It’s hard to formulate a coherent opinion because reality is complex and multifaceted. And on the one hand, “purity” is an impossible goal in politics and can lead to various forms of sectarianism and moral judgement (as you can see in much of the liberal left who’s much more interested about optics and PR than about direct action and building collective power).

I mean, from some perspectives, calling China or USSR “socialist” is already picking a side. Neither really abolished private property, both have/had very wealthy ruling classes, and both came hard on the critiques from the left who were building popular power via the soviets (see Emma Goldman / Volin for early critique of bolsheviks killing communists and dismembering the soviets). In marxist views, the dictatorship of the proletariat is supposed to be the ugly/necessary phase on the road to communism (abolition of State and private property); a critique of those “socialist” States is that they are not working toward these goals but merely reinforcing themselves for their own sakes.

I mean, was the USSR good or evil? Both? Neither? From a geopolitical perspective (be careful with those analysis, the tools of the enemy usually produce the worst thoughts), the USSR provided balance to prevent total US domination. In a more local perspective, they supported many revolutionary movements throughout the world, but also destroyed some revolutionary movements around the world when it did not fit their interests (eg. Spain 1936). In the case of Ukraine/Russia 1917-1921, they crushed millions of people in the name of their so-called revolution and tried to bribe figures of the movement (such as Kropotkin, who died in poverty refusing privileges that were not given to the masses, or Emma Goldman, who at first fell for it before realizing). Later, under Stalin, they committed a bunch of actual genocides.

I personally don’t think we can say things are better or worse in China today than in the West. In some regards, they are much better (education/healthcare), and in some regards they’re much worth (pollution/slavery). A comparison can only be applied if very strongly situated (studying a specific aspect, from the perspective of a certain social group) otherwise it will be meaningless. There are strong social movements both in Europe and in China; as an anarchist, i believe my comrades are those who struggle all over the world, and my enemies are the States on both sides crushing the people.

Although i would object to saying the USSR was not imperialist, or that China isn’t imperialist today. From a very strict definition of Lenin they are not, but as i talked earlier about Ukraine/Chechnya, the USSR had colonial blood on its hands, a very clear process of “otherisation” and deprivation which is characteristic of colonialism. Just like today, it’s hard to look at military occupation in Tibet, the mosque destructions and muslim reeducation camps in Xinjiang, and not draw a parallel to (being a french person) French imperialism and colonial practice.

Nothing is binary and in communist/anarchist praxis, self-criticism is very important. While not exactly an anarchist/communist revolution, you may be interested to read about the Kurdish liberation movement and Rojava’s democratic confederalism. They practice tekmil weekly and that’s a very important part of life especially in the collectives / public administration. My personal rule of thumb is if a specific power/person is not capable to hear criticism from their left and below, they are not working in the interests of a global socialist revolution and in the interests of the peoples ; under that standard, both China and the USSR would fail the test.

Oh i forgot to link to a zapatista perspective about not being anarchist/communist.

Before delving into the topic, let’s be very clear about one thing: anarchism in most forms is communism, and vice-versa. There was not really a distinction when the socialist movement was born. Many anarchists consider themselves “anarcho-communists”, and many marxists are in fact libertarian and don’t defend a “dictatorship of the proletariat”. There is not really an opposition between anarchists and communists, but there is a strong historical opposition between free-thinkers and a marxist-leninist vanguard eliminating everyone who disagrees with it including many marxists. I’ll assume in the rest of this comment that’s what you meant with “relationship between anarchism and communism”.

From an anarchist perspective, i can attest to books others have recommended. Classic anarchist books give very good historical examples and arguments against the tyranny of a well-meaning vanguard ; i was lately reading Bakunin making that very argument about a scientist-run government, which i think is quite relevant today with Andreas Malm arguing for what we could call a green dictatorship of the proletariat.

More historically, [Bloodstained: one hundred years of leninist counterrevolution](Bloodstained: One Hundred Years of Leninist Counterrevolution) was a good read. So were some books about the Spanish revolution, but i don’t remember the names (except Homage to Catalonia, which someone mentioned). Emma Goldman, in Trotsky protests too much (1938) made a powerful historical account of how Trotsky and Lenin rewrote history after massacring the Kronstadt soviet, and i remember reading some french translation of Volin, a great revolutionary from the russian/ukrainian revolution (but i don’t remember which text precisely).

