- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Imagine a world without platform lock-in, where no ban or billionaire could take down your social network. That’s what ActivityPub has planned.
I have my skepticisms about this whole thing. While I know the answer is “they will be defederated”, what if one of the big ones, like lemmy.world or lemmy.ml get huge, then sell out to something like Meta?
We lost 3rd party apps and we are morning the biggest breakup we’ve ever had with reddit. Say the server you’ve had your account on for so long and all your content gets taken over by a giant with strategically placed adds that are upvoted by bot armies for visibility. They may get defederated, but that means Meta just came in and destroyed a huge chunk of users accounts while gaining some ad revenue for a bit until the community dies. Everyone has to actively pack up their shit and move to another instance. I guess the loyalty to an account is less with a lack of account karma so it wouldn’t burn as bad.
You would lose all your subscribed communities when you are forced to move out. That would suck. Too bad you couldn’t export like a .db file from your account on the way out and upload it to another account on another instance. Possibly some sort of encrypted key so you can auto add as a mod to any community you were modding on your previous account. No clue if that makes any sense. Kinda Like a lemmy “Go-Bag”?
I don’t know, just thinking ahead of the shenanigans that’s going to happen if this really starts making a dent in huge corporations user counts.
Mastondon does allow you to export your profiles and set them up on a different instance; I reckon some folks will figure out a solution on how to easily jump ship.
This is one of the biggest things I think Lemmy needs. You should be able to create a backup of your profile and export/import it into another instance. That way if something happens or you have a problem with the instance admins you can migrate with no loss or minimal loss to your account.
i’ll be honest hearing lemmy while being on kbin threw me into a loop, made me wonder if i was in a lemmy community and not a kbin magazine lmao. i gotta get used to this.
But yeah, both Lemmy and Kbin need the same flexibility of Mastodon. The more easily one can move, the less likely megacorps will see value in gobbling up instances. Long-term goal might be cross-platform profile compatibility, but right now that’s a pipe dream.
To be fair, kbine doesn’t label things very well right now. I’m using both, and Lemmy makes it far more clear where a post is coming from.
That’s one annoying thing with kbin, the other being no quick access to subs list. I still like it better than Lemmy right now.
For Kbin, you might want to check out the @kbinStyles magazine. Folks are creating tweaks for Kbin in the meantime that improve functionality like this :)
e.g. https://kbin.social/m/kbinStyles/t/27201/kbin-enhancement-script-QOL-updates-for-the-kbin-UI
Think of it as a mailing list. There’s a bunch of people in it getting updates from others. Some use Gmail, others use outlook, others Yahoo, etc.
Oh I know how the Fediverse works, I was just commenting on how sometimes I have to question which instance the post is hosted on. For example, I see you’re on lemmy.world.
Thank you for trying to help though!
Yep, the devs have said it’s on the radar, but will probably be a while. Not too many contributors and their priority is to work on stability and bug fixes first
I think one limiting factor that has yet to be addressed is that you can move your profile, but you can’t move your content. Another is identity. How do you know which Mastodon server has an authoritative (i.e. “blue-check”) profile for a given person/entity?
edit: Search indexing is also a huge problem. While it’s possible to create a search index over all content local to a given server, maintaining an index over all content on all servers that you federate is a much bigger problem.
Mastodon has the seeds of this authority in that you can put links on your profile and then have them flagged by putting code on the website. So my Mastodon account could have a link to kazuyadarklightofficial.com and the flag proves I own/control that site. So if you know/can determine that site is THE KazuyaDarklight site, then you know you have the right Mastodon account.
I guess for the privacy conscious and content creators, one solution of this would be to host your own instance just for yourself. You control the domain and what’s hosted. I could setup @[email protected] and store my content on my server. In much the same vein as custom emails - [email protected] could be my email (technically I could have [email protected] but that could be confusing with only a dropped @ but anyways).
Obviously this is not going to be a solution for everyone and it would be good to have a way to backup your content and be able to move it between servers. But in the mean time, it’s a workable solution for those who find it important enough to go down that route. 🤷🏻♀️
I guess for the privacy conscious and content creators, one solution of this would be to host your own instance just for yourself.
