The overhead of duplicated data across the network. Not reposts on different instances, but the software itself on those different instances needing to cache/store this one single post for their users locally
Don’t large services have many duplicates/caches spread across the globe to balance load and reduce latency? Couldn’t this be seen as a positive? It could also be seen as a redundancy layer.
Yes. It’s very common to cache content closer to the user, otherwise the site would be slow. Some services like Netflix and Facebook even provide custom caching servers to internet providers to install in their data centers. These are called Netflix Open Connect and Facebook Network Appliance respectively. They significantly reduces costs for the ISP, as Netflix and Facebook are generally two of the heaviest users of bandwidth on an ISP’s network, and traffic entirely within their own network is effectively “free” for them.
This is a good part of federation IMO - if users join an instance physically close to them, their experience is going to be nice and fast, since everything is cached on their instance. It’s also pretty easy to spin up a new Lemmy instance in your country if one doesn’t exist yet.
it’s absolutely just a redundancy layer, in fact this is one of the main benefits i see with federation.
Lack of centralized control.
Until there’s some kind of organizing central committee of servers that could mutually defederate problematic instances, every server is forced to play whack-a-mole to deal with fascists and pedophiles and the like. Every server can not be an island onto themselves, they should be in communication with each other and then collectively decide on the rules of the federation.
I forsee in the future federation boards, like servers that work together to vote on good/bad actors/instances and from those other instances could subscribe to their moderation. Still open moderation, you can still set up an instance that doesn’t adhere to group A or group B’s mod lists, but for the vast majority of people you could have a good experience.
For example, dunno how many saw but had to remove an anti-LGTBQ post in a LGTBQ community today. I’m sure I’m not the only mod who removed that from their instance today, it’d be great if there was a way other instance admins could share that and “team up” with moderation.
Like internet countries. Choose a virtual citizenship, vote for your moderator and wait to be disappointed
Poop
poopless like countries, but I would view that more like the federation UN, with each instance getting a vote and a majority passes. You’re still in charge of your country, but you could say “I like how this group moderates, I’m going to auto apply moderation from them on here”, maybe you could choose which communities are automoderated too. If I ever started disagreeing with that group I could unsubscribe and subscribe to a different group’s.
For example, the post I mentioned was not in a community that I host, but for my users I had to remove it too. Would just be nice to say “whoever gets there first can remove it”
I see that as a pro and a con. If one narcissist manages to get to a position of authority, they can’t derail the whole network. That also means that people can form their own echo chamber islands of like-minded instances. There could be the main island of random interests and then a separate extremist island of all the instances that got defederated from all the big instances. Not an ideal solution, but it’s still better than a fully centralized Reddit.
What if instances could “subscribe” to the list of defederated instances of each other?
So for example. Let’s say that Alice and Bob have their own instances, alice.ml and bob.ml. Bob trusts Alice, so he sets up the following rule in bob.ml: “if alice.ml defederates an instance, then bob.ml defederates it too.”
Then Charlie starts charlie.ml. It’s a bad instance. Alice manually defederates alice.ml from charlie.ml. Bob won’t need to do anything - bob.ml would do it automatically.
I feel like this idea would address the issue of playing whack-a-mole, since admins of multiple servers can split the busywork if they so desire, and only with whomever they desire. And there’s no risk of a central control going rogue, since there’s no central control on first place.
It could be even further refined with more complex rules on when to automatically defederate other instances. Such as taking into account if the other instance did it manually or automatically, or how many among X instances defederated it.
What you eventually get is a single global list that the majority of instances use, at which point every new instance must immediately agree to adopt the list lest they themselves are also immediately defederated.
From what I understand, there are already instances who operate this way.
What you eventually get is a single global list that the majority of instances use
Not necessarily. Defederating too many instances means that your own instance will get less content; admins know that, so good admins generally avoid doing it unless necessary for the goals of their instances. Couple that with dissenting points (for example: grotesque but morally acceptable content, porn, dumb/low-quality content…), and the odds of said “single global list” popping up becomes fairly small.
Instead I expect to see a bunch of smaller lists, between instances with similar goals, and plenty unilateral subscribing (e.g. A subscribes to B, but B doesn’t subscribe to A).
From what I understand, there are already instances who operate this way.
That’s good to know. If they do it automatically, this system could be already implemented across Lemmy.
It’s interesting to see the mirror between Fediverse philosophies, and the history of international relations. For every person who believes every physical country should be an autonomous island unto themselves, you’ll find someone else who believes every country should be policed by the standards of another country or group of countries.
The fact that we can have this debate on the internet is interesting…but I also find it interesting that the internet was already federated to begin with. And we all see how that turned out. The Fediverse is just an internet within the internet.
