Nate reshared this.
Made a revised version of my older social media protocol comparison post:
nate.mecca1.net/posts/2026-03-…
And, of course, a meme to go along with it.
#activitypub #nostr #bluesky #blogpost #blog
Nate reshared this.
Two photos of the lunar eclipse this morning. Both are unedited, one from my personal phone (Pixel 8a) one from my work phone (iPhone 17). Taken through a family member's telescope, but used digital zoom on the pixel.
Nate reshared this.
Incase the images aren't visible you can see them below:
nostr.ae/nevent1qqsfnzh5aqx4u2…
Friendica is showing the images, but locally here on Holos they seem to be missing. Not sure if it's not showing up because the client is in beta or because the relay is in beta. If you can see them, then don't worry about the link, they're the exact same photos as I put in the parent post.
We're happy to announce a long-term partnership with Motorola. We're collaborating on future devices meeting our privacy and security standards with official GrapheneOS support.
motorolanews.com/motorola-thre…
Motorola announces three new B2B solutions at MWC 2026, including GrapheneOS partnership, Moto Analytics and more.marreroc (Global Blog)
Jacob Urlich 🌍 likes this.
reshared this
hypebot, Nate, Jay, petitevieille, Joel, Kierunkowy74, ᴮᵉⁿ ᴿᵒʸᶜᵉVOTE IN THE PRIMARIES, Tris, svaclav, Eugen Rochko, Rokosun, Rokosun, this avali will trap ur plasma, Michał "rysiek" Woźniak · 🇺🇦, trending_bot, Yogthos, Karl Voit, Chao-c', Shannon Prickett, Ciara, Jacob Urlich 🌍, Disisdeguey🔻PalestineAction🇵🇸, LINux on MOBile, huiiii!!!, C++ Wage Slave, Seirdy, Hannah Steenbock, krag, wakest likes your bugs ⁂, Erik Uden 🚩, Børge and j@mastodon reshared this.
because a) you completely ignore anything else i say, including the two times i said that third world countries don't get pixel phones, specially not cheap ones, and b) because you said it yourself:
> > firstly, don’t see this as an attack on GrapheneOS
> Okay, but that's how we see it.
Literally. The double standard is ridiculous.
It's been years of GrapheneOS publicity/social media activity making the maintainers look self-centered and ignorant. I have to tell anyone I recommend GrapheneOS to not look at your social media activity. If you can't take criticism, how are you going to ensure security through peer reviews? How will users be able to trust your ability to work together to make secure software when this is how you treat people who disagree with you?
Stubborn, self-centered people are a risk factor in InfoSec because these attributes indicate closed-mindedness. You have to work on this if you want people to (continue to) trust you with this project.
— A concerned long-time GrapheneOS user
Sensitive content
@izzy
It was your point that Motorola is the partner because they want to make money. If the people are only able to buy their phones after some others already did and now resell them, I don't See how they profit. People buying the high Ende devices for Graphene may exist AS well but in WhatsApo rate
> systemd -> dinit or s6
Lots of these are giving up even more security features.
> hardened_malloc, malloc-ng, or mimalloc-secure
These aren't the same classes of allocators at all. Neither the musl malloc or mimalloc is a hardened allocator. mimalloc is performance focused and musl's is focused on low memory usage.
> What are your thoughts on what to do in case the day comes that Google kills AOSP?
What about when IBM decides to kill systemd, GCC and GNOME?
@lumi @alexia The current default software stack for desktop Linux is kind of terrible and the lack of coherent threat model or proper ecosystem of sandboxed applications are major issues with desktop right now. What I am still questioning is whether it is even possible to make a proper competitor to ChromeOS (if we ignore the hardware insecurity of basically all PCs).
