We've recently started adding #CampaignFinance data to all the #CivicBand sites in #California where we can get that data easily.

We now have data for #SanJoaquin county going back to 2012

https://sanjoaquin-county.ca.civic.band/

FR#154 – Search and Community

Last week, Holos Social quietly shut down Holos Discover, a fediverse search engine built on ActivityPub. It had put in serious effort to allow for user consent, it only indexed public posts from accounts with the indexable flag enabled, appeared as a visible follower, processed deletions and edits in real time, and excluded accounts that were locked or had #nobot in their bio. This is about as close you can get to building a consent-respecting search engine in the current fediverse.

Community members pointed out that the indexable flag is enabled by default on many instances, which means that a significant number of accounts with the flag set never made a deliberate choice to be indexed. The flag that’s supposed to signal “this person consents to being searchable” frequently signals “this person’s server admin didn’t change the default”, and on a protocol-level, there is no difference between these two options.

Search and indexing projects on the fediverse tend to end the same way, from early full-text indexing attempts through Searchtodon‘s careful experiment with personal timeline search in 2023, to FediOnFire‘s relay-based firehose display earlier this year. Not all of this resistance was unjustified: Maven imported over a million fediverse posts without notice and ran AI sentiment analysis on them, which is a far cry from what Holos was building. But the community response has rarely distinguished between projects that deliberately violate consent and projects that try to respect it. Bridgy Fed survived a similar cycle by shifting to an opt-in model, but it’s the exception. The norm against search was established during periods of intense community backlash that sometimes crossed into coordinated harassment. These backlashes have grown less intense as people seem to have largely moved on. See for example how Searchtodon got an intense backlash in early 2023, and I explicitly flagged an offline-first client that could do effectively the same in fall 2025 that did not get any backlash. Still, the expectation for backlash persists as internalized caution.

The community correctly identified that the indexable flag doesn’t reliably represent individual consent. Helen Nissenbaum’s work on contextual integrity makes the case that privacy isn’t about secrecy but about appropriate information flows: posting on Mastodon carries an implicit norm about who will encounter that post and why, and violating that norm is a privacy breach even if the post was technically public. Daniel Solove and Woodrow Hartzog make a similar legal argument, saying that publicly available data is still regularly protected by privacy law, and that accessibility alone doesn’t license arbitrary downstream use.

But the only available response to discovering that the indexable flag is unreliable, treating all defaults as non-consent, has some major side effects. It removes the possibility that a server admin could legitimately say “our community values public discovery, so we set defaults that support that.”The protocol has no way to represent whether a default was set deliberately or by inertia. So the community norm treats them the same, which in practice means that a server admin who says ‘our community is about public discovery’ gets treated identically to one who never looked at the settings page. This results in a view of fediverse servers that only contains individual choices, and where a community deciding collectively to be discoverable is not an available category.

This is a strange outcome for a network that’s supposed to enable governance diversity across communities. Mastodon published a blog post this week where Executive Director Felix Hlatky says the mission is to “connect the world through thriving online communities”. But this current structure for how to signal consent for data processing can only recognise the individual, and has no mechanism for a community to signal anything.

There is also something patronizing about the framing that treats defaults as equivalent to non-consent. If we take seriously the idea that servers are communities with governance, then an admin who configures their server for public discovery is making a governance decision on behalf of their community, not failing to notice a checkbox. Treating all defaults as non-consent refuses to recognize that decision as legitimate, which undermines exactly the kind of community-level agency that a decentralized network is supposed to enable. As I argued in another article this week, where community lives in these networks is an open question, but it can’t be answered if the architecture only recognizes individuals.

Meanwhile, there are about half a dozen ways to harvest fediverse data with no accountability and no opt-out attached, and all of them are effectively condoned because they happen out of sight. What the current setup actually does is push practices for data gathering out of sight, where no opt-out mechanisms exist, instead of creating conditions where accountable tools can be built in the open. The current system is better at protecting the community’s idea of itself as a place that takes consent seriously, than it is at actually protecting users.