Scalability. Most federated Lemmy instances are hobbiest run projects started by every day joes and privacy advocating sysadmins. These instances can handle a modest amount of activity. Lemmy.world is slowing to a crawl and barely working due to being overloaded. At the scale of tens of thousands of active users you NEED proper infrastructure and a dedicated team. These are not things that come easy when the instance generates no revenue besides meager donations. Lemmy.world is looking for on call system operators willing to contribute 5-10 hours per week. Good help is rarely cheap let alone free.
You are exactly correct.
I posted this in response to the DDOS attacks a few weeks ago. Same idea.
"… This is a shame. Hosting a high visibility server is no joke, and I don’t envy the admins and the very difficult work they do. It’s simultaneously an argument for and against decentralization. For - a single instance can get knocked out without talking out the whole fediverse. Against - it seems as though high visibility communities are potentially fairly easy to target and take down.
I think that decentralization wins out here in the end, but it does feel like there may be a need for some sort of fallback mechanism to be in place at an instance/community level. I suspect this might evolve somehow over time. It would require some way to expand trust between instances and or portability of communities (which could be fraught with user trust/data integrity issues).
If things don’t evolve it could grow into a whack-a-mole game for bad actors, or there might need to be more investment into server infrastructure (which could work against decentralization if only because of economies of scale).
Or maybe there’s no issue after all? I’m just imagining potential implications of a scaling fediverse - it’s fascinating and exciting stuff! …"
Everyone is a lot safer, faster and less vulnerable by being on smaller servers.
It’s not possible to ddos thousands of smaller instances in the same way. And if communities were spread out, taking a few instances down wouldn’t even be noticeable.
Theoretically, yes. Practically, maybe not so much as a ton of these smaller instances are consolidated on a just a handful of hosting providers.
When Lemmy.world was ddos’ed, other instances didn’t feel any of the effects, despite being on the same hosting provider. So it really matters - spread out :)
I expect as federation becomes more common we’ll see patterns like user servers, community servers, archive/redundancy servers, and eventually it’ll be less clustered. My instance that this version of me is on is much snappier than lemmy.world but it’s also federated differently and that’s very obvious when searching or browsing all
Yeah I’m not exactly clear over why federation differs either. Its designed not to differ I assume?
It is actually! The idea is you can join servers with certain levels of curation. For example if lemmy.world decided tomorrow it didn’t like blahaj.zone it could defederate them. That’s not the point of blahaj.zone but think of it like having multiple reddit accounts with different subscriptions each account is like a superpowered multireddit on it. You choose the subreddits that go in the multireddit but not that the account it’s on subscribes to
The person hosting lemmy.myserv.one is trying to acquire more users because they want to take some of the load off of lemmy.world.
If you want something less burdened than lemmy.world, you should make an account over here. Do your Lemmy browsing from here, you know?
What you’re describing is a problem with doing centralization in the fediverse. If you instead federate in the fediverse, it scales fine.
Lemmy.world is slowing to a crawl and barely working due to being overloaded.
I heard 0.18.4 has performance improvements.
Democracy. All people want it, but many people struggle with it. The comments up in this thread are all basically talking about this topic: People have to agree on what their society should be about. And that
canis hard work. It means reconcile and debating. It is not very different from every other Federation like the EU or Germany with its 16 states. Here is an Example:During COVID, Germany - as a Federation of 16 states - all had to decide on what is the best way to recognize the threat, mitigate it, and build up protections. In the Federal Republic of Germany, that meant that the Goverment took over some aspects, but many things were left to the states (Instances). People had a hard time seeing how this is a good thing. Many people - esspecially conservatives - ask for a strong man and are not able to hold long discussions. They want pragmatic decisions even if it will not guarantee the best outcome in the long run.
The good thing about a Federation is/was, that you have 16 “Working groups” running to the same goal, trying to find their best solutions. Some come up with great ideas on their own, some get inspired how the neighbors do it, some take an international approach and look into europe and some are just overwhelmed with the given task and struggle. People were really put off how “Everyone does his own soup” and some were really angry why there was no central plattform. Like China. Where one man said what to do. Not realizing that this could mean, that this one person has either the right solution, or is ending up locking down whole cities and incarcerating people into camps. For Years. People thing highly of centralized approaches, but do not see how bad it can go - and Germany went to that in a very bad example not only 80 years ago. Yet, we still struggle to see the benefit in Federation as soon as problems arise. In normal times they love Federation.