So example software choices:
systemd -> dinit or s6
sudo -> s6-sudo (setuidless)
glibc -> muslc
glibc malloc or jemalloc -> hardened_malloc, malloc-ng, or mimalloc-secure (which supports more CPU architectures)
bubblewrap (sandbox used by Flatpak) -> #syd (it's written in Rust, has many important exploit protections, and can even be the user login: gitlab.exherbo.org/sydbox/sydb…)
GNOME or KDE -> XFCE (when their new Rust Wayland native WM is finished)
gnutils -> *BSD or uutils
The issue of course with most of these alternatives is that they are separate projects and therefore dont have the same goals, methods, or threat models. Also most of these projects are written in C which does not help at all. Also there is of course the lack of a proper chain of trust from the hardware to loading the kernel and userspace.
It may just not be reasonably possible to provide a alternative without millions of dollars of funding and a decade of development. It would be nice for there to be an alternative to AOSP/ChromeOS or even MacOS for desktop computing which actually takes security seriously. It doesnt even need to have be completely on par when it comes to security, just do better than current Linux distros (not a very high bar).
What are your thoughts on what to do in case the day comes that Google kills AOSP?
@GOKUSHRM Our partnership is Motorola is not exclusive and we're fully allowed to partner with other OEMs. However, we don't currently have the resources to partner with additional OEMs and it will likely be a while before we do.
Partnerning to make smartphones with a company which recently discontinued their smartphones doesn't sound workable. The point is also mainly getting an OEM to raise their security to meet our requirements rather than getting an OEM to sell devices with GrapheneOS.
doing PGO on a development build (considering the guide is meant for developers) is insane IMO
that's something one would do on their final fully optimized build, not for development, and specially not if the need to debug anything in native code is there...
from what i recall in my encounters with googlers: it's pgo.
from my own experience on gentoo lto adds around 30% memory pressure and pgo adds around 50%, compile time is mostly unaffected with lto but pgo quadruples it.
parallel builds and LTO stuff, i assume
meaning you could run with less memory, by reducing the amount of parallel builds, except that would make the already long 6 hour build time increase close to exponentially
so 64 gb for 72 build processes doesn't seem super unnatural but 64 for 6 is weird.
it's probably fine with 8 to 16 on 6 core.
note that, as i mentioned on the thread before, back in 2019 i tried to build it on a 7th gen i7 (so 4/8 c/t) with 16 gigs of ram and a sata ssd, after 3 days of non-stop building, i gave up
and that was when the minimum recommendations were still 32gb of ram
What about when IBM decides to kill systemd, GCC and GNOME?systemd
Between GNU Shepherd, supervise-daemon and runit? 
GCC
You'll have to explain why/how IBM owns GCC. Fairly sure it's an actual FSF project. 
GNOME?
RIP lol 
Other than the accessibility stuff most of it I don't care much about, and with the ensloppification going on & Red Hat apparently insisting on it, it might well die anyway.
What are your thoughts on what to do in case the day comes that Google kills AOSP?
This however has real chances of happening and already has a largely closed development process with no community.
Which means it doesn't even need a poison pill contributor agreement, all the necessary rights are probably already in Google's possession for malicious license changes.
Not to mention that the main useful part of Android, the drivers & their documentation, aren't even included anyway. Everything else could be replaced by something better with some work.
@King_of_Ooo @alexia @lumi So, how many of those community projects aren't simply downstream like the Mozilla Firefox ones?
How many are actually credibly in a position to take development over entirely with a dead upstream?
@lispi314 @King_of_Ooo @alexia @lumi
> You know, if you're just going to avoid the question you could simply not answer that post, like you did with my mobile modem isolation question.
Don't know what you're talking about. You're one of hundreds of people.
> The overwhelming majority of the BSD tooling
It has little to do with the desktop software stack. That increasingly only has an incomplete port over to BSD with a growing amount of hacks. It would just roll it back even further.
@King_of_Ooo @alexia @lumi You know, if you're just going to avoid the question you could simply not answer that post, like you did with my mobile modem isolation question.
