Right now the fediverse is nipping at the heels of the silos.

They know we are here, and they perceive us as a threat. We know this from leaked emails from facebook.

That said, they could attack us in an oblique manner with any number of poisoned waterhole attacks.

Earlier today someone predicted one or more of those platforms just integrate activitypub and crush us by incorporating us.

Another pointed at the potential for procedurally generated instances that just harvest data, or overwhelm our ability to suspend all of the instances they throw up.

When these attacks are adapted to... they'll get concerned, and will try to frame us as part of "the dark web(tm)"...

That's how we'll know we're winning.

@TheGibson

I'm interested in brainstorming immune system defenses

beyond our strength as actually real people who can tell the difference between fake and person, usually pretty obvious

@Food

I am interested in this as well.

I feel like some sort of new instance registry may be necessary if we see these sorts of co-opting efforts occurring...

Like a low speed probationary period or something...

@thegibson @Food The other thing to look out for are large quantities of instances on related IP blocks. Major corporations often pay for large IP address spaces, in part to work around spam blacklists.

Follow

@vertigo

@TheGibson

I'm looking for a solution about how GitHub's parent company is now Microsoft

Something we can use as and such that has nothing to do with that recent company grab

@waterbear @Food @thegibson It's one of the reasons why my projects are managed and even hosted using #Fossil.

It's definitely not for everyone though.

@waterbear @Food @vertigo @thegibson

github is not open. It's not very good either, as it requires running massive amounts of javascript to work at all, and still doesn't accept email for pull requests.

@agris @waterbear @Food @thegibson I'm not familiar with using email based workflows with raw git. Is there an online workflow description that works through how it's done? Thanks!

@remotenemesis @vertigo @agris @waterbear @Food

Gitea is fine... I just don't see as many dev's moving to it as gitlab.

@gentoorebel @thegibson @vertigo @agris @waterbear @Food

I agree. If one just wants to give a company money to make a problem go away (valid), why even switch from github to gitlab?

If one cares about FOSS, maybe its time to take a stand.

@remotenemesis @vertigo @agris @waterbear @Food

Explain.. I am not aware of why... I thought it was not centralized.

@thegibson @remotenemesis @vertigo @waterbear @Food

the repo itself isn't centralized thanks to the very nature of git, but the ability to send pull requests and issue tracking is.

For contrast, look at how Linux handles their PRs and issue tracking lkml.org/lkml/2008/12/30/87

@thegibson @vertigo @agris @waterbear @Food

Google is an investor.

Not again.

gitea is supported by @cloud, although I haven't tried their containerized install yet.

I got mine and hope to share soon.

gitea.luckybytepalace.net

@thegibson @remotenemesis @vertigo @waterbear @Food

Why is Gitea's source code managed on GitHub? Do they not trust their own software?

@thegibson @vertigo @agris @waterbear @Food

You have a good point tho, the exodus has been to gitlab, but I struggle to see how it is any different/better.

@thegibson @remotenemesis @vertigo @waterbear @Food

Maybe it's because people would rather receive lots of hand holding rather than learn how to effectively use git. Rather than 'man git-remote' and 'man git-push' they use a centralized editor written in javascript on a centralized website that hides all the functionality and power of git.

@agris @thegibson @remotenemesis @waterbear @Food I somewhat embarrassed to admit that I find that I need the hand-holding until I'm ready to move beyond it, especially as I age.

For corporate applications (which, arguably, most projects on Github are), its interaction model is nearly ideal. It mimics closely enough the centralized VCS organization that it's easy for companies to adopt, but has just enough DVCS features that enables collaboration. I suspect that is why it took off so well.

@remotenemesis @agris @thegibson @waterbear @Food Thank you; that's a more succinct and poignant way of putting into words what I wanted to express.

@vertigo @agris @thegibson @waterbear @Food

I actually feel like PRs are overused on small teams, when high-trust should be the default.

@vertigo @agris @thegibson @waterbear @Food

also well worth considering that github URL's are baked into most of the third-party ecosystem for golang.

We've all become rather too comfortable with pulling arbitrary code from the internet into our compile chain.

text too long-mandatory cw 

Sign in to participate in the conversation
Mastodon.ART

Mastodon.ART — Follow friends and discover new ones. Publish anything you want & not just art of all types: links, pictures, text, video. All on a platform that is community-owned and ad-free. Moderators: @Curator @ChrisTalleras @EmergencyBattle @ScribbleAddict @Adamk678