So my point would be: Federation is great, but the huge downside will be, that we have to talk a lot. Maybe even include a voting tool. Make it secure enough that it can not be abused too much (because it will the bigger the instance gets). We have to define or at least trust certain people, that they will take care of our instances, that we can get behind. And if not, - contrary to living in a Federated country - we are at least able to move to the next instance without a pain (if the instances support account moving one day). But people will get tired of talking too much. They want action. They want a simple and easy solution and continue their life. Some will invest a lot of time into making the instance bearable for many, while some users will just sit in a soft crib, not contributing anything and not understanding why those people “in the glas palast” will not come up with the right solutions. Because they are not debaters. They want pragmatism and will accept more authoritarian instances, if it can make them feel like they are getting lead in a strong way - disregarding if it will play nice with others or not.
In the end, Federated Systems will be a mirror of our societies, closer than what plattforms were ever be able to reflect. But this will come with the exact same problems. I can see a bright future for federated systems if enough people invest their time in it to design the experience what was previously done by worker in multi billion dollar corporations. Now people are given the tools to create their own federated experiences in a digital place. Die instances will prosper by it. Some instances will lose. Some software will burn. Some instances will be too small to have a solid team to answer all this. Some users will be appalled by all of this. But if a critical mass of people can survive and is willing to carry the stick and some form of general consent can be reached via a declaration and a living and growing and changing body of rules, that will adapt to the new challenges of time, it will be THE BEST system out there.
Except if you think a communistic/chinese approach with a central figure and a central single party is the best, that will tell you what the right thing is to do and if you do not follow, your are an deviationist and must be handled/expelled. Some people people love that shit. interestingly, mostly only if they were born into this and were indoctrinated into such a system. There is not a single country in the last 50 years where the people where asked and they willingly decided for themself, that they want such a system. Those systems were always created above the heads of the people - as it is their nature of those systems.
A good approach would be several Cartas that can be nested/cascaded that define what people share as a general consent. Two Instances agreeing into a strong bond of the same value. Another one that wants to join them. Some instances might group as The United Instances of the Fediverse with some basic rights that are not debatable and some views that might change over time. Some communities maybe want to be a left alone and do their own thing with a unorthodox decision tree. Some will not share this carta, so they will come up with their own what would lead to interesting paradoxes or even expose some fallacies in some communities.
Time will show how much strength and endurance we have and how worth it will be for us, to govern our self: Put some things in the hands of the Software we want to use (Government), keep some rules to us (instances) and decide for our own where we want to live as a user. In reality - at least in Germany - it took decades to grow organically. Police and Schools is in the hand of the state, for them to decide what to teach (to some degree) and and when to neglect a criminal/unwanted behavior (to some degree) e.g. for what amount of canabis/hatespeech he can be picked up. In the same way will the instances in the Fediverse define for themself where to draw the line and people will move to those places that give them the best balance of having enough freedoms to life a fulfilling life, but not too much freedom that it will end in anarchy. Basically Democracy.
TLDR:
Pro: Democracy
Contra: Democracy.
🏅
Good thing is we can learn from past lessons and implement things better. And we have quite a few technical solutions and additional abilities, that don’t apply to real world political systems.
For example we can implement more complex voting systems than a simple majority election. The Debian project uses a variant of a Concordet method. We can vote often and for details because the process is cheap(er).
We can shield users from each other and have fewer dependencies to other things. We can strive for different goals at the same time and sometimes use technical tools to make opposing things possible.
I think the most important thing is, we need a protocol that is as flexible as possible to allow for every scenario. And good/excellent tools for moderation and political stuff. That’d be a good foundation.
Aaaaand /thread
Awesome post.
In examining the intricacies of federation and centralization within the context of a democratic society, we’re faced with a rich tapestry of challenges and opportunities. The Federal Republic of Germany’s response to COVID-19, with its 16 federated states, serves as an illustrative example of a model that facilitates diverse approaches towards a common goal. It’s a demonstration of what can be described as decentralized centralization, allowing for creativity, adaptability, and the potential for mutual learning.
However, the attraction towards centralized leadership, particularly when vested in a single figure, reveals a tendency that should be approached with caution. It often leads to the erosion of democratic principles and individual liberties, a phenomenon not unknown in various historical contexts.
In the digital realm of the Fediverse, we find an interesting parallel. The absence of dark money can be seen as a safeguard against the undue influence of concealed financial interests. It fosters an environment that encourages open dialogue, collaboration, and community-driven decision-making. Yet, the tension between the need for extensive discourse and the desire for immediate action presents a challenge that’s emblematic of democratic processes.
The proposal for the creation of Cartas is an ambitious pursuit, one that seeks to balance the freedoms and responsibilities that define our existence, and in doing so, constructs a framework for a more equitable and humane digital landscape. It’s a path that demands careful consideration, relentless effort, and a commitment to the ideals that underpin the very essence of democracy.
