The Bard in Green

I host servers both out of my home, out my wife’s office and I also have some cloud servers at Digital Ocean.

If you’re worried about data loss (and you should be) you need offsite backups. I have actually lost data to a fire (in 2009) and to a hard disk crash when I didn’t learn my lesson the first time (in 2014). Never again.

I have backup servers at both my house and my wife’s office. If you don’t have a wife with a convenient office for this purpose, you could probably find a self host buddy to host your backup server (and maybe you could host your buddy’s back up server, a friend and I used to do this years ago). You could also encrypt everything and then back the encrypted files up to the cloud, secure that the fascists almost certainly can’t decrypt them, even if they get their hands on the raw data.

You can automate this. There are tools that can help. I’m kind of a power user and I just use rsync, scp, minio and database replication to automate my various backups, so I’m a bad person to ask about the easier to use tools that can do this. However, either of those communities I posted are full of people with better answers and I know that less DIY back up tools exist.

Whilst I’ll agree with your statement some people prefer a service to use rather than self hosted.

Great! They can prefer that. Lots of people (most people probably) even need services, because they lack the skills and / or equipment.

That doesn’t change the simple truth of “the only infrastructure we can trust is our own.” My goal with that statement is to educate people as much as possible NOT to trust the third party services they’re using, even if those services supposedly care about privacy and security.

I’ve also seen a huge outpouring in recent weeks of people who are suddenly very eager to learn about and use self hosted infrastructure (or get access to someone else’s self hosted infrastructure). For some reason, I wonder what that could be. I’ve never seen anything like it in my life. I for one intend to encourage the shit out of it.

The barrier to entry to get Self Hosted Matrix working is unfortunately pretty high. Matrix is a great tool, but getting it working requires advanced skills and (in my limited experience) hours of troubleshooting.

That being said, I’m associated with an organization that wants to help activist groups self host matrix. If you know a group with need, check out https://rmfuni.org/.

Given everything going on in the world, I can’t say this often enough:

The only infrastructure we can trust is our own.

https://lemmy.ml/c/[email protected]

https://lemmy.world/c/[email protected]

This isn’t a problem with Lemmy, it’s a problem with clicking on links in general. Most top search engine results anymore are crappy content mills serving who knows what ad network ads that may contain who knows what malware. You’re probably way LESS likely, by an order of magnitude, to get something malicious from any given random Lemmy link than you are from any given random search engine result.

You can’t do due diligence on every link you click on. That’s absurd (at least for most people). The best thing you can do is make sure you have a reasonably hardened browser and reasonably secure operating system.

How hardened? How secure? Depends on your threat model.

Who says they aren’t? Elon has zero problems with double standards.

I read a really good article recently about how people from different generations process information differently and so their UI preferences are wildly different.

The gist of it was

• A Boomer walks into a bookstore to buy a book. They feel overwhelmed by the sheer amount of books. There are too many ads for books, so they tune them all out. They choose one by an author they know, that their friends said was good.
• A Gen Xer / Millennial walks into a bookstore to buy a book. They check the various authors they like, check that the cover art is appealing and read the backs of the different books, figuring out which one they want to read, then they buy that one.
• A Zoomer walks into a bookstore to buy a book. They feel overwhelmed by the sheer amount of books, and feel bombarded by the ads for books. They check the authors the influencers they subscribe to on Youtube and Tik Tok say are good. They grab one of those based on the color of the cover, ignore the back and the cover art, flip it open to a random page, read that page and if what they read grabs their their attention they buy that book, but if it doesn’t, they move on.

As a result, each of these people will prefer to interact with vastly different UX.

Of course these aren’t hard and fast rules, set in stone and there are tons of exceptions, but it’s a definite trend.

The Lemmy demographic skews hard to the older Millennial / Gen X demographic and is mostly people who were on reddit 15+ years ago. It’s UI appeals to those people.

I’m actually doing two classes on alternating weeks, but they’re both

“Here’s basic opsec principles and now we’ll talk about a bunch of tools that are useful specifically for activism in (against) the current political climate.”

I’m doing a basic class where we’ll just try to help people organize in safer ways (Telegram is like the number one organizational platform right now). One of our goals there is to try to set specific projects / organizations up with dedicated Matrix servers and help them get non-technical people to use them.

We’re also doing a more advanced class where we want to help people set up their own hardened laptops and (for those able to secure the hardware) GrapheneOS phones. That will probably be like Unit 2 of that class. We want to start with threat modeling and help people figure out the tools they specifically need to do their work.

UPDATE:

I’ve had a chance to read through it.

• It’s short, to the point, an easy read, covers a lot of bases. I think that makes it an excellent starting point for people at the beginning of their journey.
• It doesn’t contain a lot of specific information, but I think it’s a good thing to have literature that’s just a general overview as a starting point.
• Stylometry is far from an exact science (https://pmc.ncbi.nlm.nih.gov/articles/PMC11707938/). However, I bet this won’t stop the current administration from using it (and possibly falsely accusing people because of it), so it’s good to know about.
• This will be extremely useful as I’m creating my lesson plan and I will probably pop it out to the class on day one as suggested reading.

Overall: Great resource and very timely. Thank you.

I would add, that if you’re planning to make a lot of use of tor, and run tor hidden services locally, syncing the Monero block chain over tor (possibly to multiple local machines) and solo mining on old slow computers is a great way to generate a bunch of random tor traffic.

I’ll read through this. I’m teaching a free class on cybersec / opsec to members of local activist organizations starting next month, so resources like this are potentially really useful.

Mint.

It’s extremely stable Linux for your grandma, that comes with every tool that she will ever use and on the cinnamon interface all those tools are exactly where she will expect them to be if she is used to using Windows.

I’ve gotten three boomers to use it and they hardly ever ask for tech support because it’s so stable.

Scratch under the surface of every for profit privacy / anonymity service, you find shitty libertarian cryptobros who probably post racist memes on 4chan while whining about feminism in the man-o-sphere. That doesn’t speak to the nature of people who care about privacy, it speaks to the nature of people who care about privacy and also want to do capitalism.