Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

  • eatham 🇭🇲@aussie.zone
    link
    fedilink
    English
    arrow-up
    152
    ·
    1 year ago

    Full article:

    We have successfully completed our migration to RAM-only VPN infrastructure

    20 September 2023 NEWS SYSTEM TRANSPARENCY

    Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

    In early 2022 we announced the beginning of our migration to using diskless infrastructure with our bootloader known as “stboot”. Completing the transition to diskless infrastructure

    Our VPN infrastructure has since been audited with this configuration twice (2023, 2022), and all future audits of our VPN servers will focus solely on RAM-only deployments.

    All of our VPN servers continue to use our custom and extensively slimmed down Linux kernel, where we follow the mainline branch of kernel development. This has allowed us to pull in the latest version so that we can stay up to date with new features and performance improvements, as well as tune and completely remove unnecessary bloat in the kernel.

    The result is that the operating system that we boot, prior to being deployed weighs in at just over 200MB. When servers are rebooted or provisioned for the first time, we can be safe in the knowledge that we get a freshly built kernel, no traces of any log files, and a fully patched OS.

  • Onii-Chan@kbin.social
    link
    fedilink
    arrow-up
    126
    arrow-down
    1
    ·
    1 year ago

    It’s a good day to be a Mullvad user. Switched over from Surfshark a while ago, and I love it.

        • TrustingZebra@lemmy.one
          link
          fedilink
          arrow-up
          16
          arrow-down
          1
          ·
          1 year ago

          Funny thing is I started using Surfshark just before they started all the YouTube sponsorships. Them doing so many sponsorships actually made me trust them less somehow, if that makes sense.

          Mullvad “appears” to be more trustworthy but maybe they are just better at marketing that image. They still cost twice as much as Surfshark.

          • candle_lighter@lemmy.ml
            link
            fedilink
            English
            arrow-up
            26
            ·
            1 year ago

            The best piece of marketing Mullvad ever got was when the Swedish police raided them and Mullvad literally had zero data to turn over to them.

          • LucidNightmare@lemm.ee
            link
            fedilink
            arrow-up
            6
            ·
            1 year ago

            Usually when a company throws buckoos of money into advertisements, that’s where the money that could’ve been spent on a better product went. I’ve found products that were advertised so heavily, almost always have dog shit quality.

      • PeachMan@lemmy.one
        link
        fedilink
        arrow-up
        40
        ·
        1 year ago

        You don’t use Mullvad for their performance, you use them for their insanely paranoid security and privacy practices.

        And for the record, I was never impressed with Surfshark speeds. I dropped them when they bundled a virus scanner into their VPN client, that’s sketchy as hell. I don’t want my VPN provider scanning my files.

        • lud@lemm.ee
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          Mullvad has excellent performance though. I got nearly gigabit, I, unfortunately, had to switch when they removed port forwarding.

        • TrustingZebra@lemmy.one
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          1 year ago

          Yes I agree Surfshark has done some weird things. I find it weird that it’s actually the same company now as NordVPN, but they don’t make it clear.

          Regarding performance, Surfshark is decent speed but still slower than not using a VPN. The more annoying thing is that I get a lot more captchas when using Surfshark. I think these issues are common for all VPNs, though I haven’t tried Mullvad yet (I will when my Surfshark subscription ends).

      • Onii-Chan@kbin.social
        link
        fedilink
        arrow-up
        18
        ·
        1 year ago

        I never had any real issues with speed using Surfshark, the reason I made the switch was largely about trust. As another user said, as soon as I saw Surfshark start their YouTube advertising spree, and start to bloat their client with unnecessary features, I started looking for alternatives.

        I’m iffy about any VPN company that uses YouTuber marketing as it is, and while my threat model isn’t overly paranoid, I believe the VPN company someone chooses to use should have paranoid business practices. After I saw the news on Mullvad’s raid, the authorities subsequently finding nothing, and the fact that a user’s account is merely a string of numbers, I decided it was the VPN for me.

      • lemmyingly@lemm.ee
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Mullvad compared to PIA, Google annoys me less with recaptures. I know it doesn’t answer your question but thought I’d throw my 2 cents in since PIA was quite a popular choice with their YouTube sponsor slots and cheap prices

        • TrustingZebra@lemmy.one
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          It’s good to hear you get less captchas with Mullvad. At least for me, when using Surfshark + Private Browsing, I am basically guaranteed to get a ton of captchas on any Google searches.

