Any arguments against separating identity from instance/platform? (single identity across the fediverse)
I am sure it was discussed here before, but I can't find a good way to search this community.
Are there any arguments against having a user's identity federate, and be compatible across platforms?
For example, let us say I sign up with my instance, matcha_addict@lemy.lol
But what if I go on mastodon, and I want to have my own micro blog. Or maybe go to write freely and post some blog posts. I'd have to make a different account on each one.
What if mastodon or write freely could just let me log in with my lemmy account (or lets call it federated account). This has several benefits:
- users don't have to scratch their head on if I am the same person or not across these platforms
- theoretically, someone following my feed can get updates on what I do on multiple platforms
Now I understand this would be difficult to implement and iron out all the edge cases, but am I missing anything on why it wouldn't be a desirable feature, given it is implemented?
like this
KaRunChiy likes this.
A Brief History of the Fediverse Symbol
like this
jwphinia and AlexanderESmith like this.
A Brief History of the Fediverse Symbol
A Brief History of the Fediverse Symbol
Recently, a new symbol was proposed to represent the Fediverse. The network notoriously lacks an official symbol, although most people are familiar with the Fedigram, a five-point star made of connectSean Tilley (We Distribute)
like this
Hamiller Friendica likes this.
Just recently read your 2017 article on the different parts of the “Free Network”, where it was new to me just how much the Star Trek federation was used and invoked. So definitely interesting to see that here too!
Aesthetically, the fedigram is clearly the most appealing out of all of these. For me at least.
It seems though that using the pentagram may have been a misstep given how controversial it seems to be (easy to forget if you’re not in those sort of spaces). I liked the less pentagram styled versions at the bottom. I wonder if a different geometry could be used?
The quality about the fediverse that I appreciate the most is the fact that nobody on any of its platforms raised an eyebrow at having a rainbow-coloured pentagram for a logo, until the first Twitter exodus when some newcomer primed for spotting the mildest of outrage-by-proxy gasped, "Have you seen this? Somebody might get upset!"
Meanwhile, the pentagram has been warding off hyperbolic fundamentalists since 2018. The fediverse is much chiller without them. 🤘
My first build - Cantor
Finished my first build, it turned out prettier than I expected honestly. I got a diodeless kit because I had never soldered anything before, it was quite a fun learning experience. Also my first mechanical keyboard, I'm really enjoying the feel of the keys (Kailh sunset).
I was really worried about adapting to the column-stagger, I've only used the regular row-stagger before, but after one hour of practice I was already typing at about half my normal speed, so I'm pretty happy.
I do feel that I need wrist rests though. not sure how to fix that yet.
like this
Banked3-Visa9 and tuckerm like this.
Not medical advice
I would actually advise against wrist rests especially while typing, they are obviously ok for resting but if you don't feel comfortable i think you should at least try a little longer as it probably means that the necessary muscles in your hands are weak and need to develop first. But it may as well be a personal thing so definitely get them if you cant go without.
Looks great btw!
Thanks!
I've been using Logitech ERGO K860 at home before this, so maybe I've just gotten used to the wrist rests. I've noticed that I lift my wrists into the air when I type on the Cantor, so I thought I needed some support. It's actually not uncomfortable and I don't type a lot, so I'll take your advice and try a little longer with this setup. I'd honestly really like to avoid taking up the space on my desk, since I like to write on paper.
Anybody use micro text editor?
i started using micro and its pretty great. but when i try to open the terminal within the editor
ctl+eit seems to just open a whole new terminal window with no context within my document.
anybody got ideas?
What is the command executing when you press this shortcut? Usually you need to use an option with the terminal to execute a command. Most terminals use the option -e COMMAND , but it can be different for a few terminal apps. In example my terminal is "Konsole" and to open a new terminal with "Vim", I need to use this command: konsole -e nvim . Or when I want to use arguments for vim itself, I can do it like this konsole -e "vim -R $HOME/Downloads/test.txt" as an example.
So find out how to do this with your terminal and use that as a command for your ctrl-e shortcut.
micro test.txt sudo can be applied after.
i should be able to open a terminal within the editor and have it appear on the bottom. I should be able to use it to change the settings or style of the micro editor, but it just opens up a whole new instance of my terminal. (which is fish btw)
i'll look and see if i have any arguments to add.or maybe edit the config?
I'm a bit confused. Your terminal is not Fish. Fish is a shell like Bash, which interprets the commands. Terminal is the window application. Based on the linked image, I assume you have Kitty as your terminal? And you want to open a terminal within your editor using shortcut Ctrl-e?
If so, then I don't know about this. I thought you want to run a terminal with micro as the editor from outside of micro, not after you started micro. I might have completely missed your point here then.
It's pretty nice, especially in combination with slurp which lets you select a part of the screen.
I have this mapped to my printscreen shortcut: grim -g "$(slurp)" - | wl-copy, which lets you select a part of the screen to screenshot, and copies the image to the clipboard.
I remember getting excited when it was first announced, then I just never really needed it.
The Insecurity of Debian
There has been a steady uptick of people stating that they will migrate (or already have) to Debian – seeking refuge from what they see as greedy corporate influence. I understand the sentiment fully. However, there’s a problem here that I want to talk about: security.The ugly truth is that security is hard. It’s tedious. Unpleasant. And requires a lot of work to get right.
Debian does not do enough here to protect users.
Long ago, Red Hat embraced the usage of SELinux. And they took it beyond just enabling the feature in their kernel. They put in the arduous work of crafting default SELinux policies for their distribution.
...
However, its default security framework leaves much to be desired. Debian’s decision to enable AppArmor by default starting with version 10 signifies a positive step towards improved security, yet it falls short due to the half-baked implementation across the system.
...
The fundamental difference between AppArmor and SELinux lies in their approach to Mandatory Access Control (MAC). AppArmor operates on a path-based model, while SELinux employs a significantly more complex type enforcement system. This distinction becomes particularly evident in container environments.
...
The practical implications of these differences are significant. In a SELinux environment, a compromised container faces substantial hurdles in accessing or affecting the host system or other containers, thanks to the dual barriers of type enforcement and MCS labels.
TLDR: According to the author, Debian's use of AppArmour is not as effective as RedHat's use of SELinux when it comes to security.
I've yet to see any serious usage of SELinux in the real world
I too have successfully avoided it, but we must acknowledge that not everyone has been so fortunate.
You do know that you can run SELinux on Debian right?
And MAC isn't the end-all for security arguments
It depends on how you set it up and what software you are running.
Use the defaults as a starting point and then move on from there
The threat model seems a bit like fearmongering. Sure, if your container gets breached and attacker can (on some occasions) break out of it, it's a big deal. But how likely that really is? And even if that would happen isn't the data in the containers far more valuable than the base infrastructure under it on almost all cases?
I'm not arguing against SELinux/AppArmor comparison, SElinux can be more secure, assuming it's configured properly, but there's quite a few steps on hardening the system before that. And as others have mentioned, neither of those are really widely adopted and I'd argue that when you design your setup properly from the ground up you really don't need neither, at least unless the breach happens from some obscure 0-day or other bug.
For the majority of data leaks and other breaches that's almost never the reason. If your CRM or ecommerce software has a bug (or misconfiguration or a ton of other options) which allows dumping everyones data out of the database, SElinux wouldn't save you.
Security is hard indeed, but that's a bit odd corner to look at it from, and it doesn't have anything to do with Debian or RHEL.
What does an ordinary RHEL admin do when something does not work?
::: spoiler answersetenforce 0
:::
Everything has security issues. That's a good thing as it means there are people finding things. I do wish Debian was a little faster on patching things but I also understand that they have a limited number of people. There are thousands on packages and a large amount of new security vulnerabilities. Patching takes man power and they only have so much to go around.
Debian isn't this security mess like this person makes it sound. They can be slow on patches but the reality is a lot of these vulnerabilities aren't getting readily exploited in the wild. Just keep up with the security tracker and follow basic security practices such as least privilege and security in depth.
More info: bgammon.org
Source code:
- Server: code.rocket9labs.com/tslocum/b…
- Client: code.rocket9labs.com/tslocum/b…
Smugglade över ett halvt ton narkotika. Tullverket har avslöjat smuggling av över 500 kilo marijuana (cannabis) i en container från Kanada till Göteborgs hamn. Tulltjänstemännen tog ut containern för kontroll och vid en röntgen av innehållet upptäcktes narkotikan som låg gömd i pallar med laminatgolv. Värdet på narkotikan uppskattas till över 62 […]
I took my existing JPEG file, compressed it using JXL, 15% smaller.
Then I decompressed it again into JPEG. The file was bit-for-bit identical to the original file (same hash). Blew my mind!
Directly using JXL is even better of course.
I don't even think this is the case, google does a lot pretty much everywhere. one example is one of the things they are pushing for is locally run AI (gemini, stable diffusion etc.) to run on your gpu via webgpu instead of needing to use cloud services, which is obviously privacy friendly for a myriad of reasons, in fact, we now have multiple implementations of LLMs that run locally in browser on webgpu, and even a stable diffusion implementation (never got it to work though since my most beefy gpu is an arc a380 with 6gb of ram)
they do other stuff too, but with the recent craze push for AI, I think this is probably the most relevant.
One example I can think of is Widevine DRM, which is owned by Google and is closed source: en.wikipedia.org/wiki/Widevine
Google currently allows Mozilla (and others) to distribute this within Firefox, allowing Netflix, Disney+, and various other video streaming services to work within Firefox without any technical work performed by the user
I don't believe Google would ever willingly take this away from Mozilla, but it's entirely possible that the movie and music industries pressure Google to reduce access to Widevine (the same way they pressured Netflix into adopting DRM)
Nah. This is running a Snapdragon 865 SOC with an older Adreno GPU. If you think Windows on ARM gaming is a struggle this isn't going to be your Linux handheld killer. There's also no reason for it to be, the Steam Deck already exists.
For its intended use case as a retro handheld (or an Android gaming handheld, I suppose), this seems like it'll be fine, but I'm also less excited about these mid-tier ARM handhelds now that we have good x64 alternatives with decent battery life and better performance that aren't much more expensive. I still think the cheap, tiny ones are cool, though.
I guess this is nominally cool because other comparables like they Ayn Odin 2, need a bunch of tinkering to run Linux, but beyond that it seems Linux is well represented on both extremes around this awkward middle ground of more expensive ARM handhelds.
the most recent Android is Linux v5 I think, so I'm kind of with you that the gain isn't huge when compared to modern mobile devices.
Still, for older ARM sets, the max Android they used had only Linux v3, so it's impressive that they mainlined enough of the hardware to be usable in today's market.
It could be a big deal if the developers of GarlicOS / OnionOS support it. I have a Retroid 3+, a Miyoo Mini (lost it) , and now an Anbernic GBA SP.
The Retroid seemed amazing at first but after using a Miyoo with OnionOS, I'm not going back to Android retro gaming.
The usability of being able to pick up a hand held and play immediately cannot be understated. Android doesn't normally shutdown. It sleeps which means it only lasts a few days (not being used!) without being plugged in unless you explicitly pick power down from the menu. If you do power down, it takes over a minute to boot. The Android retro front ends also take hours and hours to setup.
OnionOS/GarlicOS completely power down so the battery always has charge and is ready to go. Because there is no Android, boot to being back in your game (it defaults to powering up right back where you left off in a game), takes seconds. The menu scraping works so there's virtually no setup needed.
This thing is supposed to be fairly powerful, I don't know that the straightforward, minimal approach of Garlic/Onion makes sense on it. Ideally you'd want a bit more versatility. For that I think the Anbernic SP and that class of slightly cheaper devices probably make more sense.
I mean, as I said above that's my thing with these flagship ARM handhelds. At some point it takes a lot to justify spending a couple hundred on one of these instead of a bit more for a more flexible Steam Deck. The smaller, cheaper ones are a lot more charming, and they fit in your pocket, so they can be a throwaway toy to carry with you.
But hey, we live in the handheld golden age, I'm not gonna complain about more options.
Ideally you'd want more versatility
Yes, that's what I thought which is why I bought the Retroid. But I discovered Android introduces so much overhead that it ruins the purpose of a gaming handheld. I might as well use my much more powerful Pixel with those slide in controllers for thumbsticks and buttons.
A Retroid for the better screen/CPU with a streamlined gaming specific Linux OS would be the best of both worlds.
Is this in part due to everyone wanting to put Linux on those new "copilot pcs"?
I'd love to have a linux'd one of those that battery life from what I've heard is insane
Ahh so it's qualcomm themselves doing this? that's awesome actually I thought it was just more people were interested in reverse engineering them now to get linux going on the new wave of laptops
Shame gaming on arm kinda sucks at the moment as a whole though
I bought a Miyoo Mini Plus on sale last year and ended up liking it so much that I wish I'd bought a more expensive model with analog sticks. Meanwhile my Steam Deck gathers dust because it's just way too bulky, I grew up on a Game Boy Color and want something that fits in my pocket.
The ultimate dream for me would be if/when someone gets SteamOS running on something this size.
I know what you mean, I bought a PSP and PSVita after my Steam Deck and currently I'm using the Vita as my goto emulator, the PSP is great for when I'm out and about and want something smaller.
Battery life on both is great
c/azzate (comunità funny italiana)
ciao!
Stavo pensando che poteva essere carina l'idea di aprire una comunità dedicata alle cose divertenti: video, vignette, immagini o anche semplici battute (penso ad esempio a Lercio)... una sorta di r/funny o meglio c/funny ma qui su Feddit.
So che c'è già memesITA (che è anche abbastanza seguita per altro) ma è appunto dedicata ai meme mentre io pensavo più alla condivisione di qualcosa che abbiamo trovato divertente ma che non è un meme.
Pensavo a regole piuttosto semplici come no alle condivisioni automatiche perché mi piacerebbe che venissero condivise cose che ci hanno fatto ridere o sorridere per davvero e non cose "che normalmente fanno ridere su quel canale YouTube/vignettista" etc.
