Bluesky announces data federation for self hosters(bsky.social) |
Bluesky announces data federation for self hosters(bsky.social) |
How many of the well know personalities will abandon Mastodon for this?
Mastodon has a surprising number of famous personalities. Many popular open source developers live there. Lots of well known people in math/science (Terry Tao, etc). Lots of authors (Greg Egan, Neil Gaiman, etc). Lots of open source orgs.
Will they be willing to move networks yet again? Twitter made them unhappy. Will Mastodon be so poor (and Bluesky more superior) to get them to move again?
Live and die by network effects.
If I have my facts straight, they have gone from 2M to 5M users since they opened to the public just 17 days ago.
And btw, using Neil Gaiman as an example, he is prolific on Bluesky. He has 861 posts on Mastodon, vs 4.5k on Bsky. He seems to have already made the move to a large extent.
Once that happens we now wait for the platform that has the most sign ups.
Meta yesterday integrated Threads with Facebook allowing you to cross post and almost every week they are deepening the integration with Instagram.
They are clearly trying to broaden the user base to include the other few billion who never signed up for Twitter.
This seems like a major win for Mastodon. Bluesky is clearly spinning this as a positive, however, so what am I missing?
As a meaningful example: someone (not BlueSky themselves, I don't believe) published a "Quiet Posters" feed. I have subscribed to that. Now, in addition to "Following," and "For You," I have a "Quiet Posters" feed. This exclusively shows posts by people who don't post very often. Since subscribing to it, I have seen a lot more content from the folks who aren't as chatty as the people who fill up my timeline. That's very nice.
Can’t you just be ephemeral and delete your posts after a few days? Seems like nothing good comes from having a huge history of things you posted on a social network.
> "the protocol has an official webpage with a waitlist and a private beta?"
Both the waitlist and the private beta are gone.
> "The “protocol” is just a description of whatever the Bluesky app and servers do, it can and does change anytime the Bluesky developers decide they want to change it"
1. atproto is well documented and the plan and desire is to make it a proper internet standard.
2. There are hundreds of independent projects relying on the protocol to create alternative clients and custom feeds (algorithms).
3. The protocol includes namespaced schemas so that different apps can evolve without breaking each other e.g. the "app.bsky" namespace is for the Bluesky microblogging app.
> "The “DID Placeholder” method..."
There is already support for did:web and plans to support other DID methods, including potentially (non-POW) blockchain methods.
> "All posts go through the Bluesky central server..."
All posts go through any Relay that anyone cares to operate. It's also possible to fetch posts directly form the origin PDS host, it's just slower and results in more load on the PDS.
> "And you, as a reader, doesn’t have any control of what you’re reading from either..."
Apps are in full control over where they get posts from. An app can enable users to select a Relay/AppView or fetch posts directly from the origin PDS.
> "But I fail to see why even more than one network provider will exist,..."
People may want to operate their own Relay/AppView services so they have more control for their specific application, for higher performance (latency/throughput) reasons, or for geographic/jurisdictional reasons, to name a few.
And the compute/network requirements are not beyond the capabilities of small startups, non-profits, coops, or public services and likely never will be.
BlueSky is PDS + relays + clients.
If you look at the history of Nostr and try to really understand the protocol, where it came from and what it was trying to solve, Nostr was also meant to work on a PDS + relay model, except it degenerated to the point where most Nostr app developers are simply writing Javascript browser apps that use relays as a "poor man's cloud", sort of, without any consideration for achieving self-sovereignty of the user.
"I save the data in the 6 most popular Nostr relays and done." is what 99% of the so called "Nostr apps" do. Sounds good in theory, until it is not. Relays were really meant to be treated as ephemeral actors, that come and go, and data was meant to be stored somewhere the user was in control of, but instead, relays are treated as some sort of reincarnation of IPFS, where you save your data and have it safe forever.
Bluesky seems to solve this by introducing the concept of PDS. It's not like PDSes cannot be built for Nostr - there are indeed some Nostr apps that work using the PDS model - save the data in a place the user has complete control of, and then propagate it to relays. The benefit of Bluesky seems to me that it formalizes the concept of PDSes, so that app developers don't have to think about it and cannot mistake the relays for PDSes.
There is no escape...
(To me! others feel the exact opposite. Diversity is good here.)
And don’t say “lets defederate with said bad actors” since they would still exist and anyone can join said bad actors instances.
It’s akin to telling antelopes surrounded by lions to close their eyes and the lions are ‘gone’ yet the lions still exist around them.
> Moderation on Bluesky is not tied to your server, like it is on Mastodon. Defederation, a way of addressing moderation issues in Mastodon by disconnecting servers, is not as relevant on Bluesky because there are other layers to the system. Server operators can set rules for what content they will host, but tools like blocklists and moderation services are what help communities self-organize around moderation preferences. We’ve already integrated block and mute lists, and the tooling for independent moderation services is coming soon.
The whole point is to decentralize moderation so that users aren't stuck with only the moderation provided by their host.
Decentralized moderation and the tools needed to support it are not solved problems but are instead ongoing projects. Block and mute lists clearly won't be sufficient to enable robust decentralized moderation so it will he interesting to see how support for third party content filters get implemented.
Er... fine, and who cares? If everyone defederates (slightly more a nuclear option on Bluesky than Mastodon but still I think possible?), then, well, the bad instance is its own problem.
Or are you saying that even an unfederated instance with bad people would be bad? Like, the only solution there is to ban all open-source social networking software.
A self hosted instance will have no such moderation.
Nostr worked to some extent despite existence of Mastodon because Mastodon bodged that part. Mastodon took off because Twitter broke its community. Bluesky's successes is really making me feel that the first S of the abbreviation S.N.S. do stand for what it stands.
There's tons of alternate social media out there. Forums, Subreddits, Tildes, Discourse, Matrix, IRC, Mastodon, Lemmy, Usenet, and on and on. The truth is the S in SNS is always what social networks have been about.
IRC failed in technical side due to the failure in committee development model around IRCv3, Reddit succeeded by sole social factor despite being a carbon copy of Digg. To me, Bluesky vs Mastodon, and also Twitter vs Mastodon situations seems closer to the latter, even with controversial waitlist and the big turmoil, respectively.