One downside/senario I’m worried about is what happens when something really bad happens. Like illegal authorities-get-involved bad? Like leaking sensitive government information or a homegrown r/ jailbait situation that the media catches wind of. Stuff can’t be permanently deleted, at least not without nuking everything around it…which people might be tempted to do. And that’s basically turning anything seriously incriminating into essentially an infohazard that could get you nuked because you’re in an instance where someone else from it commented on the thing or something. And any attempt to and defederation from the offending parties probably isn’t the hard shutoff that the authorities would be demanding in such a situation. Even if nothing effectively happens to the greater Federation, it would be a PR nightmare that would probably kill any future attempts of evangelising the platform in the future, especially to bigger communities looking for a new place to stay.
Places like Reddit have mods and admins that worst case scenario, can be the scapegoats. Lemmy doesn’t really have that layer of protection because of how esoteric it is to the layman.
Sure this is the case? Because Mastodon had that problem before. I thought every federated platform had permanent deletion implemented by now? And federation of the deletion and cached data…
Yeah this happened to some guy in Australia hosting a tor exit node if I recall? I saw it on Lemmy, but didn’t save the link. Since he wasn’t behind a corporation, I think he got held personally liable. Best bet in hosting an instance is probably to form a corporation for some legal protections.
In the same way that it’s part of the fediverse specs to copy info from another instance when a user requests it, it’s also part of the specs to delete info when an instance requests it. Goes both ways. The only way it becomes a problem is if your instance deliberately disables certain functionality, or otherwise fails to moderate.
Of course if a user copies the info locally and holds a copy there’s no stopping them, but reddit would have the same issue there.
You have duplicate communities, posts, etc.
It’s hard to find communities.
Duplicate communities also existed on reddit, though. There were just so many people, it was a feature.
True, but it’s more complicated wiht Lemmy since the duplicate communities aren’t as obvious because of the multiple instances.
Its kind of a bug and a feature since it’s how decentralized services work but it will likely keep Lemmy from growing (at least to the extent that reddit did).
I see the fediverse growing slowly over time as people realize that centralized services are fundamentally doomed in several ways. It’s always only a matter of time before a bad UX change, or they’re acquired and they sell your data, or the owner turns out to be a sex offender, or the platform is taken over by trolls, etc. Each time one of these mass exodus’ happen, most users will jump onto the next doomed bandwagon, but some small portion will try out the fediverse where they’ll realize they’re now relatively immune from these fatal flaws. An instance might go down, but the rest of them will move on without them.
r/dgdag and r/dogs_getting_dogs are an example
It’s also hard to find active communities that aren’t just reposting from another source, like another lemmy community on another lemmy site, or reddit or something. It’s kind of weird here.
I wish they had multi-“reddit” support so I can aggregate common communities between instances. I suppose clients could do this but I haven’t seen the option yet.
Evangelizing.
If I want to share a cool link with someone who has an account but is not yet active, I have to:
- ascertain their instance if they are on the site
- visit their instance on a browser
- search their instance for the post I want to share
On centralized platforms I can hit the “share” button the moment I find something interesting. When I do, I will receive a single link that will work for all users of the service.
Granted (because the platform then harasses the user who follows the link, trying to annoy them into getting an account and/or logging in so that it can more accurately harvest their data) it’s not a ton better centralized.
But it does make it extra difficult to evangelize this way. I convinced a friend to get an account, and yet when I shared a link with him (without taking the above steps), he sent back a screenshot of the banner telling him he wasn’t logged in.
I’d like an easier way to pull the uninitiated into a conversation occurring on this network of sites.
I get it’s some form of tracking and that scares people here, but I keep on thinking there must be a way to set up cookies or whatever the right term is so that when you click on a link you’ll automatically get sent to the Lemmy post through your specific instance. I would suggest an extension but I’m personally of the opinion that any site that needs a third party extension (like say, RES or Xkit) to fully work isn’t a well designed site (not to mention it makes evangelising harder because now you gotta sign up for a new confusing thing and download this extension)
Like everyone’s screaming “use smaller instances!!!1!” But like, this issue pretty much tells you “you should be using the same big instances for the best sharing/viewing experience”
There’s not a great solution to this and it’s a real problem. The easiest way is an app or browser extension that could recognize lemmy domains and swap in your preferred instance. That gets into problem territory with defederation though.
Another way would be federating identity, people would still get log in messages at least the first time per instance, but they could log in as user@myinstance and get a logged in experience then. This is a huge technical pain in the ass, and still not great for user experience though.
You could also share links in a Url shortened style and use that redirect to let someone select an instance or log in to another service to know where to send links. This also isn’t great.