C'è poi il dubbio sul cattivo gusto/humor nero/satirafattadachinonècapacedifarla etc. In questo caso vere e proprie regole secondo me sono complesse da applicare e pensavo più che altro al buon senso lasciando mano libera ai moderatori intervenendo caso per caso e ascoltando anche la comunità negli eventuali dubbi.
C'è per caso qualcuno interessato a una comunità di questo tipo?
Pensavo che all'inizio potrei moderarla anche io ma se a qualcuno piace l'idea potremmo co-moderarla assieme per mantenerla anche un minimo attiva.
Il nome della comunità potrebbe essere azzate perché poi diventerebbe feddit.it/c/azzate e mi faceva ridere la cosa 😅
Oppure un più semplice funny o qualcosa di più italiano come cosedivertenti o giù di lì.
Vänsterpartiet har tillsammans med Enhedslisten (Danmark), Vänsterförbundet (Finland), Podemos (Spanien), Razem (Polen), La France Insoumise (Frankrike) och Bloco de Esquerda (Portugal) bildat ett nytt europeiskt vänsterparti som fått namnet European Left Alliance for the People and the Planet (ELA).
Introducing SUSE Typeface: SUSE’s new open sourced font
Introducing SUSE Typeface: SUSE’s new open sourced font | SUSE Communities
Ivo Totev and Spencer Davis Creating a typeface is a delicate process. Each character (or glyph) embeds new attributes into the whole...Ivo Totev (SUSE)
like this
OfCourseNot, etai and Oofnik like this.
reshared this
Tech Cyborg reshared this.
Silly question: what's the difference between the otf and ttf fonts?
Edit: thanks for the explainers!
like this
etai likes this.
i
I will give the font a try!
I'm not dyslexic, but I think legibility is super important and underrated on most distros. This one looks both aesthetic and very readable.
Do you know if it is already in the Fedora repos?
If not, how can I install it?
So what I see there is that badly designed fonts require ligatures to correct interactions.
Like, I get that there are some neat ones, e.g. I have them turned on when writing code for symbols, but they seem wholly unnecessary and distracting in alphabetical characters.
But I'm also the kind of weirdo that thinks the world needs more monospace fonts.
/shrug
It is the exact opposite. Ligatures were created to help deal with the lack of clarity when symbols overlap. fi, ff, fl, ffi, have historically (like print press historical) been common ligatures where others are stylistic, where others are downright questionable & make things harder to read. The first category should almost always be supported, & the others can usually be disabled if not commonly off by default where you opt in for some design, not for general body copy.
What you are referring to about ‘programming ligatures’ is an outright abuse of open type features full of false positives, ambiguities, & lack of clarity for outsiders to understand what your code means. What you want is Unicode supported in your language so you can precisely what you mean than using ASCII abominations—like meaning → but typing ->, dash + greater, than which isn’t at all what you mean which is a rightward arrow. (with a non-exhaustive languages with decent Unicode support: Raku, Julia, Agda, PureScript, Haskell with Unicode pragma, & all APL dialects).
I like that idea of using the different fonts for e.g. Copilot suggestions - reminds me of reading Asterix comics as a kid when they'd use gothic black for the Goth's speech, etc.
edit: e.g.
Here in Germany at least, if you read almost any printed novel, the type face will include this type of g. It’s so common, that I didn’t realise it’d be strange for some people.
(Although I do recall seeing a post about a kid that was confused by that weird letter, somewhere a while ago. Probably was still back on r*****)
I need more discussion on typefaces. Typography is one of my hyperfixations. 
P.S.: I meant "special interests", not hyperfixations.
But does it have unicode emojis?
😀 😁 😂 😃 😄 😅 😆 😇 😈 🕧 🕯️ 🕰️ 🕳️ 🕴️ 🕵️ 🕶️ 🕷️ 🕸️ 🕹️ 🕺 🖇️ 🖊️ 🖋️ 🖌️ 🖍️ 🖐️ 🖕 🖖 🖤 🖥️ 🖨️ 🖱️ 🖲️ 🖼️ 🗂️ 🗃️ 🗄️ 🗑️ 🗒️ 🗓️ 🗜️ 🗝️ 🗞️ 🗡️ 🗣️ 🗨️ 🗯️ 🗳️ 🗺️ 🗻 🗼 🗽 🗾 🗿
Hmm it specifically seems to be missing emojis
Thanks. I imagine most unicode characters and emojis are just copied over from some default font?
Maybe they'll patch it into a nerdfonts.com
Fediversum i Sverige består i huvudsak av Mastodoninstanser. Dessutom finns det några små och privata instanser med Mastodon och andra programvaror som exempelvis Akkoma och några stycken Lemmy-installationer där två instanser är lite större. I tillägg till detta finns det också ett antal WordPressbloggar som exempelvis denna blogg.
Forum för Levande Historia (FFLH) gjorde 2020 en undersökning av antisemitism i svenska partier. Det visade sig tydligt att vänsterpartiet var och är det minst antisemitiska partiet av alla partier. Vänsterpartiet är Sveriges minst antisemitiska parti.
freedom, activism, technology, diversity
Boring, boring, boring, boring. This is all "meta-converaation", like this exact thread.
Where are the musicians, the woodworkers, the DIYers, the athletes, the architects, the photographers, the wannabe chefs, the contrarian educators who do not toe the line of Academia?
Actually being able to self host and federate, and without any dependence on the main instance.
And ability to federate with other open and federated services, like how mastodon can federate with so many others like lemmy and pixelfed.
like this
Nate likes this.
I really like the Nostr protocol, though. It's too bad the network is so inundated by cryptocurrency topics.
It's simple, it has a nice extension process (standing on the shoulders of giants), and it's super easy and lightweight to self-host. It reminds me a lot of the early days of http, when it was more common (as a developer) to telnet to port 80 and just type in a couple of lines of header and get a response.
Sadly, Nostr's association with cryptocurrency, and the fact that 90% of the traffic on it is cryptocurrency created posts, has been a severe handicap.
like this
Fitik likes this.
Independent or otherwise.
But control of the protocol - the definition and development - is still controlled by the for-profit company, right? It hasn't been handed over to a nonprofit governance committee, has it?
Federation or not, if Bluesky dominates the protocol, they can decide to stop federating and essentially kill the independent servers. Much like what Signal did. Sure, you can run your own Signal server, but without access to the dominant player's market, and using a protocol that's controlled monopolistically, it's practically useless to do so - which is why almost nobody does it anymore.
You are missing the point. The point is that there is nothing to ruin here.
The Fediverse is by and large composed of antsy, narcissistic tweenagers who never created anything and use this space as some form of support network. They think that just because they are outcasts they are part of some counterculture movement (like the punks or the OG hackers from the early internet), but they miss the very important part that these movements need to create something meaningful.
All they can do is ridicule (parts of) the status quo and resort to shoot down anything and anyone who is willing to take any risks to effect any type of change. And for all the talk about diversity and inclusivity, one can read any news headline or article here and know exactly what is going to be the reaction from the people
The only way to break away from this unbearably boring monoculture is by bringing more people. We need to get of our comfort zones, dealing with differences and learning that (some) conflict is important. The alternative is stagnation, and culture-wise stagnation is the same as death.
Is anyone here opposed to bringing more people? I'm upset that people are going to an unfederated platform like BlueSky. I wish more people to join, no matter who they are.
I haven't been on mastodon much, but lemmy is quite diverse.
There is Bridgy Fed, which bridges accounts over to the other side if they follow the respective Bridgy Fed account on their platform. This is opt-ín though, so you can't just follow anyone, they need to have followed @ap.brid.gy on Bluesky. To have your interactions bridged you need to follow @bsky.brid.gy@bsky.brid.gy.
If the account you want to follow is not bridged and you are okay with just reading their posts, you can also use a service like RSS Parrot as every Bluesky account also serves as an RSS feed.
RSS Parrot
Home of RSS Parrot, a free Fediverse service that lets you turn Mastodon into an RSS or Atom feed reader.rss-parrot.net
Not a comeback. My point is that no one cares about this space at all. We had for the past two years everything in our favor to dismantle corporate-controlled social media, but the people that are here have ridiculously small ambitions and seem to keep the Fediverse completely irrelevant.
How else can I put it? Imagine that you live in corner of the woods of Bumfuck Alabama and you say, "I'm so glad we don't have McDonalds around here", like it was some reason to be proud. It's not, it just means that you live in a place so desolate that not even McDonalds thinks it's worth it to open a shop there.
Of course, there are some decent people who aren't 100% fanatic, but most of them would be the equivalent to those hat-wearers.
like this
tiredofsametab likes this.
The fact you think the product sucks does not mean it’s not good for many other people.
For example, I have Framework Laptop and I really think surface laptops suck due to how unrepairable they are. However, that does not mean that everyone cares about their repairbility…
for profits
The profit-motive and capitalism is not the problem. Corporatism is.
EEE
You can not EEE an open standard. XMPP didn't die when Facebook and Google dropped it.
We need to assess the power imbalances and strategize accordingly. This whole "boycott Threads" reaction, for example, works in their favor. They already have hundreds of millions of users. Because of the whole "FediPact", now we have lots of people migrating away from Mastodon because their instance does not let them follow some celebrity or NBA player, or sports journalist. Instead of blocking Threads, we should have worked to let people away from Twitter and into Threads so that they could learn and understand how federation works.
After this would be the time to go after the popular YouTubers and say "hey, why don't you setup your instance instead of using Threads? You won't lose your audience, and you have more control over your brand and online presence!"
This is what any sane person with minimal understanding of marketing would think. But instead of that, we got some reactionary crybabies that want to have the Fediverse only to themselves.
but lemmy is quite diverse.
Apart from a bunch of thriving specialist techie communities, what I see there is mostly tiny spaces dominated by intolerant groupthink and tyrannical moderators.
Indeed I just had a very bad experience in one of those that left me (almost) regretting the R-site.
You're using words like 'ambition' and 'irrelevant' like the Fediverse is some sort of corporate entity. It's not - that's a point very much in its favour in the opinion of quite a lot of people on it. Contrary to your opinion that no one cares, lots do. What some of us don't care about is catering to a set of people who are paid to express opinions and who, it seems to me, over a period of time end up becoming Andrew Tate or Russel Brand.
There's no McDonalds in the town I currently live in, which is 20 minutes away from one of the largest cities in the country. It might come as a massive shock to you but I - and I think the majority of people - can survive just fine without a Mickey D's. Not having one doesn't make a place desolate, it makes it healthier. And if someone really wants a Big Mac, they can go and get one from elsewhere.
Do you see what I'm saying? This isn't the same place as that - it's quite nice to have a place online that still isn't. And for those that do want that, they can still spend time there if they chose to.
Enterprise Technology News and Analysis
Enterprise technology news for IT decision-makers and professionalswww.theregister.com
You're both right.
If there aren't people building this alternative, in their free time, for free, then it won't exist. Fair enough. Much credit to them.
But it looks like @SquiffSquiff@lemmy.world is just an ordinary user with a busy life who wants to consume content in a way that better respects their privacy and autonomy. That is also a fair demand. Not everyone needs to be a producer.
people (...) can survive just fine without a Mickey D’s. Not having one doesn’t make a place desolate, it makes it healthier.
That's faulty logic. The presence or absence of a fast-food chain does not indicate that people eat better or worse than a place without. If you live in the US (and maybe the UK) I can bet a $100 with you right now that the average person in your town is heavier and more prone to metabolic diseases than the average person where I live (Berlin, Germany). Even if I am surrounded by probably a dozen Döner shops from my building, I am not forced to eat there. On the other hand, on average we eat less processed food, the restaurants are not serving those ridiculous oversized meals, the European lifestyle requires more physical activity, etc.
Likewise to the social networks. You are just saying "I don't want Andrew Tate". A big network is not just made up of assholes. The presence of some assholes does not imply that the average user is an asshole, and it also does not mean that you need to deal with them. But a small social network does unfortunately implies that there will be less of the good people.
Instead of saying who you don't want, have you actually tried reaching out to the people that you do want to see here? Can you honestly say that you can find a diverse range of people that talk or work with things that are of your interests? Because I surely can not, and I am not one to have an extremely long list of interests and hobbies...
And for those that do want that, they can still spend time there if they chose to.
No, that's absolutely the problem. I don't want to go to Reddit, because of Reddit management. My problem with Reddit is not the "average redditor", or "power-tripping moderators of popular subs" because I never went to Reddit to talk with the "average redditor" and I don't care about "popular subs".
Personally, even the API changes wouldn't affect me. I used old.reddit to browse on desktop and I was never a big user on mobile. But the reason that I decided to leave was because Reddit decided to complete turn against its users to pursue relentless growth.
By "going to Reddit when I want", I am still enabling Reddit and I am complacent with the status quo. I can only solve "my" problem by having people out of Reddit and into an open alternative that is more resistant to enshittification.
Mate, I was simply extending an analogy you introduced. I neither know (nor care) what the presence of a McDonalds does or doesn't do so don't Sagan me. Nor am I claiming mainstream social media is all arseholes. What I'm saying is that mainstream social media most certainly has the ability and propensity to make people into arseholes due to constant enshittification - part of which is the influencer phenomenon in my opinion and the need for growth at all costs.
I most definitely have reached out to lots of good people on the fediverse and had lots of great exchanges that follow both professional and 'hobby' based interests I have.
But here's the thing - you want growth? OK. I also have no issue with growth. But the best sort of growth in my experience comes organically. It happens at its own pace. The minute you start prodding it along with managed algorithms and all the other stuff mainstream social media now has you end up with an extended hate room. I don't miss Reddit or Xitter at all. I genuinely mean that. No more 'suggestions' of people to follow, no more manufactured outrage getting pushed to my feed, no more clickbait. Instead what I have now is a curated feed across multiple different types of experiences that I spent some time getting how I want them and dipping in and out of when I want to.
