That website you linked clearly doesn’t use it, because it took about 5 seconds to load up despite being entirely text. That’s why it’s a good service.

Selling your soul for a slightly faster load time is your personal preference but arbitrarily trading off inclusion of marginalized groups of people so some people get a faster load time is not in line with the netneutrality principles that the fedi community values. Diversity and inclusion trumps faster load times of some dude in Australia.

Yes, you can in fact access content on the fediverse without Cloudflare if you really want to. You can choose to use a different instance, and it doesn’t matter where that data is hosted.

That’s not true specifically for Lemmy. Images do not get copied. If a LemmyWorld user posts an image in a federated community, everything except the image is accessible on other instances. So those of us in Cloudflare’s excluded groups get a broken threads (people talking about an image we cannot see - we just see the discussion because only text is mirrored).

Even if you are in CF’s included group of those permitted access, if you are on a measured rate uplink you would want to see the size of an image before downloading it. That is something else that Cloudflare breaks. There is no content-length HTTP header. So CF also discriminates against those on measured rate connections.

There are also various other circumstances requiring users to visit a thread’s copy on another host. If that other host is Cloudflare, CF’s access restrictions determine whether the user gets access. If bob@fedi-respecting.node needs to revisit an old thread to recall a link, and fedi-respecting.node had to delete the thread in a periodic cleanup to recover disk space, bob might need to access another node directly which hosted the same thread. Yes, I’ve been there. And if that other node is Cloudflared, bob will be blocked if he is in CF’s excluded groups.

Cloudflare’s wall breaks the fedi in so many bizarre ways I should probably start a log of the various circumstances that CF causes enshitification to manifest.

The fediverse is by design not a privacy-forward platform, so concerns about “content they expect to be private” don’t matter.

That’s not true either. Cloudflare gets a view on all traffic, both public and private including access credentials. Users are deceived because of the lack of disclosures about the CF MitM. E.g. users commonly expect a DM to be visible to the admins of both hosts with no idea the Cloudflare also has visibility as well. Most users don’t even know about the existence of CF. Aussie.zone, for example, is not responsible enough to disclose to users that CF has that visibility.

Of course it completely changes the equation when the same single corporation who has visibility on about half all web traffic in the world also has a view on people’s social media DMs and acct creds, it’s an all-eggs-in-one-basket kind of compromise. That abusive level of visibility increases in the extent of the compromise when all that data can be aggregated. So the centralised nature of just the data exposure alone makes it antithetical the fedi philosophy from a privacy standpoint, most particularly coupled with the masses being uninformed about it.

It’s still decentralised because each instance is run by its own instance administrators with their own rules and capable of maintaining its own culture.

Certainly not. It’s centralized by Cloudflare’s access controls on all Cloudflared nodes under a single corporate policy. What aussie.zone is doing is very rare. Cloudflared nodes run with CF’s default access controls, which blindly gives CF blanket centralized authority over who gets access. This goes directly against the purpose of federation philosophy.

Even when a node like aussie.zone whitelists Tor, there are still half a dozen other demographics of people who they uniformly and centrally discriminate against and this is strictly under Cloudflare’s control and beyond the control of aussie.zone.

Even if they were all hosted in the same data centre it would not be a large mark against the fediverse

Of course it would. You have something like 5 of the 7 biggest fedi instances dependent on Cloudflare. If there is CF-wide downtime (regardless of whether it’s all on one data center or more realistically broken logic that’s distributed like cloudbleed was), the benefits of decentralization fails to deliver. Lack of network diversity makes disproportionately large number of people vulnerable to a single point of failure.

You obviously lack a bit of knowledge about Cloudflare and how it operates. I suggest reading the link you overlooked:

https://thefreeworld.noblogs.org/post/2024/03/18/cloudflare-has-created-the-largest-most-rigidly-exclusive-walled-garden-in-the-world/

I suggest also understanding a bit about Cloudflare as an organisation:

https://git.kescher.at/dCF/deCloudflare/src/branch/master/subfiles/rapsheet.cloudflare.md

Cloudflare is antithetical to every objective of the federation. Most importantly: decentralization. You don’t decentralize a platform by giving central access control and traffic visibility to a single tech giant in the US. It defeats the core purpose.

You might prefer smaller instances; … This part of it is clearly not a bug, however you put it. It is a difference of preference.

My personal preference happens to align with fedi principles. Don’t let that consistency fool you. I’m not advocating for what’s best for me. I am saying the list should be ordered in a way that’s healthy for the fedi based on the federation’s purpose and mission.

Showing the biggest communities on top may be your personal preference, but that is not healthy for the federation.