  • Hubi@feddit.de
    link
    fedilink
    arrow-up
    83
    ·
    1 year ago

    Wow, that is very impressive. I’ve been a subscriber for a few years and I couldn’t be happier with their service.

      • Hubi@feddit.de
        link
        fedilink
        arrow-up
        46
        arrow-down
        1
        ·
        1 year ago

        That didn’t effect me much personally and I could understand their reasoning. Still, it’s understandable that it lead to some frustration among other users.

      • far_university1990@feddit.de
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        Someone in this thread mentioned that was abused so much that hosting providers cancelled them. So they needed to remove it to be able to continue to operate.

      • Ado@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        edit-2
        1 year ago

        I’ve been a subscriber for 5+ years and have zero issue with the loss of port forwarding. I use my devices for everything from gaming to torrenting, and haven’t run into something cause a problem that required me to use port forwarding on mullvad.

        what has been an incredible source of frustration as a user of Mullvad tho is when websites block me or hit me with repeating captchas. I’ve also had a huge uptick of spam coming in from weird domains. Obviously not sure if thats mullvad-related, but sounds like the issue of “individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers”.

        The removal of this feature seems to be a better of two difficult options.

        • lud@lemm.ee
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Torrenting works better and faster with port forwarding.

          • Ado@lemmy.ml
            link
            fedilink
            arrow-up
            2
            arrow-down
            6
            ·
            1 year ago

            dogs need about one ounce of water per pound of body weight per day

  • mnmalst@lemmy.zip
    link
    fedilink
    arrow-up
    52
    arrow-down
    5
    ·
    1 year ago

    I find the “Mullvad VPN scratch cards” interesting. If a store near you has them you could buy one and be totally anonymous. What I find a bit odd is that you can buy them on amazon as well but sold directly by mullvad. Doesn’t that defeat the purpose? The idea of the card is a decoupling of your real identity from the vpn user but when you buy the card in their store doesn’t it negate that?

    I am probably just missing something here. Does anyone have more insight?

    • Leraje@lemmy.blahaj.zoneOP
      link
      fedilink
      English
      arrow-up
      81
      ·
      1 year ago

      The code on the card is covered so Amazon might know you use Mullvad but they have no way of knowing what your account is.

      Mullvad know your acct but they have no way of knowing how it is you paid other than maybe it being a scratchcard which they don’t track anyway.

        • Leraje@lemmy.blahaj.zoneOP
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          1 year ago

          All those things you listed simply confirm that a particular person bought a Mullvad scratch card. There’s literally no way to associate that data with a particular Mullvad account. To do that they’d have to have a record of the card batch number and somehow have accessed the code underneath the scratch-off panel and then find a way to match those numbers against your Mullvad acct.

        • PeachMan@lemmy.one
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          You’re not wrong, BUT that’s why Mullvad offers other forms of anonymous payment, the flexibility lets you be as paranoid as YOU want to be. You can pay in Bitcoin, or you can literally mail them an envelope of cash with no return address. Amazon scratch cards are just the most convenient option, and as always, you trade security for convenience.

      • mnmalst@lemmy.zip
        link
        fedilink
        arrow-up
        3
        arrow-down
        9
        ·
        1 year ago

        I am not talking about amazon knowing it. Amazon offers shops for businesses, where a business directly sells goods to their customers using amazon as a transaction platform. Those shops send the goods directly to their customers (Sometimes it comes from an amazon warehouse as well tho). If the first case is true, mullvad would send me the card directly, so they would know I bought it, which makes the card obsolete in my view.

        But maybe they don’t send it themself and the cards are all just sitting in a big warehouse. Either way, to me it’s not 100% a given that they couldn’t at least in theory know who bought it.

        I am just playing devils advocate here btw, I am not really concerned about it.

        • imgonnatrythis@lemm.ee
          link
          fedilink
          arrow-up
          19
          arrow-down
          1
          ·
          1 year ago

          You are buying access to a VPN not a nuclear warhead for the black market. The link between buying a VPN card and the code used in that card to link to said vpn activity which is also pretty well protected on Mullvad is not easily discoverable. Seems like a pretty reasonable privacy gap to me.

