this post was submitted on 01 Dec 2024
17 points (100.0% liked)

Digital Community Building

41 readers
3 users here now

This community is intended as a place for discussion regarding building digital communities and spaces. The intended audience are the admins, moderators, and curators of digital spaces, not general purpose users. The idea is that by facilitating discussion between the organizers and activists managing these communities, a set of best practices will begin to organically emerge.

Links

What to post?

I Don't See Anything

Remember, federation for small/new communities is finicky and this is a project targeting a small audience. Federation will eventually improve as the project advances.

Consider checking in on the home instance to make sure you see everything.


Related Communities

!fediverse@lemmy.world
!moderators@lemmy.world
!trendingcommunities@feddit.nl
!communitypromo@lemmy.ca
!newcommunities@lemmy.world

founded 11 months ago
MODERATORS
 

It’s hard to find un-enshitified services, even just email. I managed to find a dozen or so ½ decent email providers. But they are only ½ decent. Many are shit in terms of reliability, probably as a side-effect of not being well funded. But then where are the discussions? I Lemmy-search for “onionmail” and only find a dozen hits.

Why is this? IMO it’s because there are just so many shitty options that they drown out the better options. Protonmail is the mainstream alternative to the notorious corporate garbage, but PM is a shit-show in its own right .. CAPTCHAs and other anti-human obsticals.

We need decentralization, but the nasty side-effect is that it spreads an already small crowd so thin we can’t find each other in the universe.

you are viewing a single comment's thread
view the rest of the comments
[–] Donk 1 points 3 weeks ago (3 children)

I find proton to be a pretty solid offering actually. What exactly are you trying to do with protonmail you aren't allowed to do?

[–] activistPnk 2 points 3 weeks ago* (last edited 3 weeks ago) (2 children)

Protonmail wants you using their GUI so you can see ads, IIRC. The biggest problem with that is they ship dynamic js to you on-the-fly which could harvest your key after seeing your IP. There are a few ways to avoid that:

  • pay for their bridge feature (payment itself introduces a privacy issue)
  • use hydroxide -- this was great until it broke in two ways: a bug in hydroxide and also the chronic CAPTCHA problem
  • use electronmail and the onion host -- this avoids untrustworthy js, but you are trapped inside a stupidly bloated app that embeds a whole fucking browser inside of it. And the CAPTCHAs still come.

If you overcome those factors (which I can’t because the CAPTCHA problem is chronic in my case, even via the onion), then there is still the problem that you must login periodically on the gratis account, or lose it. Notifications combined with Hydroxide made PM usable for a while but when a show-stopper bug sat idle for like a year or something I gave up waiting for progress, which was unlikely to get around the CAPTCHA problem anyway.

For me Google reCAPTCHA is a show-stopper by itself. I will not solve those, even if it’s to reach a gratis service.

Hushmail 15 years ago was much better than Protonmail is today, largely because expert users could do all the key management so their tech illiterate correspondants didn’t even have to know that keys are in play. Protonmail requires even the low tech users to know how to put a public key of someone into their addressbook. It takes a lot of arm-twisting just get security apathetic users into a new account. As soon as they have to take key management steps, it’s blown. Hushmail gave me a way to securely talk to accountants and lawyers.

[–] Donk 2 points 3 weeks ago (1 children)

Perhaps its the ad-catchers I use but i don't see any when I'm using proton webmail. I also don't see any CAPTCHA usually but I don't log in and out that much. I realise i'm trading security for convenience there.

The security aspects you bring up are real - key management is more than I would ask normal people to do. You can use crypto to pay for the service, if you can aquire some without going through ridiculous KYC that might be a more acceptable level of anonymity.

You seem much more opsec intelligent than me, thanks for the informative reply! Really enjoying the community around here.

[–] activistPnk 2 points 3 weeks ago* (last edited 3 weeks ago)

It’s an interesting point about staying logged in. In principle, hydroxide could be coded to login once and retain the cookie and reuse the same session cookie to check for new mail every 30 min to keep the cookie alive. And it could run on an always-on PC. That would probably cut back on the CAPTCHAs. That would be a good suggestion to the Hydroxide project because the CAPTCHAs make hydroxide a pain in the ass. People have to use a gui to login if a CAPTCHA hits, then pass the cookie back to hydroxide IIRC.