I host 2 ejabberd servers. One casual, federated, the other one standalone, for work.

• Conversations is a decent android client that supports modern XMPP standards
• Dino on the desktop. It just happen to support the same subset of standards as Conversations, so they work pretty well together.

For Mastodon, I’m using an Akkoma instance hosted by a frind of mine

• Tusky works pretty well with it. There were certain annoying bugs when I combined the official Mastodon app with Akkoma.

Every once in a while I try Matrix, but each time I try to log in, Synapse is is fucked in a different way. I have to scrap it up and start from the ground up some day.

• Only the element based clients so far, because every alternative lack certain features.

I’m a big fan of Nostr, because of one particular feature - You control your identity without having to selfhost a server. The network seems to be occupied by the christian-carnivore-bitcoin-conservatives so far, therefor it’s pretty bland when it comes to content.

• Amethyst on Android
• Gossip on the desktop. This one requires a certain knowledge of the protocol. Each action needs to be manually triggered.

For some special use cases I have Signal, but most of the time, Telegram is the best the average person can do to meet me in the middle.

We hate the AI and proof of work, yet DEMAND someone to moderate our inboxes. For free.

• an average lemming

Pidgin was decent, but remember Miranda? The community around it was fantastic. The plugin system was an absolute blast. Not only there were plugins for any communication network you could think of, the UX was fully customizable.

At one point, somebody even bothered to implement the ICQ flash animations. There has not been anything like it ever since.

If a communication software has terms of service, run away!

Gmail offers imap amd smtp access. You have to enable 2FA, and then it will allow you to create account for so called “less secure apps”.

In your place, I’d either continue using gmail directly, or finish the configuration of the self hosted mail server and just use that with any smtp/imap client. I suggest getting a separate domain for testing first, before moving your primary inbox there.

The only thing worse than public voting is public voting that’s falsely advertised as private.

you still need good security configuration of the exposed service.

In a sense that security comes in layers, yes. But in practice, this setup will prevent 100% of bots scanning the internet for exposed services, and absolute majority of possible targeted attacks as well. It’s like using any other 3rd party VPN, except there’s not a central point for the traffic to flow through.

From the attackers point of view, nothing is listening there.

I’ve used a similar setup in the past to access a device behind a NAT (possibly multiple NATs) and a dynamic IPv4. Looking back, that ISP was a pure nightmare.

This is not a guide to hide from the government or ISP. Just a way to tunnel to your home server without publishing the sshd for random strangers. Personally, I’d just publish the ssh and be done with it.

I would rather live without the correlation attacks

The more people using Tor, the less useful targeted disconnects become.

Which is still just as open, but also a massive calling card for anyone trolling around the TOR network

Luckily, it is no longer possible to easily sniff the new v3 addresses by deploying a malicious relay. Any attack to even reveal the existence of a hidden service would require a very specialized setup. And we’re just talking discovery, not the ability to connect and attack the actual service running there.

just connecting to Tor is very much a huge exposure imho

Exposure of what, to whom?

Unbacked tokens. You mean like Tether?

Exactly like Tether. USDT was never backed 1:1 by USD. They don’t even try to deny it anymore. They admit it’s backed by “various assets, including BTC”, which smells like a market manipulation.

How does Taler promote taxation?

“Customers can stay anonymous, but merchants can not hide their income through payments with GNU Taler. This helps to avoid tax evasion and money laundering.”

• https://taler.net/en/features.html

it might definitely be useful when used correctly in the future

I can almost see the monk smacking an orphan for holding the spoon in the wrong hand :D

GNU Taller is pretty fragile, though. One bank issues unbacked tokens and the credibility of the whole system goes down the drain. It’s the current financial system, just rebranded. Also, it promotes taxation which automatically makes it a cult & scam.

That’s interesting. I’ve initially written it off as a scam. Until I’ve learned about the proof-of-work.

Monero is great. Except for the fact that when the dev team dislikes what miners are doing, they introduce a new arbitrary rule, and everyone just goes with it. Having a process to introduce such changes unilaterally is a bug that needs to be fixed first.

Also, there’s a lightning network which allows you to transact bitcoin fast and cheap. Although the privacy aspect is still not solved there.

We also need a McDonald’s emoji, Pepsi emoji, Windows emoji and Mastercard emoji

bitcoin is not a company.

deleted by creator

Of course security comes with layers, and if you’re not comfortable hosting services publically, use a VPN.

However, 3 simple rules go a long way:

1. Treat any machine or service on a local network as if they were publically accesible. That will prevent you from accidentally leaving the auth off, or leaving the weak/default passwords in place.

2. Install services in a way that they are easy to patch. For example, prefer phpmyadmin from debian repo instead of just copy pasting the latest official release in the www folder. If you absolutely need the latest release, try a container maintained by a reasonable adult. (No offense to the handful of kids I’ve known providing a solid code, knowledge and bugreports for the general public!)

3. Use unattended-upgrades, or an alternative auto update mechanism on rhel based distros, if you don’t want to become a fulltime sysadmin. The increased security is absolutely worth the very occasional breakage.

4. You and your hardware are your worst enemies. There are tons of giudes on what a proper backup should look like, but don’t let that discourage you. Some backup is always better than NO backup. Even if it’s just a copy of critical files on an external usb drive. You can always go crazy later, and use snapshotting abilities of your filesystem (btrfs, zfs), build a separate backupserver, move it to a different physical location… sky really is the limit here.

Being mainstream is exactly what I liked about reddit. It was the reincarnation of usenet. It has attracted all kinds of people doing all kinds of thing. Are you interested in swastika knitting? Piano jumping? Bathsponge sculpting? You can sure as hell find at least 2 other guys already doing it there.

I’m surprised as well. We put our posts up for anyone to replicate and republish, yet we still get mad when somebody replicates and republishes it. It does not make sense. Activitypub is an open network with zero privacy expectations.