        • Leraje@lemmy.blahaj.zoneOP
          link
          fedilink
          English
          arrow-up
          17
          arrow-down
          1
          ·
          edit-2
          1 year ago

          If you’re a Mullvad customer then they already know your IP and from that they could identify you pretty easily. But that’s true of all VPN providers, but they claim they don’t log and I seem to recall them saying they don’t keep a record of scratch off card numbers (why would they?). Either way you have to trust them and based on the fact they’re totally open I do.

    • 👁️👄👁️@lemm.ee
      link
      fedilink
      English
      arrow-up
      14
      ·
      1 year ago

      Better yet, they employ a guy you can find in an alley who has a bunch of redemption cards in his trench coat. He takes cash or crack.

    • SoggyBread@lemmy.world
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      Probably not because they still dont know who bought that card since the scratch card is linked to the money but that card could be used by anyone. Nothing stop you from buying them and giving them to a friend

    • Simran@lemm.ee
      link
      fedilink
      arrow-up
      4
      arrow-down
      8
      ·
      1 year ago

      Well the biggest selling point of VPNs is easier piracy not privacy. Most VPN customers just want to protect themselves from anyone watching their downloading habits. Yeah technically there would be a trail but no one is going to follow it to catch someone downloading inception.

  • 👁️👄👁️@lemm.ee
    link
    fedilink
    English
    arrow-up
    48
    arrow-down
    2
    ·
    1 year ago

    Mullvad is such a good company. I just bought another month yesterday, but guess I’ll go and add another year to that!

  • doublejay1999@lemmy.world
    link
    fedilink
    English
    arrow-up
    60
    arrow-down
    14
    ·
    1 year ago

    Interesting what’s going happening with mullvad. For the best part of 10’years, you hear nothing.

    Does anyone know why they are recently noisy?

    • Leraje@lemmy.blahaj.zoneOP
      link
      fedilink
      English
      arrow-up
      36
      ·
      1 year ago

      Going by rate of blog posts by year they don’t seem any noisier than usual. The opposite if anything. 18 this year and there’s only 3 and a bit months left of the year whereas in 2018 they made 60.

    • PeachMan@lemmy.one
      link
      fedilink
      arrow-up
      34
      arrow-down
      1
      ·
      1 year ago

      You are incorrect. Look through their blog archive (scroll to the bottom): https://mullvad.net/en/blog/

      They’ve been posting steadily for over a decade, maybe the posts just got more popular this year on whatever sites you browse

    • narrowide96lochkreis@lemmy.world
      link
      fedilink
      arrow-up
      15
      ·
      edit-2
      1 year ago

      Noisy? Bit odd to call it that. Also, from my perception they were always present with regularly published news about how they improve or just update/change their service.

    • imgonnatrythis@lemm.ee
      link
      fedilink
      arrow-up
      17
      arrow-down
      3
      ·
      1 year ago

      They dropped port forwarding and likely lost a lot of business related to this. They are trying to compensate for the loss I think which is great.

    • nooneescapesthelaw@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      They’ve been relatively quiet on their blogs actually, its just that its growing in popularity, so more people are talking about it.

      Imo what makes it so good is their pricing scheme. You put however much money you want in your account, and you get an equivalent amount of time. All you need is an account number, no email no contracts no hassle

    • Cargon@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Not sure what you mean, they’ve been posting fairly regular updates on software and infrastructure improvements and security audit responses on their blog for the entire time I’ve been a customer (6 years).

      • bloodfart@lemmy.ml
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Mullvad was always the most straightforward privacy centric vpn with a very long and uneventful history.

        They used to offer port forwarding on top of all that. People use port forwarding to do torrents, run internet facing services from home, and share csam.

        The authorities could never go through mullvad to get the identities of csam users because of mullvads infrastructure (according to them it’s not stored so it’s impossible for a raid to turn up identifying data).

        The authorities switched tactics and convinced a bunch of websites, dns services and other stuff to block mullvads public facing IPs. For a while there in march or so you couldn’t browse shit from a mullvad ip.

        The goal was to force csam people on to other services that are softer targets for law enforcement.

        It worked. Mullvad dropped port forwarding and all the torrenters, selfhosters and csam traders left.