Who here is talking that the way to grow the network is by applying the techniques from Big Tech? It seems like you've created this giant strawman in your head.
All I am asking is for us to be more welcoming to people here, even if they are not exactly like what you wish. Or to help your friends to try it and see if they can help enough people/content for them to remain invested. Or even (possibly?) reaching out to someone on Twitter/YouTube and say "hey, I want to keep following you, but I don't want to stay here. Would you consider creating an account on Mastodon/Peertube?", etc.
Let me clarify so I understand your position
1) I said why I don't use Bluesky. I didn't say it shouldn't exist, or that other people shouldn't use it. I didn't pass judgement on people who do use it, or suggest that their having a different opinion on how to deal with bigotry is an issue. I simply said why I don't use it
2) You then insisted that I am the problem with democracy, despite you being the person insisting that everyone has to do things your preferred way?
Do I understand your position correctly?
I am saying "quote tweets" as a reference to the functionality, not the usage of Twitter itself.
Mastodon refuses to implement the functionality, but it is supported on others: Soapbox, Akkoma...
Essentially I am saying that in a democracy we need to talk to each other
That doesn't happen on bluesky either though. The moderation approach on bluesky means that people can control who they see, and who can interact with them. So people can still remove bigots from their timeline.
I also take issue with your insistence that bigots have the right to be bigoted and spread hate, and that their targets are somehow in the wrong for not wanting to be exposed to that hate.
Assuming that "bigots" is not a synonym for "anyone I disagree with", then fair enough.
My underlying point is that technology is making it very easy to wall ourselves off into comfortable echo chambers. Some are even calling that "safety". From my understanding of history, this looks like an obviously slippery and dangerous slope to be on.
But if are talking about what most of your fellow citizens would also identify as "bigots", then fair enough.
Assuming that "bigots" is not a synonym for "anyone I disagree with", then fair enough.
Why would it be?
My underlying point is that technology is making it very easy to wall ourselves off into comfortable echo chambers
Your experience is different to mine. I wish I could wall myself off from people who want to remove my rights and target me with hate, but I've yet to find a way of doing that.
I wish I could wall myself off from
Well this is at least honest!
Perhaps it's a personality thing. Perhaps generational. Technically I'm a member of a minority community but I've never defined myself by that, and "hate" in the contemporary sense (I think its meaning has drifted unhelpfully) is not something that especially bothers me. My experience is that most people are well-meaning, so I tend to be intrigued by the question of why they think the things they do.
Anyway, this is not a debate with a single correct answer. It is of course your right to shut out whoever you want, I won't question that.
There are multiple governments, political parties and hate groups explicitly focused on taking away my rights and ensuring I can't exist safely and openly.
It's got nothing to do with personality. I'm exposed to a barrage of hateful media targeting folk like me every single day, and it's next to impossible to escape.
So finding spaces where I can just not have to deal with that shit is important
The nice thing about Lemmy is that it doesn't have celibrities and NBA players. It's (mostly) honest discussion for the most part, sure you have a lot of people who getting angry but at least it's not like reddit or Facebook or whatever where you never know if a post/comment is real or a paid advertisement. Yeah it'd get more reach, more people, more popularity with thread integration, but there would also be more people. ...eternal September . It would be guaranteed to happen. Like you said, it's about marketing. Once Lemmy has more than a few thousand people, marketers are gonna do the same thing they did to reddit. ...destroy it. Yeah the shareholders are making out, but it's value is gone.
I started on reddit in 2008, and Lemmy is a mirror image of what the community looked like back then. You don't need inorganic growth to grow Lemmy. It just needs quality discussions and people, the organic growth will come naturally. The only thing that needs protection against is 'linking' with any for profit entity.
Connecting with threads and bluesky and whatever else would grow Lemmy, but for what purpose? I'd argue Lemmy isn't the end solution, maybe the devs can evolve it to work over the long term, but really I think if a social media solution is really going to tackle Facebook et al, it's going to have to be self hosted servers on every computing device in the world; where no government or organization can control, regulate, and most importantly one that cannot be manipulated for gain of a nation state or corporation.
I know of no such software, but I have a feeling such a solution would be superior to the fediverse in taking down the existing social media cartels.
The nice thing about Lemmy is that it doesn’t have celibrities and NBA players.
If you are starting with something that is completely subjective, how do you expect to get any meaningful discussion? You might not care about these things. It doesn't mean that this is not important to others.
Also, it's not just about the celebrities and NBA players. It's about the conversation surrounding these different interests.
…eternal September . It would be guaranteed to happen.
It happened on Reddit many years ago, and because of the long tail it simply didn't matter. Just stay from the (relative) popular subs and things work quite well, as long as they are some minimal critical mass. If you are the type that insists in participating in tiring and pointless discussions about politics, then yeah you are going to have a bad time.
marketers are gonna do the same thing they did to reddit.
Conjecture, that's not a certainty. In an open network, it's a lot easier to design and implement systems where you can actually verify who is behind an account. Or to implement a system that filters content from anyone who is not part of your web of trust. Or to do like spam filters that run content analysis before even hitting your inbox. You can not implement these things on closed networks because it would destroy their KPIs, but we don't care about that here.
I’d argue Lemmy isn’t the end solution,
Of course it isn't, but it's the best we have at the moment. If we keep waiting for some ideal solution before working to get people out of the closed systems, it will never happen. Worse still, if we don't get more people, we will hit a local maxima and never innovate. This is already happening on Mastodon.
where no government or organization can control, regulate, and most importantly one that cannot be manipulated for gain of a nation state or corporation.
People post to the communities.
With this comment I was bringing them visibility, which is usually an issue.
On the side I keep promoting Lemmy on /r/Redditalternatives
Once we'll get more people, and they'll know where to find content, we'll be able to solve that issue
thank you for the link, it was an interesting read. I really like the idea of using a web browser, like firefox or a fork of it, as a basis point for a distributed social web.
I don't really understand how it would do that but it is a very interesting idea. I guess since firefox is open source anyone could create this ability. Is there a discussion about this somewhere on the web? Lemmy is a good a place as any as it's too unimportant and tiny right now ;)
Thanks!
Maybe I wasn't too clear on the post about one thing, though. There is no need to fork the browser. I believe this could be implemented as a simple browser extension or even as Progressive Web App, like Voyager or Elk. The idea that I'm working with is actually to fork either one of these applications and just change its internal libraries to make it "speak" ActivityPub directly, instead of using Mastodon's or Lemmy's APIs.
Is there a discussion about this somewhere on the web?
Specifically about this approach, no. But matrix.to/#/#fediverse:pixie.t… is a good room for people working in Fediverse/Social Web.
To each its own, I like it here.
What would you suppose it is ambition, to feed off influencers? What good would that bring to the platform?
If the people who used it would benefit at least. But then again, that's cryptocurrency culture, so I don't know if both complete each other.
I'm tired of people arguing that the sum of the people in the platform does not equal its culture. Facebook and other social networks clearly benefit from having influencers in their platform, and they make the platform orbit around it.
People who use facebook are not responsible for old people posting what they want. But also, Facebook earns profit from that kind of behavior, so it makes its algorithms circle around it.
It's like saying Instagram isn't responsible for all the influencers and the 'vibe' it has. It is responsible for it and you don't make the platform your own, especially not with the Big players.
Even Mastodon, where you can set up your own instance, has its culture, even if it is richer (culturally) than Instagram or Facebook.
No, each person does not make the platform their own or make out of it what they will. Only a masochist would stay on Facebook preaching their own culture while they have other options that fit better.
Your argument fails.
Also, on another note, I'm tired of Carl Sagan's atheists using Darwinism as basis for lack of a God, and I'm not a christian or muslim. That's just reason to silence people who don't want to take "scientific" argument at face value. True science is debatable and built upon healthy discussion. Not something you toss at other people to make them seem dumb or preach like a religion.
I think we could and should work to make the Fediverse an universal alternative. If not make it something that appeals equally to everyone, but to have a real diverse set of people and users. My litmus test is simple: my wife is still on Facebook because of different groups: parenting groups, events around town, some arts and crafts showcases... If I ask my wife her to take a look at Lemmy, will she find something that interests her?
So far, the answer is no. The range of interests around here is very small: sophomoric discussion of US politics, outrage-bait pieces whenever Musk/Zuckerberg/Bezos does something stupid, a handful of otakus, a somewhat-larger-but-still-small group of Linux nerds... that's about it. Everything else is represented by at most one or two people who had a sizeable community on reddit, but failed to bring them over.
There is a crucial difference. The cool thing of the Fediverse is that there is no central authority. There is no CEO pushing things in one direction or another to try to maximize revenue. We have here the potential for real diversity of groups and interests, but (so far) all we seem to be getting is a very tiny vocal minority that wants to complain about anything that resembles the mainstream but is unable to build an alternative.
I’m tired of Carl Sagan’s atheists using Darwinism as basis for lack of a God,
You are reading too much into the quote. I just pointed out that faulty logic. Nassim Taleb also talks a lot about this
From what I've seen it's only single person instance where they use their domain names as user.
Not something you expect a standard person to have
According to this blog post, they are currently limited to 10 accounts, so not many open servers, but you can host your own.
This is an old blog post, though, so the limit might have been lifted
A couple of weeks ago I wrote about the notion that governments can do more to secure their own online voices by owning and operating their own Fediverse instances (Mastodon, as an example).
I am by no means the only blogger to propose that this is a good way to avoid being locked-in or censored by commercial “Big Tech” or other interests. It turns out that George Peretz had posted something along the same lines as me only a few days earlier (How the Labour Government, and others, should respond to Musk); I was unaware of that post until I ran into it via Seize The Means Of Communication!1 on the Lightly Seared blog much more recently.
Neville Hobson and Shel Holtz went on to cover my post on their For Immediate Release podcast, and in particular Neville asked for me to share more about what I know in relation to existing government or state owned-and-operated Mastodon instances. I’m happy to do so!
Proof of value
One of the more visible examples of governments embracing the Fediverse is case of the European Union. Initially running EU Voice (Mastodon) and EU Video (PeerTube) as pilots, these were evaluated for 2 years, and then closed in May. However, this year the European Commission formally joined the Fediverse with a Mastodon instance (supported by Mastodon gGmbH).
Beyond that, but still in the European continent: France, Germany and the Netherlands (more on the Dutch instance via the excellent Fediverse Report) have prominent presences in the Fediverse.
The government of #France 🇫🇷 now has an official Fediverse server 🥳(All accounts in French unless otherwise noted)
➡️ @cnes – France's space agency
➡️ @ambnum – French ambassador for digital affairs (in English)
➡️ @sup_recherche – Ministry of Higher Education & Research
➡️ @astroIAP – Astrophysics Institute of Paris
➡️ @cnrs – CNRS, the French National Centre for Scientific Research
➡️ @umrGeoazur – Geology/geophysics research unit for Côte d'Azur Univ, CNRS, Côte d'Azur Observatory
🧵 1/4
— FediFollows (@FediFollows) 2024-02-05T14:20:03.369Z
Hallo Fediverse 🙂
Für die vielen neuen Menschen hier gibt es nochmal ein paar aktualisierte Informationen von uns, die wir anheften können:
1. Eine Übersicht über alle Accounts unserer Instanz gibt es unter: social.bund.de/directory (Filtereinstellungen nicht vergessen)
2. Pixis gibt es kostenlos hier: bfdi.bund.de/DE/Service/Publik…
3. Merch verlosen wir immer mal wieder hier oder verteilen es auf Veranstaltungen./ ÖA
— BfDI (@bfdi) 2022-12-19T10:30:54.149Z
In addition, the Swiss Government launched an instance in September 2023 as a pilot which was due to last for one year; I’ll be curious to watch how that is evaluated.
Taking a step beyond central government, I’ve read that various federal states in Germany have their own instances.
There are also good reasons for broadcasters to run their own Fediverse instances (the BBC has had a pilot here, for example); universities and academics; and more.
I’m curious to learn of more of these, let me know in the comments if you are aware of others.
If you are interested in managed support for this kind of instance, the team at Mastodon gGmbH would be happy to hear from you to discuss how we can help.
A case for Brazil
Finally, I want to talk briefly (but, only because I must) about X.
We talked about the events of the end of last week, when Brazil’s courts chose to block access to X in that country, on episode 3.19 of the TechGrumps podcast that was recorded this weekend, and should be released any moment.
Along with Musk’s direct personal attacks on the UK Prime Minister and his efforts to spread dangerous misinformation, this is yet another example of Musk, specifically, demonstrating his untrustworthiness, and lack of willingness to be bound by the rule of law – national or international. According to the media, there has been a swift take-up of Bluesky by many Brazilian users; it is difficult to measure Mastodon or other Fediverse instance signups because there are many individual instances that comprise the network, but we know that there was a significant surge of interest at the end of last week.
A lot of people who are up in arms over Brazil banning Xitter aren’t acknowledging the fact that the country cast off a military dictatorship in 1985 and Elon’s openly allied with the neofascist who tried to restore it, with help from Elon Social, just two years ago. Pretty unique situation.That judge may well have a beef with Musk because of his intransigence but the stakes are much higher than that.
#elonmusk #brazil #twitter #bolsonaro #fascism
— Joshua Holland (@JoshuaHolland) 2024-09-01T13:08:57.793Z
Whichever directions users migrate, the important thing is that more people must leave X as a platform, and disempower Musk’s efforts to disrupt the law.
As I typed this blog entry, my friend Evan Prodromou posted
So, who is in the Free/Open Source software community in Brazil, advising the government on how to move to the Fediverse? And how can I help you?— Evan Prodromou (@evan) 2024-09-02T15:43:26.988Z
I don’t speak Portuguese, but add my name and voice to this offer of support!
