For #3, you need to log in to your iCloud account, head to the profile and security options, and make an application password.
Thunderbird will find all the appropriate settings once you provide your main iCloud email, and you just need to use the application password and everything will just work.
I’m going to disagree with the OCLP people: it’s a fine project, but it’s absolutely horrible to deal with from an end-user perspective because they’ll update something without realizing it’s going to break something, and now you have to deal with someone’s computer not working and get to maintain it.
If you can move to Linux, and she’s happy with that, then great. Though you’d probably want normal Fedora, and not Asahi since it’s not a M1/M2-based Mac.
But it sounds like she wants MacOS and, unless you want to fiddle with something that’s finicky, failure-prone, and not guaranteed to work in the future, just go buy a used/refurbished M1 for like $600, and then not worry about it for the next 5-10 years.
Good news, then: http://canvas.toast.ooo/
A list of who an instance federates with or is blocking is at https://an.instance.youre.wondering.about/instances (replace with the proper site name)
The constant politics argument is tiring. Do you know the politics of the guy who made your favorite game? What about the guy who made your text editor? Or your browser? Or the software in your microwave? Or grew your food? Or the guy who made that song you like? What about the owner of the last convenience store you bought your mtdew from?
Even if the commentary is coming from an honest point of view and not just shitty astroturfing (and it very much isn’t), it doesn’t matter. If you don’t like it, use an instance that’s not run by them and who cares.
I’m not a Postgres expert but a quick look at the pgsql limits looks like it’s 4 billion by default, which uh, makes sense if it’s a 32 bit limit.
Soooo 5 million users would need to make… 800 posts? ish? I mean, certainly doable if nobody caught it was happening until it was well into it.
I think that’s likely to cover common uses outside of just ‘for the lulz’.
The for the lulz resonates a lot with me - though I know that a decade of dealing with a lot of these types assuredly biases me to at least some degree - because it’s easy enough to do what they’re doing now AFTER you figure out how you’re going to monetize it and signups this aggressive and so widespread doesn’t really make sense to me.
In my experience with content moderation/fraud/abuse work, I found that you’d often have a very slow trickle of accounts sign up over weeks/months/and, in one situation, years, and THEN they’d all break bad and you’d have entire servers and instances all light on fire at once and result in a mess that’ll take a very long time to clean up.
If you have 5,000 users that signed up all at once you can literally just delete all those rows from the database and probably not impact too many real people vs. if you have 5,000 users sign up over 6 months then you have the data dispersed in good data and now have much more of an involved spelunking expedition to embark on. I also found that it was typically done in waves as well, so you can’t do a single clean and go ‘well all the accounts that weren’t doing thing must be okay’ because eh, maybe not.
And, also, there’s a lot of hand-wringing about developer and instance politics from various blog posts, “news” sources, the fediverse, traditional social media and so on from all sides of the spectrum, and while I’d never claim to be a centrist or even remotely moderate, the more embedded in one extreme or another you find yourself you can start justifying doing all sorts of stupid shit, and a DDoS (which, quelle surprise is ongoing right now) is SO trivial to do when there’s not a whole lot of preventative measures in place that don’t require a bunch of squabbling internet humans to cooperate and work together to block signups, clean up the mess that’s already there, and work with each other on mitigation tools that do things everyone agrees with.
It’s always about following the money for spammers/malware/etc. authors: there’s (usually) a commercial incentive they’re pushing towards.
The bot is evolving and adapting to countermeasures and becoming “smarter” which means some human somewhere is investing time and effort in doing this, which means there’s some incentive.
That said, I doubt it’s strictly commercial because the Lemmy user base is really small and probably not worth much because if you’re here you’re most certainly not on the area of the bell curve that’ll fall for the usual spambot commercialization double-your-money/fake reviews/affiliate link/astroturfing approaches.
I’d wager it’s more about the ability to be disruptive than the ability to extract money from the users you can target, so like, your average 16-year-old internet trolls.
Because you can’t make thousands of spambots on your own instance because as you noted it’d take about 5 minutes to defederate and thus remove all the bots.