Mastodon’s Fediverse Discovery Providers project, or Fediverse Auxiliary Service Providers (FASP), is building a specification for pluggable search and discovery services that any fediverse server can connect to, funded by an NGI Search grant. It aims to solve the same problem as Holos, providing discovery infrastructure that can be used by other servers.

The FASP specification explicitly states that providers will “only ingest content from creators who opted in to discovery in the first place” and will “respect this setting,” referring to the same indexable signal that Holos relied on. The spec is well-designed in other respects: it is decentralized, allows servers to choose among competing providers, separates content URIs from content fetching in ways that limit data exposure, and requires signed fetch requests so servers can identify and block specific providers. But the problem is that the consent mechanism at its foundation is one the community has already explicitly said it doesn’t trust.

If the Holos episode established that the indexable flag is insufficient because it can’t guarantee individual deliberate consent, then FASP’s privacy model has the same hole. It shows that the lack of search and discovery is a governance problem, not a technical problem. Holos and their experience building a search engine shows that the ‘indexable’ flag is not sufficient. The technical infrastructure for discovery is being built, but the governance infrastructure for consent, a way to distinguish deliberate community choices from defaults, is not discussed at all.

#nobot

https://connectedplaces.online/reports/fr154-search-and-community/

22日のコミティアへ参加させていただきます☆彡

「COMITIA155」
2026年2月22日(日)
場所:東京ビッグサイト
配置:東5ホール こ-06a

＊参加サークル名:マタタビMIX

・・・+お品書き +・・・
▼新刊
「ノスタルジックソビエト」400円(2026/2/22発行)

▼既刊
「おくすりの時間」400円(2025/11/24発行)／他
・・・・・・・・・・・・

ギリギリになりましたが、新刊は赤い本になりました 。.☆.:*

#コミティア155 #お品書き

“You can change your country, or you can change your country.” https://aaron.blog/change-your-organization/

ていうか技術革新とかどれだけあっても一向に労働時間が減る気配がないのはなぜかをまじめに考えようとしてるのが『ブルシット・ジョブ』ですたぶん(6割まで読んだ

炭水化物いいな炭水化物

YouTube thumbnails I am cracking up at today

Gemini 消す方法

What did I just read?

"He had a chest of drawers, entirely empty except for a lint roller, pens, and in one corner, a pink vibrator. “It’s for girls, you know,” said Roy. “I used to use this one on my ex.” There were also some objects that didn’t seem to belong in a frat house. In one of the common areas, a shelving unit was completely empty except for an anime figurine. You could peer up her plastic skirt & see the plastic underwear molded around her plastic buttocks"

https://harpers.org/archive/2026/03/childs-play-sam-kriss-ai-startup-roy-lee/

Show HN: A native macOS client for Hacker News, built with SwiftUI

Link: https://github.com/IronsideXXVI/Hacker-News
Discussion: https://news.ycombinator.com/item?id=47088166

🟧 « On n'a plus de moyens d'exprimer notre colère, nos inquiétudes, nos peurs. »

Fleur Breteau convoquée #AuPoste pour revenir sur le mépris affiché par les élus envers les préoccupations sanitaires et environnementales.

guy at work is vibecoding redis backups, cannot wait for this to go badly

メタプログラミングそのものではないと思うんだけど、それはそれとしてメタな方に行きがちになってもおかしくはないと思う(この場合のメタってなんだ？

口からよだれ出して寝ていた

Auto-Reloading Magnet Dispenser Can Feed Itself

https://hackaday.com/2026/02/20/auto-reloading-magnet-dispenser-can-feed-itself/

the good news though is that it seems to be coming

"Vibe coding is metaprogramming"
https://blog.valentin.sh/vibe-metacoding/

Yes! Ha ha ha... YES!

メタなこと考える人が増えた？

#mastondon Friends!

There is a TON of improvements we could make to Private Mentions (often called DMs on other platforms) e.g.
* getting them out of the public timeline
* Having a stronger notification tied to the Private Mention tab
* (amount other things)

But here is my MAIN question: How critical is it that these message are encrypted? I'm not against encryption! It's just complex and will take time. If we were to make some UX changes as a first pass WITHOUT encryption would you be OK with that (at least for now?)

