circumstances that override that. But honestly, the more that flee. The easier it is to get what the fascists want. And at best you’re only helping yourself short term. Because no matter where you go. They will come for you if they can.
For real. I want me and my family to leave the United States. Bringing the entire family to a whole new life abroad is a very tall order.
And even there. There’s no guarantee. Going to Europe where fascists in Russia, Hungary, etc loom? Maybe you’ll be safe a little longer somewhere on the Asian continent with the currently slower rolling fascist forces there. But it’s only temporary. You can’t ultimately escape.
The question is. Where well the breaking point be for most people. What event will cause the public to drag these fuckers from their homes and hold them responsible. Because that’s what it’s going to take. For them to remember that they rely on us. Not only for their wealth. But continued existence. Only when that fear has been driven into them, will things even start to get better.
And it might surprise us. It may just be a red state that does it. One of these Republican sycophants getting dragged from a town hall. Assaulted by a whole community for their rolls in making things worse for everyone. Police are going to have a hard time locking up a whole town. And these elected ghouls that love to ignore their constituents will reel in terror. To be clear, violence isn’t the answer. Fear is. The fear of knowing we far outnumber them. That they could be subject to violent accountability at any moment. Dragged from their safe beds even.
Fear backed by the threat of violence.
Look, I hate violence. But anyone who says “violence isn’t the answer” clearly hasn’t read a history book. It’s nearly always how things are changed (for better or worse).
Violence is the answer for authoritarians. But it never lasts. Because it’s just a tool. The answer is respect, justice, and consent.
Without them you end up in inane cycles of violence like we have now.
People fleeing fascism are just hoping other people will be forced to fight it and win before it gets to them. No matter what happens, eventually some people will have to stand and fight it. There is nothing wrong with deciding that the time to stand and fight it has come. It is scary, yes. It has been a long time since we have had to fight fascism. We might feel like we have forgotten how. But we will learn quickly. The same technology that enables them also enables us in ways just as profound, maybe more profound. Vive la resistance!
Fair enough. In that case I wish you a very successful revolt, that you or those aligned with it hunt down and eliminate the fascists so they can’t come for you never, nowhere.
If they’re coming no matter where Id recommend anyplace that lets you keep a firearm and to stay away from anywhere that doesn’t. Unless anyone’s come up with a better way to stop fascists in the past 80 years, there’s really only one solution. If you don’t want to be part of the solution then you may as well stay right where you are and hope someone else does it for you.
I was fruitful and multiplied, its hard to organize a large migration of people, some of whom want to stay.
I will travel, but am rather tied to this area, even if I do not see it changing for the better in my lifetime
Idk about the person you are replying to but I have spent 15 years trying to get out of the state that I am in. It’s really hard to move out of low cost of living areas to higher ones without a job and a lot of planning.
Are you really so naive that you believe that a VPN subscription is more difficult or a higher bar than actually getting up and moving?
Potentially meaning you need to find new jobs, new friends, new support structures…etc
It’s not always easy to just pick up and leave somewhere. Especially somewhere as big as Texas.
Sure would be nice to be privileged enough to be able to relocate myself and my family.
Last time i checked “states rights” didn’t mean the right to impose your laws on people or businesses running out of other states.
If anyone from Mississippi wants to use our services I’m totally ready to ignore any and all laws that don’t acknowledge to sovereignty of the net.
Last I checked, “rights” now means “my right to control you”
“Mississippi has a backwards-ass age verification requirement. We’re not allowed to let users in from Mississippi. Verify you’re not in Mississippi”
<insert number of Mastodon instances> * 10,000
Some lawyer on Capitol Hill: “Hmm…”
Not if, when.
Who knows, the same demand may be given of certain other federated social media sites in a few months.
Also states don’t have one company to go after. It is nearly impossible to track down and file court orders for if your lucky non-profits in other countries.
Like I don’t think there are many people that host Mastodon instances that will listen to a court order out of the goodness of there heart.
States should just create a firewall, and not shift burden to supply chains.
Well they should not do that either, but if they’re going to, they should shoulder the burden.
So in this whole embarrassing dick measuring contest Eugen was wrong and Mike Masnick was right, then. Turns out “real decentralization” or not, Masto/Fedi’s structure doesn’t do anything to bypass this nonsense.