The overwhelming majority of the BSD tooling that isn't systemd could be ported with a modest effort if systemd died. Note that I linked daemon supervisors earlier, because session managers and init systems are a lot easier to come by.
edit: Ah, my bad, I confused the subthread. You did ignore it and replied to the prior post.
@bobkmertz @greenpete @joe9nf That was most likely the modem and in some early mobiles there was zero isolation preventing the modem from simply reading all the memory bus.
(The modem should be understood as a blackbox device at the mercy of hostile infrastructure providers & "authorities", it is attack surface.)
I would hope that such isolation is part of the GrapheneOS safety requirements.
Answers to frequently asked questions about GrapheneOS.GrapheneOS
If they #Motorola could add #LoRa or something similar that could be a game changer.
They would offer something that other companies don't, while there is demand from users.
It also brings privacy advantages as it makes it easier to communicate undetected from cell towers. People are starting to roll out networks covering wide areas.
In addition to that, it adds an element of resilience where people could continue to communicate even when cell towers are shut down. This is especially important during national disasters and governments overreach shutting down internet access.
TL;DR: Yes.
Well, as degoogled as using an OS maintained by Google gets
@luana Yes, that's part of our hardware requirements:
grapheneos.org/faq#future-devi…
Whether they'll be sold at retail with GrapheneOS preinstalled as an option isn't a question we can answer yet. It mostly comes down to Google's requirements and the extent to which those can be worked around or pushed to be relaxed.
Answers to frequently asked questions about GrapheneOS.GrapheneOS
@ferricoxide @luana No, it's a much different feature than the incomplete implementation for desktops. The entirely of the firmware and operating system are cryptographically verified with downgrade protection. The secure element is used to store the version metadata for downgrade protection for the OS and efuses are used for the firmware portion of it. It's fully integrated with the A/B update system with automatic rollback until reaching the home screen successfully.
grapheneos.org/install/web#ver…
Web-based installer for GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.GrapheneOS
@GrapheneOS Go for it. You will succeed when there are, let's say, three phones from affordable to high range.
The future: When you are supporting a lot of Motos, integrate another brand (Asus?) and finally get rid of the Pixels. 
This is a premature joke for the 1. April, right? 😳🤔😂🤣
Choosing a company like Motorola with it's owner Lenovo behind it for the reasons of privacy and security isn't beyond a good idea but pure hypocrisy and a punch in the guts for all of the supporters of GrapheneOS in my opinion. 🖕
Greed ate brain, happened again it seems. 🤮
#GrapheneOS #Motorola #Lenovo #Privacy #Security #Hypocrisy #Joke
The point isn’t whether GrapheneOS receives money from Motorola.
The point is the consistency of the security and trust model you advocate! 🙄
GrapheneOS often emphasizes minimizing trust in large corporations, opaque supply chains, and potential state influence.
Yet Motorola is owned by Lenovo, a Chinese company operating under a legal environment where state access to companies can be mandated.
If the argument is that users should minimize trust and maximize verifiable security, partnering with an OEM embedded in that jurisdiction raises legitimate questions.
This isn’t about “greed” but about coherence of principles.
If Chinese OEM ownership is usually framed as a risk in privacy discussions, it seems inconsistent to dismiss those concerns when it becomes convenient for hardware support.
Criticism here isn’t hostility—it’s asking whether the same standards are being applied consistently. 😉
@kranzkrone It's quite apparent you're using an LLM to generate concern troll replies. It's incoherent and lacks actual substance. We're not going to be interacting with a text generator someone has directed to waste our time and energy.
If you don't want us banning your instance and making a public post asking everyone else to do the same then remove both of these AI generated replies and stop bothering us.
Here's our policy on AI generated content for discussions:
It's indeed quite apparent that you acting out in the same way like you did in the past when the founder of GrapheneOS had a personal dispute with another somewhat prominent personality of the tech world.
If you don't want me to further investigate your toxic behavior of communication and try to framing me as the bad one, you should definitely thread lightly.