For a case where “anarchism” and “communism” work fine together, you can read about the zapatistas. I personally would say there’s two interesting features making it work:

• the zapatista movement refuses identification with marxism or anarchism, saying their political orientation has much deeper roots, from much before the europeans divided themselves along those lines
• the zapatistas have a strong separation of powers: the militias (which tend to be more marxist and hierarchic) don’t have any political powers because they have the military power, and leave 100% of the political power to the communes (which tend to be more anti-authoritarian farmers)

All in all, the zapatistas have elements of authoritarian culture (especially in the people’s army, where discipline and security management is important) and anti-authoritarian culture as they have no State, police or prisons as we know them. Unfortunately, apart from oral history recounted by comrades, i don’t know of good sources for these specific questions/divisions/perspectives.

From an anarchist perspective, i can attest to books others have recommended. Classic anarchist books give very good historical examples and arguments against the tyranny of a well-meaning vanguard ; i was lately reading Bakunin making that very argument about a scientist-run government, which i think is quite relevant today with Andreas Malm arguing for what we could call a green dictatorship of the proletariat.

More historically, [Bloodstained: one hundred years of leninist counterrevolution](Bloodstained: One Hundred Years of Leninist Counterrevolution) was a

BTW thanks for sending me down a rabbit hole that Mastodon account is a gold mine ;)

I usually hate that meme of the macho muscly doge as symbol of perfection, but with all the glitter added i like it :P

I would go further and say that the concept we know as police never results in good outcomes for the population no matter who participates. Whether the surveillance/control they apply is “mass” or “targeted” is in my view not very relevant :)

Not that i disagree the situation over there is hellish, but if you’ve ever been to London for example you would know Xinjiang is far from the only mass surveillance hell on earth.

“We don’t work with advertisers. We only work with governments and secret police to slaughter their own population or go colonize other countries.” <-- that line of defense reminds me of the Amesys story, in which french television interviewed an Amesys representative who insisted their spyware they sold to north african dictatorships before the arab spring only ever caught terrorists and pedophiles ^^

For my personal usecase i don’t care too much about code signatures or 2FA. I’m just pointing out that code signature (PGP-signed commits/refs) would do so much more for security than whatever SMS charade they’re gonna setup ;)

Nope, nothing at all. It’s just a masquerade. I don’t like absolutist statements in general, but in that specific case, multi-factor auth does not provide code signature to other users, it’s just a gatekeeping mechanism for Github to authenticate you. This means whether they have a security breach or someone at Github wants to harm you, they definitely can push out malicious updates in your name, and therefore such measures have nothing to do with security in the context of “who wrote the code i’m downloading?”.

It’s a little bit like banks: they may require all the security measures they like, at the end of the day they can run away with all our money like they did in Greece and there’s absolutely nothing we can do about it.

To be fair, multi-factor authentication can help reduce the most obvious cases of password theft (eg. via a virus on a single device). But it does very little to stop phishing (unless using TOTP precisely, which is slowly becoming unsupported), bit/typo-squatting, etc.

We can disagree on political stuff all day, but you will find this very interesting.

I read it when you previously published it, and i’m personally not a fan of GrapheneOS approach. I was just pointing out posts on /c/privacy should be understandable by people passing by who don’t know the whole story, and that you could make a /c/graphenelies community dedicated to this particular story, where no additional context would be required in a post.

There is also a section where one of the Reddit power mods admittedly want Lemmy to stay obscure.

Fun fun fun :)

These people do not merely reside in my brain

Sorry i think you misunderstood me, and i meant no insult. I meant we other Lemmy users who are not in your brain need additional context/info to understand the matter.

As for the work I do, I have been arguably one of the people who have done the most legitimate work in privacy community

So to be clear i was not attacking/diminishing you in any way (or at least did not intend to) and you do not have justify your involvement. Still, thank you for taking part in privacy struggles.

Hehe. Although to be fair Purism is a social purpose company not a profit-aiming LLC. Still far off from a workers coop ;)

Good point, yet complex multinational supply chains make this task literally impossible. Computers are made of human suffering and eco-destruction. Even a company like Fairphone whose sole purpose is that of social justice is not even close to success in this matter.