@evan I am somehow surprised that the actual Brazilian government still doesn't have an instance of some software compatible with activity pub.Before leaving Brazil, I was part of a group engaged in open government data and civic hacking. I really hope these groups are still strong as they were a few years ago!
By the way, in 2011, I was advocating the City Council of São Paulo to have an identi.ca server, instead of Twitter. This didn't work, but at least I could open up some government data.
Post in Portuguese social.vivaldi.net/@everton137…
#activitypub #OpenSource #softwarelivre #Brasil #opendata
— everton137 (@everton137) 2024-09-02T15:53:31.668Z
- … a title which is delightfully reminiscent of Cory Doctorow’s book The Internet Con, subtitled How To Seize The Means Of Computation, which I think about a lot. And obviously, as an historian, I’m very aware of the original quotation from which both of these derive. ↩︎
Share this post from your fediverse server
https:// 
This server does not support sharing. Please visit .
andypiper.co.uk/2024/09/02/fed…
#100DaysToOffload #brazil #communications #europe #europeanCommission #europeanUnion #federal #fediverse #german #government #legal #netherlands #socialMedia #switzerland #Technology
reshared this
Tommi 🤯 → 39C3 reshared this.
Completely agree. Would love to see cities/states/nations owning their own instances.
Companies too, especially news outlets (A few have moved to this).
I think in addition to all your good points/examples, it’s a great way to ensure a voice is legit/approved.
Enlarge / Rust never sleeps. But Rust, the programming language, can be held at bay if enough kernel programmers aren’t interested in seeing it implemented. (credit: Getty Images)
The Linux kernel is not a place to work if you’re not ready for some, shall we say, spirited argument. Still, one key developer in the project to expand Rust’s place inside the largely C-based kernel feels the “nontechnical nonsense” is too much, so he’s retiring.
Wedson Almeida Filho, a leader in the Rust for Linux project, wrote to the Linux kernel mailing list last week to remove himself as the project’s maintainer. “After almost 4 years, I find myself lacking the energy and enthusiasm I once had to respond to some of the nontechnical nonsense, so it’s best to leave it up to those who still have it in them,” Filho wrote. While thanking his teammates, he noted that he
Link to original post arstechnica.com/?p=2046763 from Teknoids News
Last Week in Fediverse – ep 82
1 million new accounts on Bluesky as Brazil bans X, and premium feeds with Sub.club, and much much more.
[share author='Laurens Hof' profile='https://fediversereport.com/author/laurenshof/' avatar='' link='https://fediversereport.com/last-week-in-fediverse-ep-82/' posted='2024-09-01 18:04:28' guid='08552256-1db60dc7714646e3-cb23b587' message_id='https://fediversereport.com/last-week-in-fediverse-ep-82/']Last Week in Fediverse – ep 82
1 million new accounts on Bluesky as Brazil bans X, and premium feeds with Sub.club, and much much more.
Brazil bans X, and a signup wave to Bluesky
The Brazilian supreme court has banned the use of X in an ongoing legal fight with Elon Musk. The ban follows after a long trajectory of legal issues between the Brazilian government and Musk’s X. In April 2024, the Brazilian court ordered X to block certain X accounts that were allegedly related to the 2023 coup attempt, which Musk refused to do. In that same time period, President Luiz Inácio Lula da Silva opened an account on Bluesky, and there was already an inflow of a Brazilian community into Bluesky. Now, the legal fight has further escalated over X’s refusal to appoint a legal representative in the country, and Musk’s continuing refusal to comply with Brazil’s laws and regulation has resulted in the supreme court banning the use of X in the country altogether.
The ban on X has caused a massive signup wave to Bluesky, with over 1 million new accounts created in just three days, of which the large majority are from Brazil. The user statistics shot up even more than that, suggesting that there are a lot of people with an existing account logging back in as well.
The new inflow of people to Bluesky is having some significant effects on the network, as well as on the state of decentralised social networks more broadly:
- President Lula is putting actual focus on Bluesky. In one of his final posts on X, Luala listed in non-alphabetical order all other platforms that he is active on, and placed Bluesky at the top of the list. Posts by Lula that are placed on Bluesky (134k followers) as well as on Threads (2.4m followers) get more than 5 times as much likes on Bluesky. Today, Lula explicitly asked people on Bluesky what they thought about the platform, in a post that got over 30k likes and counting. It is hard to imagine that the Brazilian government is not paying attention to this all, and is looking which platform(s) the Brazilian community is moving towards in the wake of the ban on X.
- Brazilians are a very active community on the internet (see Orkut), and bring with them their own unique culture to Bluesky. The current decentralised social networks are heavily focused on US politics, judged by top posts on both Mastodon and Bluesky, and beyond shitposts and memes there is surprisingly little space for mainstream pop culture and sports. The Brazilian community does seem to bring a large number of pop culture and sports to Bluesky, significantly diversifying the topics of discussion, and in turn, creating more space for other people who are interested in that in the future. The activity of Brazilians on microblogging can also be seen in the like counts on popular posts of Bluesky: before this week, the most popular posts of any given day usually got around 3k likes, this has sprung up to 30k to 50k likes. Brazilians are so chatty in fact, that currently 81% of the posts on the network are in Portugese, and the amount of accounts of people who post on a given day has gone up from a third to over 50%.
- The Bluesky engineers have build a very robust infrastructure system, and the platform has largely cruised along fine without issues, even when faced with a 15x increase in traffic. This all without having to add any new servers. For third party developers, such as the Skyfeed developer, this increase in traffic did came with downtime and more hardware requirements however. It shows the complications of engineering an open system, while the Bluesky team itself was prepared with their core infrastructure, third party infrastructure, on which a large number of custom feeds rely, was significantly less prepared for the massive increase in traffic.
In contrast, the ban on X in Brazil has made little impact on Mastodon, with 3.5k new signups from Brazil on Mastodon.social. I’d estimate that this week has seen 10k new accounts above average, with 15k new accounts the previous week and 25k in this week. That places Mastodon two orders of magnitude behind Bluesky in signups from Brazil. There are a variety of reasons for this, which deserve their own analysis, this newsletter is long enough as it is. One thing I do want to point out is within fediverse community there are two sub communities that each have their own goals and ideas about the fediverse and growth. Some people responded with the news that most Brazilians went to Bluesky with type of response that indicated that they appreciate the small, quiet and cozy community that the fediverse currently provides, and a distrust of the growth-at-all-costs model for social networks. For other people however, their goal of the fediverse is to build a global network that everyone is a part of and everyone uses (‘Big Fedi’), a view of the fediverse that is also represented in the latest episode of the Waveform podcast (see news below). And if the goal is to build ActivityPub into the default protocol for the social web, it is worth paying attention to what is happening right now in the Brazilian ATmosphere.
The News
Sub.club is a new way to monetise feeds on the fediverse, with the goal of bringing the creator economy to the fediverse. It gives people the ability to create premium feeds that people can only access via a subscription. People can follow this feed from any Mastodon account (work on other fediverse platforms is ongoing). Sub.club handles the payment processes and infrastructure, for which they charge 6% of the subscription fee (compared to 8-12% Patreon charges). Sub.club also makes it possible for other apps to integrate, both IceCubes and Mammoth have this option. Bart Decrem, who is one of the people behind Sub.club, is also the co-founder of the Mastodon app Mammoth. Sub.club also explicitly positions itself as a way for server admins to fund their server. Most server admins rely on donations by their users, often via services like Patreon, Ko-fi, Open Collective or other third party options. By integration payments directly into the fediverse, Sub.club hopes that the barrier for donations will be lower, and more server admins can be financially sustainable.
Newsmast has build a new version of groups software for the fediverse, and the first group is dedicated to the Harris campaign. There are few types of groups available that integrate with Mastodon, such as with Friendica or a.gup.pe. These groups function virtually identical to hashtags, by boosting out posts where the group account is tagged in to everyone who follows the group account. As there is no moderation in these types of group accounts, it allows anyone to hijack the group account. A group account dedicated to a political campaign is especially vulnerable to this. On Mastodon a volunteer Harris Campaign group used a Friendica group for campaign organising, but the limited moderation tools (blocking a user from following the group) that are available are not working, which allowed blocked users to still get their posts boosted by the group account. Newsmast’s version of Groups gives (working) moderation tools, and only boosts top level comments and not replies, to cut down on the noise. For now, the new Group is only available to the Harris Campaign group for testing, but it will come later to Mastodon servers that run the upcoming Patchwork plugin.
Bluesky added quite a number of new anti-toxicity features in their most recent app update. Bluesky has added quote posting controls, allowing people to set on a per-post basis if people can quote the post or not. There is also the option to remove quotes after the fact as well: if you’ve allowed quote posts on a post you’ve made, but someone made a quote post that you do not feel comfortable with, you have the possibility to detach your post. Another update is the possibility to hide replies on your posts. Bluesky already hides comments under a ‘show more’ button if the comment is labeled by a labeler you subscribe to. You now have the option to do so on all comments that are made on your posts, and the hidden comment will be hidden for everyone. Finally, Bluesky has changed how replies are shown in the Following feed, which is an active subject of discussion. I appreciate the comments made by Bluesky engineer Dan Abramov here, who notes there are two different ways of using Bluesky, who each prioritise comments in conflicting ways. As new communities grow on Bluesky, prioritising their (conflicting) needs becomes more difficult, and I’m curious to see how this further plays out.
The WVFRM (Waveform) podcast of popular tech YouTuber MKBHD has a special show about the fediverse, ‘Protocol Wars – The Fediverse Explained!’. It is partially a discussion podcast, partial explainer, and partial interview with many people within the community. They talk with Mastodon’s Eugen Rochko, Bluesky’s Jay Graber, Threads’s Adam Mosseri, and quite some more people. It is worth noting for a variety of reason. The show is quite a good introduction, that talks to many of the most relevant names within the community. MKBHD is one of the biggest names in the tech creator scene, and many people are paying attention to what he and his team is talking about. Furthermore, I found the framing as ‘protocol wars’ interesting, as the popularity of Bluesky in Brazil as an X replacement indicates that there is indeed a race between platforms to be build on top of the new dominant protocol.
Darnell Clayton has a very interesting blog post, in which he discovers that there is a discrepancy in follower count for Threads accounts that have turned on fediverse sharing. Clayton notes that the follower count shown in the Threads app is lower than the one shown in a fediverse client, for both Mastodon and Flipboard. He speculates that this difference is the number of fediverse accounts that follow a Threads account. It should be noted that this is speculation and has not been confirmed, but if this is true, it would give us a helpful indication of how many fediverse accounts are using the connection with Threads. While we’re talking about Threads accounts, Mastodon CEO Eugen Rochko confirmed that the mastodon.social server has made a connection with 15.269 Threads accounts who have turned on fediverse sharing.
The Links
- Threads has figured out how maximise publicity by making minimal incremental updates to their ActivityPub implementation, edition 500.
- A Developer’s Guide to ActivityPub and the Fediverse – The New Stack interviews Evan Prodromou about his new book about ActivityPub.
- FedIAM is a research project where people can use fediverse and Indieweb protocols for logging in.
- You can now test Forgejo’s federation implementation.
- This week’s fediverse software updates.
- Ghost’s latest update on their work on implementing ActivityPub: “With this milestone, Ghost is for the first time exceeding the functionality of a basic RSS reader. This is 2-way interaction. You publish, and your readers can respond.”
- Dhaaga is a multiplatform fediverse client that adds unique client-side functionalities.
- Lotide, a experimental link-aggregator fediverse platform, ceases development.
- A custom QR code generator, which some pretty examples of custom QR codes for your fediverse profile.
- Custom decentralised badges on atproto with badges.blue, a new work in process by the create of atproto event planner Smoke Signal.
- Smoke Signal will be presenting at the next version of the (third party organised) ATproto Tech Talk.
That’s all for this week, thanks for reading.
Rust in Linux lead retires rather than deal with more “nontechnical nonsense”
Rust in Linux lead retires rather than deal with more “nontechnical nonsense”
How long can the C languages maintain their primacy in the kernel?Ars Technica
"Old" doesn't have to mean biologically old. In this case, it means people who have been doing it for a long time—long enough that they're set in their ways.
So while I can understand the confusion, it doesn't apply here.
Lol the out of memory error was a joke. A reference to that two people both trying to do the same thing will fill the heap since there’s unnecessary work.
I tried to make a code joke but it failed.
As far as what are they unwilling to release? Control. Ownership of any bit of the kernel they control
kernel maintainer Ted Ts'o, emphatically interjects: "Here's the thing: you're not going to force all of us to learn Rust."Lina tried to push small fixes that would make the C code "more robust and the lifetime requirements sensible," but was blocked by the maintainer.
DeVault writes. "Every subsystem is a private fiefdom, subject to the whims of each one of Linux’s 1,700+ maintainers, almost all of whom have a dog in this race. It’s herding cats: introducing Rust effectively is one part coding work and ninety-nine parts political work – and it’s a lot of coding work."
You have to continually practice fluidity and actively learn things lest you solidify and lose that skill like any other.
I’m all for keeping one’s cognitive skills. However it is a fact that this decline happens, and that there is a phase of life where one has wisdom without necessarily having the same raw intelligence they had before. The wisdom is encoded in crystallized intelligence.
By wisdom here I mean “The tendency to make decisions that turn out well”.
My father was an equipment operator well into his 70s. After he retired they kept bringing him back to train the younger guys, and to get things don’t they couldn’t get done.
That was possible because those machines don’t change too much as time marches on. Because they use a stable platform, his organization was able to do better work by relying on his deep expertise. He could train those younger guys because it was the same platform he’d always used. Same dirt, same physics, mostly the same machines, same techniques, same pitfalls, etc.
His fluid intelligence is almost zero. The man’s practically an ASIC at this point, yet he’s fascinating to talk to and competent in the world. Fluid intelligence is not the only way to get things done.