I myself am on an instance that’s almost identical in size to yours.

FYI, aussie.zone is centralized on a US tech giant (Cloudflare) and thus contrary to fedi principles. Though it’s not the worst manifestation of Cloudflare because they have whitelisted Tor. But there are still many other demographics of people likely being excluded from aussie.zone.

I do not see the value in smaller communities being prioritised when they each cover the same topic. If there’s !android@lemmy.world with 10,000 subscribers and !android@mypersonalinstance.net with me and my twelve mates, lemmy.world is the one the app should show people first. It wouldn’t matter to me whether that 10,000 is on lemmy.world or midwest.social, it makes sense to show users the place they’re likely to have the most interaction.

That is not healthy for the federation. That imbalance is a problem that Lemmy has failed to control. The disproportionately large communities need no promotion. Too many people know about them already. They should either not be listed at all or be pushed lower on the list. It’s an extra slap in the face and injustice that these are exclusive Cloudflare instances that are getting prioritized. These are instances without self-control on their growth and power.

It’s not instance-related at all.

It is instance related. If you search for Android on other instances you will get different lists. Users on infosec.pub have subscribed to every Android community in existence which makes the manifestation of the problem unique to infosec.pub. The !android@hilariouschaos.com community is also federated to infosec.pub by way of my subscription. It is true to fedi principles of inclusion and decentralization, unlike those that get listed on the top. So it’s an unhealthy sequence.

It could even be one user account that caused this. The activism.openworlds.info Mastodon instance was getting hammered with traffic. After investigation, they discovered that one user was following a shit ton of other accounts. All those follows were responsible for the admins struggling to cope with all the traffic. That instance eventually went under because it could not cope with the bandwidth demands.

This belongs in discussion around lemmy-ui, the various Lemmy apps & alternative front-ends, or in Lemmy itself with what gets returned by its search API.

The software part of the problem is specifically in the stock Lemmy web client. The bug tracker for the Lemmy web client is jailed in MS Github’s walled garden, hence why it was originally posted in !bugs@sopuli.xyz. There may be a configuration element to this, which is why it’s posted in this infosec.pub community. If there is an inactive account with all these android subscriptions, that can be remedied on the instance.

order should be descending order of size.

If bigger is better, why are you here instead of Facebook and Twitter? Fedi principles and philosophy have completely escaped you. In the fedi, we consider power imbalances, privacy abuses, and exclusivity resulting from centralization to not only worsen UX but to be an injustice. Encouraging disproportionate growth in the fedi is to advocate the destruction of what brings us here.

Thanks! I grabbed it in case it comes in handy. I wonder if the first script which searches for messages might have been simplified by using grepmail. Grepmail is slow but powerful.

Love the suggestion. That’s actually a great nuclear option. They would have to be understanding in most contexts. Although in the case at hand I will have to reveal that I use Tor which would probably cause a bit of confusion. And considering what a mess HTML looks like in my MUA (mutt, a text client)… well, could be a disaster.

I might be able to get by without the script. I just found that I can render the body in Firefox well enough (that often fails but it works with the particular emails I’m dealing with), fiddle with the paper format and scale to exactly fit a page, and then import it into LaTeX, rescale, and attach a header. If you’ve already got the script ready then I would be happy to take it anyway and compare the script output to what I’m manually rigging up. But if you’ve not started then no worries. Thanks!

(edit)
fwiw to anyone with the same need, I found this project: https://github.com/nickrussler/email-to-pdf-converter It looks a bit messy to install on my distro and I’m not sure of EML / Mbox differences, so I’m not planning to use it myself.

My python knowledge is quite rough but if not much hacking is needed it could be useful. I’ve seen others asking for a similar tool. I thought about creating one over the years but keep passing on it thinking I won’t need it often enough and every situation can bring different requirements as well. Which is why I settled on pasting into a LaTeX template. I do things like use a tiny font on signature blocks that are so big they would spill over to another page.

Does python have a standard library for HTML rendering? Or do you call a browser of some kind?

s/exit/edit/ ↑ I’ll write my corrections like this in situations where I cannot edit the content.

Ideally there would be a service that expands on what downinspector.com does. Something that tries to access an URL from various kinds of IPs (CGNAT, Tor, VPNs, public libraries, various regions) to establish whether or not the file is reachable by all people. Then ideally lemmy could be coded to treat links based on whether exclusivity is detected.

In principle this would be in the domain of the #OONI project. But I doubt they have anything like this. E.g. OONI tracks whether a country blocks a domain (https://explorer.ooni.org/domains), but not whether a domain blocks a country.