Technical details and the installer are in the GitHub repo https://github.com/bluesky-social/pds
And we're on Discord available to help: https://discord.com/invite/UWS6FFdhMe
There are other clients for Bluesky that do the same thing as the bsky.app web app: https://docs.bsky.app/showcase?tags=client
On top of that, user defined moderation will be applied from block and mute lists. Hopefully this will include using 3rd party lists and eventually, user specified content filters.
Maybe I'm missing something here. Are the federated instances less functional than the main instance? Is this some kind of weird freemium thing they're doing? (I'm actually asking, I'm not familiar with Bluesky much at all.)
Your parent is not making a technical claim, but a social one: that there will be instances that are effectively unmoderated, because the people who run it hold that up as some kind of ideal, and that that is a problem.
I do not share this opinion personally, but have seen many people express it, so I feel like I am representing it accurately.
In fact, I would go so far as to say that it's incorrect, and not just an opinion, because unlike in Mastodon, moderation is not tied to your instance. Of course, whoever owns an instance can decide to kick someone off of it, but that's not the primary moderation mechanism in BlueSky, which allows you to choose your own set of moderation tools, regardless of which instance you or anyone else belongs to. I linked to the main three posts to understand BlueSky's moderation stances and features upthread: https://news.ycombinator.com/item?id=39471973
Ah that makes sense. Thanks for reframing this. I don't particularly agree either, but I think I now understand the viewpoint better.
I don't understand why so many technical people equate monopoly with success. I use IRC every day.
I actually like that IRC is less 'noisey' then most social media (I generally only hang on a few low volume channels) with no 'feed' being shoved at me, no algorithm deciding what I 'should' see. I bop into more popular channels as needed, but for general use, I find the self-directed nature of IRC to be the 'perfect social media' for me...eg I see only what I'm interested in.
[1]https://www.emilydamstra.com/please-enough-dead-butterflies/
Are you joking? This is private enterprise we're talking about. We'll all die before this company or anything similar is built on "scientific rigor" unless it directly relates to their profit margins.
I didn't know this (as most of us I'd guess). It was an interesting read though, thanks.
Edit: now it has one! Thanks!
The on-demand TLS certificates with an "ask" endpoint is especially useful for the PDS use-case. Because there's generally a wildcard DNS name that is used to give each new user a domain handle (@alice.example.com) but we don't want to be vulnerable to a TLS certificate DoS/rate limit situation.
I'd imagine this use case is quite common for self hosters. If it can't operate alongside an existing, say, nginx on this port, are there recommended alternate practices?
I'm excited at separating identity from hosting, of which self hosting identity gets us closer.
Does the AT Protocol only optimize for Twitter-like flows, or does it allow for other types of social applications to be built like Activitypub? For example a reddit-like social media.
Part of the change today is that the PDS and Relay[1] now support non-app.bsky record types. This is quite new, so there could be issues, but we're prepared to fix any issues that crop up.
1. https://bsky.social/about/blog/5-5-2023-federation-architect...
Yes, it's totally up to a PDS operator to decide how they create user accounts. It's also not required on the Bluesky PDS service any longer, in most cases.
By default the self-hosted PDS requires an invite code, to prevent random people from creating an account. Later other options will exist, including OAuth support which is coming soon.
There is a Docker compose file in the repo, and advanced users shouldn't have any problems running the code on another distribution or even without Docker if they prefer.
Advanced users can just view the installer script as documentation.
There's an (incomplete) list here: https://docs.bsky.app/showcase
And the protocol is documented here: https://atproto.com
I use BSD, and all I see is a installer for Debian/Ubuntu.
No guide in sight for bare metal nor telling you what services/software are required.
Also, services like Twitter started off with a developer friendly open API, and then it got closed off when the business needed to make money off the platform. What's the difference with Bluesky?
It's MIT/Apache 2.0 licensed, so yes. However, because it's also an open protocol, even if it wasn't, you could write your own under whatever license you want.
> What's the difference with Bluesky?
BlueSky is built off of an open protocol, called AT. https://atproto.com/ BlueSky is a particular app built on the protocol. As such, there's no way to "turn off the API," as BlueSky itself is a participant in the open protocol.
They could like, re-write everything to be a central service, port the user data over to it, and then pull out from the network, but then two things would happen:
1. stuff would break, as it's no longer part of the network.
2. since there is true account portability, users could simply swap to a different PDS and client, and re-route around the damage.
Also given that it's against their entire stated mission and goals, it would be social suicide.
I'm working on a client and there's a specific scenario where I want to be able to show a feed like "Top 20 - Past 3 Hours" before a user has logged in to their Bluesky account.
Any chance the team could create a Home Assistant add-on for this? https://www.home-assistant.io/addons/
I think the Home Assistant community would go WILD for being able to self-host their Bluesky data straight from home with just a few clicks.
It's a pretty big crowd of people. https://analytics.home-assistant.io/ 327k willing to opt-in to analytics.
I know if there's one thing I'm eager to do it's to host even more stuff in that clunky piece of shit that has half a dozen main menu items for nonsense and buries everything of interest or value under "Settings"
I think the reason my friends did not join Bluesky despite me inviting them is that it just isn't as good of a product as Twitter. You can't post videos or DM.
I am not a tech executive and have no idea about corporate strategy, but it seems like Bluesky should focus less on technical differentiators and more on building killer features that have mass appeal and a community that people want to join.
IMHO this milestone, while cool, means absolutely nothing to people outside of the hacker news crowd.
I'm rooting for Bluesky, but it seems to me it will die without a critical mass of users.
Again, I'm kinda dumb, so this may all be wrong.
If the end result is politically unbiased, it's due to their conscious decisions, not some magic algorithm.
Congrats on launching! Excited to see what y'all do next.
As it is, og-embeds do work for video and audio from a few different providers.
GIF support: https://github.com/bluesky-social/social-app/issues/1047
Audio/video support: https://github.com/bluesky-social/social-app/issues/1052
If anything, my experience of Bluesky has been the inoffensive vapid thought leadering of peak Twitter alongside the playful air-headed liberal self-help that is also fairly reminiscent of peak Twitter. In one word: bland. Being able to paint over the offensive things like nazis and porn by sweeping them under your personal rug rather than blocking or banning them only adds to this impression for me.