You don’t need to add a phone number at all: https://lemmy.ml/post/257191/comment/176967

At least they support TOTP. I heard lately a lot of service providers (including banks) are dropping TOTP in favor of hardware tokens and phone apps. That’s a worrying trend.

And security keys can be independently manufactured (even by ourselves) and disposed of when desired

I think that’s part of the problem: we don’t need or want junk electronics for every single person/identity that goes online. It brings little benefits (a hardware token is much easier to steal than a private TOTP key on an encrypted system) and is bound to help destroy the environment ever more.

Anonymity (…) can protect victims of abuse, yes, but it can also protect online abusers

For sure, but there is a power imbalance that pseudonymity helps address. Harassers/stalkers/rapists are often empowered by their local legal system and law enforcement agencies: Facebook introduced a “real name” policy about 10 years ago pretending it would magically stopped harassment… has it?

You’re argument here is like saying HTTPS is meaningless now that almost everyone is using it, when the security uplift is such a huge net positive for everyone

I agree HTTPS is good (although it would be better with encrypted SNI and such). But 2FA for a centralized capitalist platform has nothing to do with security. If you want more-secure code distribution, use PGP git signatures and a distribution mechanism like guix channel introductions.

you’ll need MFA to use the website/app

That’s already the case to some extent, and i hate it. I hate that Github forces me to open my mail client every time i want to login (because my Tor browser doesn’t keep cookies across sessions).

Of course, it depends on your usecase. I use Github for minor contributions to volunteer projects. In this specific case, anything that gets in the way of user contribution is in my view a problem.

Thanks for sharing your thoughts. I hope you understand the nuance i’m trying to bring and that i’m not opposed to security practices in general. Hell, i would love if i could use PGP/SSH auth everywhere… :D

Sounds like a bug. When you turn on debug logging do you see anything specific? (i don’t even know if debug logging is a thing in Lemmy ansible setup). Can you maybe also try with another SMTP client like msmtp to see if you can reach your mail server from it? It’s possible that some network misconfiguration prevents it, or that your mail provider has blocked your IP/range for some reason.

Nice blog post, and always nice to see RSS feeds.

Thanks! The RSS feeds are generated by Zola, the SSG i use (and contribute to sometimes).

I think the best general solution for normal end-users getting packages they can trust is always a well-audited package manager.

I entirely agree! And i personally don’t think that distro packaging is dead (or should die), but i do believe there’s a crisis in the field: nix/guix certainly represent a far better model in a day and age where there are dozens of thousands of packages to maintain for many architectures.

The Debian/Fedora packaging system makes it more complex than it has to be to just push an update because most of the steps have to be done manually. Of course, i appreciate when some packages are maintained by trustworthy people inspecting the changelog, but no distro has the energy to do that for all packages…

I can’t imagine a general solution to Github workflows

Do you mean for CI/CD? I don’t understand why we need Github Actions at all. If only we could have a standardized protocol/vocabulary (like ForgeFed/ForgeFriends) to subscribe to updates across different forges, we could have pretty basic/standard tooling performing tasks as we like them.

This is a post about the biggest cult in privacy community witch hunting, and you do not recognise it.

I do recognize it because you talked previously about it. I just don’t think it’s pertinent to show in this form for people who don’t know about the entire story (even i don’t know the whole story). I would recommend either to make a community dedicated to this topic, with a stickied thread serving as introduction, or to give more context to your post on the topic. But shitposting random conversations about a topic of interest of yours into random communities is not really cool for people who do not reside in your brain :D

Also, bit of personal advice: you seem really obsessed with this community and story. I think it would do you good to focus on something else… You seem to imply it’s a “big” thing but seriously i’ve never met a single person using GrapheneOS and they only support Google phones so there’s no risk it’s becoming a big thing any time. Maybe try to get involved in Lineage or /e/OS or PostMarketOS communities? You may help build the mobile distro you wanna see instead of loosing a little bit of your sanity every time the GrapheneOS mods do something. Take care :)

SVGs can be minified after edition, but of course nothing will beat hand-crafted SVGs…

Vector images can be a good fit though! If you can fit a URL in there, a SVG could fit in too :)