You could also share links in a Url shortened style and use that redirect to let someone select an instance or log in to another service to know where to send links. This also isn’t great.
The ideal would be a site that asks you for your instance once, saves it as a cookie, then automatically redirects you.
You would have to select it for each device, but that would work for most people that only use their phone.
I am unsure wether I understood you right. If I want to share your comment for example, I hit “share link”, and it gives me this https://lemmy.myserv.one/comment/1133028
There’s no “you aren’t logged in” showing up for me when I open it in a browser
It used to be a banner above the comments. Now it seems to be in the sidebar. That’s a good design choice. It’s an improvement. It might not have scared my friend so much.
These days, apparently (I followed the link to your comment, https://feddit.de/comment/2020091), it’s on the sidebar and says:
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
This is actually a massive improvement. It gives directions, and the earlier one didn’t. It’s friendlier than the earlier version too.
However, this evolution badly needs to continue (since I don’t see how asklemmy’s front page is going to tell you anything about the federated instance signup process or enough about the “home instance” concept for them to know they need to go to their home instance.) If I was given a link to your comment, and I wanted to upvote your comment, I would still need to 1) navigate to my home instance’s search tool and 2) paste your comment’s URL into that search tool. And that’s still a complicated process for a lot of people.
I do really appreciate the direction the web app is going here,
- they have gotten rid of the “vote” buttons and the “reply” buttons if you’re not logged in.
- the “not logged in” notification now tutorializes a little bit.
These are all very good developments.
But they need to continue. We need to tutorialize stronger.
There’s much less control about the software.
In a federated system you have no control about wheter remote instances are running up-to-date software or even the same type of software (think Lemmy vs Kbin), which makes breaking changes really hard to impossible, since you never know what ancient version another instance might run.
This is part of the reason why e-Mail works the same now as it did in the 80s. If e-Mail was a centralized service, it would be a full communications- and office-suite now, but since it’s federated it’s still separate messages in folders and stuff like grouping messages by thread are considered innovative.
No unnecessary bloating features and very slow implementation of new stuff seems like a plus to me
If you subscribe to the old Unix mantra of “one tool, one purpouse”, then yes.
If you prefer convenience and the ability to accomplish things, then no.
Using eMail for video chat isn’t really an option.
Hope would email for video chat work?
Have a look at basically any other text-only messenging service/app. Slack, Signal, Threema, WhatsApp and dozens of other similar services started out as text-only and added voice/video chat afterward. None of their protocols were originally designed vor video chat and none of them supported it initially.
There’s even an IRC extension that allows video chat over IRC.
So people never accomplished anything on Unix?
How many people do you know who still run actual Unix? (Unix, not Unixoids, which, for the most part, don’t follow that old Unix mantra)
Using eMail for video chat isn’t really an option.
Lol. That’s not how anything works. You also cannot use a hammer to replace the SSD in your computer. Sometimes you need to pick up a screwdriver instead.
What you want is the ‘everything app’. Go ahead and talk to Elon Musk. See how that is progressing 🙃
You can’t use You can’t use Slack for Video Calls? Or Teams? Or Signal? Or Threema? Or WhatsApp? Or Facebook Messenger? Or almost any other 1:1 chat app/protocol that survived long enough?
All of my examples were originally text-only messengers meant for sending text messages, pretty similar to email.
And even email didn’t stay completely “pure”, as, over time, it evolved file attachments.
By this logic you would be using email for video calls if you just patch in a Jira widget in your email client
Those are all apps that implement multiple different protocols to do chat/audio/video. Also none of those are federated to my knowledge, you can’t chat as a teams user with someone on whatsapp. Lemmy and kbin can talk to each other, just like outlook and Gmail and Hotmail can.
Yes, now please check the title and content of the OP.
The whole discussion is about the downsides of federated protocols/apps/systems vs non-fedreated ones.
And my point was that it’s much easier to expand non-federated software.
I’m not sure you can make that argument. It’s more about having a dedicated developer base than federation. FOSS has almost always been behind corporate development, that’s not really a downside of federation itself.
This is part of the reason why e-Mail works the same now as it did in the 80s.
I still want to see a proof that there isn’t a technical solution for this.
There are things like versioned APIs, backwards compatibility… You can make your network protocol modular and extensible… Think of XMPP and some other examples.
E-Mail is somewhat alright and has a few good design choices. That’s why it’s still around today. With the additional lessons learned since then, todays knowledge and tools, I bet we can design some technical solutions to the upgradeablility-problem.
It’s absolutely just a skill issue, matrix has made breaking changes without significant issues.
Turns out that if you just design a protocol with changes in mind you can simply reserve a version namespace for all but the most fundamental functionality and crank the number up for every breaking change.