Twitter, your breath of fresh air, on the other hand is overrun by ChatGPT spam bots and shovelware drop shipping ads worse than the crypto "giveaway" scams and paid tweets of the immediate pre-Musk days and every even moderately left-leaning political tweet is filled with replies describing the violent acts they want to do to that person in excessive detail by accounts that openly post literal neo-nazi propaganda videos of Adolf Hitler denouncing "degenerate art" as a Jewish plot to weaken the German volk and national spirit and going "I don't agree with everything he did but he had a point". Political discussions about the Middle East in turn are split evenly between right wing calls for genocide of all adults and children in Palestine and right wing defenses of Palestinians for being victims of the international Jewish conspiracy to exterminate the white race through mixed breeding with brown refugees.
We used to always call Twitter "the bad place", "hellsite" or "cesspool" before Musk but it certainly deserves those names now more than ever, arguably rivaling 4chan in its political takes although the depictions of gore are mostly limited to uncensored war footage and the porn is decidedly more tame.
The reason Twitter is called a "right-wing cesspool" is not because it's full of right-wing people (that would just make it a "pool"), it's because of the vicious explicit threats of violence and celebration of human suffering propagated by those people. For all its faults, the bland libs on Bluesky don't do much of that.
Granted, my experience of Twitter might be tainted by the fact most people I used to follow in the old days have either left or are no longer active and any time I visit the algorithmic timeline hits me at full blast. And a lot of the edgier posts (not replies) by right wing folks the avalanche of drama RTs throw my way are clearly created to farm engagement in the hope of striking it big if the bluecheck authors make the payout lottery.
I disagree. If anything now it's more balanced, every "right of Portland-liberal" is no longer hidden and shadow-banned or worse. I like it a lot more!
Now you can actually read and learn about stuff you care about.
Still though, I get like Matt Gaetz' tweets recommended to me. Does anyone like that dude? How is this happening? Why on earth would I want that? I feel like all this conservative stuff is surfaced by the application to me.
[Proof](https://ibb.co/ypHS8fN)
I got notifications, on my dang phone, for the dumbest fucking takes. I don't get them for liberal people. Possible I am just in the demographic of people they think would swing conservative so they target me.
It’s absolutely conservative cesspool. Nazis can are literally posting 14 words propaganda all day long and there are no consequences.
Interesting. I see it as the de-facto journalist platform, which to me (as a non american) make it very left leaning. But then again, I don't use X.
You'll want to read:
* "Composable Moderation," this is the core conceptual idea: https://bsky.social/about/blog/4-13-2023-moderation
* "Moderation in a Public Commons," which describes specific features that were added in pursuit of the previously-described goal https://bsky.social/about/blog/6-23-2023-moderation-proposal...
* "Bluesky 2023 Moderation Report," which discusses specifically how (what is now) the main instance was moderated last year https://bsky.social/about/blog/01-16-2024-moderation-2023
My understanding is that each host has control over what they host and can subscribe to third party content filtering services to help do so.
Then various indexes/aggregators (potentially third party) crawl hosts and provide services to find content. This is where voting or toxicity checks can be applied to manipulate reach.
This content is also tag-able via third party services (and may be used by indexes/aggregators).
The user is then able to select/configure indexes/aggregators and filter based on tags.
For clarity: I'd love to see this comment and say "I was wrong" 5 or 10 years later.
Basically, until atproto is much bigger than bsky.app, the situation is not very different.
(https://github.com/did-method-plc/did-method-plc/blob/main/R... linked from https://docs.bsky.app/blog/self-host-federation)
They have been a bit vague about other ways to generate revenue, except in one case: they will not be using advertisements to monetize.
I am unsure if I am going to run my own just yet. We'll see.
There's no algorithmic feed other than "popular" (on large instances) which shows the same 10 people posting for months in a row, daily. Hence, discovery of people and content is very hard. No content or people are recommended and search is broken. Ordinary people not belonging to some cultish niche have a very hard time compiling a good feed, if they even understand it at all.
Federation itself is broken. The boosts and comments to a post do not accurately synchronize across the network, it depends on some complicated logic regarding whom from your instance follows anybody else from the other instance. The bottom line is that you may see 3 boosts whilst the original has 12. You may not care about boosts, but it's a disaster for comments/replies. Everybody is seeing a different subset of replies to the same damn post. It drives the OP mad because there will be 20 people replying the same thing because they cannot see that others already said it.
Instances have too much power over moderation. They control whom the instance federates with server to server. You may be following somebody on another instance but your instance owner defederates and now your connection is gone. This ability to not just moderate content but heavily impact your social graph isn't seen anywhere else. And this ability is heavily used as Mastodon is a network of activists.
Combine this over-use of moderation with the idea that instances go under all the time, and the only sane thing to do for most people is to join the default instance. Here you'll have reasonable "mainstream" moderation and the biggest federation reach with other instances/services. Which kind of defeats the point of a distributed social network.
I'm still impressed by what Mastodon has accomplished given its grass root origin and shoestring budget, but it's no social media of the future.
I don't know if Bluesky is, but at least it has a better design regarding nomadic identities, a user's ability to self-moderate, content protection, etc.
Yet there are no comparisons on the site. I don't see even see a mention. This makes it difficult to evaluate relative maturity, core competencies, limitations, and risks.
Having read the post more deeply, particularly the bullet points you mentioned, it looks like there are four really high level differentiators listed:
* A focus on the global conversation
* Composable moderation
* Composable feeds
* Account portability
The term 'composable' seems almost misused when reading the extended descriptions, and is used differently between points. For example, 'composable moderation' indicates that moderation isn't done on a per-server level.
The fundamental censorship and algorithmic prioritization models for distributed social networks seems to have three layers: global (centralized), server, user.
In 'old social' the model is basically just 'global', as there are no servers and the only 'user-level' options are those determined by the global operator.
It doesn't seem like moderation would truly be 'composable' if it's only set on the global and user (and therefore global via centralized determination of client-level specs) level. It sounds like Facebook except with other people paying the data costs.