        Mullvad has been working to be a better vpn provider ever since because the raids themselves scare users off, the dropped services lost them some users and the awareness of international law enforcement cooperation scared some users off using vpn services in fourteen eyes countries (mullvad is in Sweden).

        At the time all this went down I only had mullvad but now I use another vpn for port forwarding and mullvad for everything that doesn’t need that.

        • PR_freak@programming.dev
          link
          fedilink
          arrow-up
          7
          ·
          1 year ago

          What do you mean? Is that needed for torrenting?

          I have been using mullvad for a month and have 2 tb of Linux isos, should I expect a call from someone?

          • Azzu@lemm.ee
            link
            fedilink
            arrow-up
            13
            arrow-down
            1
            ·
            1 year ago

            The BitTorrent protocol basically works like this when you download a torrent:

            1. a tracker has a list of clients that have some data of a torrent
            2. you want to download that torrent, so you ask the tracker for this list
            3. after you receive this list, you ask the clients on this list to upload their data to you
            4. repeat 3. until you have the whole torrent

            As soon as you have something downloaded, you become a client on the list of the tracker that theoretically has the torrent available for others. So you would become the “client being asked” of step 3 as well.

            But how can you be asked? In a P2P networking context, you can only “be asked” if you have a port open that allows connections to it. Otherwise it’s as if you gave people your home adress but your mailbox has a hole on the bottom that leads directly to the garbage can beneath it, so all mail is immediately lost. Completely unusable.

            In other words, it’s (basically) impossible for you to send the torrent data to someone else. You’re a leecher, someone that doesn’t give back to others. If everyone would act like you, torrents wouldn’t work at all.

            • PR_freak@programming.dev
              link
              fedilink
              arrow-up
              4
              ·
              edit-2
              1 year ago

              I have been seeding until I reach a 3 ratio, so am I doing so through my real ip?

              Is it visible to copyright holders?

              I did bind qbittorrent to the mullvad interface so there is no doubt I am using the VPN, the question is how is it possible that I am reaching a 3 ratio when I shouldn’t be able to seed at all?

              Found this apparently other people are seeding as well

              • Eager Eagle@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                I’ve been downloading and seeding ever since too. People are dismissing / moving away from mullvad for nothing.

                • Azzu@lemm.ee
                  link
                  fedilink
                  arrow-up
                  3
                  ·
                  edit-2
                  1 year ago

                  That’s why I said (basically). If another user has a port open and you connect to them through their open port, a bidirectional connection gets established and then you can also upload. But if the other user also didn’t have a port open, then BitTorrent wouldn’t work. You rely on other people to have ports open, if everyone was using mullvad, then it would stop working.

            • Eager Eagle@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              In other words, it’s (basically) impossible for you to send the torrent data to someone else.

              I don’t know how (in)accurate this description is, but I’ve been seeding hundreds of GB since Mullvad dropped port fwd. Same for the old times when I didn’t bother using a VPN, I never had to enable port forward in my router for it to work.

              • Azzu@lemm.ee
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                That’s why I said (basically). If another user has a port open and you connect to them through their open port, a bidirectional connection gets established and then you can also upload. But if the other user also didn’t have a port open, then BitTorrent wouldn’t work. You rely on other people to have ports open, if everyone was using mullvad, then it would stop working.

                • dysprosium@lemmy.dbzer0.com
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  that’s so weird, that only one of two people need to have an open port. So the person with the closed port can still establish a connection, both upload AND download. However, this process stops the moment the other person closes his port, then NO connection whatsoever can be established? So we’re gonna pretend this makes sense? Or is it about initiating a connection which requires an open port? That’d make a bit more sense

              • Azzu@lemm.ee
                link
                fedilink
                arrow-up
                3
                ·
                edit-2
                1 year ago

                It’s not that simple. Who hosts that server? Which torrent clients implemented support for it? What about symmetric NATs?

                In short: no. In long: read up on it yourself.

    • Leraje@lemmy.blahaj.zoneOP
      link
      fedilink
      English
      arrow-up
      85
      arrow-down
      1
      ·
      1 year ago

      Didn’t really have a choice:

      …Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.

      Blog post

      Big issue there is hosting providers cancelling them. Can’t operate a business without that.