[This comment has been deleted by an automated system]
Yeah. You can tell Email is old. very old. The internet has exploded since then. There are so many more nodes and users out there than anyone would have imagined in the early 80s. Also technology has advanced together with how we use it. 7-bit is madness by today’s standards. Of course Antispam and E2EE hasn’t been baked in because it wasn’t a thing back then.
But things are different today. I don’t think there will be another ‘explosion’ so that the requirements to such a protocol and it’s usage will change as quickly and fundamentally.
Funny thing is, the resource usage of my mailserver or XMPP server is so much less than for example my Matrix server or any of the other ‘modern’ federated things i tried… And we should learn from XMPP’s history. Both good and bad things. It’s a complicated story and there is more to the story than just network effect or technical issues. And I love and hate Matrix. I’m glad it’s there but i also wasted several hours looking for good client for linux that isn’t element and uses all of my RAM. And fought with encryption in some python libraries. Sometimes matrix just isn’t fun. Especially the encryption bit.
I don’t care for the network effect. I have used both XMPP and Matrix. There was a time I could reach all my friends via XMPP. Back in the days when both Facebook and GMail had XMPP and WhatsApp wasn’t there yet. As of today. I use Matrix. And the few people I talk to most frequently also use Matrix. And that’s enough for me. I don’t care if 99% of other people use something different. (Also there are bridges to other protocols). It’s the same with Lemmy. I wouldn’t be here if it was important to me to be on a platform with 1.5 billion other users.
I think we have an opportunity to do it right. And to design something that will last for quite a while. Of course there are issues to solve on several levels. Unfortunately back in the days, protocols were invented by scientists and to connect universities. Todays platforms are implemented by mega-corporations and their motive is to gather data and sell advertisement. So we probably need regulations and politics to force something like interoperability into existence. And of course there is the age-old question of reform vs. revolution. Iterative change sometimes isn’t good enough. I’d consider email a case where we need revolution. I’d happily use some free sucessor. Even before the network effect or regulation kicks in.
There are so many issues with email that are not fixable… And federation, dispite all the advantages it has, is the main reason why it’s entirely unfeasible to actually fix the issues in the system.
Federation, same as every other concept, has advantages and downsides.
Having looked into the Lemmy code and the discussions on Github sadly doesn’t bode too well. It looks like a mostly quick-and-dirty project and I fear it’s going to get only more troublesome as it grows. I am not sure if it could ever scale to Reddit-dimensions.
Part of that can already be observed with all the desynchronisation between instances, because there is no guaranteed eventual consistency or any other mechanisms like that, even though that would be fundamentally important for a distributed system like Lemmy.
This is exactly what I wanted to say, just put much more eloquently. Thanks!
But extensions are no good if most people don’t use them. Take end-to-end encryption in eMail. It’s a good feature that has been around for multiple decades, but most people don’t use it. Since most people don’t use it, there’s no point in using it. So you have the network effect right inside your system.
When e.g. WhatsApp made every chat end-to-end encrypted it took a single update and went so smooth and easy that most people wouldn’t have noticed if it wasn’t for a big modal telling the useres that it was introduced.
Introducing breaking changes or new features to a federated system with lots of hosts and lots of different software implementations is certainly not impossible, but it’s much more difficult than on a centrally managed system.
You could argue it’s a good thing that no entity is able to force everyone into using every new extension. But true. You then have issues with people and politics. You could just do a lookup on a keyserver and do opportunistic encryption. That wouldn’t harm anyone. (If done right.) Gmail could implement that and a major part of email users would have e2ee overnight and benefit from that.
Regarding WhatsApp. I remember shaking my head about WhatsApp when people started using it. As far as i remember (i might be wrong) It was widely open, unencrypted and everyone could impersonate anyone they had the phone number of. I don’t remember why it got so popular. But I’m glad they implemented encryption and fixed that.
With email I’m at least theoretically able to do something myself. With WhatsApps issues, there is no way to do anything about it. You just have to accept it’s quirks, because only Meta could implement something. For example I’d like to use it on my computer. And have a different identifier than my phone number. And stop it leaking metadata to Meta. How does a non-federated platform like WA help me with that?
For a new and federated protocol you could start with mandatory end to end encryption. And you then design the protocol so that changes won’t be breaking. And if you do it right it’ll be okay if people don’t adopt extensions. Things will still work. Maybe someone can’t do video calls or show emoji reactions. Maybe the cutting edge AR or VR stuff doesn’t work. But at least you have a fallback to send encrypted text data or arbitrary data-files. That should be enough.
The thing is that for some features to have any benefit you actually need everyone on board. Security is just that.
