ANSI date format or GTFO

It is 222 A.D. You are the transgender Empress Elagabalus, "call me not a man for I am a woman". Transitioning is new and experimental.

It is 1776. You are "Public Universal Friend", a transmasculine nonbinary Quaker. Transitioning is new and experimental.

It is 1906. You are Karl M. Baer, a trans man undergoing sex reassignment. Transitioning is new and experimental.

It is 1930. You are Lili Elbe. Transitioning is new and experimental. (to be fair you did get a uterus transplant.)

It is 1966. You are in Compton's Cafeteria with a bunch of other trans people when the owners call the cops to throw you all out. You riot. Transitioning is new and experimental.

It is 1969. You are Marsha "pay it no mind" Johnson. You are in a mob-run gay bar when the cops attack. You throw a brick. There is a bit of a scuffle. Transitioning is new and experimental.

It is 2026. You are a transgender adult or child listening to the NYT and British Guardian claim this is the first generation anyone has tried transitioning in. Transitioning is new and experimental.

A big white truck has "MAGA" in large bold font on the back window. Underneath it reads "Mexicans Ain't Going Anywhere"

Guess the Epstein files aren’t in Iran either

I remember a thread recently with free (USA) tax filing sites, but I didn't favorite it. Our daughter now needs to file her very simple return. What are people using/recommending?

@FERS Her other favorite spot is the bedroom across the hall from my office, where she sleeps on the corner of the bed that has a sight line to my work station

When everybody but me is out of the house, Lucy makes sure to stay very close to me. How close? That’s a wheel of my office chair by her nose at the bottom of the frame.

#SeparationAnxiety #DogsOfMastodon #Lucy

Peter Thiel is an anagram of Hitler Pete and it fucking shows.

So many of the problems in this country are because we have a small group of people with so much money they don’t even know what to do with it.

I believe we should solve that problem very directly.

A follow-on to my "Nazi Sucker-punch Problem" post, to address the most common argument I get, which boils down to:

"""
Moderated registration won't stop Nazis, because they'll just pretend to be human to fool moderators, but it will stop normal people, who won't spend the effort to answer the application question or want to wait for approval.
"""

Okay, I'm going to try to use points that I hope are pretty acceptable to anyone arguing in good faith, and I'm going to expand the definition of Nazis to "attackers" and lump in bigots, trolls, scammers, spammers, etc. who use similar tactics.

Attackers: we can group attackers into two main types: dedicated and opportunistic. Dedicated attackers have a target picked and a personal motive—they hunt. Opportunistic attackers have an inclination and will attack if a target presents itself—they're scavengers. In my years of experience as an admin on multiple Fedi servers, most attackers are opportunistic.

Victims: when someone is attacked, they (and people like them) will be less likely to return to the place they were attacked.

In general: without a motive to expend more effort, humans will typically make decisions that offer the best perceived effort-to-reward ratio in the short-term (the same is true of risk-to-reward).

Why does any of this matter?

Because it all comes down to a fairly simple equation for the attackers: effort > reward. If this is true, then the opportunistic attackers will go elsewhere. If it isn't true, then their victims will go elsewhere.

How can we tip that scale out of the attackers' favor?

By making sure moderation efforts scale faster against attackers' behaviors than against normal users' behaviors.

- A normal user only has to register once, while an attacker has to re-register every time they get suspended.

- A normal user proves their normality with each action they take, while every action an attacker takes risks exposing them to moderation.

- A new user / attacker likely spends a minute or two signing up, while a moderator can review most applications in a matter of seconds. Yes, attackers can automate signups to reduce that effort (and some do, and we have tools to address some of that, but again, most attackers aren't dedicated).

- Reviewing an application is lower effort than trying to fix the damage from an attack. As someone who gets targeted regularly by attackers from open-registration servers, I'd personally rather skim and reject a page-long AI-generated application, than spend another therapy session exploring the trauma of being sent execution videos.

I believe this points to moderated registration being the lowest effort remedy for the problem of the Nazi Sucker-punch. So before we "engineer a new solution" that doesn't yet exist, we should exhaust the tools that are already available on the platform today. Yes, we could implement rate limits, or shadow bans, or trust networks, or quarantine servers, but we don't have those today, and even if we did, there's no evidence that those would be a better solution for Fedi than moderated signups.

Will it stop *all* the attackers? No. But it will stop most opportunistic attackers.

Will it deter *some* potential new users? Yes. But communities are defined by who stays, not by how many come through the door.

https://lgbtqia.space/@alice/115499829288185416

The control of the computer is getting shifted from you, who bought the computer, to the seller of the computer.

This should not happen.
You should be angry about this.
You should refuse to be controlled.
You should resist.

@cR0w @jackryder @Viss @da_667 “Serverless” is still running on top of a general purpose OS—just one that’s run by somebody else. It’s an attempt at making the security issues “somebody else’s problem”. But I bet they disclaim any liability if you read the fine print of the services agreement.

@cR0w @jackryder @Viss @da_667 Because it’s easier to support if everything is installed and turned on by default. You don’t get pesky users calling saying, “Why isn’t this working?” Fewer support calls saves money.

We were fighting this battle in the OS during my Center for Internet Security days back in the early 2000s and made some progress as far as default installs. But entropy is gonna entropy.

nobody confident in their own abilities is panicking

https://www.theregister.com/2026/02/23/claude_code_security_panic/?td=rt-3a

the people who are panicking are signaling.

Received unexpected street cred from my phlebotomist this morning when I told her we had gone to the Trombone Shorty concert this weekend. Hey, when you’re a middle-aged white dude you cover yourself in all the street cred you can muster.

In all seriousness, if you get a chance to see Trombone Shorty play live, you should absolutely get there. If you don’t have fun I don’t want to hear from you ever again.

Here he is with Mumford&Sons and a stage full of talent at Jazz Fest a couple of years ago (“House of the Rising Sun”):

https://www.youtube.com/watch?v=1K0QN8xy1kM

Once again, age verification is actually identity verification and the the end goal is "papers, please" for the internet.

"Age verification" will do nothing to protect children, but will definitely facilitate mechanized attacks on virtually every facet of life involving identity and security.

This breach includes "...national IDs, full dates of birth, and contact data, which are prime ingredients for identity theft, SIM-swapping, and social-engineering attacks".

https://cybernews.com/security/global-data-leak-exposes-billion-records/