Maybe. The bad actor here seems to be the government of China, and the linked page says:
The individuals most at risk include anyone connected to: Taiwanese independence; Tibetan rights; Uyghur Muslims and other ethnic minorities in or from China’s Xinjiang Uyghur Autonomous Region; democracy advocacy, including Hong Kong, and the Falun Gong spiritual movement.
I can imagine them casting a wide net.
Each participant is sent a separate copy of each message encrypted with their own key.
A problem is that some sites that don’t need cookie banners use them anyway due to a poor understanding of the law and excess of caution.
I’d put it farther removed from the technical side than that; dreadbeef is thinking like a manager. OP might be better off paying a third party $3/month to handle the details and host a heavyweight, full-featured blog for them, but that’s not what they asked for.
This is selfhosted, which I think implies a desire to self-host things even if it might seem a wiser use of resources to do something else.
I’m thinking like a programmer about what a basic blog has to do and the computing resources necessary to accomplish it. Software that needs more than a few tens of megabytes to accomplish that is not lightweight regardless of its merits.
This comment seems to be arguing that one should not demand blog software be lightweight because there’s inexpensive hosting for something heavyweight. That’s a fine position to take, I guess, but OP did ask for lightweight options.
I’m sure there’s a way around it for institutional customers.
It wants a gigabyte of RAM. Maybe that passes for lightweight in 2025, but given the fundamental things a blog has to do, I’d probably put the cutoff at less than a tenth that amount.
We need root on our car computers.
The AI thing I’d really like is an on-device classifier that decides with reasonably high reliability whether I would want my phone to interrupt me with a given notification or not. I already don’t allow useless notifications, but a message from a friend might be a question about something urgent, or a cat picture.
What I don’t want is:
It seems like those are the main AI features bundled on phones now, and I have no use for any of them.
it’s as simple as editing a single config file
It isn’t. Mastodon has a character limit hardcoded in two places. Critically, that’s not a limit on what it can receive and display, just on what local users can post. With Bluesky, it’s part of a schema that would be enforced on posts from elsewhere, if anybody was actually running a Bluesky-compatible appview in the wild.
I don’t see value in a character limit other than whatever might be needed for technical reasons. Bluesky allows alt text for images to be 2000 characters, so clearly any technical limitations allow at least that much.
For those who prefer short text posts, hiding posts longer than a user-configurable setting behind a “see more” link would do.
Yet they still think it’s a good idea to limit text posts to 300 characters for reasons I cannot fathom.
And people wonder why I have no interest in getting a newer phone with an AI thing on it.
That’s good in theory, but a site behind Cloudflare won’t necessarily notice that a legitimate user got blocked. If you want them to care, you’ll have to find a way to contact them. For more impact, tell them which competitor you spent money with instead.
Any time I’m required to use an app for something that could be a website, I leave the app a one star review.
Why do you have an app for that?
I think the existing domain-based verification system is a better way of doing that. Something like Mastodon’s verified links might be a nice addition. This more centralized system is… not what I hoped for.