If you have to basically have a fallback-backdoor built right into your system to deal with those who don’t participate in the security system, an attacker just needs to force the fallback and nothing is secure anymore.
And sure, Gmail could just force encryption, but then (a) would everyone complain about one big actor abusing their market power, as happens a lot e.g. with Chrome and (b) the whole point of using email is that it’s a service that’s super stable and “just works”. If I can’t send an email to my dentist about an appointment, then it’s worthless. So something like that could hurt Gmail’s market share.
But all in all, my point was that open systems with lots of actors with the power to decide stuff makes implementing important changes more difficult, because you have to convince much more people to follow suit.
Yeah. I get it. You’re right. If there is only one actor, they can make decisions more easily. If there are multiple actors involved like with federated stuff, you add additional overlay by having to agree and have methods like voting, consensus etc.
My point is: It is possible. I don’t disagree that takes extra work. But we live in a democraty, not a monarchy. We have technical solutions. You keep saying we need consensus between every instance of a federated software and 100% solutions. But that simply isn’t true. We don’t need consensus. We don’t need everyone to agree. You could just expel everyone from the network that hasn’t updated their server for 3 years from the network. You won’t even notice the <1% users that go missing. You could implement text, audio, video, group chat mandatory encryption and minimize metadata. Make it performant and extensible and a backwards-compatible protocol. You might only be 95% of the way. But isn’t that better than anything currently available? It’ll probably stay that way for some time if you did it right. Just forget the last 5% to make it a theoretically perfect solution.
With the encryption: As with everything security related, it depends on your specific thread model. My example would help against everyone casually reading everyone else’s mail. It won’t help against a targeted attack IF you could force the fallback triggering and there wasn’t such a thing like certificate pinning. But it’s a thousand percent better than not doing anything at all because it could be curcumvented in an edge case. But I don’t want to argue in email’s favor. email is old. the only reasonable option is to start over. and force reasonable encryption this time.
Regarding the network effect: Nothing new is going to happen in the world if we don’t fight it. Many people are conservative. We buy the stuff we’re familiar with instead of something better. We want the things everyone has despite there being better alternatives. Americans keep using the vastly inferior imperial system. We sometimes need to get done with tasks and use that thing that is compatible with people we want to interact with. Like the messenger, the social media platform everyone uses. Microsofts office software to interact with clients… I understand. But again, there are ways around this. You could establish something nice and better in your small community and stop caring for the rest of the world. You could use something like a bridge that connects old and new technology. You can be a country and make laws that force something into existence. You can be a big corporation and just foist the the new thing on your users. Like the Instagram accounts that kickstart Threads. I don’t say it’s necessarily easy to do. But possible.
Pedantic but email is more like a protocol and not a software. Outlook is the software. It’s not a valid example.
ActivityPub might be closer
100%
ActivityPub is a pretty bad example, since it’s new. It hasn’t had to endure decades of implementations and extensions, like email has. But ActivityPub will be an equal mess given enough time.
Anything that has to be backward compatible for too long will become a mess.
Incidentally, this is one of the biggest complaints from a technical standpoint that many people have with certain Microsoft products.
We were talking about federated software, based on a shared protocol but with many different implementations vs centralized software (as in run by one entity, not as in non-distributed).
Your pedanticts are what the whole discussion was about. So your pedantics aren’t valid.
I get where you are coming from but you clearly equated email to software which is wrong. It’s not a software. The rest of your points are valid. No need to get pissy.
And if eMail (the whole system) wasn’t federated but instead would be run by a single company, then it would be: yes, a single software implementation.
Pro tip: any comment that begins with “to be pedantic” usually adds nothing to the discussion and has the sole purpouse to make the pedant feel superior over everyone else. It’s a good way to annoy everyone else in the discussion.
You seriously need to pull your head out your ass.
Email is not a software. It’s a horrible example. It’s no different than saying SNMP is software. It’s fundamentally wrong.
Now I was nice. Yes it was stupid to bring up but not everyone is in IT so not everyone would know your example of email as a software is wrong. That is why I, quite nicely, brought it up. Not to hate simply it’s a bad example and it still is.
Yet here you are doubling down on aggressive bullshit for being politely advised your example was shit.
Dude, you are the only one who doesn’t get what this thread was about and who is only here to purpously misunderstand the topic. Nobody claimed that email is a software and actually I wasn’t talking about software or protocols but about systems/ecosystems.
If you have a look at what I said in the first post, I referenced email as a “system” not as software and said, that federated systems are harder to manage because you have much less control about the software that is used in that system. Email is a system, and the software that I referenced were implementations of software that handles emails. So not only are you rude and pedantic, but your whole point hinges on you misreading the first post and not understanding what the word “system” means.
