I went through the evolution of email… At first it was universities, then ISPs etc. Having your identity tied to them SUCKED every time you no longer qualified for an account, changed providers ETC. I was a hotmail user before Microsoft purchased it, and an early beta Gmail user… While this is some centralisation these two identities have lasted decades, where AT THE TIME AOL was the (this is the biggest, never going away) option, now almost no one has an @AOL.com address.
Point being that no matter the current promise your instance could DIE if you get ill or can’t afford to host it etc. The model is BAD. I have said it before and will say it again, Identity SHOULD NOT be tied to instances, AND it needs some form of bot and trust system built in.
I seem to remember some parts of the Fediverse being able to pick up your user and move to another instance? Is that Mastodon by any chance? If that’s so, sounds like something Lemmy should look into.
It doesn’t sound like it would be too hard, pack up your user stuff in a JSON and sign it (basically a JWT), and establish a protocol by which one instance passes the user to another. Or, even better, let the user take their JSON and import it manually into another instance – this could also double as personal backup.
I believe Mastodon has that (seem to remember seeing it when I setup my account) but I think the instance you are on has to still be alive at the time to do i so it doesn’t quite address the sudden shutdown of the instance that holds your identity.
I partially agree with you. But my plan is to hand over the entire thing should I fall ill or get tired of hosting and maintaining it.
But in the end, everything’s gonna go away. Even Reddit, like all the platforms before it. That’s just the way things work.
What would be better, though? Having a P2P-like system where everything is truly federated? Like… Everyone has all accounts and all content at all times? I don’t know how this would work.
At this point in time, there are clear advantages to the current federated system, but there are also clear disadvantes, like what you’re describing, as well as some other things, like the different rules and moderation techniques of instances, defederation, etc.
undefined> What would be better, though? Having a P2P-like system where everything is truly federated? Like… Everyone has all accounts and all content at all times? I don’t know how this would work
I think something mandatory in the server instances that runs a blockchain (not crypto to be clear but that is how it works) IE every instance server is a validator node. When you create an account you do it from an instance, it gets recorded into the blockchain but at that point you have a lemmy account. You can directly log in on any instance as YOU (kind of like how SAML/OAUTH lets you use a google / microsoft / steam account) and use the services. When you post it is signed with your blockchain info. You could get banned on a specific instance and that gets recorded in the block chain. Other instances could chose to look at that info and decide they don’t want users that have been banned on multiple other instances or on specific trusted instances. Over time your account essentially becomes more or less trusted but the key think is that your YOU and not bound to one instance.
Bad instances could put false data into the chain, some vigilance for kicking and untrusting them would be needed
If your account gets hijacked there isn’t much you can do about it, no recovery (problem / risk in crypto that is well known) You are personally responsible for your account not the instance and lots of users and not smart enough for this.
Typically to prevent abuse crypto chains specifically put in CPU/GPU compute load to prevent being able to rapidly abuse posting data to the network. This could be done client side in the browser but to some degree would be needed on the instances to prevent people just spinning up malicious instances without cost but if this overhead is limited to identity only IE user creation, sign in, update it would be manageable other than during rapit sign up events like Reddit going down, spikes in interest.
Nothing is free or perfect but the current system somehow didn’t learn from decades of spam,bots, abuse in Email, IM and Web Forums. I don’t even recall the last web forum phpBB, SMF, Invision, Discourse etc that don’t OUT OF THE BOX give server admins a tool box of anti bot and spam / abuse clean up tools.
Thanks again for the comprehensive write-up. Account recovery was my main concern, but I don’t know much about blockchain technology, so I didn’t say anything. I just remember that I registered with a video platform that’s blockchain based (forgot the name) and then, I accidentally discarded the password manager entry for it instead of saving the password. Password restore wasn’t possible, “because that’s how blockchains work”.
About the moderation and administration tooling that Lemmy has (or doesn’t have): I don’t think this project was ever meant to be as big and important as it is right now. I guess we can see a lot of changes soon. I personally can’t program in Rust, but I’m planning to start a small PHP project tomorrow for a small admin and mod web panel that directly interacts with the database to have a GUI for some tasks that requre fiddling with the database at this point in time.