If you MUST have encryption, that's fine, please do me the favor of replying explaining why you need it.

I’m still recovering from surgery but this essay from the inestimable @ftrainPaul Ford is incredible. I’m deeply jealous I didn’t write it. https://www.nytimes.com/2026/02/18/opinion/ai-software.html?unlocked_article_code=1.NlA.zBfC._G-xh4OENzfW&smid=url-share

We build Bridgy, not walls 🌉

히히 싸인 만들었지롱

Anyone who is about to complete, or already has completed, an age-verification or identity-verification process online should read this short article.

Especially if it's on LinkedIn or Discord.

"I Verified My LinkedIn Identity. Here's What I Actually Handed Over." by @thelocalstack
https://thelocalstack.eu/posts/linkedin-identity-verification-privacy/

#Privacy #LinkedIn #Discord #AgeVerification #IdentityVerification #MassSurveillance

I just declared PR bankruptcy in the Spectre.Console project. It never feels good to do that, but the number of PRs started to stress me out, and many were duplicates or created without an issue. #oss

I will do better moving forward.

finding credentials in .msi files with msiexec https://lobste.rs/s/i4u55k #reversing #security #windows
https://ljb.fyi/your-msi-isnt-an-executable/

아 이 색 이쁘다

The local AI stack just got its long-term home 🤗❤️

Open-source + AI: ggml joins Hugging Face, llama.cpp stays open... the people closest to the tools are governing the tools. No cloud required, no API keys, no terms that change on you overnight.

https://blog.adafruit.com/2026/02/20/open-source-ai-ggml-joins-hugging-face-llama-cpp-stays-open-local-ais-long-term-home/

It's time to start organizing meetups for #LibreLocal 2026! https://u.fsf.org/4af #FreeSoftware #FSF

When you're writing code in a vacuum, it can be difficult to see the forest through the trees.

Tap into the #PyTexas community - a group of compassionate #python developers hosting trainings & other events like #PyTexasConference2026 to support more devs in Texas and beyond. 🚀

I had a really nice time talking about how "The Internet Was Never Inevitable" (touching on #othernetworks, media archaeology, and the @mediaarchaeologylab) on the Orthogonal Bet podcast. gawd this picture of me but whatever? https://www.theorthogonalbet.com/p/the-internet-was-never-inevitable?r=2ecqt1

Because of the summer beta season, I reset several iOS test devices at least twice a year.

You know what step of that process I haven’t seen go smoothly in YEARS? Disabling Find My & Activation Lock.

Type the password, hit the button, wait forever.

You can cancel and try again, and then it’ll work, but what?!

Is it just my iCloud account(s) this affects or is Reset not on one of the regular QA scripts at Apple?

[美관세 위법판결] 트럼프에 힘싣던 대법, 결정적 사안서 발목 잡았다
(워싱턴=연합뉴스) 조준형 특파원 = 도널드 트럼프 미국 대통령 2기 출범을 전후해 트럼프 대통령의 어젠다에 유리한 판결을 이어온 미 연방 대법...
https://www.yna.co.kr/view/AKR20260109006400071

#news #뉴스

Once you realize it’s not “age verification”, but actually “identity verification”, then it’s easy to understand that the real goal is “papers, please” for the entire internet.

らくがき

メタなこと考える人が増えた？

Gentoo moves too!

In recent days, weeks, months, the fallout hasn't even begun - Microsoft is still weathering the blast itself. Even in the last couple of days viral videos are racking up millions of views covering what many people are hailing as the demise of Microsoft itself - to be certain, no one is shedding any tears.

The first two defectors? HP and Samsung (PCs and Androids). Samsung removed preinstalled Microsoft apps from their devices and now other Android manufacturers are following suit.

When you go to purchase an HP laptop now it comes with Linux by default (or you can, upon request, pay more for a Microsoft operating system). Following suit were Dell (same thing, Linux by default or your can request Windows 11 and pay more money for it), then Lenovo, ASUS, and Acer - pretty much everyone that matters has abandoned Microsoft.