Threatening me with whatever action won't result in deleting my previous posts but instead will strengthen my personal investment in further interactions and maybe legal actions.
Louis Rossmann may would find this interesting to read too.
I'm fine to end it here by agreeing to disagree.
@kranzkrone You've moved on from posting low quality concern trolling which appears to be at least partially generated by an LLM to blatant libel and support for harassment. We haven't framed you for anything. Your replies to our thread make it clear what you're doing.
Louis Rossmann orchestrated harassment towards our founder by making many extraordinarily dishonest claims in a video where he engaged in blatant bullying. Rossmann is openly a Kiwi Farms user and is the one who involved them.
@JamesDBartlett3 @lispi314 @a53bdb @lunareclipse I agree.
I consider the USA as the premium example for the latter. 😉
any chance that we'll have Google wallet support?
since the bootloader will trust the grapheneos keys I can't imagine why would safetynet and the other play protect mechanisms won't pass attestation (for all intents and purposes graphene would be indistinguishable from the stock Motorola image)
if that's the case I'll buy the device the moment it comes out...
@a53bdb To be fair, all phones are made there so that risk always exists anyway.
As long as GrapheneOS doesn't slack on their requirements including (but not limited to) being able to access low level stuff it shouldn't be much worse if you flash the phone yourself. And those kind of requirements are why Pixels where the only ones supported to begin with...
I heard rumours that GrapheneOS will ship in phones and it will not be possible to flash another OS.
Is this true?
@joonq @a53bdb
Sorry, but despite US offices and staff, the company is 100% Chinese.
Here is why:
-> Acquisition: Bought Motorola from Google in 2014 for $2.91B.
-> Headquarters: Global HQ is in Beijing.
-> Shareholders: Parent company Legend Holdings is Chinese.
-> Leadership: CEO Yang Yuanqing is Chinese.
-> Origins: Born from a state-owned research institute.
What might be cause for concern is if the ‘blond’ driving the world crazy were to target Motorola or Lenovo, causing them to pull out of the US market, or if, like Huawei, they were to have Android stripped away from them. At that point, they might decide on one of two things: either ‘steal’ the GrapheneOS technology, or strengthen their partnership with Graphene and make Graphene the primary software for Motorola/Lenovo. It could be an interesting development, but I imagine it would be stressful for the creators of Graphene
@anon_4601 @joonq @a53bdb Lenovo is a publicly traded company with 31% of the shares are owned by Legend Holdings.
Legend Holdings is a publicly traded company with 29% of the shares owned by the Chinese Academy of Sciences.
That works out to the Chinese Academy of Sciences owning around 9% of Lenovo. They're far from owning the majority of it.
We're continuing to support Pixels which are the only Android devices from a major OEM based in the US. Smaller brands are white labelled ODM phones.
New post on my 'mini blog', testing out leaflet (built on AT proto).
1nate.leaflet.pub/3mfp35jgopc2…
Long story short, just toying around with a phone dock (what I'm typing this post on now).
Nate reshared this.
Trusting Trust in the Fediverse
A very long blog post about the various "safety and privacy" features that got added over the years to ActivityPub and how useless they can be in the eyes of users unaware of the inner workings.
There's nothing really new I talk about, but it is a long explanation of my reasoning behind why I don't take "features" such as signed fetches and interaction consent seriously. What can be considered "new" to most, is the last section of bypassing signed fetch enforcement without impersonation, which I talked about probably twice over the years.
evilmaid.net/blog/trusting-tru…
(If there are styling issue, tell me. I've written the CSS from scratch, and I suck at it.)
>Hidden Fetcher
Activity Connect creates clones of actors to help users on disconnected instances communicate.
Great post, thanks. I'm in the process of drafting a FEP for GTS interaction policies (collaborating with the team, since they said they weren't going to submit one), so the criticism is useful.
I can't say it's shifted my thinking on the feature much, but then I am in the technical weeds. I think of interaction policies as a way to declare & federate filters, so benevolent and willing servers can play along with them.
