If we divide, we’ll be conquered. That wisom is at least two thousand years old by now. Better to unite and defy.
If we divide, we’ll be conquered. That wisom is at least two thousand years old by now. Better to unite and defy.
The whole point of making a federated network of independent instances is to avoid the issues arising with one central instance, right? Putting the content out to multiple instances plays into that: If it’s important content, no single authority can easily censor it, and the loss of a single instance won’t erase it.
If it’s trash, of course, every community in every instance you post it to will have to clean it up separately. Arguably, that puts more strain on the respective moderation teams, but if (ideally) those are disjunct people (again, to avoid the issues of a single authority), the strain should be distributed.
And on the plus side, it would enable each community (in the lemmy sense) to enforce their own nuanced rules, additionally leading to slightly more choice between the types of moderation you favour (as opposed to “There’s one big sub, take it or leave it”).
Individual communities may be smaller, but maybe some more form of coordination of similar communities across instances could amend that (like linking to the other communities in your sidebar etc.).
I could also imagine a super-community solution that would allow you to aggregate several communities across instances similar to multireddits. I’m new here, so I’m not sure if that exists, nor have I given the implementation any thought, but I suppose that could be convenient.
I can’t comment on the general trend, but this specific one seems a bit too circumstantial to be of use for a serious spying effort. You’d have to have the spyware running parallel to the apps usong passwords you want to steal in a specific way.
The risk exists, which is bad enough for stochastic reasons (eventually, someone will get lucky and manage to grab something sensitive, and since the potential damage from that is incalculable, the impact axis alone drives this into firm "you need to get that fix out asap), but probably irrelevant in terms of consistency, which would be what you’d need to actually monitor anyone.
If you manage to grab enough info to crack some financial access data, you can steal money. If you can take over some legit online account or obtain some email-password combo, you can sell it. But if you want to monitor what people are doing in otherwise private systems, you need some way to either check on demand or log their actions and periodically send them to your server.
It would be far more reliable to have injection backdoors to allow you access by virtue of forcing a credential check to come up valid than to hope for the lucky grab of credentials the user might change at an arbitrary moment in time.