Well, actually I was just now able to edit some titles of posts. So not all posts are treated equally. But note as well timing is irrelevant (I still cannot edit the post above).

In fact the post I linked is not special. I just now tried to make a small edit to the post I am replying to, and it again had no effect.

Tor-hostility is an act of laziness. An admin decides they cannot be bothered to separate their publications from their contact page, or to just CAPTCHA the contact form. So they take the easy path and simply 403 all Tor users or they offload the effort onto others by proxying via Cloudflare.

Thus it’s in the interest of the Tor community to make the lazy option a path of greater resistance.

There’s also a cost apart from time. I just got a response to a GDPR request by registered letter. So the privacy-disrespecting data controller spent ~€10 in postal costs on their response.

This could be a way to get some plausible deniability for malice. Your car’s LiDAR must have been “accidentally” pointed at the doorbell across the street. Maybe a drone needs a LiDAR to prevent running into things too.

Right but the marker would cause problems for non-intrusive vending machines which only use a light sensor to set the display intensity. Along the lines of that simplicity, a thin smudge of chapstick would do well… simple and lightweight. Light could enter but not an image.

Ah, right… so how can @ChicoSuave@lemmy.world’s team of activists limit their destruction to the camera functionality? I wonder if a laser could perhaps burn the CCD enough to ruin image capture but not to the extent that light sensing fails.

I guess the more practical attack would be to superglue a piece of transparent diffusing film over it. Light would still get through but it would just be a blur. Diffusing film can be harvested from LCD screens we often see in dumpsters lately. Or even just that milky type of Scotch tape. Along the same lines, a scribe could be used to scratch up the plastic sheet that protects the CCD.

I guess the rub is that a light sensor which determines how bright to make the LCD is probably indistinguishable from a CCD. If that is darkened then it would darken the screen potentially on machines with no CCD. Although you could test it by covering the spot briefly to see if the screen dims.

I do, but it’s too big for my connection. It was produced by a French org iirc. I have images disabled so searching for it is hard for me. But if you search for these terms together you should get good hits: infographic pepsi unilever mars

“infographic” is key.

(edit) note as well there different versions of that image. If you see Kraft, that’s an older one because I think Mondelez bought Kraft. I have 3 versions but they’d all be at least 5 years old, so you might be able to find a more up to date one.

Is boycotting mars going to make even the slightest difference? Not in a million years.

Claiming boycotts don’t work is as good as claiming voting doesn’t work. It works in numbers.

Not only does mars probably own more companies than you even realise, including many of the alternatives you’re buying thinking you’re avoiding them,

Have a look at this infographic:

I have been boycotting everything in that graphic except “Associated British Foods plc” for the past 15 years because I pay attention and I have collected copious dirt on those companies. They are rotten to the core. I could probably find dirt on ABF if I searched for it specifically, but they are likely the lesser of evils and patronizing the lesser of evils is what ethical consumers do.

but even the products you do buy that are coming from a different company altogether, suffer from the exact same background problems (exploitation, oppression, unsustainability, lobbying).

This is the classic “they’re all evil” excuse for not doing your duty as an ethical consumer in favor of putting price and value above ethics in the interest of № 1. Corpations are not equals in the slightest. If you do a bit of research, you find that the smaller companies are much less frequently involved in wrongdoing. I keep a list of the scandals of these companies and it’s clear which ones do the lion’s share of harm.

There is good reason for the saying “no ethical consumption under capitalism”,

From that article:

“It is now 2018. People have “gone green”, eaten vegan, shopped “fair-trade”, and recycled for years now. Yet the atrocities that spurned the ethical consumption movement continue unabated. ”

Yikes. That author does not know what was abated because he only looks around at what he sees now. So because there are still problems, Olive Pape concludes “boycotting doesn’t work”, instead of realizing that boycotting works in numbers.

I boycott the worst of the worst with no expectation that my drop in the ocean makes a significant difference (just like my drop in the ocean vote makes no significant difference in an election). I do it to ensure that I am not part of the problem.

Stop being a part of the problem and favor the lesser of evils in the marketplace instead of taking the best deal that benefits you personally.

it’s to abolish capitalism because it requires and encourages all of the unethical practices you’re looking to avoid, in order to exist.

That kind of unhinged stance may be accurate, but we don’t live in an abolished capitalism world. Abolition of capitalism is a separate action entirely that’s not mutually exclusive to ethical consumption. You can dream about anarchy all you want but those dreams are actually not “going to make even the slightest difference… Not in a million years.” So in the meantime, please consume ethically.

If they want my face that bad they should at least give me a free M&M for it. They need to add a button “push this for a free M&M if you consent to giving us your face”.