That’s exactly what I did. Have it running in docker containers at a VPS provider for $5/month and ship backups off to Backblaze nightly.
Never have to worry about my “home” instance dying/suddenly disappearing or defederating other instances. I like to self-host when it makes sense to, and this is definitely a situation where it makes sense.
I think once lemmy has this, and it’s easy, it’ll achieve even greater success.
I’ve been online for close to 30 years now.
I’ve lost count of the number of forums I’ve had to leave because they went to shit.
I always find another one.
Same here. My domain name and email address will turn 30 next March. I’ve been doing this since the days when Usenet posts were transmitted across sites using UUCP.
We will always find the next place. Reddit has peaked and is destroying itself and it’s time to move on.
Yeah, a lot of these concerns strike me as coming from people who don’t remember the time before the big, centralized media sites. Hopping from forum to forum, making new friends and learning new things along the way, is all part of the adventure.
I mighth go back to Slashdot +5 Insightful
That’s why we need to decentralize. If there’s 100 communities over 50 servers, then it doesn’t matter which website goes down or defederates. It’s only if everyone stays on one or two instances that the fediverse breaks.
Over on mastodon, big instances have gone down, people notice but it isnt the end of the world.
I mean I can’t be the only one who doesn’t enjoy the idea of setting up a new account if the ship you picked in the beginning sinks a few years later. You make it sound so simple but at least to me it would be a huge drag.
This is why having frictionless one-button migration seems really important to me. Imagine that your Lemmy client keeps a constant backup of your profile so that if and when your instance go down, you can set up shop somewhere else super easily. Or when an instance get too big, or when you feel like it, you can instance-hop super simply. This is the future I’d want. You control your profile, noone else.
I remember having read that it’s on the dev’s roadmap but they’re obviously swamped right now.
Honestly, this isn’t even necessary. The only thing that needs to be implemented is federated authentication, because then you could log in to any instance with one set of credentials. Since the content you post/comment is already replicated locally on other instances, you wouldn’t even need to import/export anything, it would already exist on the other instances.
Implement federated user authentication and you’re golden.
How would federated authentication help with an instance sinking and having to port/rebuild a profile?
Maybe I’m misunderstanding (and that’s certainly a possibility because I’ve been on Lemmy for barely a week), but wouldn’t the profile be rebuildable since the content generated by the user has been replicated to other instances?
If that is the case, the only thing that’s missing is federated authentication so the user can log in to any instance with a single set of credentials.
From what I understand of federated authentication, your instance needs to be up to authenticate against. This doesn’t help if your instance goes down. Did you have some other mechanism in mind?
My POV is a bit different than most people, because I built my own ship, and I reach out to other instances using it.
Because I agree, I don’t want to be relying on someone else to maybe grace me with a fediverse account.
I have a vision of what’s to come so I’ll throw it out here.
When things truly take off there’ll likely be companies selling cloud hosted instances, the server requirements aren’t massive for a small group so it’ll be cheap.
That’d solve the issue of losing accounts or small communities, but huge communities would have to be hosted on huge servers just to handle the amount of content coming in.
Which means money will play a role somehow, imagine a community with millions of visitors every day. Could a server relying on donations sustain that? Or better question is could they sustain that better than a huge tech conglomerate?
I hope I’m wrong, but… I think network effects could lead to a single instance becoming dominant and therefore vulnerable to such a takeover/sellout. I’m less sure about this, but perhaps non-technical users don’t understand the concept of federated instances and flock to a single one. Perhaps there are other tangible benefits of everyone being on a single instance. Just because the protocol allows for decentralization, doesn’t mean it will naturally happen. E.g. How many email users are on Microsoft exchange/outlook, Gmail, and Yahoo?
I love the concept of your own data being portable, but am afraid there might be other factors that somehow naturally lead to centralization. Please change my mind!
The biggest risk is if all the most active communities end up centralized on a handful of the biggest instances like they seem to be right now, that means a bad actor would only have to buy up those instances to control almost all discussion on lemmy / kbin.