I went through the evolution of email… At first it was universities, then ISPs etc. Having your identity tied to them SUCKED every time you no longer qualified for an account, changed providers ETC. I was a hotmail user before Microsoft purchased it, and an early beta Gmail user… While this is some centralisation these two identities have lasted decades, where AT THE TIME AOL was the (this is the biggest, never going away) option, now almost no one has an @AOL.com address.
Point being that no matter the current promise your instance could DIE if you get ill or can’t afford to host it etc. The model is BAD. I have said it before and will say it again, Identity SHOULD NOT be tied to instances, AND it needs some form of bot and trust system built in.
I seem to remember some parts of the Fediverse being able to pick up your user and move to another instance? Is that Mastodon by any chance? If that’s so, sounds like something Lemmy should look into.
It doesn’t sound like it would be too hard, pack up your user stuff in a JSON and sign it (basically a JWT), and establish a protocol by which one instance passes the user to another. Or, even better, let the user take their JSON and import it manually into another instance – this could also double as personal backup.
I believe Mastodon has that (seem to remember seeing it when I setup my account) but I think the instance you are on has to still be alive at the time to do i so it doesn’t quite address the sudden shutdown of the instance that holds your identity.
That’s a good point. 😃 All the more reason for them to offer the ability to download your account data.
Except unlike email, it is not a big deal to change accounts on lemmy, almost all interation happens in communites not user to user.
It matters if you create a community and are the only mod, or are a mod etc etc. You basically lose that if you lose your identity .
I partially agree with you. But my plan is to hand over the entire thing should I fall ill or get tired of hosting and maintaining it.
But in the end, everything’s gonna go away. Even Reddit, like all the platforms before it. That’s just the way things work.
What would be better, though? Having a P2P-like system where everything is truly federated? Like… Everyone has all accounts and all content at all times? I don’t know how this would work.
At this point in time, there are clear advantages to the current federated system, but there are also clear disadvantes, like what you’re describing, as well as some other things, like the different rules and moderation techniques of instances, defederation, etc.
undefined> What would be better, though? Having a P2P-like system where everything is truly federated? Like… Everyone has all accounts and all content at all times? I don’t know how this would work
I think something mandatory in the server instances that runs a blockchain (not crypto to be clear but that is how it works) IE every instance server is a validator node. When you create an account you do it from an instance, it gets recorded into the blockchain but at that point you have a lemmy account. You can directly log in on any instance as YOU (kind of like how SAML/OAUTH lets you use a google / microsoft / steam account) and use the services. When you post it is signed with your blockchain info. You could get banned on a specific instance and that gets recorded in the block chain. Other instances could chose to look at that info and decide they don’t want users that have been banned on multiple other instances or on specific trusted instances. Over time your account essentially becomes more or less trusted but the key think is that your YOU and not bound to one instance.
Sounds good to me. Any downsides?
Nothing is free or perfect but the current system somehow didn’t learn from decades of spam,bots, abuse in Email, IM and Web Forums. I don’t even recall the last web forum phpBB, SMF, Invision, Discourse etc that don’t OUT OF THE BOX give server admins a tool box of anti bot and spam / abuse clean up tools.
Thanks again for the comprehensive write-up. Account recovery was my main concern, but I don’t know much about blockchain technology, so I didn’t say anything. I just remember that I registered with a video platform that’s blockchain based (forgot the name) and then, I accidentally discarded the password manager entry for it instead of saving the password. Password restore wasn’t possible, “because that’s how blockchains work”.
About the moderation and administration tooling that Lemmy has (or doesn’t have): I don’t think this project was ever meant to be as big and important as it is right now. I guess we can see a lot of changes soon. I personally can’t program in Rust, but I’m planning to start a small PHP project tomorrow for a small admin and mod web panel that directly interacts with the database to have a GUI for some tasks that requre fiddling with the database at this point in time.
undefined> I don’t think this project was ever meant to be as big and important as it is right now.
https://github.com/LemmyNet/lemmy
Well this is Exactly what it is billed as…
Damn. Yes, well… Can’t argue with that.