I don’t think many people have read RFC 5322 (I haven’t), but most non-technical people I know understand these things about email:

• There are different service providers, and people can email each other no matter which provider they use
• There are different email apps
• Some apps are tied to specific service providers and others are not

I do lament the overall level of tech literacy.

The average person understands email pretty well. Mastodon doesn’t require much more understanding than that, but could probably use some UX and messaging work.

That’s a bit of a circular reference: “it got popular because it got popular”. The question remains: why did BlueSky reach that threshold and Mastodon did not?

I’m inclined to agree that’s a problem. Everyone’s first encounter with a social media content recommendation algorithm was one designed to manipulate them into clicking ads, so it caused some backlash. Recommendation algorithms can be tuned to show things people care about and want to engage with.

I’d still echo the (current) top comment’s advice to use something open source, local, and encrypted.

They’ve already taken the hard stance. If they roll it back, they will lose the trust of their users.

Biowink GmbH is probably not a corporation registered under US law. If I had to guess, the government of Germany will not be particularly eager to force them to turn over data to the USA. The Germans take their Datenschutz very seriously.

Having moderated a number of online spaces over the years, sort of. It’s usually the harshest thing a moderator can do, but it does not have very much real world impact on most people. In many parts of the internet, it isn’t even very effective at keeping the same person from coming back with another account, which isn’t a big deal if they don’t come back with the same behavior.

I’m not particularly shy about reaching for the permanent ban if it seems like someone is being an asshole on purpose. I’m not getting paid for it, and I do not have much patience for dealing with people who don’t want to be respectful toward their fellow humans. There’s usually a way to appeal if it’s a misunderstanding. That’s especially true in systems like Lemmy and unlike traditional web forums where one account and UI provides access to many communities, leading to drive-by comments.

I’m also fond of somewhat ambiguous rules like “be excellent to each other” or “don’t be an asshole”. Without that, if a community gets active enough, someone will show up, act like an asshole, and argue about the rules when they get banned.

It seems to me software designed to facilitate discussion shouldn’t have a downvote buttton. There should be a UI for marking comments as inappropriate, but it should require a second step saying why. Perhaps one of the reasons should even be “I disagree”, but that option should have no effect.

It’s not impossible to abuse of course, but it nudges people in the right direction. Those UI nudges can be pretty effective.

The higher-score comments there don’t seem to be particularly hostile to Lemmy. They talk about legitimate concerns like whether Lemmy as it exists now could deal with a Reddit-size volume of data, The top comment at this time speaks favorably of !selfhosted@lemmy.world.

Of course people who are still using Reddit are more likely to view Reddit as favorable or acceptable and alternatives as problematic, or not quite there yet. I’m actively Fediverse-first in my use of social media, but I still end up on Reddit quite a bit for niche interests because that’s where the most people are.

In the context of ad-supported algorithmic social media, offensive is the wrong question. It’s about brand damage.

Showing an ad next to something that actually offends people can damage a brand, but even something a little edgy might turn off customers of a brand with a more formal or conservative audience. The algorithm’s ultimate goal is to get people to watch ads, so something a little edgy might reduce the reach of that content. Censoring it prevents the algorithmic downrank.

It’s probably more fair to call its claim of being decentralized fake or disingenuous. There doesn’t seem to be any way to participate in the ecosystem without going through the Bluesky relay, a central point of failure with strong incentives to eventually do something shitty.

propagating and caching images

This leads to the problem of abusive users trying to cause legal issues for server owners by introducing CSAM.

nobody is refusing to offer their sevices on linux because it is vulnerable

That’s not quite true, though in that case it’s about the service provider being unable to verify that the user isn’t running a operating system configured or modified to work against the interests of the service provider.

General aviation airports often have little or no staff and only rudimentary access controls. People walking around aircraft are expected to be responsible for their own safety.

Maybe, but the archetypal non-technical user, my mother does want to run a third-party ROM. Her phone is out of its official support period, and she knows that security updates are important and would like a way to get them. Most people, at least in wealthy countries do have a technical person in their lives they can ask things like that. She doesn’t want to buy a new phone because it would be too big and lack a headphone jack, a position I share.

I had to recommend against running what I run (LineageOS, Magisk, Play Integrity Fix). Without PIF, too many apps will refuse to run on LineageOS. She doesn’t need root for much else (maybe adblocking) and doesn’t have the knowledge to make good decisions about whether to grant root permissions to an app that asks (Magisk doesn’t have an allowlist-only mode, but it should). Finally, keeping root through an update is fussy. It’s not hard, but it’s an extra step that has to be done in the right order every week or two.

Unlike Firefox in 2024, a third-party Android build that’s easy enough to install and isn’t sabotaged by Safetynet would something many non-technical users care about: an extended useful life for their devices.

Last time I used one was because I forgot my physical wallet and needed to pay for something. I don’t want to tell Google about my shopping habits, but I like to have options in case of emergency.

I’m running LineageOS (with GMS), Magisk, and Play Integrity Fix.

Can you cite examples of rooted smartphones leading to significant data breaches or financial losses? When the topic comes up, I always see hypotheticals, never examples of it actually happening.

It seems to me a good middle ground would be to make it reasonably easy (i.e. a magic button combination at boot followed by dire warnings and maybe manually typing in a couple dozen characters from a key signature) for users to add keys so that they can have a verified OS of their choice. Of course, there’s very little profit motive to do such a thing.

Google doesn’t want distributions of open source Android without Google services to be a viable option for mainstream users because that would reduce their ability to extract profits from the Android ecosystem.

While the focus is surely more on OEMs than end users at this point, I’m sure Google wants to keep the difficulty level for end users high enough that it remains niche.

I think the main reason third-party ROMs aren’t more popular is that Google and certain app developers fuck with people who use them. The article addresses the difficulties later on, but comes up short in my view on just how much of a hassle it is for someone who isn’t a tech enthusiast who wants, for example to keep an older phone up to date for security reasons.

I think the main motivation for Google is limiting user control over the experience. More user control leads to unprofitable behaviors like blocking ads and tracking, which is also the motivation for recent changes to the Chrome web browser that make content blocking extensions less effective. In all cases, companies that try to take away user control claim the motivation is security, usually for the benefit of the user.