The next bullet indicates 'composable feeds', which sound like a very nice feature but really don't seem to follow a decentralized model either. The 'composition' does not combine from each global/server/user layer. They sound more like 'custom feeds' which users can define based on global content, using predefined criteria determined by a client (web app) which don't really a way to control the behavior of. Which makes this feature only truly operate on the global layer, and 'custom' rather than 'composable'.
It would be on the same level of 'old social' adding a new feature to their web app, more than a fundamental transfer of control to the network. As a result, when the dollars dry up and the feature isn't financially plausible, or a PM somewhere makes a bad decision because he read a blog post about how great it is to destroy user choice, there's risk the feature could go away.
Anyway, the question I'm still left with in the end is this. If moderation is done globally, and I can't exercise any control over the prioritization of content beyond what is granted to me by the global provider (even though there are more and better choices than 'old social'), what's the benefit of running a federated node?
I don't mean to make it sound like this is some kind of Twitter clone with an SSO login that outsources operational costs to volunteers while still keeping a fundamentally iron grip on control. I'm just honestly confused at the value proposition for volunteers. Exactly how much control is transferred to the network beyond simply hosting data which is displayed according to how the centralized portion of the system determines?
It'd be good if the trade-off in terms of time, data, and performance for running your own node was simply to remove the capability of the centralized network to collect user behavioral metrics and such. That's a great and valid reason to host your own service or use a trusted party's service. But there's no mention of this if it is the case. If you provide that already without promoting the fact, maybe bring that up with your marketing team.
Anyway that's getting a bit off topic. But to the original point:
Ideally, a better comparison would be a dedicated page which coallates every feature of each platform in a grid. A row for each feature. Row cells would fill with 'has' or 'does not have' checkboxes or possibly text where there's something similar but differs sufficiently to require an explanation. Maybe with links to documentation or direct to UI on the line items where appropriate.
This feels like "thanks for offloading some of the data, but we still retain most of the useful control?"
Which is to say, neither storage nor indexing -- but moderation -- the ability to have control over that would be the most important thing.
"Usk" buys (or otherwise leverages money to be able to put his thumb on the control of ) bluesky's moderation. Data storage just gives you the ability to leave? What am I missing?
It's running with wayyyy less resources than the github suggested. I am on a shared cpu with 512mb of ram running the container.
Could be a little simpler to setup, if the docs provided a docker run example without the shell scripts. Also has some duplicate env variables.
For anyone interested, I shared it in the discord: https://discord.com/channels/1207024379549061120/12070503280...
Overall super cool. My profile page says I am using an invalid handle, but otherwise it works, and I see it requesting my server for things.
In the example I just hard code the env variables to demonstrate, but you’d want them in secrets after testing it out.
Seems intriguing regardless. Congrats on making it happen!
But we do certainly plan to make IPv6 work on all our network services.
You cannot federate behind CGNAT, and most folks can only open ports over IPv6, because they don’t live in America where everyone can get their own public IPv4 address. This is a pretty big miss IMO.
Thank you! Great to see companies taking feedback seriously.
I have my own biases so I don't want to describe it further than that, nor link to it directly so as not to cause even more disagreement, but the controversy does not seem to faze the developer, so I believe you will have your wish.
The cliques are mostly important to those who choose to make it important for themselves.
This post immediately comes to mind: https://bsky.app/profile/caseynewton.bsky.social/post/3kktr3...
Can't have anyone competing with you, after all!
It's actually "you can host yourself and your friends but anyone who doesn't know someone with a server and technical knowledge must use our platform"
It's roughly 10 posts/second, so it's trivial to process it completely locally.
>To sign up, users must pay a $5 sign-up fee, meant to prevent the creation of spam accounts. Further, users can only post a limited number of “casts” on Farcaster apps, which are tied to packages called storage units. Storage units, which go for $5 a piece, grant a user 5,000 casts, 2,500 reactions, and 2,500 links or photo posts within a one-year period.
It will quickly become a mess in the real world.
People will run pods on cheapest VPS and they will get hacked, run out of money, get bored, go broke etc.
Imagine as fractions of content goes missing for a while or is just deleted.
One guy runs a small pod with some people, kills it, 60.000 messages gone. How does that impact interconnected discussions?
If I own my own data. (good), and I can remove my data if I want (good). Then what happened to a BlueSky conversation I was having with 40 other people? some of whom belong to other pods.
Do the conversations remain with just blank lines where I used to be?
If not, if the content remains stored somehow then I dont own my data and I cant remove it?
This is true of any federated system. Once you put things out into the world, you can ask that others delete it, but that doesn't mean they will.
Even in centralized systems, things like archive.org exist.
In some sense, public statements are always immutable.
> Imagine as fractions of content goes missing for a while or is just deleted.
All of your complaints apply for the internet. Would you say the internet was a bad idea?
It may have changed since I have been user there but, I consider content on sites like Facebook or Twitter, that is not really recent, to be lost anyway. Because searching or browsing older content was hard.
Various organizations provide "archive" services. Relays and/or AppViews can utilize (or be) such a service. Removal from such a service depends on that service's systems (and possibly the legal context.)
Caching can happen at Relays or AppViews and those will presumably need to do something to avoid caching CSAM.
Mastodon has this problem and it makes it where you have to have multiple accounts if you actually want to use the platform. This might sound like not a problem, but it'll naturally lead to whatever account has access to 51% of your content being the one you use consistently, and you eventually just forget about the other 49%.
Block lists don't work at the instance level, so the answer to your question isn't just "no", but that it is impossible.
If it is one for you, nothing stops you from using s client that supports multiple accounts.
But people banding together to not just block proven bad people (by whatever criteria) but also those who closely associate with them will happen in any federated system one way or other, because blocking at an individual level is too cumbersome.
Seriously?! Will this trend ever dies?!
I don’t want to use discord, can’t they just make a simple request form? Whenever I see “join our discord” for anything in any service I just never use that service, keep it as an option for whoever wants to hangout there just don’t make it the “only” channel of communication!
