
tilde.town: A social network over SSH - apsec112
https://tilde.town/
======
caycep0llard
Hi

I'm the founder and primary admin of tilde.town.

I see many people signed up! Every application is manually reviewed, so, uh,
give me a few days.

Regarding "good" and "bad" users; this question has been at the center of
tilde.town since its inception. We're a community first and a technological
project second and encouraging a sense of belonging for users is our primary
goal.

Certain users sign up to abuse resources; that's easy to catch and deal with.
Other users want to import the wider culture war aspects of the internet into
our space, using a variety of tactics to provoke anger and discomfort.

I'm a generally conflict-avoidant person so this took getting used to. On the
server, I had to learn to be willing to ban the persistent trolls. I want to
provide a space where people can grow and mature as I was given on IRC and web
forums back in the early 2000s instead of a place that throws people out at
the first hint of having "incorrect" beliefs. Unfortunately this gave too much
leeway to people that were consistently there to recreationally troll or
promote genuinely hateful movements.

I became much more free with both temporary and permanent bans and made the
signup intentionally cumbersome, wracked with nerves about the "good" folks
who might be intimidated. I still have that anxiety, but ever since increasing
the scrutiny on applications and doing more banning we've had a much more
stable community environment.

I read a lot of books on digital communities; the Virtual Community by Howard
Rheingold is a great starting point, but the book that helped me the most was
Cyber Chiefs by Mathieu O’Neil. It helped me understand that all communities
that manage to grow over time will hit an unsustainable point and either
retract or dissipate.

Dissipation was a real possibility; for a long time I felt completely
emotionally burned out by the town. I chose retraction though, and in
retrospect, it was the right choice.

I'm still learning and thinking all the time about ways to encourage quieter
or less technologically inclined people to sign up and make a home on the town
and am always excited to talk about it or hear ideas.

(edited to clarify i'm not the only admin)

~~~
Akronymus
I signed up when this post was first posted, but haven't heard anything back
yet. Is there a way to check your application status? (I used the same name as
here)

------
phre4k
I run tilde.fun. It's currently defunct but I'm migrating the site to a new
server today.

We have an SSH signup form with no need for any personal details but an email
address, written in Python, in the making ([https://code.tilde.fun/tilde/ssh-
reg](https://code.tilde.fun/tilde/ssh-reg)) I'd really like to automate
account creation and have someone look over it before I actually deploy it.

Write me an email (address in my profile) if you're interested in helping
run/develop this or some MB of free HTML web hosting.

We are two admins and run a few other services
([https://wiki.tilde.fun/tilde/start](https://wiki.tilde.fun/tilde/start)
lists some of them). We want to take back the internet from megacorps into the
hands of users. I have an empty server just waiting for some people with dank
HTML skills!

~~~
codetrotter
> address in my profile

Note that the HN profile e-mail field is not public. That field is for
password reset stuff or something.

If you want people to see your e-mail you will need to write what it is in the
profile description.

~~~
phre4k
Ah right, thanks. I'll edit my profile to include it in my bio.

------
hnzix
An interesting monologue about pseudonymity hidden here:
[http://tilde.town/~karlen/nowertb/anonymous.mp3](http://tilde.town/~karlen/nowertb/anonymous.mp3)

~~~
ycombinete
I've been listening to the other notes on there, and enjoying them. Where are
the text posts that he's talking about though? All I see are these voice
notes.

~~~
Marcus316
(not the narrator, but I was active when the narrator was creating these ...)

The rule for these audio clips was to do a search for any blog post on the
internet which started with "No One Will Ever Read This, But ..." and where
the blog had been abandoned for at least a year. If you listen to the audio
and do some searching, sometimes you can find the post, if it's still up.

------
s_dev
Tilde Club -- [https://medium.com/message/tilde-club-i-had-a-couple-
drinks-...](https://medium.com/message/tilde-club-i-had-a-couple-drinks-and-
woke-up-with-1-000-nerds-a8904f0a2ebf)

------
bovermyer
Hey, I'm a user here! I never expected a tilde site to get on Hacker News
again; I thought the wave of interest in the tildeverse died out years ago.

I don't really use the HTML part of it; I only interact on the command-line
forum and play with some of the games/sims.

------
iuguy
If you'd like a guided tour of the tildeverse, there's one on The Dork Web:
[https://thedorkweb.substack.com/p/tales-from-the-dork-
web-5](https://thedorkweb.substack.com/p/tales-from-the-dork-web-5)

Also relevant community:
[https://tildes.net/~tildes](https://tildes.net/~tildes)

~~~
tennineeight
tildes.net is an independent, nonprofit reddit replacement.

~~~
iuguy
Yup, but when I originally wrote the tildes piece it was shared there and
people lamented that I didn't mention them, so I am now :)

------
OldHand2018
I'm curious about the general way tilde sites are administered. How do they
keep people from using them as hosts for cyberattacks or spam?

~~~
phre4k
I can only speak for tilde.fun, but it's helpful to not have any users
currently (^^) and disable outside communication apart from ~/html/ where our
users can put static files into.

Most tilde sites don't have public mail servers and only federate mail between
them and other tilde servers. See also
[https://tilde.team/](https://tilde.team/).

~~~
OldHand2018
Do you use a VPS on AWS or something like that, or an actual physical box?

~~~
phre4k
It's currently a VPS rented from Strato.de, one of the biggest German hosting
providers.