Even the retailers are bugging out - Best Buy, Walmart, and even Amazon are jumping ship, and I don't even need to explain why, but again, you can pay more to be subjected to invasive privacy mining. CoPilot and Recall may be the straws that broke the behemoth's back.

And the shockwaves of ever larger concentric circles have found their way to Gentoo, the latest prominent project to begin the migration to CodeBerg according to Linux Journal.

Adherence to the values of privacy and open source are cited, and Codeberg champions those values, themselves having moved to a hosted git software project that values those principles - Forgejo.

There's a huge paradigmatic shift occurring with respect to how people view their privacy, and especially their identities and intellectual property. They've had enough of the dismissive subjugation and are realizing they can do much better, faster, with more privacy, and without tracking or malware pre-installed in their systems, for much less money.

It will be interesting to see how the Redmond Dreadnought manages to maneuver this time; have they even the use of their rudder to persuade all of the major manufacturers of Android devices, desktop and laptop PCs to come back from the pasture into the slaughterhouse?

#tallship #Gentoo #Codeberg #Forgejo #FOSS #Privacy

opengl is for people who want to finish projects and vulkan is for people who are just looking for something to help their ecs framework stand out a little more

[美관세 위법판결] 트럼프에 힘싣던 대법, 결정적 사안서 발목 잡았다
(워싱턴=연합뉴스) 조준형 특파원 = 도널드 트럼프 미국 대통령 2기 출범을 전후해 트럼프 대통령의 어젠다에 유리한 판결을 이어온 미 연방 대법...
https://www.yna.co.kr/view/AKR20260109006400071

#news #뉴스

RE: https://mastodon.social/@dansup/116104111241012361

this isn't a discord alternative btw, we will have group chats and public channels like Telegram, but have no intention to support discord like guilds.

there are quite a few promising discord alternatives, we don't plan to go that route.

just realized CSS variables don't yet support the most basic compositional pattern — calculating from parent value github.com/w3c/csswg-dr...

[css-values-5] inherit() funct...

The children yearn for the stove.

Sometimes you just need a solid, straightforward, monospace pixel font right? right?* something like this: https://somepx.itch.io/pixel-font-brief

*I most certainly do, that's why I made this
#font #design #pixelart #gamedev

Trump's global tariffs struck down by US Supreme Court

Link: https://www.bbc.com/news/live/c0l9r67drg7t
Discussion: https://news.ycombinator.com/item?id=47089213

仕事が嫌になったので、こういうDSLを妄想してみた
https://github.com/polidog/ReverHTTP/blob/main/spec.md

このDSLを考えた背景として、WhatとHOWを分離したいという気持ちと、LLMにプログラミング言語扱わせるのはコンテキスト肥大化するなという課題感から考えてみました。

面白いのはDSLからJSON IRつまりjsonで中間表現をすることによってどの言語でも実装可能にするところかなと思っています。

実験的なものなので、実用レベルにしようとも思わないけどとりあえずPHPで動くところまでは作ってみようと思います。

Cleaning up merged git branches: a useful one-liner https://lobste.rs/s/fbp9s0 #unix
https://spencer.wtf/2026/02/20/cleaning-up-merged-git-branches-a-one-liner-from-the-cias-leaked-dev-docs.html

what if your messenger didn't care what protocol your friends use?

sup bridges activitypub, xmpp, irc, atproto and more into one clean app. pixelfed, mastodon, loops - every one.

modular by design. hackable by default.

open source + agpl + self-hostable

the ethical messenger that shouldn't exist but soon will. 🔥

follow @supappsup for updates and early access

#Sup

冬とりのちゃんとこももちゃんのふれあい　@rinonpicにうとりの おかりしました！

We've recently started adding #CampaignFinance data to all the #CivicBand sites in #California where we can get that data easily.

We now have data for #SanJoaquin county going back to 2012

https://sanjoaquin-county.ca.civic.band/