> Because the PDS distribution is not totally settled, we want to have a line of communication with PDS admins in the network, so we’re asking any developer that plans to run a PDS to join the PDS Admins Discord.
https://docs.bsky.app/blog/self-host-federation
This is much more reasonable than an actual gate on the feature.
The goal is just to help PDS operators join the network and make sure that if there's a problem we have a channel of communication open.
I am assuming a person's own posts would come along, but what about conversations with other people, or group discussions or things you have followed?
Any other features that would work / things you could see if still connected but no be available if you were federated and banned?
I think fbook has a hidden 'export your posts to WP' option somewhere, and you can download a copy of your data (if you are not banned / can still login) - but that data would not include replies in groups, marketplace, etc (? haven't checked, I'm sure other things)
I read they were turning off the groups access API and may not be offering a replacement option..
I think there is reasonable debate as to whether or not group posts and such should or should not be included in a data dump / backup..
Also not familiar with features that bluesky or mastadon or twitter do or do not have and what would break if you moved your data (would only your part of dms/chats come along? pictures others sent you or posted? )
Nothing. It is fully transparent to everyone. Your followers won't notice, and you won't notice. Everything Just Works.
.. and the only thing that happens is you can't send data to/through blusky (or receive?) any more and and new data ?
I'd like to test this, any way to get someone from blusky to ban an account to test this?
The feature I'd like to see from federated social network like this is encrypt everything to keys only held client side (in the style of keybase), so servers can't read content (only some surrounding metadata so they know which other servers to communicate with about the content).
> The AT Protocol, which Bluesky is built on, is designed to support public conversations.
Ah, ok.
IIUC the main defense is choice over your own feed + moderators on the feed you choose.
Is this why DMs are not supported? Because there wouldn't be a good spam protection mechanism?
Apparently, DMs are low priority: https://github.com/bluesky-social/social-app/issues/1114
Love the fresh federated model btw!
That doesn't change my point. I am pointing out a an easy pitfall Caddy users can fall in since it is not automatically handled for them as it is with other server software, nor is it pointed out in the documentation fkr Caddy. Simple server software would avoid these pitfalls automatically for users. So while it now be simple to get https working, properly configuring the server is now more complex to get right.
An intentional pitfall doesn't mean it isn't a pitfall.
And it's probably not niche if dozens of users are posting about it for years.
Would it be possible to use it for macroblogging, i.e. long posts with markdown markup, embedded images, etc? If so is there a python library tghat implements atproto?
Another really neat aspect of atproto, is that apps can interact theoretically. So you might create a blog system but use "app.bsky" (Bluesky) for comments.
OAuth support is coming soon as well, which is a big step in simplifying auth.
> It's also not required on the Bluesky service any longer, in most cases.
That's also nice to hear - when last time I tried to register an account (shortly after the free registration launch) the phone number field in the registration form was marked as required, if I am not mistaken.
Very cool to see this available though, I might have to try it out later this week!
My question was motivated by the fact that from the outside the AT proto ecosystem looks pretty monocultural, and personally I don't trust that. :)
Basically, you're right, but just because you're asking early on. This is about to change real quick.
I'm contrasting this through the prism of having seen people implementing ActivityPub software as early as 2017, when it was merely a draft and everyone was complaining about how many things had been left out.
When I was thinking about rolling my own federated social service (during the whole Twitter / Mastodon shuffle), I started thinking about the negative impacts of federation. “How can I build a kill switch into this thing in case bad actors start to participate?”
Of course, that means a central authority having moderation control.
But then, part of me thought.. does there need to be a kill switch? Do we want centralized moderation control? If laws are being broken, or social issues are being pressed to the fringe (*lons X), then the ISP would intervene. Or… the responsibility of moderation shifts elsewhere than the provider of the software. (To where do moderation responsibilities shift, if anywhere? I think is still a question.)
I personally landed at the spot of: it’s really no different than what the WWW provides — it’s just easier access. But, is that easier access to self host content and media dangerous? (lol I guess I’m still conflicted about what could happen with wider ease-of-access to self hosting.)
… back to sleep. This stuff literally keeps me up at night lol
(I didn’t get to the other comments further down in this post that talk about content moderation .. but I’m seeing them now!)
It's wasteful to get an entire second machine for something that can use the resources available on the machine running Home Assistant OS
I think I have a handle on it for Mastodon; the answer is "not much" or it's going to be pretty hard. While the deeply decentralized nature of Mastodon makes it harder to find a good "feed," it strongly protects against this; he'd literally have to seek out the individual instances and start trying to control them, one by one.
But it looks like Bluesky is closer to Twitter (I ain't callin' it X, idgaf) than Mastodon for purposes of what matters to a bad actor. Instances dropping off the map doesn't matter if you have a hand on the control of the relatively centralized recommendation algorithm?
So anyone who wants to run this, has to join that discord anyway. You can find it in the blog post.
1. The expected scenario is that people would run PDS hosts on small VMs (Digital Ocean, Vultr, AWS, etc) where an IPv4 address is the default.
2. People running PDS hosts behind NAT would use a tunnel service of some kind (Cloudflare Tunnel, Tailscale Funnel, Ngrok, etc).
But IPv6 is something we do want to support, and it won't be a huge effort. It will just take a bit of time to get to it.
It just seems strange that a federated social network platform who wants as wide of an audience as possible, gatekeeps who can participate based on a trivial self imposed limitation.
Hope I don’t sound like a hater because I’m excited for this, but yea it’s a bigger deal than a lot of people think. Even just dealing with bots is 100x easier when you have v6 because you can fine tune rules based on ASNs much easier when you can expect v6 addresses from certain networks and what not. We saw this in India the most where most bot activity would be v4 only, while humans would connect over v6, so we could dynamically tune sensitivity on challenges based on solve rates and what not.
The plan is to increase limits sufficiently to account for all legitimate usage.
(It's also worth pointing out that these limits only apply to our Relay service. The expectation is that there will be other Relays on the network in the future.)
Then please suggest how they can remedy this problem without giving spammers the same opportunity.