However, it would much easier for mods to migrate their community to an uncompromised instance than it would be to migrate to a new site completely. Jumping from reddit to lemmy / kbin, users have to abandon their old reddit accounts, move to a completely new website with a completely new interface, and start over from scratch. Jumping from one lemmy / kbin instance to another, users would just have to unsubscribe from the old community and resubscribe to the new one.
I think without account karma the loyalty to the account would be less for the average person. The more annoying part is the communities you’ve subscribed to and finding them again. I think a simple download of a list that automates resubscribing on a new account would ease that issue for most people.
For an active user would be that you lose access to communities you created. That is a real logistical problem. I started on lemmy.ml and crelated a community then realized that lemmy.world ran a lot smoother (at the time) and moved. I luckily still have access to my original account so I was able to appoint my new account as a mod. So problem solved. If your instance splodes you lose that ability. But likely your sub went with it too anyway.
I guess the real problem I am identifying here is while the fediverse itself is decentralized, your account isn’t. It is locked onto one instance and the fediverse is volatile.
Maybe add an ability to attach your account on 2 or 3 instances and keep them synced? If one goes rogue then you have a backup that’s still on the fediverse? You can then defederate yourself from one if needed.
Idk.
I guess running a small private instance just for yourself is the best answer.
Thank you for your responses. It really makes me think about the meaning of portability:
Are you moving your identity? (e.g. implementing something like instance-agnostic user PGP keys)
Your data? The posts and comments you’ve contributed, which would only make sense with the context of the entire thread.
How would the contents of entire communities be migrated? I presume that’s where the valuable content is for potential buyers either to drive ad traffic or train models.
Mastodon’s export portability mostly focuses on the local social-graph aspects(follows, blocks, etc.) and while it has an archive function, people frequently lament losing their old posts and that graph relationship when they move.
Identity attestment is solvable in a legible fashion with any external mechanism that links back to report “yes, account at xyz.social is real”, and this is already being done by some Mastodon users - it could be through a corporate web site, a self-hosted server or something going across a distributed system(IPFS, Tor, blockchains…) There are many ways to describe identity beyond that, though, and for example, provide a kind of landing page service like linktree to ease browsing different facets of identity or describe “following” in more than local terms.
I would consider these all high-effort problems to work on since a lot of it has to do with interfaces, UX and privacy tradeoffs. If we aim to archive everything then we have to make an omniscient distributed system, which besides presenting a scaling issue, conflicts with privacy and control over one’s data - so that is probably not the goal. But asking everyone to just make a lot of backups, republish stuff by hand, and set up their own identity service is not right either.
I think you are right for the most part. I assume that some big servers will take most of the users and that the cost of maintaining the fediverse will become quite high in one way or the other as the network grows and the malicious actors gain incentives to interact with the network.
I think the fediverse is more like the old web. I don’t really consider my data very portable, but my ways of consuming and interacting with the content is. I for one don’t really care if my posts go with me if i move somewhere else. If my home server defederates, then I can move to another kbin instance and my experience remains much the same. The monolithic singular identity that I can take with me wherever I go isn’t something the fediverse delivers on right now, but that is fine.
@Guy_Fieris_Hair I doubt that lemmy.ml or lemmy as a whole would sell-out to Facebook as they are Tankies.
Why do I keep seeing people say this in passing without any sort of evidence. Feels like reddit/Twitter type of culture
I don’t think lemmy as a whole can be sold out to Facebook since it’s open source, right? (Also why it’s not a total dealbreaker for me that the original devs are tankies, since they won’t be profiting off us using it.)
I don’t think lemmy as a whole can be sold out to Facebook since it’s open source, right?
Yes, but lemmy is even more resilient. It is licensed as AGPL-3.0.
That is a copyleft license which requires anyone using the code publicly (e.g. to run a proprietary server) to make their code public and permit free usage of it. And they must not change the license.
I don’t see the point of buying something which is already freely available to everybody, especially since you are not allowed to hide it, even partially, or modify the free nature of it.
What could more reasonably be sold is data, visibility and userbase (big, active instances).
How can a piece of open source software be “a tankie”. An instance might be run by one.
I feel there will at some point be a “this is why we can’t have nice things” moment with ActivityPub and Federation in general.