Since I'm paying out of my own pocket I currently don't want to afford a
colocated server, even though I realise that'd be cooler and possibly more
secure.

I'll try to have a detailed cost overview online somewhere soon-ish.

------
VLM
So is this a BBS?

I find that amazing that the BBS acronym doesn't show up although it would
seem an obvious comparison.

~~~
Marcus316
It's a bit like a BBS, yes, and that's what drew me to the concept initially
(I'm an early member of tilde.town; still reasonably active).

We do have an internal bulletin board, and an internal IRC (like the chat
rooms of multi-line BBSes of the late 80s/early 90s). There are a ton of
little projects by members, and the projects are pretty varied.

I find it a fun place to hang out, personally.

------
varbhat
There are lot many good Tildes out there which forms Tildeverse :
[https://tildeverse.org](https://tildeverse.org)

------
mspe
You could also take a look at:

* tilde.club

* tilde.team

* ctrl-c.club

* tilde.institute

* thunix.net

* remotes.club

* yourtilde.com

* envs.net

* squiggle.city

* aussies.space

* radiofreqs.space

* rw.rs

* tilde.pw

* dimension.sh

* breadpunk.club

* cosmic.voyage

* hackers.cool

* rawtext.club

* tilde.black

* tilde.pink

I'm sure many others do exist…

------
LockAndLol
I'm not really sure I get the point... is there some kind of fuse mount that
gives people the possibility to see live posts, user profiles, and other
stuff? Are you directly logged into a game like shell when you connect? Or is
this just plain old ssh to bash?

~~~
pengaru
It's a community, like HN is, but accessed via ssh instead of http. So it's a
community where the active participants necessarily can navigate a shell, irc
client, tmux/screen, and maybe even prefer socializing in that environment vs.
something like the web or mobile apps. Access is also a privilege which can be
taken away. So everyone you interact with there is either new or cooperative
and mature enough to not get banned from a shared resource with very few
safeguards preventing abuse.

~town is by far the largest multiuser system I've logged into in the last
decade, not that I've been looking. It kind of reminds me of the university
UNIX systems I dialed into in the 90s, fingering users to read their plans,
updating my .plan, running ytalk to chat with friends, email w/pine, and
usenet w/tin.

~~~
Krisando
> ~town is by far the largest multiuser system I've logged into in the last
> decade

You may wish to look at sdf.org then.

~~~
pengaru
I'm aware of sdf.org, and I haven't logged into it in over a decade :)

------
dddddaviddddd
I signed up for a shell account on a similar service, b.armory.com, in 2008.
Since that time, the website is gone and activity is very low. It was a nice
way to learn about Linux thanks to someone's generosity in sharing their
server.

------
justaj
I'm always wary of using SSH services which aren't running on systems I
control. If I'm not mistaken, an SSH service is able to see all of the pubkeys
you have in your ~/.ssh/, so there goes your privacy.

~~~
a3y3
But they were public keys, it's completely fine if the entire world sees them

~~~
soraminazuki
Perhaps the parent commenter is worried of public keys being used as a
tracking vector?

~~~
phre4k
Then they should create one key per service and only use that one.

~~~
alexeldeib
Which they've done from the sound of it, and are concerned about the ability
to read those _other_ public keys and use them as a tracking vector.

~~~
boring_twenties
As another commenter already pointed out, the IdentitiesOnly config option
removes that ability. The ssh-config man page explains this.

~~~
myself248
Out of curiosity, are there reasons that that behavior shouldn't be the
default?

~~~
boring_twenties
I'm not sure it makes much sense unless you also override the default
IdentifyFile.

~~~
boring_twenties
Argh, Identi _t_ yFile.

I make the same damn mistake in my actual config file, too.

------
zomg
pretty neat, i signed up. reminds me of the days hanging out on
sdf.lonestar.org.

~~~
jedimastert
I was just thinking about that, but I could not remember "sdf". Thank you

There's also hashbang.sh, for those curious

------
tasubotadas
I thought "Wow, cool - I gonna sign up".

And then I saw their sign up form. 10 fields is a bit too much.

~~~
pengaru
Even such low barriers as a small form do wonders for the quality of people on
the other side, you won't be missed. (if you genuinely can't be bothered)

~~~
Krisando
From personal experience in running similar things, they aren't a good method
of discerning quality of people.

~~~
NalNezumi
I'm curious, what are the "good" methods for discerning/filtering quality of
people? How are "good" and "bad" quality of people categorized? (binary?
spectrum/distribution?) How can you estimate/measure the quality of the
filter/method with precision?

I assume no filter is perfect and mistakenly filter out "good" quality people
too, so if this method isn't good that suggest there's a metric and a more
efficient method out there. In your personal experience what worked better?

~~~
Krisando
> I'm curious, what are the "good" methods for discerning/filtering quality of
> people?

Observation is probably the best method. I rarely have found form options to
be effective. A good chunk of 'good' people tend to get filtered out from my
observation.

Generally the approach that has worked for me having a tier system. People who
meet your criteria get greater access etc over time.

> How are "good" and "bad" quality of people categorized?

Generally, "good" is anyone that helps your community prosper. "Bad" are
typically people who cause unwanted conflicts, create a toxic environment etc.

------
kebman
For good or bad, that scrolling title really reminded of the early 90's HTML
galore <3