- Requiring upfront financial commitments would deter most low-yield spams, at the cost of raising requirements for running your own node - Domain-based filtering likely works for this, but this brings back in the topic of censorship (see Mastadon's domain blocking)
> It's actually "you can host yourself and your friends but anyone who doesn't know someone with a server and technical knowledge must use our platform"
You're complaining about the immediate first steps and how it doesn't immediately land on the moon. Simplifying the deployment process for everyone else still takes time. At minimum:
- Purchasing gateway for a custom domain name (requires partnerships with domain name sellers) - Server/Compute+DB rental gateway (because the average normal person doesn't have the hardware to run the service 24/7, nor do they want to know about Linux) - Togglable automatic updates to the federation service
Each simplification would require effort on the devs & partners to setup & maintain.
Personally, I'm not very block-happy, but I still have a few instance-wide blocks in place for my even my single-person instance on Mastodon because there are literally a few instances full of nazis, run by nazis, where blocking one puts you at risk of brigading.
I'm in a privileged enough position to have relatively little to worry about, but this also extends to a safety issue for a lot of communities, where harassment and threats spill over into the "real world", and where being able to put in place broad, expansive blocks to minimize the ability for individuals who consider themselves "wronged" by one of their victims to utilize their communities to strike is the bare minimum when there isn't a central authority putting efforts into getting rid of these users.
For example, due to having true account portability, if you tried to block a particular instance, they could just move to another one to evade that block. You need to block the account to prevent this. If there’s an instance that hands out usernames as a subdomain, you could write a moderation service that takes that into account, but then they could transition to their own username, stay on the same PDS, and that would no longer work.
The more BlueSky native way would be to run a moderation service that tags accounts, and then a blocklist that bans accounts that get the tag. You’d then want to tag accounts that post from that PDS, and now, even if they move, they’re still blocked.
That is to say, “you can’t really do that” doesn’t mean that that isn’t important or impossible, just that different protocols require different means of implementing requirements.
P.S. Fantastic project (Matrix/Element)!
Yes, but there are some small caveats to how this works exactly, based on the architecture. I'll get to it.
> all your friends posts
Your friends weren't banned, you don't have their posts in the first place.
> all your DMS
AT is 100% public, there are no DMs.
> you can't send data to/through blusky (or receive?) any more and and new data ?
Okay so, we have to talk about the architecture of BlueSky here. There's a few moving parts:
* PDS: personal data server. This holds your posts and such. Before this announcement, BlueSky ran the only PDS. What's happened today is that new PDSes are able to federate with the BlueSky run PDS.
* Relay: this is a server that aggregates data from multiple PDSes. Relays replicate data from the PDSes, and present it as one firehose of information. In some sense, today's announcement is "BlueSky's Relay will now replicate data from PDSes other than theirs."
* App View: this is a service that takes the information from one or more Relays, combines it with whatever other things they care about, and presents the information to an end user. bsky.app is an App View.
I like to think about this like git and GitHub. Your PDS is like a git repository. BlueSky is like GitHub.
So, when BlueSky bans you, aka, when GitHub takes down your git repository on their site, what that means is that they have decided they no longer wish to host your PDS, and they don't let you use their App View. However, if you have a local copy of your PDS, you can simply host it elsewhere, and notify the relay of it, or join a PDS that's already federating with a known relay. Once you do that, you can resume posting. If you don't have a copy of the PDS, I believe you can reconstruct it from the copies that have been federated around the network, but this part is a bit fuzzy to me. Even then, saying "Hey my PDS lives over here now" means your new posts will still get pushed around the network, and the people following you will see them, but you may need to rebuild your following list.
It's also important to note that like, BlueSky's relay could say "never replicate posts from this PDS", but that's why there's multiple relays. If you don't like BlueSky's policies about their relay or app view, use one that implements the policies you care about.
> I'd like to test this, any way to get someone from blusky to ban an account to test this?
This is one step towards realizing this future; for now you have to manually tell BlueSky to federate with your new PDS. The truly federated network is sloooowly coming online. So things will get there.
If it had been an opt-in system, the response would probably have been far different.
As opposed to centralized moderation (twitter, FB, IG, etc.)
See here for more: https://news.ycombinator.com/item?id=39471973
I use Twitter for tech, but my feed is now conservative politics, gore video, & tech tweets intermingled.
In the face of current events though, that can be overlooked as it is not a narrative that serves western interest.
But to give an anecdote about an alternative, I rarely see any bigotry on Mastodon. Instances which allow that or don't moderate it correctly get block listed by instances I like. These instances may defederate into their own bubble in which they can still exist but cause no harm to the general timeline. Yet everyone still remains the freedom to express themselves. I like this because it's just a natural way of how to solve this problem for the end user.
Musk is grandstanding about "free speech", but what Twitter actually does now is fold and cave to demands for censorship from any authoritarian government that asks [4][5].
[1] https://www.businessinsider.com/twitter-leaked-internal-mess...
[2] https://theintercept.com/2022/12/20/elon-musk-twitter-banned...
[3] https://www.thedailybeast.com/elon-musk-suspends-insiders-li...
[4] https://restofworld.org/2023/elon-musk-twitter-government-or...
[5] https://www.techdirt.com/2023/05/15/once-again-free-speech-a...
Putin is a fascist dictator and Navalny wanted democratic rule.
ActivityPub (AP) felt a bit like "good enough to get something done", which is amazing on one hand - people can do a lot with it. But it also means some harder problems are totally ignored[2], so the landscape between instances felt rocky to me. I also heavily disliked how federation worked in AP, ie how the protocol felt like it favored centralized instances because small instances were less likely to be pinged, were lower priority, in general was very spammy, etc. Not that the AP proto did anything to cause that.. it just didn't do anything to address it in my view, it was just data.
Does AT fix my concerns over AP? No idea. But i appreciate a proto that had a bit more time in the oven and being used to (maybe) solve the harder problems that i experienced with AP.
[1]: https://arxiv.org/abs/2402.03239 [2]: These are only my opinions from a very brief stint in trying to write an AP client to federate with Mastodon, Lemmy and Kbin. I did not dive deep into AP, so please don't judge it from my experience.
Oh, so it's just hype.
Not sure how you call that hype. Is everything hype until you understand it well to you?