Karma is probably pretty easy to farm using fake home servers or botted accounts, and other kinds spam is probably going to be an issue if this platform reaches any level of mainstream popularity.
I think many parallels can be drawn between ActivityPub and E-mail, here. E-mail works, but not without a lot of gatekeeping, blocking and spam. Its really hard not to get blocked as a self hosted email server today, you are probably going to be mostly blocked by default until you build somewhat of a reputation for your server, etc. I foresee similar levels of maintenance being needed in the future in order to keep servers federated.
As far as moving your account, some things are easier than others to deal with. Things such as subscriptions and likes is probably a lot easier to move to a new account than entire post histories and such.
I wonder if there could be a universal subscribed communities + followed users data format people could export before they move instances. Hard part would be getting everyone to use it
What would selling out to Meta look like?
Letting Facebook host in return for ads.
Not only ads. Less privacy.
What privacy? Everything here is it in the open for everyone to see
Facebook gathers geolocations etc. that are not in the open.
Popular pieces of software that’s part of the fediverse usually give you either:
- Export options - manual export options intended for GDPR-Compliance and peace of mind
- Account Move options - Mastodon is best known for this, as you can migrate your profile (but not your posts and followers) to another instance. Anyone which then visits your old page will have it blurred out, linking to your new one.
#2 could be expanded in the case of Kbin and Lemmy to also include subscribed communities/magazines, settings and some other things where Federation allows for it.
I think you can move your followers, can’t you?
Maybe there’ll be a standard for threadiverse that each software like Lemmy and Kbin will eventually follow. A standard that lets us migrate from Lemmy to Kbin and others easily. Then, if at some point some software becomes GPL-licensed, we don’t have to be worried about software overtake like MS did with Minecraft.
Search indexing is also a huge problem. While it’s possible to create a search index over all content local to a given server, maintaining an index over all content on all servers that you federate is a much bigger issue. And that’s before we get to the problem of migrating associated content when a profile moves from one server to another.
Jury is till out it’s way too early to tell. The fediverse seems very unrefined still (which I kind of enjoy tbh). If its truly going “save the internet”, a lot of refining needs to be done in order to attract at a mainstream scale.
It’s been really refreshing so far though.
It is really strange, in that it WORKS like the old Wild West of Web 2.0 when it was all blogs and RSS feeds but it doesn’t FEEL like the Wild West. It’s definitely civilization here.
WORKS like the old Wild West of Web 2.0
Well said
I’m hoping that now that we have seen a fair share of social media companies rise and fall and why they’ve fallen, many people will begin to find out what they are looking for in a social media network.
Haha yeah this is tame compared to when we went from static sites to dynamic communities. This seems so easy in comparison. Things are much easier now.
agreed. It’s got bugs, and scalability issues, but i’m liking to “quirkiness” of it. I’ve most most of my stuff to the fediverse so far. It’ll need a lot more polishing to attract mainstream attention, but it’s nice to have this option.
deleted by creator
“But at the very least, if a server goes down, it should not be catastrophic to you.” Your social world shouldn’t live inside an app, she says, or depend on a company staying solvent. It should, and could, be much bigger than that.
Exactly
It’s like Web 1.0, all over again, but this time with better technology
I ahve massive issues being federated with Facebook, twitter and the other billionaire tech giants. No thanks. I do NOT want them to be able to feed me information. Corporations should have zero ability to discuss or provide input into the lives or regular humans. They have done enough damage and it’s time they be silenced.
But can’t you control what instances you consume?
Alright so I’m skeptical we’ll keep a useful level of signal to noise the whole time (Usenet). But, for the first time in forever I’m optimistic, there’s a lot more technical talent and awareness of how bad it can go this time around, which is amazing to see.
I still don’t think people have grappled with the fact there’s no total “erase” button even if you can port your data.
But we have open standards again, it feels weird.
Really good article.
Realcaseyrollins was on this part of the fediverse for a long time, he routinely posts really decent stuff. He has a lot of posts on communities on narwhal.city that can be federated back here.
Can the verge build a pc?
I have my tweezers and table ready to go!
It already has for me. Most websites I visit today I run myself. How amazing is that?