This is my current draft for the FEP summary, does it sound sensible?
@shinyoukai I caught two with aspell now:
documention -> documentation
administator -> administrator
I'll fix those. There's also probably lots of issues with grammar since I'm ESL and also slightly dyslexic.
small corrections re: addressing and post scopes
> For example differentiating between Public and Unlisted is simply done based on where the as:Public special URI is. If it is in cc, the post can be considered Public, and if it is in to, it can be considered Unlisted
this is backwards -- to:Public = "public", cc:Public = "unlisted"
> If cc is empty and to has the Actor's followers Collection and the Actors mentioned in the post, the post can be considered Locked.
generally it doesn't matter if to/cc is used for the followers collection. what actually matters is that to/cc does not contain Public
> And lastly if cc is empty and to only lists Actors mentioned in the post without the followers Collection, the post can be considered a DM.
again to/cc doesn't matter here, a "direct" post is simply one where every audience member can be mapped to an account instead of a collection or unknown
Got a company phone today. Unfortunately, it's an Apple phone.
nate.mecca1.net/posts/2026-02-…
A new blog post about daily driving an (almost comically) outdated laptop.
Originally, I was drafting this in September, planning on dedicating it to Windows 10 Home becoming EOL. I also figured I’d share a meme that contained …nate.mecca1.net
reshared this
#blogpost, dev and Daniel Böhmer reshared this.
Document and discuss howto install Linux on Acer cb3 111 ChromebookCodeberg.org
We made so many improvements with #HolosSocial, an ActivityPub server running on your phone. Big thanks to our beta testers who help us identify issues and suggest enhancements.
For tech folks: imagine pointing your domain with a CNAME to a relay and having your own ActivityPub identity with keys and data on your phone. The relay becomes just infrastructure, and you're free to move to another relay whenever you want.
That's the crazy bet we're working on!
More are at @HolosSocial
Nate likes this.
reshared this
Nate, Tim Chambers and Grymt reshared this.
Sounds like an interesting concept.
I guess it needs the phone to be reachable from the outside via at least one IPv6 and better also at least one old IPv4 address and have it's battery-expensive radio never sleeping.
Nate likes this.
Holos announced they're working on adding custom domain support to their server. It's a really cool development, and I figured I'd share it here real quick.
If you're unfamiliar with Holos, it's an Activity Pub server that aims to be more relay like (somewhere between AT/Nostr and a standard Activity Pub account). The server acts as a relay, keeping a public copy of your posts and profile data online, but it delegates most operations to your client.
When I wrote about it a month ago it sounded like it was a possible consideration, but having it confirmed as something that's actually going to be the case is really cool to see. At the cost of being a bit more technical, the idea of owning your identity on Activity Pub is really cool (you 'own' your own domain, plus are able to migrate even if the server is down since your client can make outgoing connections).
Anyway, figured it was worth a share, I'm looking forward to seeing Holos continue to be developed.
I'm experimenting with what I've deemed a 'mini blog' – smaller posts and different mediums separate from normal posts, while experimenting with different platforms/protocols, all linked together via a page and RSS link. If you want to see more you can follow here.
A mobile-first federated social network powered by ActivityPub. Join the fediverse with privacy, security, and freedom.Fediverse Relay
Custom domain support for #Holos is in development and coming along nicely! Use @user@your-domain.com instead of @user@holos.social, just point your DNS to a relay (changeable anytime). Actor URIs and post URIs stay stable forever, so switching relays requires no migration. Your RSA keys + domain = portable identity. Optional feature for users wanting relay independence.
Nate reshared this.
Merry Holidays, Happy Christmas, and pour one out for 'ol Saint Nick who threw hands with an Arianism heretic.
Wishing you all a great Christmas my fellow internet strangers.
Nate likes this.
reshared this
Tim Chambers and Nate reshared this.