We of course play plenty of video games together to keep him sharp. We also eat mushrooms, paper when necessary, and he works out a lot. We do all we can, believe me.
PHP is still in use and Wordpress is still somehow a behemoth. But the fact is that PHP has fallen out of favor, isn't used by new projects, and there's less demand for people with that skillset
Also while I’m driving, my Uber app locks up. Siri talks to me in a halting, broken voice, and responds with “something went wrong”. Google Maps shows a brief flash of my home before flipping to my current location. Then back to home again, then back to my current location. Spotify doesn’t remember what song I was listening to. Amazon Prime Video can’t remember what episode I was last watching.
Enshittification is everywhere. Our tech is buggy as fuck and solved problems in project management and devops are recurring. It’s not just about focusing on advertisers’ needs over customers. It’s also about wanting to kick out the greybeards as part of our great cultural revolution. It’s about driving trains into tunnels without adequate ventilation because fuck the previous generation thinking they know better than me.
It is the case that new technologies are introduced all the time, but that’s not necessarily right.
This example doesn't work as well with C/++ since that's older than most people here (though the language has also gone through iterations) and likely won't be going away any time soon. But still, in most cases you probably don't want to use that language for general work.
Why not? Because you won’t be able to hire younger devs? That is a function of this culture of pushing for change in everything. Younger people don’t learn C++ because it’s a little harder to read and because culturally we don’t respect established things. I’m sure there’s a word I don’t know here, but we generally have a culture of hating the past.
The good news is though, that it's relatively easy to transfer core skills between most languages.
I agree. Design patterns, work patterns, these transcend languages. And they’re 99% of the success or failure of a project.
And yet here we are emphasizing how C++ and Rust can’t realistically coexist in a serious project, because there’s some mismatch in their capabilities. I point to the current conundrum as the counter to this idea of transferability. The devil’s in the details and if the wisdom transfers between languages so well then we don’t need new languages.
Fundamentally, the question is “What are these news things that need to be done by code, that weren’t being done by code 30 years ago, such that it necessitates new languages?”
It’s cool to be able to tell your college buddies you’re building a new programming language.
In fact, it’s great that people are making new languages as a way of keeping language design wisdom alive. It’s great that CS kids build logic circuits from scratch for the same reason.
But then again, Netflix can’t remember what episode I was watching, when I’m almost certain they had that ability a few years ago.
Unfortunately there are a lot of problems created by using C in the kernel, and having all of this done manually. Many kernel vulnerabilities including several severe ones have been due to issues with memory management. Even the whitehouse has spoken on these issues related to C. Rust has been proven to be comparable to C in terms of performance, sometimes even faster. So it doesn't make a great deal of sense to keep using C for new projects.
That all being said Rust has had its own issues. There was a recent vulnerability in older versions of cargo the Rust package manager for instance. It's a somewhat new language so obviously teething issues are to be expected, and it might be too soon to use Rust for mission critical systems. It's also a harder language to learn and understand, so that makes adopting it more difficult especially for very experienced C developers like those who work on the Linux kernel. It might be better to wait and see what other languages like Zig and Carbon manage to do, but those are even newer and will take more time to actually be production ready.
Pointers are not guaranteed to be safe
So I guess they are forbidden in @safe mode?
but it's being replaced by something else instead
Do you know what is the replacement? I tried looking up DIP1000 but it only says "superceded" without mentioning by what.
This makes me wonder how ready D is for someone that wants to extensively use @safe though.
One detail about Rust in the kernel that often gets overlooked: the Linux kernel supports arches to which Rust has never been ported. Most of these are marginal (hppa, alpha, m68k—itanium was also on this list), but there are people out there who still use them and may be concerned about their future. As long as Rust remains in device drivers only this isn't a major issue, but if it penetrates further into the kernel, these arches will have to be desupported.
(Gentoo has a special profile "feature" called "wd40" for these arches, which is how I was aware of their lack of Rust support. It's interesting to look at the number and types of packages it masks. Lotta python there, and it looks like gnome is effectively a no-go.)
That to me sounds like exactly the reason why developers like the above have left. They are having to take on the burden of gently letting down other devs who are angry over a simple misunderstanding. A misunderstanding that wouldn't have happened if they had been listening or bothered to ask first before jumping to conclusions. Imagine someone heckles you on stage and you have to respond kindly. I certainly wouldn't. If someone had listened to my talk, misinterpreted it, then heckled me over it you can bet I would be angry and would respond in kind. To then see this misinformation being spread again would drive me nuts. I can see why they left.
The bottom line for me is that Rust devs who work on this stuff for free shouldn't be getting hounded by C devs just for asking for proper documentation that frankly they should have provided in the first place. I say this as someone who is skeptical of Rust for various reasons.
This is true, but the differences go even further than that. Redox is intentionally non-posix-compliant. This means that userspace programs written for posix operating systems may or may not need patching to even compile.
Part of the philosophy of Redox is to follow the beaten path mostly, but not be afraid of exploring better ideas when appropriate.
They are having to take on the burden of gently letting down other devs who are angry over a simple misunderstanding.
I feel like, if anyone would be happily willing to do that in their free time, they would have been a Politician or an HR and not a Developer.
I'm pretty n00b as a dev, but if I were to see someone misinterpreting my explanation, the most I would do is rephrase the same in a more understandable manner.
Definitely not going to resort to using "people management tactics", specially not in an Open Source Free Work setting, where the expectation is that the other person wants the good of the project as much as I do ^[as compared to a corporate setting, where if they are getting money to sit and do nothing, they will prefer that].
Facts are more important than feelings, specially when written text is the medium, where the reader can, at any time, go back and re-read to make sure they are at the same page, which a responsible, non-sleepy, non-drunk person would do in such a case.
On this note, I went and re-read the above comment and I realise, the "But that’s the thing where you are wrong." sentence is kinda useless. If the previous commenter were to have read the rest, they would realise that's where they were wrong. Mental note to not use useless stuff like this as the first sentence in a reply, because I probably have the habit
Yes, I know I joined both circumstances, this comment thread and the condition of the Rust Linux dev. It seemed relevant to me.
Lots of good insight there. While I disagree with much of it, I get it.
I’m all for keeping one’s cognitive skills. However it is a fact that this decline happens, and that there is a phase of life where one has wisdom without necessarily having the same raw intelligence they had before. The wisdom is encoded in crystallized intelligence.
Yeah, realizing you have that wisdom is eye opening and it's actually pretty powerful. I can hunt down bugs by smell now with surprising accuracy. But I'm not convinced it's mutually exclusive to fluidity. I guess I'm just hoping my brain doesn't petrify and am battling against it.
That was possible because those machines don’t change too much as time marches on. Because they use a stable platform, his organization was able to do better work by relying on his deep expertise. He could train those younger guys because it was the same platform he’d always used. Same dirt, same physics, mostly the same machines, same techniques, same pitfalls, etc.
It's a poor analogy for software though. Software is an ongoing conversation. Not a device you build and forget about. User demands change, hardware changes, bugs are found, and performance is improved.
I'm honestly curious what the oldest line of code in the Linux kernel is now. I would be pretty shocked to see that anything survived 30 years. And I don't think that's because of enshittification.
This example doesn’t work as well with C/++ since that’s older than most people here (though the language has also gone through iterations) and likely won’t be going away any time soon. But still, in most cases you probably don’t want to use that language for general work.Why not? Because you won’t be able to hire younger devs? That is a function of this culture of pushing for change in everything.
No, because C/++ isn't the right tool for every job. If I want to write up something quick and dirty to download a sequence of files, I'm not going to write that in C. It's worth learning other things.
I have to admit though that the conservative approach is more suited to things like a kernel, aerospace applications, or other things with lives riding on it. But also software that doesn't change becomes useless and irrelevant very quickly. For instance, running Windows XP is a bad call in just about any case.
But again I'm also not trying to say all software should be trend following. Just that devs should embrace learning and experiencing new things.
i would consider 4 years to be
- too long amount of time for a job you don't like (it took you 4 years to realize that you don't like it?)
- too short for a job you are committed to (you give up only after 4 years?)
After almost 4 years, I find myself lacking the energy and enthusiasm I once had
once i had? energy and enthusiasm he had only 3 years ago?! When i started reading the article i was expecting 15 years, 20, 30+
I'm not against Rust. I'd like to see something less dangerous with memory than C, but I don't think it's time yet for the kernel to leave C.
It's pretty clean, stable, it's working well at the moment and the C language (or variants of it) is/are still actively used everywhere. I think the kernel universally going Rust will be a long road of everything under the sun going there first before it's ported in earnest.
Straw Man Fallacy: A straw man fallacy occurs when someone misrepresents an opponent's argument to make it easier to attack or refute. Instead of addressing the actual issue, the person creates a distorted version of the argument that is easier to discredit.
This is what you have done in every single reply you made when I have made it quite clear that this is about the migration being an urgent security issue that the cyber security community at large has been calling attention to.
You avoid all the core points I make and distort them into trivial things that you can easily argue, like the fact that you "Don't code C much and use Rust occasionally". It's irrelevant to the actual arguments and you use it to dismiss the real core issues AKA a Straw Man fallacy
You have failed to argue in good faith and are actually a part of the problem. Good job!
Now please explain to me how C works.
That's not what they're asking. It's not about how C works, it's about how specific APIs written in C work, which is hard to figure out on your own for anyone who is not familiar with that specific code. You'll have to explain that to any developer coming new into the project expected to work with those APIs, no matter their experience with C.
Failing to respond in detail to all of the claims you believe to be your most important ones is not what is usually meant by a "straw man."
While I don't mind Rust (although I'm not too good at it yet) I really do find the crowd of overzealous enthusiasts claiming in the most hyperbolic terms that the necessity of its universal use is an urgent security issue quite off-putting sometimes.
How to Win Friends and Influence People by Dale Carnegie should be required reading for everyone. It's full of things that are so obvious in hindsight but go against our natural instincts so we blunder through attempts to persuade not realizing that we might be increasing resistance rather than decreasing it.
Like the whole, "you might be right but you're still an asshole" thing. Being correct just isn't enough. In some cases you get crucified and then after some time has passed, the point you were trying to convince others of becomes the popular accepted fact. And they might even still hate you after coming around on the point you were trying to make.
That book won't turn you into a persuasive guru, but it will help avoid many of the pitfalls that make debates turn ugly or individuals stubborn.
Or, on the flip side, you can use the inverse of the lessons to become a more effective troll and learn how to act like you're arguing one thing while really trying to rile people up or convince them of the opposite. I say this not so much to suggest it but because knowing about this can make you less susceptible to it (and it's already a part of the Russian troll farm MO).
then complain about them later.
I don't see where they're complaining? They don't seem to be asking anything of the C devs other than help with API definitions.
It also seems to require a GC though...
newxml is GC only, for simplicity sake.
Not even, it will suffocate on its own by having the capitalists keeping their changes from each other. Like a bucket of crabs; where if one crab is about to get free the others grab onto it and pull it down.
Kernels really benefit from being "forced" to share the code changes as the GPL license, they are too tied to HW, and HW needs a lot of capital when iterating.
I guess the question is, what happens to the kernel when all the people who learned on C are gone? The majority of even the brightest new devs aren't going to cut their teeth on C, and will feel the same resistance to learning a new language when they think that there are diminishing returns to be had compared to what's new and modern and, most importantly, familiar.
I honestly get the hostility, the fast pace of technology has left a lot of older devs being seen as undesirable because the don't know the new stuff, even if their fundamental understanding of low level languages could be a huge asset. Their knowledge of C is vast and valuable, and they're working on a project that thrives because of it. To have new people come to the project and say "Yeah, we could do this without having to worry about all that stuff" feels like throwing away a lot of the skill they've built. I'm not sure what the solution is, I really don't think there are enough new C developers in the world to keep the project going strong into the future though. Maybe a fork is just the way to go; time will tell which is more sustainable.
Yeah, the Rust guys' proposition is roughly this:
Hey you guys with 20-30 years of experience doing a single thing very well. Let's nullify most of that skillset and replace it with a thing we're good at.Don't worry, we will teach you.
They're not technically wrong about Rust being a better choice for a kernel, of course. They're just incredibly misinformed about the social hurdles they need to climb over for it to happen.
Just go ahead and write a very basic working kernel in rust.
I don't get this stance, really. If I want to write a driver in Rust I should start by creating a completely new Kernel and see if it gains momentum? The idea of allowing Rust in kernel drivers is to attract new blood to the project, not to intentionally divert it to a dummy project.
Rust is sufficiently different that you cannot expect C developers to learn rust to the level they have mastered C
If you , no one asked anything from the C developers other than documentation. They just want to know how to correctly make the Rust bindings.
Note that Rust is not replacing C code in the Kernel, just an added option to writing drivers.
C has been around for a very long time. I don't think wanting to replace a 1970s language, that was old when current gray beards were young is a bad thing. People have had more than enough time, and still have a good decade or two to make their careers writing and maintaining C code. Sometimes things have to change, old people be damned. It's diatribes like this that remind me the human race advances one body at a time as those holding us back die out.
Edit: also we aren't talking about people in their 70s and 80s here. Most of these "greybeards" are in their 40s and 50s at most. Linux itself is from the 1990s and is therefore more modern than C.
Netflix is using FreeBSD for servers. You can't blame everything they do wrong as being a problem with the new hires. They are using an OS older than Linux that changes more slowly than Linux, simply because it performs the best for their specific application. Rate of change isn't the issue here.
In fact that's 90% of what this comment is. Blaming new people and new techniques for problems when you aren't a part of that organisation and don't actually know what's happening.
Working with computers is not the same as working with construction equipment. Some degree of fluid intelligence is needed in this field, no matter how experienced you might be, just like how a surgeon needs steady hands. The people you call greybeards aren't nearly as old as your father is. We are talking about people who are in their 50s and 40s. They don't have that level of cognitive decline yet. Likewise some things like ext4 aren't likely going to be ported to Rust now or even ever. They can keep maintaining them as they are now for the foreseeable future. Plus I don't want people to have to keep working into their 70s and 80s. At some point it becomes elder abuse. Let people retire man.