You want to put a handful on every server you can, because then your bots have to be manually rooted out by individual admins, or the federation between instances gets so broken there’s no value in the platform.
And for standing up more instances, you have to bear the cost of running the servers yourself, which isn’t prohibitive, but more than using bots via stolen/infected proxies (and shit like Hola that gives you a “free vpn” at the cost of your computer becoming an exit node they then resell).
Also, I’m suspicious that it’s not ‘spam bots’ in the traditional sense since what’s the point of making thousands of bots but then barely using them to spam anyone? My tinfoil hat makes me think this is a little more complicated, though I have zero evidence other than my native paranoia.
Oh, no, it is absolute: if you say and do nothing, then at best, you’re allowing the harm they cause to happen, and at worse reinforcing their behavior.
So yes, if you have racist friends and you sit silently then yes, you’re a racist supporter.
Depends. Do you just keep your silence or do you call them out when they’re being shitty?
It’s bots. I’m seeing the same thing, with the exact same phrasing. Straight into the nope pile with them.
Be the change you want to see? Lemmy is still a baby and someone’s going to have to make those posts or ask those questions if that content is going to show up there.
No, you’ve (maybe) limited your singular solitary instance’s growth: your instance is not “Lemmy” and admins should do whatever they find works for them, is something they can easily enforce, and resolves the problem.
If you want to geoip limit signups to Skokie, Illinois? Great! If it works for you and keeps your instance from being The Problem, then it’s a valid solution.
(I don’t disagree that email domain blocks are not a singular solution to any abuse problem, but I also think that whatever works for the individual admin is perfectly reasonable, and email blocks CAN be worthwhile.)
As with all things non-corporate, you determine if the instance you want to use is run by a reliable person by uh, vetting the person. This is absolutely impractical and absolutely not something you can ask an average person to do in order to post cat memes on the internet, so long-term the right call would probably be to move the “big instances” into a foundation/corporation model (think OSI or Apache or Gnome or…) to provide proper shared ownership of resources, continuity planning, and better handling and monitoring of donated funds as well as better opportunities for outside funding - it’s actively easier to get funding or support for actual foundations/non-profits than some dude running a thing in his basement.
You then have a very public entity that’s much simpler for any random person to decide if they’re reasonable - the fact they exist AT ALL is a huge indicator of legitimacy because the work required to even get that far is not entirely trivial.
Monetization is… problematic. It’s probably going to HAVE to be donation-based because I don’t think ads or data mining or segues to our sponsor are acceptable on federated platforms and won’t result in you getting anything but tossed out.
I’d also say that there are fundraising options for larger instances that offer valuable communities: you can get a LOT of donations out of corporate America (this is US-centric, of course) if you’re a registered non-profit they can donate a tax write-offable donation to, and something like a Lemmy instance is just a rounding error in donations, if you can get in the door.
I’m also not a lawyer, but have worked with lawyers on a GDPR compliant policy, and boy, is it an absolute mess. The larger instances are absolutely going to have to comply, and there absolutely has to be a way to export and delete your data, and federation is absolutely going to run into the data processor vs data controller dual-responsibility pile and it’s absolutely going to be a mess… maybe, at some point, or not. For the MOST part, it’s a policy where as long as you’re being reasonably compliant and nobody is complaining or suing you, it’s not quite as horrifying as it is on paper.
The deletion stuff absolutely needs to be done sooner rather than later, and there needs to be a way to export all the data an instance has on a given user, but those two things will probably cover the worst risks any particular instance has.
Thunderbird doesn’t understand aliases by default (apple’s mail apps on MacOS and iOS do). You’d need to add the alias under Account Settings -> Manage Identities for each alias (which is any custom email domain accounts you add, assuming you want to send mail as that user). There is only one account: the iCloud login. Everything else is treated as an alias, and doesn’t create its own inbox - everything goes into the singular inbox.
As the other posts said, email won’t migrate automatically. The easy way to do it, though, is setup your old email and the iCloud email in email and just drag and drop your email from the old email to your new iCloud one.