        • Kangie@lemmy.srcfiles.zip
          link
          fedilink
          arrow-up
          10
          ·
          1 year ago

          Even if you own your own servers you still need somewhere to host them; ISPs / colocation providers are going to have the same issues with abuse.

        • lud@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          They already own a lot of their own servers, or at least in the nordics.

    • imgonnatrythis@lemm.ee
      link
      fedilink
      arrow-up
      17
      ·
      1 year ago

      Agreed. Seems like they were in a super tough spot with that and kind of had to drop it. All the sudden they seem to be doing some new cool stuff to try to keep their edge which I really appreciate / respect. That being said, I’ve dumped them and switched to a service that still port forwards as it gives me better torrenting throughput. Sorry Mullvad.

    • Obinice@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Oh, they ditched it? I was about to switch from Windscribe but I need port forwarding for all sorts of stuff every day. Oh well :-(

  • Carlos Solís@communities.azkware.net
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    9
    ·
    1 year ago

    From what I read in the article, there is still one part of the boot sequence that does require some sort of storage: the part where the bootloader fetches the network boot image and verifies it against the checksum signature. But I think that can be performed by booting from a pendrive and then removing it. The problem will come if law enforcement gets a hold of said pendrive…

    • Deconceptualist@lemm.ee
      link
      fedilink
      English
      arrow-up
      73
      ·
      1 year ago

      Why would that be a problem? A boot image should only contain the commands to get the main system started after POST. It shouldn’t contain any kind of logs, traffic data, or user data. In fact it should be read-only.

    • ikidd@lemmy.world
      link
      fedilink
      English
      arrow-up
      25
      ·
      1 year ago

      PXE boot will TFTP the boot image into RAM and carry on from there. You shouldn’t need any storage on your device.

      • Carlos Solís@communities.azkware.net
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        4
        ·
        1 year ago

        I’m aware of PXE, but in order to do so you need either of:

        • the boot image supplying server being in the same intranet as the rest of the other servers, or
        • some sort of method to point the diskless server to the correct external IP address to listen to

        Since the first mode is probably too unsafe, that leaves us with the second mode. Either the operator memorizes a specific IP address and types it into the BIOS each time the server is rebooted, or the IP address (and possibly the checksum of the image) are stored in a single-use pendrive that the operator carries. I wonder which of these two methods is used in this case.

        • Kangie@lemmy.srcfiles.zip
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          PXE is automagic being basically kind of hacky extension to DHCP stuff.

          If PXE is enabled the machine will automatically find it via a DHCP relay on the network.

          the boot image supplying server being in the same intranet as the rest of the other servers … Since the first mode is probably too unsafe, that leaves us with the second mode.

          Why do you think that’s unsafe?

        • sixCats@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          I’ve never done this, but I believe server network cards can be configured for PXE automatically so

          Bios -> network card -> PXE over network

          So the storage is in the bios config, and then I guess the network card has its own kind of bios?

          • Carlos Solís@communities.azkware.net
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            1 year ago

            So there is still one single damning piece of information stored in the servers after all - the IP address to fetch the PXE boot image from. But hey, if Mullvad finds a way to strip even that out of the servers, that’d be great

              • Carlos Solís@communities.azkware.net
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                Because by knowing which IP is the boot image stored from, law enforcement can locate the source of the unencrypted image, thus making the scheme lose its privacy. The only way to bypass the issue is by manually configuring the IP after every reboot and keeping it a secret.

    • mub@lemmy.ml
      link
      fedilink
      arrow-up
      14
      ·
      1 year ago

      Boot Drive could be immutable and not contain any form of log?

    • meseek #2982@lemmy.ca
      link
      fedilink
      arrow-up
      10
      arrow-down
      2
      ·
      1 year ago

      Destroy the drive. That’s what Apple does and how they get around the whole “we need a backdoor” problem. When no one can access the server, no more problems.

      • Carlos Solís@communities.azkware.net
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        Something tells me that they have a stack of single-use drives so that each time a server needs to reboot for some reason, they write a boot loader in one from their central headquarters, walk back to the server room, use the device to boot the server, and finally hammer the everliving bejeezus out of the thumb drive juuuuust in case. Hopefully they don’t have to reboot that often!