C has existed for a long time now. We've been trying to replace it for ages, for most of it's lifespan even. C++ actually was one of the new options at one point. I get it seemed immovable only a decade ago, and I think that has lulled people into a false sense of security. In truth it was inevitable it would have to be replaced one day. It's already well outlived the life expectancy of a programming language. Just think about Ruby: created long after C yet has already become mostly irrelevant. You talk about the maximum rate of tool change, but C is one of the oldest tools we have, keeping it around would be almost 0 rate of tool change over decades. If you can't see that C is very slowly dying then you haven't seen the writing on the wall for the past several years. It's on you at that point.
We should look back with pride at everything that has been accomplished with C, and just how long it's been relevant. We can do this while still acknowledging it needs to be phased out gradually.
No one is asking for change that rapid either. Linux started adopting Rust four years ago now. It's probably still going to have C code inside it for at least a decade from now. This isn't some quick change, it's a gradual process. People have plenty of time to adapt, and those who are too old to do so will be around retirement agent if not already dead by the time C is fully phased out.
We of course play plenty of video games together to keep him sharp. We also eat mushrooms, paper when necessary, and he works out a lot. We do all we can, believe me.
Honestly you take more care of yourself and your father than I do. I am only in my 20s and suck at video games. If I took mushies or LSD I would probably lose my mind, assuming it's all still there in the first place. I suspect there is a good reason why people like me only have a life expectancy of 58 or so.
That is honestly a decent analogy. So, on what rides is it ok if something goes wrong and a young family member is killed? Rust says, it is never ok so we won’t let you do it.
To use your analogy though, the issue is the driver feeling quite confident in their skills and rating the risk as low. Then a tire blows on a corner. Or somebody else runs a red light. Or, there is just that one day when an otherwise good driver makes a mistake. History tells us, the risk is higher than the overconfident “good” drivers think it is.
In particular, history shows that 70% of the real world injuries and fatalities come from passengers without seat belts. So, instead of each driver deciding if it is safe, we as a society decide that seat belt use is mandatory because it will prevent those 70% of injuries and fatalities ( without worrying about which individual drivers are responsible )
Rust is the seat belt law that demonstrably saves lives regardless of how safe each individual driver thinks they are. It is a hard transition with many critics but the generation that grows up with seat belts will never go back. Eventually, we will all realize just how crazy it was that they were not always used.
I saw the clip previously. The rust guys are absolutely assuming that the C guys would go for something because (a) the compiler guarantees it's memory safe (b) the semantics would be encoded in the type system. They demonstrate this using rust terminology and algebraic data types. Algebraic data types are the bees knees, (but not with that syntax and clumsiness), and compiler guarantees are the bees knees, but that's not how a C programmer who's middle aged sees the world, it just isn't. Your typical middle aged C programmer grew up telling pascal programmers that automatic array bounds checking is for wimps and real men use pointer arithmetic and their programs run five times as fast. They were always right because their programs did really run significantly faster, but now rust comes along and its fast and safe. Why wouldn't C programmers like it? Because the speed was the excuse and the lack of guardrails was the real reason they liked C.
I said it's a massive culture clash that the rust folks didn't realise they were having because they just assume that "memory safe" wins people round, whereas C folks value their freedom from automatic compiler-based safety, and here you are, sounding like a rust person, saying it isn't a culture clash at all and that the rust folks are right about memory safety and the C folks are just being irresponsible.
They aren't asking C devs to write Rust code, which is what the guy being a heckler was claiming. Why don't they want to right Rust? For exactly the reasons you describe. The thing is though that's not currently being asked of them, all they actually want is the documentation to create that code themselves.
You really don't have to explain any of the culture clash to me lol. I've written both C/C++ and Rust. My C and C++ coding skills are demonstrably better (or at least used to be, it's been a while) than my Rust skills. Why? Because of how complex those guardrails are. The difference is I have the self awareness to know that my lack of Rust skills doesn't mean that the language is bad, or that C is a safe language to use. Rust tutorials could be improved. Perhaps an easier to use language like Zig might be more useful for some people. I feel like it's a good compromise between safety and ease of use. Rust though is still incredibly progressive for the industry, and will improve systems security, maintainability and reliability going forward if only people would stop getting in the way.
I'm not sure. I remember seeing an example in the docs, but I can't find it now. Actually the docs in general are a lot less opinionated than I remember them.
One thing that I did find is that the ion shell document mentions that it isn't a posix compliant shell because they would have had to leave out a bunch of features.
TL;DR: Vast culture clash that rust guys didn't perceive and C guys hated and false assertion that "you don't need to learn rust" based on inexplicably naive lack of understanding that maintenance might be necessary.
If someone builds a rust api on top of your C code inside your project, you have exactly five choices: (1) preserve the assumptions the rust code is making (2) only change your code if you have a rust expert to collaborate with handy (3) edit the rust code yourself (4) break the rust assumptions leading to hard to find bugs (5) break the build. The C guys hated all five of those options, and the rust guys told them they didn't need to worry their pretty little heads about it. ON, they weren't as dismissive as that, but they either didn't understand those as issues or didn't care about them or dismissed them.
The rust guys were asking the C guys to tell them the semantics so that they could fix the type signatures for their rust functions and the C guys were reluctant to do that because they wanted to be able to change the semantics of that turned out to be useful to them. They didn't want to commit so something that was documented in a way they weren't familiar with because they felt that even if they wanted to, they couldn't ensure their code was compliant with this specification going forward because they didn't understand the rust type signature fully. (They got hung up on the self argument and launched a rant against OOP.)
The rust guys knew instinctively that the Result return type meant that the operation could fail and could tell from the two arguments to that both in what ways it could fail and every kind of answer it could produce if it succeeded, but the C guys found almost none of that obvious. This was for just one function in the rust API, but it also radically changed the way of doing it. This one rust call replaced the whole algorithms of ask, check answer, if none, check this and that, otherwise do this blah blah blah. The C guys are used to keeping everything lean and simple with a single purpose and were being asked to think of a while collection of procedural knowledge and edge cases with a handle everything monolith. But they were audibly reluctant to commit to that being all the edge cases because they don't think of all of those tests as one thing and instinctively wouldn't write something that checks for all of the edge cases because (a) in a lot of circumstances the code they're writing only needs to know that there was a problem and will give up quickly and move on and (b) they want to be able to freely choose to add other edge cases in the future like they normally do without having to worry about the rust code breaking.
They weren't complaining that they were being asked to write rust, they were complaining that they didn't want to learn rust, and they were complaining this because they could see that to preserve all the rust API type signatures they would have to understand them, the expectations around them and memory safety principles, so that a rust programmer in the future wouldn't have to change the rust type signature.
The rust guys would have gained a lot more traction by just asking the C guys to keep a bunch of comments up to date detailing the semantics and error checking procedures, and promising to edit their rust API if the C code changes, but I suspect they didn't ask for that because they know that no guarantees come from a comment and they want to be sure that the rust code works across all the possible scenarios and in rust culture, that is always documented in the type system where it can be enforced.
The rust guys spoke like it was self evident that having a monolithic API with a bunch of stuff guaranteed by the rust compiler was best, but seem not to have realised that this is a massive culture clash because the C guys come from a culture of rejecting the idea of compiler guarantees anyway (because they have long had confidence in their ability to hand optimize their code to be faster than some prescriptive compiler's output and look down on people who choose to have the guardrails up).
They felt like they were being asked to help write an interface definition in a monolithic style that they have always rejected, to achieve goals that they have long resisted, in a language that they find alien, with no guarantees for them that the rust guys were going to stick around to agree and implement the rust changes necessary if they changed the C code, and with no confidence that they understood what would count as a breaking change at the rust level.
This perceived straightjacket made them particularly cross. They complained about the inability to change their C code and its semantics and the need to learn enough rust to understand quickly what not to change, but they didn't want to not change things and would need to edit the rust API at the same time as editing the C code if they didn't want the rust build to break, and then there would be even more downstream changes from that, so realistically they would need not only to be able to understand the rust type signatures, they would need to be able to edit both the type signatures and the functions themselves, and basically maintain all the downstream rust, and they would want to be sure they were writing efficient rust, well aware that it took them decades to get to the level of extreme efficiency they write in pure C, a much simpler language.
The rust guys said "Just tell us what your code means so we can write our type signatures", but the C guys didn't want to help create for themselves a prison whose walls were of a strange and intricate design they found hard to perceive, made out of materials they didn't have experience working with. They felt like the first guys were asking them how all the doors, windows, chimneys, air vents etc of the house that they built by hand would ever be used, so they could encase it in a stainless steel shell and make it part of a giant steel city. The C guys said "but I might want to build an extension or a wider garage!" They claimed that the C guys didn't have to learn how to weld or manufacture steel sheets, and that their house would be much safer, but for some reason this didn't win the C guys round to the plan, and there's a bunch of people online calling the C guys tech luddites for not liking the whole thing and saying that they were incorrect that they needed to learn rust just because the rust guys made that claim, but that claim is actually completely incorrect unless you think that it's OK to stop the project compiling with your pull request or you think that changes to the C code should be banned wherever a rust API is built on top of it.
The rust guys would have gained a lot more traction by just asking the C guys to keep a bunch of comments up to date detailing the semantics and error checking procedures, and promising to edit their rust API if the C code changes, but I suspect they didn't ask for that because they know that no guarantees come from a comment and they want to be sure that the rust code works across all the possible scenarios and in rust culture, that is always documented in the type system where it can be enforced.
I could be being daft but I thought this is more or less what the Rust guys were asking for. Tell us the current symantics of the system, and if it changes in future let us know what the new semantics are and we will fix the Rust code accordingly.
I do understand what you mean though about enforcing restrictions on what the C guys can do without breaking the Rust code. I think you run into situations wherever two languages meet. The way most projects handle this is the upstream releases a new version, or a release candidate of a new version with their breaking changes documented and then downstream updates their stuff accordingly when they get time. Obviously this is one project, but I imagine it's possible for the C guys to update stuff in a pull request and then drop an email in LKML to the Rust guys so they know stuff needs fixing. None of this seems that hard to me.
Ultimately though everything here is Linus decision. Either your in or your out. If Linus says yes to Rust doing whatever then that's what's going to happen. Likewise if he says no, then it's not going to happen that way. Until he weighs in no one can really say how this will end.
Personally though I disagree with the C guys. Safety features are important and should be used where it is practical to do so. Until now C has had the justification that it's still the fastest language and by a significant margin. Now a somewhat safe language like Rust exists with the same speed and capabilities I don't think we can afford to continue ignoring safety for the sake of a few bruised egos. If this was a proper industry like aviation safety would always come first, and if that means adopting new technologies and forcing people to adapt. I can understand if C devs have a hard time adapting, I don't expect it to happen overnight. The expectation though should be they should learn some Rust eventually, even if it's just enough to know the type signatures and what not that they might break with their changes to C code. Kernel devs are supposed to be some of the smartest computer people out there. If they can't learn even that small amount of another language then should they really still be kernel developers?
Ah, but I still agree with the C devs, it creates unnecessary headaches for them. Also, old habits die hard.
I view it as the same way ZFS is supported: Linus and Greg KH are like "you can maintain it, but we don't give a shit about it, and if what we do breaks ZFS support, well too bad."
Yeah it is a monumental task, but it's also the one with the least push back. I don't mean start from scratch, but convert the C code to Rust in a dev branch or something and release a Linux-Rust kernel image.
Almost all real-world software development is like this. That's what we do.
I'm aware, I've written my own software even though I'm a SysEng, all I'm saying is that it's not an easy process with a potential for disaster. Just look at CrowdStrike (not saying that they were attempting to switch languages but just the scale of the fuck up and the fallout that it caused), we don't want that to happen with Linux.
The long-term goal is for Rust to overtake C in the kernel (from what I understand
Your understanding wrong. Rust is limited to some very specific niches within the kernel and will likely not spread out anytime soon.
critical code gets left untouched (a lot of the time) because no one wants to be the one that breaks shit
The entire kernel is "critical". The entire kernel runs - kind of by definition - in kernel space. Every bug there has the potential for privilege escalation or faults - theoretically even hardware damage. So following your advice, nobody should every touch the kernel at all.
I agree. C isn't going anywhere anytime soon, but if we don't start modernizing the kernel now we could end up with a future like the US government is in where all critical systems run on COBOL code and no one wants to touch it for the fear of breaking everything.
I'm not sure if it was in my above post or not, but the article said we should start modernizing the kernel now before someone does to Linux what Linux did to Unix.
Redox OS already exists and is functional (meaning it boots and has a GUI, but it's lacking in various aspects), from what I understand it's pretty much Linux/Unix rewritten entirely in Rust and looks pretty promising. In 5 or so years it could be a competitor with BSD and then overtake Linux once it has a proven track record.
"If it ain't broke, don't fix it!"
I'm not a software dev, but I'd imagine that the codebase could definitely be reduced once most things are converted to Rust. From what I've heard, the kernel is a huge mess of spaghetti code that most people don't want to touch, for the fear of going insane in the process 😂
I think this overall is a better idea. I'm going to say this because, I thought I'd look into rust today. So I installed it, setup vscode to work with it etc. And it's all up and running. I thought I would port over a "fairly simple" C# project I wrote recently as a bit of a test.
While I've generally had success (albeit with 30+ tabs open to solve questions I had about how to do certain things, and only making it about 20% into the task) I'm going to say that it's different enough from C, C++ and C# (all of which I can work with) that I really don't think it is fair to expect C developers that have day jobs and work on the kernel in their spare time to learn this. It's fundamentally different in my opinion.
Now, I don't condone any bad attitude and pushing away of rust developers from the project. But there's no way they're going to want to do anything to help which involves learning a new language. It's just not going to happen.
