@notplants the primary risk is "oopsie", not malice or subterfuge IMO. Backups are the primary defense.
@notplants @mayfirst @abekonge
Well, this started out talking about security culture and practices. It kind of sounded to me like you were referring to internal risk, not external risk.
An example of an internal risk was when the person who operated kolektiva was raided by the cops and all the backups were seized.
DDOS is firmly in the external risk category. Besides the LLM scraper bullshit, I'm not convinced that DDOS is that big of a deal. It's very illegal. It's very expensive, and can't go on forever.
I have some ideas around how small servers can mitigate DDoS attacks, It's obviously an area of active development with Anubis, etc. And I think the development may continue with even more evasive solutions.
@notplants @mayfirst @abekonge
In my limited experience, internal risk is way more relevant. Or at least I think people tend to severely underestimate it, and overestimate external risks.
I guess "oopsie" is one, but infighting and abandonment might be even more likely.
@forestjohnson @mayfirst @abekonge
ah yes, I was thinking about "security culture and practices" for preventing internal and external risk