And you know what, email isn’t even a protocol. There is no protocol named “email”. There are SMTP, POP3, IMAP and some other protocols, but there is not a single protocol named “email”. Because email is a system, where different software implementations (servers and clients) communicate over a set of protocols.
So before being pedantic and obnoxious, please first
- Read the post you are answering to
- Try to understand it
- Read up on the topic
- Try to understand it
- And then contribute in a meaningful way
You failed on all of these points.
If you seriously think your agressive discussion style is polite, then there’s nothing to add.
1: Anything that’s federated is public (to instance admins) and can’t be reliably deleted.
For ActivityPub, that’s pretty much everything except user account.
For email (SMTP) that’s sender, recipient, subject, and usually body.
Etc. Instance admins can log whatever they want. Laws like the GDPR or CCPA don’t apply to all instances.
2: User signup is much harder because choice paralysis over which instance to join often sets in. That in turn leads to default recommendations, resulting in centralization in a few instances. E.g. lemmy.world, beehaw.org, sh.itjust.works, lemmy.ml for lemmy, Gmail, Apple mail, MS Live email, AWS email options for email.
For your point 1) The same applies to any other social media or good old phpBB forums that some clubs still use. GDPR still apply as soon as you log personal data of an European user. So if an instance admin does shit with the data they can be charged.
GDPR isn’t that complicated, tons of small non profit structure (e.g a sport club) deal with personal data without any issue. If you don’t spy your user and do the minimum needed amount of data processing your data privacy policy can hold in a couple of lines. It get huge because big social media spy us
Old-school forums have single points of contact. They’re no more private than ActivityPub, but a takedown to the admin is a takedown of all instances. Obviously public data can be cached or archived, so as always you have to send takedowns to every archival service, search engine, and any CDNs too.
The GDPR “applies” whenever an EU resident’s data is stored. The enforcement requires some presence in the EU by the entity storing the data. For multinational companies that means if they have any banking services there (e.g. taking payments from EU customers) they have a presence. For individual fediverse admins, that’s not necessarily a concern. At worst their instance’s domain would get blacklisted to EU users.
From running multiple accounts across multiple instances, I’ve found that each instance feels like a separate forum of posts. Sure some of the big ones federate with each other, but that still doesn’t lead to being able to see the same federated content when you log into infosec.pub or lemmy.world. I think a lot of the differences in content lie with which instances federate with which other instances.
Yep it’s important to pick an instance that doesn’t block many other instances, if you want as much content as possible.
This is good and bad to me. I like the idea of a series of little neighborhoods. You know your home well, and have a place of comfort if you don’t feel like dealing with the wider world, but it’s all still very accessible (or ideally very accessible. Discovery is an ongoing issue without for you algos). Forums were nice, but it was always annoying if you were on more than one proboards (or what have you) and you were switching sites to see your variety of friends. Discord solves the same problems, but I also don’t trust that company at all.
Reddit gave you that comfort zone for certain topics, but only if it’s not a popular or contentious one. And like it’s nice to be able to have my comfort zone be more diverse than my 5 favorite topics.
Instances being defederated over things like petty drama. Unless it’s one that’s actively allowing nasty content or people, I don’t think that should be the first course of action like some admins seem to treat it as.
It is difficult to control users, to ban them permanently etc. It is difficult to make money with federated software. You could maybe show ads. But nothing that’d make you rich.
To be fair if nobody can get rich from it the fediverse is probably going to stay a much nicer place than the rest of the internet. Profit motives are fine when you’re dealing with strangers but they always add an element of dishonesty to communities of people you intend to stick around with in my opinion, there’s no good faith when my presence is being monetised any more than a farmer has the best interests of their livestock in mind.
That second point is a feature, not a bug.
More of a wish than a challenge but federated identities would be awesome. Home instance offline? No problem, just switch servers. No need to try and sync settings and subscriptions between accounts.
Blockchains already do this with public key cryptography. Your “login and password” would just be a Mnemonic Phrase. The fediverse just distributes the public information to use that phrase.
Agreed, portability of accounts should be much higher priority that it currently seems to be on either mastodon or lemmy. But also, that limitation is not an option at all on non-federated platforms.
I just did this kinda. Lemmy.world has been a yoyo for weeks.
There’s this… https://github.com/aidandenlinger/lasim/blob/main/README.md
Which could be improved to make this happen without user interaction.
Identity theft. Not as serious as the real life version but imagine that I make an account with your username on another instance, maybe under a domain that’s very similar to yours, and start stirring up trouble. If you’re someone people recognize I could hurt your reputation or scam people.
Identity theft is not a joke Jim!
Hey! I’m Jim!
mastodon has a solution to this, where you can verify yourself with a website
deleted by creator