"Kirill Ilin's construction company Amcrete constructed the concrete walls of their ground-breaking new four-bedroom prototype 'layer by layer by layer' right on its Waiuku site.
He says houses made with concrete poured by a computer-controlled 3D printer are energy-efficient, quick to construct, and, because of their durability and recyclability, also sustainable."
rnz.co.nz/life/lifestyle/home/…
Minor edit: Fixed quote formatting.
#housing #construction #3DPrinting #Amcrete
Homeowners get a much better deal with a 3D-printed concrete house than a standard weatherboard build, says Auckland master builder Kirill Ilin.RNZ
"Every Activity Pub server duplicates content. Without it there'd be no seeing posts from anybody on servers other than their home server. It's literally the thing that makes the protocol work. If being on a protocol that specifically is designed to duplicate content isn't permission enough to duplicate content then the Fediverse goes poof. Zilch. Zero. Nada."
@nate, 2024
primal.net/e/nevent1qqsp85429n…
Well put. Found via a link here;
So a thing happened and I'm kinda flabbergasted. There appears to be a campaign to shut down the Mostr (Nostr <> ActivityPub bridge). Dunno how big it is, but apparently at least one DMCA complaint has been filed.primal.net
Nate likes this.
reshared this
🫧 socialcoding.. and Nate reshared this.
without knowing the specific dmca i remember people getting takedowns for files they didn't even host before. someone just sees it and files the papers and doesn't bother to check who it is.
ipfs gateways have a similar thing where they have to just block random CIDRs because 
primal.net/e/nevent1qqsrj54de9…
This was the DMCA prompted my mini crash out. There was something of a campaign to get bridges taken down, and the DMCA referenced standard federation. It was seperate from the 'yeet a bunch of automated DMCA alerts to random gateways' (lol, which could also probably get me going on a rant, but just a different rant about different things).
i have a feeling that wouldn't hold up in court but i'm not a lawyer and judges are professional moronslike this
Nicholas Conrad and Nate like this.
Yes and no. From a legal or technical standpoint, all this is true. It is legally allowed, technically necessary. But this doesn't mean it's ethical and that it doesn't violate consent.
I can walk up to two people speaking in "public" to eavesdrop on their conversation. But just because I can, doesn't mean it's right. I can scrape endless pfp images from WhatsApp through their contacts API. But doesn't mean it's right.
So no, just because it's possible it doesn't mean "permission enough". It' just means that it's necessary and people have accepted the risk. Explicit permission is something different entirely. This is about consent, a human property, not about technological or legal constructs.
Bridges are a bit different than scraping content or listening into a conversation. A bridge that bridges Activity Pub to AT/Nostr acts like any other ActivityPub instance, requesting a copy of the bridged user's profile in the same way another ActivityPub native server would. Same with Friendica (that I'm using right now to reply), it requested a copy of your post over Activity Pub, despite being native to DFRN (although, unlike Bridgy Fed/Mostr, Freindica bridges internally via plugin instead of using a dedicated standalone bridge). I'd argue that using a protocol designed for federation, on a server that defaults to federating with any instance not proactively blocked, is rather explicit permission to federate.
However, since it's just federating normally, it's easy to stop. If you block the bridges (at the user level or instance wide) they won't federate, just like any other Activity Pub instance. While I think bridges are important for the ecosystem, the beauty of something that's not centralized is that you can choose exactly what you do and don't want to interact with.
lj·rk likes this.
(1/3)
@ljrk
> I can walk up to two people speaking in "public" to eavesdrop on their conversation
That's not a valid metaphor for Public posts on a federated network. It's more like 2 people speaking on a stage using microphones, connected to a global livestream.
If you don't want strangers to listen to your conversation, that's easy! Just get off the stage. If you want to have a private conversation in a public space that people won't eavesdrop on, that's what Direct posts are for.
@nate
(2/?)