Likewise, C is not a language most new developers are learning. So, I feel like over time there won't be so much of an influx of new kernel developers and any Rust based kernel could find itself with more contributors over time and taking over as the de-facto kernel.
In terms of Redox (not looked into it yet). So long as there's a different team working on the userspace tools. I would say the main task should be getting a solid kernel with drivers for most popular hardware etc in place. The existing GNU tools will do until there's a kernel that is able to compete with the C one. But that's just my opinion.
RmDebArc_5
in reply to matcha_addict • • •matcha_addict
in reply to RmDebArc_5 • • •I agree, but reliance on an instance is already a big issue.
Theoretically, if this gets implemented, it could be possible to federate the ability to sign up elsewhere, or at least make your user downloadable and sign up with it elsewhere
matcha_addict
Unknown parent • • •rglullis
in reply to matcha_addict • • •This is a controversial issue.
Some people don't care about having an unique identity and actually favor creating multiple accounts on each service, to present themselves with different avatars depending on who they are interacting with. They are not "attached" to their identities and see this an opportunity to stay pseudonymous online and protect their "real" identity.
Some people think that the instance you join should be also somewhat indicative of your tribe and that they should be able to filter out who they talk about by checking the domain. This view is especially favored by the Mastodon crowd.
And then some other people (I think I would include myself) would like to be able to not just "use" a single identity, but to have portable identity in the Fediverse as a way to ensure that we can remain sovereign over our online presence. I would personally love for Communick customers to be able to use their personal domain, because that would mean that if even if I closed down things tomorrow, they would be able to migrate easily and without depending on me.
matcha_addict
in reply to rglullis • • •That's fine, this feature wouldn't prevent them!
What you mentioned in your last paragraph is in line with what I want, but maybe more of a next step from there.
rglullis
in reply to matcha_addict • • •So far, the only Fediverse project that lets users with different domains (and identities) under the same server is Takahe, but its development is a bit stalled and it is only supporting Mastodon.
Are you asking all these questions out of mere curiosity or are you willing to commit some type of effort and/or resources to see this happening?
matcha_addict
in reply to rglullis • • •rglullis
in reply to matcha_addict • • •matcha_addict
in reply to rglullis • • •It will be yes! Right now I only have it locally and its messy, but the idea is like this:
- Your home feed allows customizing the sorting algorithm. There's a sensible chronological-based algorithm, but you can customize it more.
- Content is organized into feeds.
- By default, you have your own personal feed similar to a micro blogging platform.
- but you have the ability to have multiple feeds. For example, maybe you're into both technology and wood working, but not all followers are interested in both. So you have separate feeds, and users can follow one or the other.
- A feed isn't only for one person's posts. For example, I might maintain a woodworking feed, but I'd "share" posts from other wood workers. In essence, I am a sort of "content curator". I pick out the good woodworking content and put it in a single feed for you to follow!
- A feed can be like a Lemmy community or a Facebook Group. So it can allow multiple posters, it can be open to anyone to post, or it can be approval-only (but submitted from anyone). It can also be privat
... show moreIt will be yes! Right now I only have it locally and its messy, but the idea is like this:
In my opinion, this replaces automated algorithms with manual curation. It also replaces moderation, as you might like a community but wish it was differently moderated, there might be another feed that sources the first feed but with extra moderation!
The project is still in its infancy and I don't get too much time to work on it. But since you're interested, I'll try to get it into an open source-able state (albeit far from workable) and let you know when I do!
rglullis
in reply to matcha_addict • • •I might have good news for you: you don't need to drop ActivityPub to do that. Maybe what you are looking for is very close to my idea of a social web browser, i.e, an ActivityPub-based application that is controlled by the client and not the server.
What programming language are you working on?
ericjmorey
in reply to matcha_addict • • •intensely_human
in reply to rglullis • • •At a more abstract level, inviting a bunch of people to play a game, and then changing the rules of the game, is a shitty thing to do.
The fediverse has rules built into it. It has a way that it works. Changing that makes it something else.
rglullis
in reply to intensely_human • • •intensely_human
in reply to rglullis • • •Identity belonging to an instance, changing to identity belonging to the fediverse as a whole.
Identities containing @instance format.
Identities being federated.
rglullis
in reply to intensely_human • • •This is an implementation detail, it's not required by any part whatsoever of the activitypub protocol.
All that AP cares about is that actors have an URL for their inboxes and outboxes. You can have even servers to serve your actor id from a different domain in your instances.
Hell, you can even have no "instance" at all. You can have just a bunch of static files to serve your webfinger queries and bio and even the outbox, regardless of the username that you have.
I think it's fine to have people trying to use a simplified mental model to understand new concepts. But it becomes a problem when people start taking these mental models and try to justify their opinions on incomplete abstractions.
intensely_human
in reply to rglullis • • •rglullis
in reply to intensely_human • • •And web browsers were only meant to be a language for formatting documents, yet software engineers realized it could do a lot more than that.
It's not just because someone design things one way that automatically all other use cases become invalid. This argument makes no sense.
MartianSands
in reply to matcha_addict • • •That's going to be a problem whatever solution you come up with, because of the federated nature of the lemmy system.
There's no central authority to hand out usernames, so if two people sign up to different instances with the same username, any design which didn't attach instance name to each username would fail. The only way around it would be for each instance to contact every other instance which exists, including the ones which haven't federated yet, and negotiate ownership of the new username, and that's just not possible
matcha_addict
in reply to MartianSands • • •Flax
in reply to matcha_addict • • •matcha_addict
in reply to Flax • • •I already talked about why that matters in my post (didn't mention anything about a person's importance), but I'm happy to clarify and expand on it!
To summarize again, this would allow users to follow a person across platforms. Part of the benefit of the fediverse is I can choose to get content from a microblogging platform as well as macro blogging or threaded like lemmy. It would be a good feature for me to be able to follow someone across all federated platforms without having to scavenge for them.
Moreover, it would allow me to use other types of platforms without having to sign up on each one. This would also be useful for instance admins. If instance A trusts instance B, then it can allow instance B users to sign in without having to sign up separately.
This could also mean that instance A could be an identity provider only
Flax
in reply to matcha_addict • • •AbouBenAdhem
in reply to matcha_addict • • •Rooki
in reply to matcha_addict • • •It will be difficult to implement and pretty much at the end of the list for the software you want to implement.
Users most of the time dont want to get identified ( some are here because of the privacy ) and if you want to get identified you can just use PGP signing.
matcha_addict
in reply to Rooki • • •Rooki
in reply to matcha_addict • • •will_a113
in reply to matcha_addict • • •jelloeater85
Unknown parent • • •maegul (he/they)
in reply to matcha_addict • • •Rednax
in reply to matcha_addict • • •It is a matter of responsibility. If you can log into any lemmy instance or mastodon server with the same account, then which server takes responsibility for your actions in the fediverse?
I have seen instances be defederate from because of their lax account creation requirements, or because of harrasment from users from a specific instance.
If an account can log into any instance, then who is responsible for banning the account?
matcha_addict
in reply to Rednax • • •This is a good point and I should clarify: in this model, you wouldn't get open access to any instance. The instance has to explicitly trust (white list) instances from which it will accept log ins. It would be like federation is done today, but the lists would be separate ideally.
Another model is it could do it on a case-by-case basis on the user level instead of instance level. But it would still enable the user to keep their dame ID and original domain.
hendrik
in reply to matcha_addict • • •I don't see any technical limitations preventing that. And I think it's a desirable feature. Imagine a world where you don't have to come up with lots of passwords and sign up on dozens of websites, but instead have one identity that's saved in your device and you can access any free software service without signing up and it'll already tell you if your friends are there. It could interconnect content and features...
It's a bit difficult to get it right, though. The identities need to be secure and reliable. Servers can't vanish (or data needs to be distributed) or people will lose everything at once. We need pseudonymous handles, sock puppets and access control. And there is a lot of trust involved. We need to mitigate for spam and trolls...
And agree on one standard that gets everything right for any arbitrary use-case.
Ada
in reply to matcha_addict • • •We host instances for trans and gender diverse folk, to provide a space that explicitly puts their safety first.
Take away the idea of an instance as a community/identity/distinct space, and the goal for these places existing is gone. Instead of a community and a safe space, we become a generic bit of hardware that enables transphobes as much as trans folk.
That's not something I'd be keen to keep sinking my own funds in to to support.
What I'd much rather see is instance based accounts, however, with the ability to take over/migrate them from other instances, so that if an instance goes down, people can still keep their identity. It would also allow instances focused on protecting minority communities to keep doing that.
matcha_addict
in reply to Ada • • •This is a very valid concern and I should clarify a bit about the mechanism I have in mind.
An instance admin can decide which instances it federates identities with, similar to how regular federation is done (but maybe these would have separate lists)
So, in your case, you would only federate identity with instances you trust to have done proper vetting. It wouldn't be by default that having a federated instance means you have access to login the entire fediverse.
Ada
in reply to matcha_addict • • •matcha_addict
in reply to Ada • • •SorteKanin
in reply to matcha_addict • • •intensely_human
in reply to Ada • • •SorteKanin
in reply to Ada • • •I can definitely see user migration from one ActivityPub server to another being a possibility, but I really don't see how that can happen if one of the servers is down. That's too late then. If you could migrate a user from a server that is down, what prevents you from migrating a user from a server that is still up and doesn't want to do the migration? You could just pretend that it is down and do the migration anyway? I have no idea how that would work.
Ada
in reply to SorteKanin • • •The proposal I saw was basically a way of "signing" your posts, and then when they federate somewhere else, you can create an account on another instance and "claim" the posts that have federated there as yours, with your private key.
Obviously, you couldn't access posts that never federated to the instance in the first place, but even with some lost content, it would let you edit, and post new content.
And as I understood this proposal, basically, you could have multiple active accounts, all of which are "you", and allow you to control your content with the same permissions.
SorteKanin
in reply to Ada • • •Yea that could in theory be possible - the big problem is that it requires people to hold their own private key and manage that, both securely and conveniently. And well... tbh I just don't see that happening. If you need to keep your own private key and also keep your own password, I really don't see any non-techie people ever using the fediverse.
There's also the issue that if that private key is leaked, there is no going back. Your identity is stolen and you can do nothing to take it back. This is different from if your password gets leaked - in that case, an admin could in principle step in and reset your password and you could regain control of your account. This happens all the time when people's Facebook accounts get "hacked". They report it to Facebook and get their account back. This is impossible if it relies on a user-held private key.
It's a neat technical solution that unfortunately forgets the human, as is often the case.
Jupiter Rowland
in reply to Ada • • •This exists right now. It has existed for longer than Mastodon, much less Lemmy.
Established by Mike Macgirvin in 2011 when he invented nomadic identity. First implemented in his Zot protocol from 2012 and a Friendica fork named Red, later Red Matrix, known as Hubzilla since 2015. Also available on (streams).
Not just a vague concept or an experiment, but daily-driven on stable servers since over a decade.
Nomadic identity goes even further t
... show moreThis exists right now. It has existed for longer than Mastodon, much less Lemmy.
Established by Mike Macgirvin in 2011 when he invented nomadic identity. First implemented in his Zot protocol from 2012 and a Friendica fork named Red, later Red Matrix, known as Hubzilla since 2015. Also available on (streams).
Not just a vague concept or an experiment, but daily-driven on stable servers since over a decade.
Nomadic identity goes even further than migration. Nomadic identity allows you to have the same Fediverse identity with everything in it (name, posts, connections, settings, files etc. etc. pp.) on multiple servers simultaneously. Not dumb copies. Bidirectional, near-real-time, live, hot backups. Whatever happens on one instance of a channel will be sync'd to all others almost immediately.
One of the clones goes down, doesn't matter. The main instance goes down, doesn't matter, you can use the clones just the same. The main instances goes down and stays down, doesn't matter, you make one of the clones your new main instance. All your nomadic connections are automagically changed to your new identity based on your new main instance. Yes, even on remote servers.
Even migration is based on the same concept. If you move from one server to another, first a clone is created, then the clone is declared the new main instance, thus demoting the original instance to clone, then the old original instance is deleted and the account with it. Not only can you move with absolutely literally everything, but you don't leave any rubbish behind on the old instance.
Only downside: It does not work on ActivityPub. Yet. It requires a special protocol, either Zot (Hubzilla) or Nomad ((streams)). ActivityPub-based projects don't even understand nomadic identity. So when you move, you have to reconnect all your non-nomadic followers.
ActivityPub implementation is being worked on, at least in theory. But the guy behind all this has, well, apparently not fully quit, but dramatically slowed down.
Ada
in reply to Jupiter Rowland • • •Jupiter Rowland
in reply to Ada • • •We'll see what comes out of this.
Mike has already implemented FEP-ef61 on (streams), and it seemed to have worked well under lab conditions. But then he rolled it out to release in July. Channels created on accounts registered after that point have decentralised IDs already. And surprisingly, it caused tons of bugs to the point of these channels not properly federating with anything. And since he's the only (streams) developer, he had to iron everything out himself. And quickly so because a few dozen people use (streams) as a daily driver.
In mid-August, he forked Forte from the streams repository. It was his vision of "the Fediverse of 2030": basically (streams), but only supporting ActivityPub anymore, with both (streams)' own Nomad and Hubzilla's Zot6 ripped out. Guess the idea was to have something with no extra protocols standing in the way of straightening FEP-ef61 and nomadic identity via ActivityPub. But this caused even more of a workload.
On August 31st, Mike sent a private post to his immediate connections (his channel is set up to send priva
... show moreWe'll see what comes out of this.
Mike has already implemented FEP-ef61 on (streams), and it seemed to have worked well under lab conditions. But then he rolled it out to release in July. Channels created on accounts registered after that point have decentralised IDs already. And surprisingly, it caused tons of bugs to the point of these channels not properly federating with anything. And since he's the only (streams) developer, he had to iron everything out himself. And quickly so because a few dozen people use (streams) as a daily driver.