It’s the digital equivalent of off-grid living. I love how much useful tooling I can host myself on my little cluster, and it is empowering that $megacorp can’t hold it hostage or shove hostile tracking and advertising everywhere. The Fedeverse feels much closer to the spirit of the internet in its infancy.
That’s what ActivityPub has planned.
Well, that is kind of what ActivityPub is already allowing us to do.
deleted by creator
Defederate the truly hateful stuff
deleted by creator
That has more to do with community building rather than an underlying technology. IMO
ACTIVITYPUB!
I have hope but my big concern is the scalability/efficiency of the thing. SOOoo much data is getting copied and duplicated across the federation links, and in some ways that’s good, but it also bloats the overall cost of operation and that bloat makes it all the harder for altruism and donations alone to keep things afloat.
indeed, an excellent article.
I heard a sentiment that activitypub and fediverse protocols aren’t great for privacy? I’ll be honest this was from a reddit comment and was probably biased. I don’t know enough about this yet. But I want to learn more!
Anyone have links?
I think it depends on what you mean by privacy. But I do recommend you read what the Electronic Frontier Foundation has to say about the fediverse. They released an extensive series about it last year: Leaving Twitter’s Walled Garden & The Fediverse Could Be Awesome (If We Don’t Screw It Up).
Here’s the part that addresses your concern:
Take privacy: the default with incumbent platforms is usually an all-or-nothing bargain where you accept a platform’s terms or delete your account. The privacy dashboards buried deep in the platform’s settings are a way to tinker in the margins, but even if you untick every box, the big commercial services still harvest vast amounts of your data. To rely on these major platforms is to lose critical autonomy over your privacy, your security, and your free expression.
This handful of companies also share a single business model, based upon tracking us. Not only is this invasion of privacy creepy, but also the vast, frequently unnecessary amount and kinds of data being collected – your location, your friends and other contacts, your thoughts, and more – are often shared, leaked, and sold. They are also used to create inferences about you that can deeply impact your life.
Even if you don’t mind having your data harvested, the mere act of collecting all of this sensitive information in one place makes for a toxic asset. A single bad lapse in security can compromise the privacy and safety of hundreds of millions of people. And once gathered, the information can be shared or demanded by law enforcement. Law enforcement access is even more worrisome in post-Dobbs America, where we already see criminal prosecutions based in part upon people’s social media activities.
We’re also exhausted by social media’s often parasitic role in our lives. Many platforms are optimized to keep us scrolling and posting, and to prevent us from looking away. There’s precious little you can do to turn off these enticements and suggestions, despite the growing recognition that they can have a detrimental effect on our mental health and on our public discourse. Dis- and misinformation, harassment and bullying have thrived in this environment.
There’s also the impossible task of global content moderation at scale. Content moderation fails on two fronts: first, users all over the world have seen that platforms fail to remove extremely harmful content, including disinformation and incitement that is forbidden by the platforms’ own policies. At the same time, platforms improperly remove numerous forms of vital expression, especially from those with little social power. To add insult to injury, users are given few options for appeal or restoration.
These failures have triggered a mounting backlash. On both sides of the U.S. political spectrum, there’s been a flurry of ill-considered legislation aimed at regulating social media moderation practices. Outside of the U.S. we’ve seen multiple “online harms” proposals that are likely to make things worse for users, especially the most marginalized and vulnerable, and don’t meaningfully give everyday people more say over their online life. In some places, such as Turkey, bad legislation is already a reality.
When you post stuff on federated instances, it gets copied to the numerous servers that are federating with it. If you delete something, it’ll only get deleted on one server. The other servers might also delete it, but there’s a chance that some servers might still keep the deleted posts. So I’d just say be considerate and think twice before posting, because it can’t be deleted as easily.
They’re not because you should assume that everything you say is public and can’t be deleted as a remote server may have a copy of what you said.
The key here is to not use identifiable information. Use a pseudonym.
man am I glad that my real name is so generic that you don’t find me unless you specifically search for keywords associated with what I do (e.g “Codeberg” or “Mastodon”)
it’s truly great to have the same name as somebody famous’ brother.
For context