Russia: We’re so mighty that all must tremble before us, our economy is stronger from sanctions, NATO is on the verge of collapse
Also Russia: Ma make em stop they’re being mean to me on Mastodon
Real gangsters don’t sweat the jibber-jabber.
Shit, I hope Hetzner doesn’t fuck this up.
Normally I’d say who the fuck gives a fuck about roskomnadzor, but then Hetzner is a german company. If the israelis were complaining Hetzner would bring their own guns
Ideally, the fediverse will help people in censorious countries access information their governments don’t want them to see, but I am not too optimistic, I used to think that about the entire Internet and look where we are now, governments around the world are very much managing to control the spread of information on it.
I still think that fedi will help, and in fact I am pretty sure it is helping already, simply because it is quite decentralized. Blocking 20k+ instances is not trivial. And each of these instances is an entrypoint, so to speak, into the broader fedi. Missing even one is thus a big deal. If my instance is blocked, I can set up an account on a different one, follow the same people, and I am back in business.
At the same time all these instances are run independently. One can’t simply threaten the whole fedi to force it to do a thing (say, take down an account), this just does not make sense.
Compare and contrast with centralized services like Facebook, gatekeepers like Cloudflare, and so on. Threatening one big entity with problems might be enough to “convince it” to take a thing down.
The reason governments and other powerful entities are able to control the information flow is because there are these hugely important single points of failure. Fedi is not perfect (
mastodon.social
is way too big for its own good…), but it is a step in the right direction.I intentionally didn’t register on big instances like lemmy.world or mastodon.social in order to avoid being part of obvious places to censor.
Blocking is quite trivial with a whitelist… what isn’t so trivial, is to block while keeping the appearances of not blocking, or block while IT workers at ISPs and hosting providers are morally opposed to blocking.
Keep in mind that Russia has already done the “block it all” experiment in 2019, and keeps practicing it: https://www.techradar.com/vpn/vpn-privacy-security/russia-disconnects-several-regions-from-the-global-internet-to-test-its-sovereign-net
Blocking a somewhat fluctuating list of 25k+ instances is still considerably harder than blocking a pretty stable infrastructure of a single major social media platform.
You’re thinking of a blacklist: “block NONE except [list]”. I’m speaking of a whitelist: “block ALL except [list]”.
Making a list of IPs registered with, and allowed by the government, is quite easy. China, Russia, Iran, etc. have been making those lists for years at this point.
If you’re hosting anything even remotely controversial, Hetzner isn’t a good choice. They’ve been known to disable servers without warning after receiving reports like this.
Just curious, but what would be a good choice, or where would one look for it?
I guess no hoster is safe, but maybe have a backup in a different jurisdiction.
I’m not sure which companies are best for this use case.
I tend to find the R820 behind me to be a pretty reliable host so long as you don’t mind footing the power bill to run it.
Which network setup do you use? Use a VPN tunnel with 1:1 NAT, route a subnet? Something else?
Pretty simple simple ‘castle & moat’ setup. Lots of firewall, IPS, dynamic threat, etc around it with separate subnets and all the usual biz. My ISP doesn’t use CGNAT so I’m lucky that way, though they did question WTF I was doing last I made a service call to them based on the bandwidth usage.
All service providers in the EU have to follow a similar abuse report handling procedure.
They usually require a response to abuse tickets within 24h, so better have someone capable of responding at least twice a day. Unless the abuse goes against the provider’s ToS (don’t do that), simply responding to it should make it go away… as in, the provider washes their hands and lets the reporting party and you sort it among yourselves, be it in court or whatever. Russian government agencies are not very likely to win a case in the EU these days, though.
If you don’t want to deal with hosting providers, you can self-host and deal with your ISP.
This varies a lot from one ISP to another, some will cut you off at the first sign of abuse, others will ignore abuse reports like nothing happened, while others will port-filter you so you can’t even host stuff yourself. You will also find that most residential IP ranges are on blacklists used by mail providers.
To increase the likelihood of staying online, use redundancy. For a while, I used to manage a system with two hosting providers, acting as reverse proxies and fallback for a local dual server setup with dual PSUs, dual UPSs, with dual connections to two ISPs via two routers. We used to get close to “six 9s” uptime.
.gov email accounts are pretty easy to get, if you want to do the Lemmy version of sending yourself flowers