In mid-August, he forked Forte from the streams repository. It was his vision of "the Fediverse of 2030": basically (streams), but only supporting ActivityPub anymore, with both (streams)' own Nomad and Hubzilla's Zot6 ripped out. Guess the idea was to have something with no extra protocols standing in the way of straightening FEP-ef61 and nomadic identity via ActivityPub. But this caused even more of a workload.
On August 31st, Mike sent a private post to his immediate connections (his channel is set up to send private posts by default) that said that he quits. He wanted to stop developing for the Fediverse because it got too much. The community could carry on if they want.
Trouble is, there's nobody among the few dozen (streams) users who has got what it takes, namely both the time and especially the skills to take over as a lead dev. One guy is ambitious, but he has only recently taught himself git just to make his own pre-FEP-ef61 branch for personal use. Then there are a few people who do know git, who may also know how to code, but who don't have the time.
We got one offer by a guy who wanted to rewrite (streams) from scratch. He had taken a look at the (streams) code, and he said that some of it is very old and crufty and mouldy. Of course, a lot of code probably still dates back to 2012 when Mike forked Red from Friendica to implement nomadic identity and rewrote the entire backend against Zot. Problem was, I think that guy came from Mastodon, he probably hadn't even seen Friendica in action, much less Hubzilla or even (streams), and he described himself as "thick", so we'd have to explain everything to him. Nobody even reacted.
Luckily, Mike is still Mike. He can't keep his fingers off improving the Fediverse. Every couple days, we see commits to the streams repository and/or Forte. It's just that things are moving forward very slowly now. The community is trying to figure out what and where the bugs can be by examining log files and whatnot, but nobody can track them down in the source, much less fix them and submit a PR, and that isn't talking about merging the PR.
Nate
in reply to matcha_addict • •There are very few drawbacks (assuming it's implemented in a way that doesn't break things). That's why it's part of two of the big three social protocols (Nostr & AT/BlueSky) and Activity Pub might get it soon.
I've written about and participated in discussions about implementing identities not controlled at the instance level and discussed bridges that connect activity pub to other protocols. The one major drawback people tend to bring up is moderation, but moderation is not effected like some people think it could be. Just like a PGP key doesn't force Gmail to host a user's email and a domain doesn't force Dreamhost to host a blog, even if identities are separated from instances an individual instance can still ban a user from participating in that instance or prevent other instances from interacting with your instance. The only difference is that if an instance goes down or bans a user the user can pick up and move to a different instance instead of
... show moreThere are very few drawbacks (assuming it's implemented in a way that doesn't break things). That's why it's part of two of the big three social protocols (Nostr & AT/BlueSky) and Activity Pub might get it soon.
I've written about and participated in discussions about implementing identities not controlled at the instance level and discussed bridges that connect activity pub to other protocols. The one major drawback people tend to bring up is moderation, but moderation is not effected like some people think it could be. Just like a PGP key doesn't force Gmail to host a user's email and a domain doesn't force Dreamhost to host a blog, even if identities are separated from instances an individual instance can still ban a user from participating in that instance or prevent other instances from interacting with your instance. The only difference is that if an instance goes down or bans a user the user can pick up and move to a different instance instead of having their account nuked. As somebody who lost a profile due to a SQL database breaking it would have been really nice to have been able to continue.
Also, in the thread here I heard a few people talking about it negating communities. We already can communicate with remote servers, I'm not fully sure where the argument that independent-from-instance-identities will break communities comes from. If something like nomadic identities are implemented, which again, they may be, your account will still be largely focused on one instance.
Say you're an arborist and join an arborist Mastodon community. You're still a part of the community, and your account is centralized there until you say otherwise. Yes, you can reply to a lemmy post or peertube post by authenticating on one of those instances, but you can already do that (there's just a lot of jank since Activity Pub's monolithic servers often have a hard time understanding each other). Yes, say you reply to a lemmy post about beekeeping that would show up in the local insatance timeline (assuming remotely authenticated posts are allowed to show up in the timeline), but again not only can you already do that, but it's not like you'd expect an aborist focused instance would have ONLY aborist focused discussions.
Lol, I hope I was coherent. I just misinterpreted a bottle of bottle of lime infused liquor as 30 proof instead of 30% ethanol so I consumed a little more than I expected. Anyway, regardless, personally consider identities separated from servers/instances a very big pro, with very little drawbacks (if implemented in a way that does not break existing implementations).
Fediverse reshared this.
SorteKanin
in reply to Nate • • •Nate
in reply to SorteKanin • •Fediverse reshared this.
Jupiter Rowland
in reply to SorteKanin • • •It isn't. (Source: I've been using nomadic stuff since long before any of you has even heard of the Fediverse.)
Nomadic identity always requires one main instance of an "identity container" with a valid Fediverse ID. That Fediverse ID carries in it the domain name of the server on which the main instance of the "identity container" resides. You need something behind the @. The clones have the same Fediverse ID.
So if you have a Hubzilla channel on hub.foo.social, hub.bar.social and hub.baz.social, one instance of that channel has to be the main instance, and the others are the clones. If the instance of the channel on hub.foo.social is defined as the main instance, it's hub.foo.social that defines the idea (e.g. bob@hub.foo.social). From a Hubzilla POV, the clones on hub.bar.social and hub.baz.social are bob@hub.foo.social all the same.
Instance-less would require a fully decentralised, peer-to-peer approach like Briar where (ideally) each user na
... show moreIt isn't. (Source: I've been using nomadic stuff since long before any of you has even heard of the Fediverse.)
Nomadic identity always requires one main instance of an "identity container" with a valid Fediverse ID. That Fediverse ID carries in it the domain name of the server on which the main instance of the "identity container" resides. You need something behind the @. The clones have the same Fediverse ID.
So if you have a Hubzilla channel on hub.foo.social, hub.bar.social and hub.baz.social, one instance of that channel has to be the main instance, and the others are the clones. If the instance of the channel on hub.foo.social is defined as the main instance, it's hub.foo.social that defines the idea (e.g. bob@hub.foo.social). From a Hubzilla POV, the clones on hub.bar.social and hub.baz.social are bob@hub.foo.social all the same.
Instance-less would require a fully decentralised, peer-to-peer approach like Briar where (ideally) each user name only exists exactly once. And with no domain name attached to it.
And peer-to-peer in social networking sounds like an awesome idea until you have to run a full-blown, fully-hardened Web server on your iPhone on a wonky 4G connection, simultaneously sending a message to and receiving hundreds of messages from hundreds of other devices out there because you've got, like, 647 connections on your friends list. And then you wonder why your phone is so hot, and the battery craps off within hours.
SorteKanin
in reply to Jupiter Rowland • • •Jupiter Rowland
in reply to SorteKanin • • •I hope this Join the Fediverse Wiki article can help you. I've written it myself.
It's mostly written to pick up Mastodon users who don't know much about the rest of the Fediverse, so it doesn't really explain how Hubzilla relates to Lemmy. I hope it helps anyway.
SorteKanin
in reply to Jupiter Rowland • • •Rooki
in reply to matcha_addict • • •intensely_human
in reply to matcha_addict • • •My potential argument against it starts with asking where the credentials are stored for authenticating this identity.
Currently the home instance stores the hashed password and performs authentication.
In a way, the identity “belongs to” the place that does authentication, which now happens to be the instance.
If identity is decoupled from an instance, that means authentication decouples from an instance.
If the identity “belongs to” the fediverse as a whole, then that means the fediverse as a whole has an authentication mechanism.
Unless we can come up with a distributed authentication mechanism, that means the fediverse as a whole has some authentication service, as in one, which means centralized.
This therefore breaks decentralization, unless the authentication is somehow handled in a distributed way. Maybe consensus or something on a hashed password? But if those hashed passwords are stored in a distributed manner, then you’d need a super long password to prevent rainbow table attacks on the passwords
... show moreMy potential argument against it starts with asking where the credentials are stored for authenticating this identity.
Currently the home instance stores the hashed password and performs authentication.
In a way, the identity “belongs to” the place that does authentication, which now happens to be the instance.
If identity is decoupled from an instance, that means authentication decouples from an instance.
If the identity “belongs to” the fediverse as a whole, then that means the fediverse as a whole has an authentication mechanism.
Unless we can come up with a distributed authentication mechanism, that means the fediverse as a whole has some authentication service, as in one, which means centralized.
This therefore breaks decentralization, unless the authentication is somehow handled in a distributed way. Maybe consensus or something on a hashed password? But if those hashed passwords are stored in a distributed manner, then you’d need a super long password to prevent rainbow table attacks on the passwords, given the hashed values would essentially be public information.
Maybe public keys are stored in a blockchain? I don’t know this is beyond me in the details.
But to summarize the problem at a data model level, an identity belongs to an instance, because the instance can authenticate them. If the identity now belongs to the whole fediverse, then the whole fediverse needs to be able to authenticate them, which if not handled correctly could lead to centralized authentication, centralized banning, censorship, reddit, etc.
Maestro
in reply to intensely_human • • •hark
in reply to Maestro • • •Maestro
in reply to hark • • •intensely_human
in reply to Maestro • • •Then the identity still has a home.
I’ve implemented Oauth and you still have an identity provider.
SorteKanin
in reply to matcha_addict • • •I don't understand the benefits.
They already don't need to worry about that. Presumably if you could log in with your Lemmy user on Mastodon, your user domain would still refer to your Lemmy instance, just as it does currently. That's besides the fact that I have no idea how this mechanism of logging into different sites would even work.
They can already do that with the current mechanism. It's only a problem with Lemmy not supporting various other forms of social media concepts that prevents you from writing, say, a toot (microblog).
It sounds like what you want is just a more generic ActivityPub instance that supports more forms of social constructs.
Aside from all that, there's what other people have mentioned. Grouping users on instances has all kinds of moderation benefits.
LarmyOfLone
in reply to matcha_addict • • •patrick
in reply to matcha_addict • • •Your last sentence is unclear, is that actually implemented?
I am trying the approach of just making multiple affiliated services, and forcing people to have consistent account names across each. See bestiver.se
Jupiter Rowland
in reply to matcha_addict • • •Separating identity from instance was invented in 2011, first implemented in 2012, and it has been stable since 2013. Zot protocol, Red, Red Matrix, nowadays known as Hubzilla. It is called nomadic identity.
Separating identity from platform is a current WIP: Nomadic identity is to be introduced to ActivityPub and then made project-agnostic. The idea is to be able to clone your Lemmy account to Mastodon and Pixelfed and Mobilizon and Hubzilla and Funkwhale all the same. You won't be able to use all features of everywhere everywhere (go ahead, try to edit a Hubzilla wiki or article or webpage on Lemmy, haha), but it'll be the same identity. Still, it would require one account on each server on which you have an instance of your identity.
But what you're talking about is full, unlimited user write access to over tens of thousands of instances of over 100 projec
... show moreSeparating identity from instance was invented in 2011, first implemented in 2012, and it has been stable since 2013. Zot protocol, Red, Red Matrix, nowadays known as Hubzilla. It is called nomadic identity.
Separating identity from platform is a current WIP: Nomadic identity is to be introduced to ActivityPub and then made project-agnostic. The idea is to be able to clone your Lemmy account to Mastodon and Pixelfed and Mobilizon and Hubzilla and Funkwhale all the same. You won't be able to use all features of everywhere everywhere (go ahead, try to edit a Hubzilla wiki or article or webpage on Lemmy, haha), but it'll be the same identity. Still, it would require one account on each server on which you have an instance of your identity.
But what you're talking about is full, unlimited user write access to over tens of thousands of instances of over 100 projects. Like, visiting any one of these tens of thousands of servers and being able to do absolutely everything a locally registered user can do, no exceptions, right away.
Like it or not, but this will require a local account. Even OpenWebAuth doesn't grant you full local user write access, nor does it allow for drive-by, on-the-spot creation of full-blown local user accounts on any instance, regardless of registration of local user accounts is allowed or not. Like, you can't just visit hub.netzgemeinde.eu and, within a split-second, have a local user account with the same login credentials as on lemy.lol and a nomadic clone of matcha_addict@lemy.lol so it's the exact self-same Fediverse identity on Lemmy and Hubzilla.
So it's either this. Immediate drive-by nomadic cloning of your logged-in Fediverse to any instance that you visit for the first time.
Or every Fediverse user must have a user account on every instance of every project out there, and their Fediverse identity must be nomadic everywhere and cloned to everywhere all the same.
Like, you register an account on lemy.lol. Simultaneously, the same account with the self-same credentials will be created on all other Fediverse instances out there. Immediately afterwards, whatever will contain your identity on Lemmy will automatically be cloned to all these other instances of everything. That way, you can immediately use all instances of all projects of the Fediverse just the same.
Or the Fediverse has only one central login server which controls the credentials for all instances of everything out there. You don't register with lemy.lol, you register with this central behemoth. And all tens of thousands of Fediverse instances connect to this central server for login credentials. And, again, your identity with all your data will have to be cloned and mirrored all across the Fediverse.
By the way, I've cloned Hubzilla and (streams) channels before. One channel from one server to one other server. This can take multiple minutes even with not so much content. Guess how long it'll take to clone one identity container from one Lemmy instance to 20,000++ other instances out there.
SorteKanin
Unknown parent • • •Yea in theory you wouldn't need the password if you have the private key but here the key is only used for signing, maybe not for login. If it also needs to be backwards compatible. In any case, I don't think user-held private keys is viable.
Sharing with trusted parties... I dunno, I think again it's too technical and complicated to do it. And you'd need people on the platform you trust to already be there.
SorteKanin
Unknown parent • • •Normal non-technical people are never going to do this. It needs to be easy as clicking a button, otherwise it will never happen for them. Again, this is a neat technical solution but it completely forgets the human.