This is not new. People constanty claim AP and Fedi have benefits or features just for being decentralized that they absolutely do not have, but I have to admit I’m kinda shocked that Eugen will do that exact thing without any more self-awareness than the average Masto user. He should know better.
Well even if mastodon.social complies, there are many many other instances to choose from, from all different countries
and even other similar platforms like Sharkey or Mbin that will work with Mastodon
It doesn’t matter, though. They all have the same choice to make: comply, shut down in that territory… or be fined an insane amount.
Eugen argued… well, pretty much what you are arguing now. The question Bluesky guy posed to him is what Mastodon.social would do and how would the presence of smaller instances prevent the issue, especially for instances without the resources to comply at all in the first place.
Eugen did not respond to that, but Mastodon.social just did, and the answer is… Mastodon.social will do the same thing as Bluesky and so will every other instance.
Because of course it’s pretty obvious that having a decentralized platform doesn’t help with stupid regulation, because stupid regulation applies to every instance. There’s no reason decentralization would bypass a blanket requirement unless the legal requirement has carved an exception for smaller platforms (and even then there’s a question of what counts as a platform in that scenario).
And the thing is… I’m okay with you not having though that through, but Eugen certainly must have. Right? I mean, they had a pretty well thought out answer for Techcrunch in 24 hours, they must have given it some thought. It’s an unforced communication error.
And who are they going to address that fine to? Tell them to shove it up their fucking arse as their laws mean nothing to you if you don’t live there.
Why are we focusing on mastodon.social? I’m not even a fan of mastodon.social. I’m not really interested in their original discussion either. Honestly I kinda hope mastodon.social does comply or lock users out so that users spread out more to other instances instead. But they aren’t even close to the majority of the Fediverse anyways.
There are plenty of instances hosted in different countries that won’t care about this law, or you can self host.
I’m just talking about the Fediverse. Sure ATProto can theoretically avoid this too but they don’t have as many choices for instances, if any at all that are outside the US and federated with Bluesky? And it seems like self hosting is much harder.
We are focusing on mastodon.social because you jumped on a thread about mastodon.social confirming they won’t be complying with Mississippi’s age verification law, which in turn is a follow up to coverage of Bluesky doing the same thing. And also because Eugen Rochko jumped into that announcement to claim that Bluesky stepping away from that territory was an example of how Fedi’s wider decentralization was an advantage, even though it turned out to no be an advantage at all.
Why would we be talking about anything else? That’s literally the topic. You may be looking for a different thread. If anything, the uncontrolled impulse to talk about the ways in which AP is more decentralized than AT whether that’s relevant to the conversation or not is the exact communication mistake Eugen made. Which makes doing that again even weirder.
To be clear, it doesn’t matter where your instance is hosted. Mastodon.social is not hosted in Mississippi, either, it’s hosted in Berlin. You’re still taking on a TON of potential liability if you don’t comply with their age verification or block that territory from access if the law stays in the books, just like you’re risking a ton of liability if you breach GDPR even if your site isn’t in the EU.
The title says Mastodon, not mastodon.social, and it appears that Eugen was talking about the Fediverse or Mastodon, not mastodon.social specifically (hence the word decentralization, the discussion was not centralized on mastodon.social).
I think people are mixing up the discussion between Mastodon vs mastodon.social too much.
“One of the reasons Mastodon was founded was to allow different jurisdictions to have social media that is independent of the U.S.,” per the statement shared with TechCrunch. “People are free to choose to have their account on a Mastodon server whose policies meet their needs.”
That quote from the article does NOT say mastodon.social
To be clear, it doesn’t matter where your instance is hosted. Mastodon.social is not hosted in Mississippi, either, it’s hosted in Berlin.
There are other countries… watch and see how many instances just ignore the law, there will be many in the Fediverse
Interesting that you think Eugen is the bad guy here.
“The bad guy” is not a thing I’ve thought about anybody since I was 12 years old.
I think Eugen jumped onto a common talking point among Fedi people when they try to highlight the difference between Masto and Bluesky and he didn’t think it through.
Like I said, I’m surprised he messed that up. He certainly should know the impression he was giving wasn’t accurate.