@ljrk
> it can only be consensual if whatever happens is somewhat "expected"
That's like saying that striking up a conversation with someone at a speed dating event isn't consensual, if that person didn't expect to be spoken to at the event. If people choose to go into a situation, not expecting things that can be reasonably expected, that's on them. Not on everyone else for not being mindreaders.
(3/3)
I think there is UX work that can be done to make it clearer what level of visibility a post has, and to give people more granular control;
codeberg.org/fediverse/fediver…
But none of that will help if people refuse to learn about the options available and how to use them. Or insist that everyone else magically know what they intended, even if their app usage choices suggest the opposite.
We need to define pan-fediverse posting scopes, that map the various social expectations onto the technical realities.Codeberg.org
Coda: If I stand in the street wearing a "free hugs" sign, it's reasonable for people to expect a free hug. Say someone hugs me, and I claim it was non-consensual because I only expected my friends to take up the offer made on the "free hugs" sign. Is that reasonable on my part?
When you post something as "Public" (instead of "Followers only", or "Private mention", to use the current Mastodon app terms), that's like the "free hugs" sign. People can reasonably expect to take that literally.
> unlike Bridgy Fed/Mostr, Freindica bridges internally via plugin instead of using a dedicated standalone bridge
At the risk of splitting hairs, I think you're stretching the definition of "bridge" beyond breaking point there.
A bridge connects any instance to any instance (of whatever it is they bridge). An AP plugin adds native federation to a single instance, allowing it to connect directly with any remote service federating over AP. Two quite different things.
@ljrk
Nate likes this.
Unless I'm misunderstanding something (fairly likely), theoretically, bridges could do the exact same, right?
Bob (Mastodon.Social) wants to see content from Alice (Tchncs.de). Mastodon.social dereferences a copy of Alice's profile/post & the replies/likes to said posts, creates a local copy that it serves to Bob, then deletes the local copy until another request is made.
Bob (Mostr Bridge) wants to see content from Alice (Tchncs.de). The Mostr bridge dereferences a copy of Alice's profile/post & the replies/likes to said posts, creates a local copy that it serves to Bob, then deletes the local copy until another request is made.
Even if an Activity Pub instance doesn't cache remote content long term (be it a standard instance or a bridge using the protocol), it's still gotta duplicate content to serve it to other users.
> Every Activity Pub server duplicates content
@eyeinthesky
> they could also just dereference the remote URIs when remote content is accessed
They could. But arguably they're still duplicating content. They're just doing it every time someone wants to get the same post or profile through the bridge. So from a user POV nothing is different, it just increases resource consumption for the bridge *and* the origin server.
nate.mecca1.net/posts/2025-12-…
New blog post, a bit of an addendum to my older microblogging protocols comparison post(s) until I do an updated version at some point. It mostly just goes over a handful of big events and shifts I've personally noticed since my last post in the summer of 2024.
#activitypub #fediverse #nostr #at #bluesky
As is customary on my microblogging posts, let’s get us started with an original meme. Also, if you’d like to read my previous Microblogging …nate.mecca1.net
reshared this
General Discussion, 🫧 socialcoding.. and Robin Forlonge Patterson reshared this.
Nate likes this.
General Discussion reshared this.
silverpill
in reply to Nate • • •@nate
It didn't stall. Streams and its successor Forte support ActivityPub-native nomadic identities.
There are other implementers too: codeberg.org/ap-next/ap-next/s…
cc @nate
ap-next/nomadpub.md at main
Codeberg.orgNate
in reply to silverpill • • •silverpill
in reply to Nate • • •Some aspects of it are still being developed, but overall I think it is a proven technology. Forte is a project from the same person who invented nomadic identity and built Streams, Hubzilla, Friendica etc.
Nomadic identity may never become a part of the official spec because ActivityPub was published in 2018 and haven't received any updates since then. However, ActivityPub now evolves through FEPs (Fediverse Enhancement Proposals), and nomadic identity specs are published as FEPs (for example, FEP-ef61).
forte
Codeberg.org$locklime likes this.
Nate
in reply to silverpill • • •