To be clear, custom feeds aren’t defined in the client app. Anyone can run a custom feed on their own server and with arbitrary logic. A custom feed subscribes to a global firehose (which could also be run by a third party) and uses the stream of the events in the network to produce its results. A user can then publish such a feed under their account, and other users can consume it. This is essentially event sourcing.
Here’s a technical paper with details: https://arxiv.org/pdf/2402.03239.pdf
We’ll have more to share on composable moderation in near future.
Running your own server (aka PDS) allows you to post content that might be blocked on other servers.
The "global" moderation in BlueSky is also federated. Anyone can provide a weighted feed, search engine or other content discovery service (aka AppView) by crawling servers or other indexers (aka Relay). This is like what google/bing/ddg does for webpages.
The user can then apply their own moderation to the results returned by the aggretator/indexer of their choice. This like running an add blocker.
e.g. Call for democracy can be highly illegal in some regions(no, not just in China, or just few countries that are "super backwards"). Some may wish to say that those regions are objectively wrong and deserve no attentions, those who ingest such content should fight to death for that speech, or something heroic along that. It's not that simple and easy, and in those cases a "zero tolerance on criticisms for social systems" filter might be useful in letting user in for what is worthwhile without asking for their lives nor blood on our hands.
btw, if only it was always something that heroic. Mastodon Fediverse exploded and sheared into camps of censored loli, uncensored furry, alt-right terrorism, and myriad rest of none-of-it isolates, all slowly declining. A global unified federated microblogging network that was almost completed, over that.
They also mention that anyone can run another of these, but there is zero chance anyone will be able to do that.
This is an odd claim since it's completely possible today and has always has been.
Each Bluesky Relay and PDS host has endpoints that anyone can use to receive network data (post/like records, etc) in a totally permissionless way.
A Relay:
websocat wss://bsky.network/xrpc/com.atproto.sync.subscribeRepos
A PDS websocat wss://puffball.us-east.host.bsky.network/xrpc/com.atproto.sync.subscribeRepos
And there are additional sync methods as well for doing backfill, etc. Not sure how this could be more open.I have two Mastodon instances, and I don't know if I'll bother. If I were to it'd be mostly because I feel that ideologically I think it'd benefit the Fediverse to embrace Bluesky real tight, take their best ideas, extend them, and ensure it feels like Bluesky is just another corner of the Fediverse with some pointless differences.
I think the future of decentralized social media is bright. I'm critically supportive of all the work being done and I'll be happy as long as we don't repeat the mistakes of email and xmpp.
The limitations on filtering on Bluesky and the culture of filtering on Mastodon where this ability is seen as a community good means that if you want a 'global' view of the combined network, you're going to need to be on the Fediverse side of those bridges. That's not a good position to be in for Bluesky.
> if you have a hand on the control of the relatively centralized recommendation algorithm?
There's nothing centralized about it. Anyone can run an algorithm. If you don't like that algorithm, drop that feed, and find a new one.
Basically, a big difference between BlueSky and Mastodon is that in BlueSky, almost everything is independent parts you can layer together however you like. Mastodon is based around instances, and so ties a lot of these sorts of choices together for everyone on that instance. On BlueSky, "my instance", that is, where my data is hosted, is separate from the posts that I see, because I can choose to follow whatever feeds I like. My instance is also separate from my personal moderation preferences, which I choose independent of my instance.
The same is true about most so-called "left-wing" journalism. Some journalists may be true believers but the platforms exist to make money, not to be any threat to the systems those ideologies explicitly oppose.
Heck, this even goes for political parties like the Democrats: the Texas governor literally rejected the authority of the federal government and legislative system by deploying his military at the border and the Democrat president's response was to propose a bill that would have created a legal avenue for what the treasonous governor was trying to make happen. Decorum is used as an excuse to keep intentionally ceding ground to the supposed political enemy.
Why are Fediverse people only angry about it now? It's an open protocol. If you want privacy, don't publish something for the entire world to see. That's just basic common sense. At the very least, use Mastodon's privacy controls. The Fediverse is not special here, it doesn't get to destroy the open Web for everyone else.
As a controversy, it's been blown out of proportion. It's just Fediverse admins setting the moderation policies for their own sites, as always.
As for the fediverse destroying the open web for everyone else, I think you’re hyperboling quite a bit, the fediverse has done mountains to make social media more open, probably more than everyone else.
Though I think "voicing concerns" is a bit of an understatement. I feel really bad for the developer of Bridgy Fed, working on their passion project and just getting caught up in all this heat and harassment.
It's the same situation with Threads.
As for privacy I disagree with you. There's nothing because nothing has been discussed, but the technical feasability should never dictate what we want as a society. When a family member dies, even though the news is known you know how to behave, who to share that information with, what to say. Would you be okay with a company coring up to you and saying "hey we learned your mother died, would you like to tweet it ? It is free !"
And someone else will just go build an opt-out (or maybe even no opt-out!) bridge.
And again, it wasn't about Bluesky in particular. If Google announced that they were going to ingest all Mastodon content and post it in a new Google Groups kind of thing, they'd be pretty understandably upset about that, too.
In general, "if I wanted my stuff on Bluesky, I would have put it there". It wasn't the bridge creator's decision to make.
Calling it 'The Problem' like climate change or the national debt gives it too much power. Just use something else. People use group chats for real relationships now anyway.
So in practice you have to make choices, or you'll end up running the new 4chan and being sad about your life. As happened to the guy who ran the old 4chan: https://www.rollingstone.com/culture/culture-features/4chans...
The ideal, platonic version of this would be that moderators only see an "identity scrambled" version of each tweet/post when they make their moderation decision. Like a screen that blinds orchestra musicians when they audition, the human would see a statement like "I hate New Yorkers" and not know if the original message said "I hate New Yorkers" or "I hate Floridians." So they would have to make a decision based on the general principle of whether a statement of this form is allowable.
Anywhere you want to draw the line is fine with me, as long as you draw it consistently.
Take the use of reclaimed slurs, for example. When used against the discriminated group by a dominant group, their intention is often to cause harm. When used within the group, the intention is to reappropriate the term: https://en.wikipedia.org/wiki/Reappropriation
Similarly, harassers will use terms in ways that are plausibly read different ways depending on who they're talking to. So something that might sound innocuous or just odd when directed at me will be correctly read as a racist attack when directed at somebody else.