    • Leraje@lemmy.blahaj.zoneOP
      link
      fedilink
      English
      arrow-up
      20
      arrow-down
      1
      ·
      1 year ago

      I think (disclaimer: not an expert at all) that RAM is much faster to access than a hard drive so if anything it should improve.

    • Kissaki@feddit.de
      link
      fedilink
      English
      arrow-up
      16
      ·
      1 year ago

      It’s unlikely to have any noticeable impact. This is more about verifiably and categorically not having any traces of logging or cached state.

      Both caching and logging should be independent of the direct usage performance anyway. And service startup happens only once - not during its usage.

  • Cookie1990@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Doesnt Matter, if the police wants the data, they come with Auto Batteries and an usp and make User of the multiple Power supplies of modern servers.

    They will carry the whole rack in one piece if they can.

  • AlexisFR@jlai.lu
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    How does this work? Surely they have backups on some kind of persistent media, right?

    • floofloof@lemmy.ca
      link
      fedilink
      English
      arrow-up
      52
      ·
      1 year ago

      The article is five very short paragraphs. The third one is:

      Our VPN infrastructure has since been audited with this configuration twice (2023, 2022), and all future audits of our VPN servers will focus solely on RAM-only deployments.

    • Franklin@lemmy.world
      link
      fedilink
      arrow-up
      15
      arrow-down
      6
      ·
      edit-2
      1 year ago

      Guys I know we all hate it when people don’t read the article but did they really deserve the condescension and the down votes? They’re dumb not evil.

      • lemmyingly@lemm.ee
        link
        fedilink
        arrow-up
        5
        arrow-down
        3
        ·
        1 year ago

        I wish votes were like how Reddit originally intended their voting system to be and still states it to be. Upvote if it’s relevant and adds to the conversation, otherwise downvote. But people use it as an agree/disagree system.

        • I have a counter-argument for that: if votes don’t represent agree/disagree, then your only way of signalling agreement is a reply. Votes != agreement leads to a bunch of one word “This” replies.

          Eliminating voting doesn’t eliminate the popularity contest; it just shifts the voting to a more noisy mechanism. You can’t eliminate Popularity; it’s a core function of society. I am not arguing that it’s a good thing, only that it’s going to take more than trying to squash the desire.

          • lemmyingly@lemm.ee
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            If someone states a valid argument that you disagree with, you believe it should be sent to the bottom of the comments? Sounds like the reinforcement of a hive mind, and therefore Lemmy will become just another echo chamber.

            Should there be another mechanism to show both? Probably.

            • I thought that default ranking in Lemmy was based on activity, not votes. I could have misunderstood that, though.

              I don’t know, man. Denying the hive it’s just delusional. The best honey is right in the middle; rogue drones just die early. Come, join the beautiful hexagonal map-dance and partake in the nectar.

              Anyway, Lemmy’s already an echo chamber; it’s just enforced at the instance level.

              • lemmyingly@lemm.ee
                link
                fedilink
                arrow-up
                2
                ·
                1 year ago

                Hexagon is the bestagon. Hahaha…I like your hive response.

                I’m using the Sync app for Lemmy. It looks like comments are ordered by points/voting and there doesn’t appear to be a way to sort by activity. Hot/new/top/old are the options.

                I don’t deny that there will always be an element of echo chamber but I’d prefer it to be as balanced as possible.

                Maybe because I’m using an app instead of visiting an instance website and have my default view set to subscribed communities that I’m not seeing an instance echo chamber. Lemmy just appears to be more programming/Linux/self host/home lab than anything else at the moment.

                • I’m using Voyager, but that’s a good point: clients are free to sort the data however they like.

                  To be accurate, I think what I heard was that the “front page” feed was populated by activity, not votes.

                  As per the echo chamber, consider hosts like hexabear, or even my own instance, which has a strong left-leaning flavor. I joined my instance because it’s regionally local, not because of the politics, but I think it’s run by - and, at least initially, populated by - 2A socialists: most members appeared to members of a socialist gun club in Wisconsin (or Illinois?). And Democrat members that try to post on Hexabear get the shit beaten out of them, metaphorically. Votes, IMO, are a much gentler tool for voicing approval or disapproval than vitriolic abuse in comments.

    • 👁️👄👁️@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Yeah they are pretty transparent about them. The audits will typically find security issues and potential privacy leaks like they ideally should so Mullvad can go and fix them.