• 11 Posts
  • 99 Comments
Joined 1 year ago
cake
Cake day: June 9th, 2023

help-circle

  • Sorry, no condescension intended.

    Your post read like one written by someone with very minimal knowledge about the subject, which might have been a misunderstanding on my part. So I tried to cover the basics before talking about the rest.

    There is really no shame in asking questions about something where you don’t have experience. There are far more topics I have no idea about than there are topics where I do have a deep understanding.

    So to get on the same page, I’ll summarize what I understood, please correct me if you mean something different.

    • You don’t like ActivityPub, you want a new protocol
    • The system should make it easy to create new, small instances
    • The instances should share sessions with the other instances (=single sign on) based on trusting them
    • You prefer a centralized system?
    • You want the system to not use a single protocol (ActivityPub), but use multiple protocols?
    • ActivityPub based services have bad UX due to the complexity of the protocol

    Is this correct?

    We have a few contradictions here.

    You cannot have a system where anyone can easily create servers and at the same time have shared sessions based on trust. These two requirements conflict with each other.

    Either servers only work with servers they trust, and then you can’t just create a new small server and interact with the network.

    Or anyone can easily create a new small server, but then you can’t do anything based on trust, since you never know if that server was created with malicious intent.

    Regarding centralized/decentralized you have to differentiate between implementation and management.

    All major social networks run distributed systems. If you want to serve billions of users, you need to run millions of servers. These servers are distributed around the globe to give fast access to users everywhere. Chances are pretty high that your ISP has a few racks of Facebook, Netflix, YouTube and Tiktok servers.

    Their distributed system is orders of magnitude more complex than everything running ActivityPub combined.

    But their system works, because they have tens of thousands of highly paid specialists to make them work.

    ActivityPub based services on the other hand have almost no funding and manpower.

    Mastodon is the best in this respect. They have 6 people who are actually working on the system.

    Lemmy has two developers who earn close to minimum wages.

    Kbin has a single guy developing it.

    That’s the real reason why the UX is crap.

    If anything, ActivityPub and the services running on them are extremely underengineered and underdeveloped.

    Btw, there is something rather close to what you seem to want: online forums with Google single sign on.

    The forums are not interacting at all with other forums. No federation or anything at all. There are enough commercial solutions that work really well. And with Google Single Sign On you also don’t have to register for each forum.


  • E-mail. E-mail does support small servers.

    Btw, I think you are mixing up a few topics here, so let’s see what you actually want.

    • Protocols are what computers use to communicate with each other. No protocols means no interaction between different computers/servers. Without protocols, none of the things you ask for can be possible.
    • Federated services don’t have single sign on. On the contrary, single sign on is a centralized service not a distributed one. To clarify that: I cannot log into lemmy.world with my feddit.de accout, same as I cannot log into hotmail with my gmail account. In both cases I log into my instance/provider and this allows me to communicate with people on other instances/providers. Federation is the process of sharing content between instances. SSO on the other hand is a centralized service that then communicates with other services to let you log into these other services. For example, I can log into my Google account and then use this to login to other sites. This only works because people trust Google. This would not work as a decentralized service with untrusted servers.
    • Duplication is used on federated services for a few reasons. First, it’s a kind of caching mechanism distributing the load. If someone posts something on one instance, it’s transferred only once to the other instances which then serve it to all their users. Without duplication, each individual view would have to be requested again from the original instance. The other advantage is that the admins of all the instances retain control over the content. If the other instance goes offline, users can still see “their” copy of the content. And if the other instance doesn’t moderate their content, the mods/admins of your instance can do that themselves.

    So as you see, these concepts aren’t there just for fun, but for a purpose.







  • It’s actually not wrong if you look at it in another way.

    • Big tech will abuse your data, but it will do within legal constraints, and there is actuall (though weak) accountability of these companies due to the legal system.
    • On federated services like Lemmy, instances are hosted by anonymous individuals. Most social media laws don’t apply to them, and their legal accountability is basically zero.
    • Lemmy, for example, does not comply with GDPR. There is no legal notice, no privacy contact person, no banner asking whether you are ok with the fact that your data is sent to unknown servers in random nations, no nothing. Private messages aren’t even encrypted, so any admin can read them without issues.
    • There is no way to actually delete your data, as the GDPR requires. Deleted posts are only marked as deleted and you can see their plain text content by just pressing the “reply” button in any of the apps. There isn’t any kind of guarantee, that your post will be deleted on other instances. If federation has problems, the post will remain on other instances and is now permanently undeletable by the user.
    • There are no moderation standards. Some instances will delete nazi content, some basically require nazi content. And some instance admin might even edit your posts to say something completely different. It’s all possible and in the hands of random people on the internet.
    • Hobbyist-run services are much worse when it comes to availability and reliability. If something happens while the admin is on holiday, nothing will get fixed. If the admin runs out of money, doesn’t care anymore or even dies, the instance with all it’s content and users is just gone.

    So there are very real risks attached to a hobbyist-run service with no legal accountability and no transparency at all.

    We all know the downsides of Big Tech though, so it’s everyone’s personal choice to figure out which disadvantages hurt them personally more.







  • Have you heard of Android running on x86?

    I had an x86 Android tablet and that was exactly as locked-down as an ARM Android device.

    But anyhow: I can lock down a x86 laptop or PC the way I was describing within a very short time.

    So again:

    • Put a password on the BIOS
    • Set Secure Boot on
    • Wipe all Secure Boot keys and put your own in there
    • Encrypt the disk so that you can’t just plop the drive into another PC and modify its content
    • Set the root user to “Can only login with private key” and don’t give the key to the customers
    • Remove all users from sudoers
    • Use chown root:root and chmod 700 on anything you don’t want the user to touch

    And if a company was doing this to their products (e.g. the Steam Deck), they’d replace the first 3 steps with a custom BIOS which just doesn’t let you change anything in regards to Secure Boot and Secure Boot keys. That way, removing the BIOS battery won’t help.

    There are countless embedded devices using an x86 PC at their core, where they did exactly that. (E.g. ATMs or medical devices)

    Also Chromebooks are exactly that.

    And the Playstation 5 does the same thing, only it’s based on FreeBSD.


  • The thing is, what use case can benefit from a blockchain?

    Scamming, gambling, crime and speculation benefited from the lack of regulation, but barely cared about the underlying concept of a bitcoin.

    But for anything real, much better solutions have existed for decades or centuries.

    Blockchain is a solution without a problem and has been that for 25 years now.

    If you have a solution that hasn’t found a problem in 25 years, chances are that there will never be an actual problem that solution would solve.

    So the killer apps of blockchain remain scamming, gambling, speculation and crime. Until there are more stringent regulations, then they’ll go back to Western Union and Paysafe cards.




  • Your actions do nothing. You complain on the internet about some guy that said something you don’t like. Nobody from FSF is gonna read it. And neither will Stallman or anyone that matters.

    I don’t see you boycotting software related to FSF. And even if you do, it doesn’t even matter, since the overwhelming majority of FOSS users never donate any money at all.

    You are no customer of the FSF, you just enjoy their stuff for free.

    So your actions amount to angry screaming into a box.


  • Apparently, Stallman is a net positive for them, so they keep him.

    Doesn’t mean that they in any way endorse pedophilia.

    And the freedom of association also doesn’t mean that a bunch of enraged people online have the freedom to decide whom they associate with.

    And apparently, in the USA there is a whole party devoted to child marriage and other ways to have sex with minors. That might be the better point to start, because they actually have a say regarding laws on that matter.