And that's not even counting when they'll just come up with new terms so they can be awful in ways that are novel enough that automated filters or out-of-date moderators won't catch. E.g.: https://www.vice.com/en/article/bv88a5/white-supremacists-ha...
In short, because there's a great deal of identity-based hate in the world, identity-blind moderation ends up being an aid to the identity haters out there.
We're thinking about Bluesky as both a product and a protocol (informing each other's design), and you're 100% right that for the end user, the product itself is what matters. Because we've taken on the decentralization constraint, we take longer to "catch up" to features that centralized platforms tend to have from the start, but it's definitely going to be a major area of focus for us going forward. (Ofc Mastodon isn't centralized, but note that it's had a few years of head start on feature development. We'll get there.)
For a decentralized protocol doing things right is much more important than doing things fast, it is very difficult (and in a lot of cases impossible) to break backwards compatibility.
If Signal releases a malicious update (and they don't provide reproducible builds), it is very much possible for you to know about it, as everything is on your device. Even if the binaries are different from the source code, decompilers, analyzing network traffic, etc. gives the community a good chance at catching malicious updates. Mastodon admins can simply pull up your plaintext DMs on their servers and no one will ever know.
Well then I guess it's pointless because it doesn't accomplish that.
(The actual point, FYI, is that you don't have to trust all of: them, their hosting providers, your ISP, the ISPs between, the government, and their mom.)
> it is very much possible for you to know about it
"Possible" != "done"
> analyzing network traffic
How are you gonna do that? Surely if they wanted to sniff it would still just look like any other encrypted data
> gives the community a good chance at catching malicious updates
Sure, when the same application is used by everyone, which is not true in either the Mastodon world or the new Bluesky-small-instances world
And the linked privacy policy goes into further detail (at least on my instance, mstdn.io):
> Please keep in mind that the _operators of the server and any receiving server may view such messages_, and that recipients may screenshot, copy or otherwise re-share them. Do not share any sensitive information over Mastodon.
Overall, I think it's safe for most chit-chat, and for anything more serious you can add link to Matrix or your email and PGP key in your profile.
As a sidenote, I'd also like to point out that a lot of serious communication nowadays still happens over unencrypted email. You can consider it whataboutism, but it's still worth remembering IMO. (And of course, like others pointed out, DMs on Twitter aren't encrypted, too, so it's the status quo here.)
If the protocol is not open, you have to rely in the clients provided by the vendor, and you can slip a backdoor throigh easily.
When did you last audit your Signal client? Where is “the commjnity” organizing this effort and publishing the results?
Debian shipped an entropy lowering in house patch despite the “many eyeballs” fos years (for OpenSSL). Don’t lure yourself into false feeling of security bevause of the “community” might be doing something. Only count on defenses surely in place, with traceable operation and output history, with responsibles who are allocated resources for the work and having stakes at its outcomes.
Videos might be more of a resource issue. Hardly a good time to launch videos almost at the same timeframe as they spike their user base by going public.
A size limit affects both equally.
> even relatively good ones like Cloudflare have particular payment shenanigans around video
That's only for the web service. Workers and R2 let you do video just fine. And small videos don't need any fancy logic, just toss them over http.
> Size uploads could help in that situation, but it's a bandaid on a bullet wound when the video still gets played a million times, y'know?
No, I legitimately don't know. Why is it different from an image that gets a million views?
It's not a good way to do it, though, and it's worse for Bluesky because it implies that in order to move your PDS (one of the best features of the design), you'd have to pick up the freight for video that already exists. If PDS mobility is important, attaching large economic strings to that is a big disincentive.
I mean that's the whole point of the Fediverse, a federated network of independent nodes. Of course the nodes take care of the functionality.
If you want to be Twitter, you'll end up being Twitter. We already have one of those, it sucks, and we don't need another one.
Social networks go to crap above a certain scale. If everyone can see your posts, you'll write posts to be seen by everyone. Which, as it turns out, ends up benefiting no one. The magic comes when there is a community, where you give a shit about the people you're sending messages to, and they give a shit about you. If the community is too small, then nobody bothers with it and it dies. If the community is too large, then it ends up being old men screaming at clouds, and (see above) we already have one of those. So a platform that is good enough to use, but limits the number of disaffected members, is the only thing worth creating.
If something I'm saying requires a video, then I can always link to one. If something someone else is saying requires a video, and it requires the video to be immediately visible while I'm reading whatever they're saying, then there's a good chance I'm better off not seeing it anyway, even if I think I want to.
(Ironically, in this post I am an old man screaming at clouds...)
You get something good system by sharing power, not by once again falling for "trust us bro." You get it by understanding power imbalances and avoiding them the same way my dog avoids objects with large amounts of potential energy, because they're predictably dangerous.
Sometimes I'm spot on, sometimes I stand corrected. The problem is, as time goes, your free time reserve starts to decline. You optimize things, consolidate services, etc., and these kind of migrations start to take tons of time.
Because of this, I gave "big web" up and moved to "small web", and always have plans to evacuate any service in a moment's notice.
It's like being a doomsday-preparer from a point, but at least I have backups and backup plans for everything.
I am not sure if it will succeed or fail, but I am interested to see how it plays out.
I don't believe I subscribe to any blocklists on BlueSky. If I end up doing so, it is much more likely to be one run by someone I trust than by a company. Having the option of either seems worthwhile to me.
I'm not sure this follows. There is a similarity to the reddit model of moderation. The host provides some base amount of moderation but supplemental moderation comes from members of the community. In the Bluesky model, a 'subreddit' is analagous to an indexer/aggregator (aka Relay/AppView) that provides a moderated and/or weighted feed of content. The same incentives for volunteer mods on Reddit will exist for volunteer mods on Bluesky.
EU is moving towards requiring all social media obey EU laws, under loose notion that their laws is the least restrictive and most reasonable. No one is, and the sum of all ethical standards on Earth is not going to be something very popular, so that's nonsense. OTOH, it's perfectly reasonable that content served at scale in a region will have to be lawful; "this content you want removed is lawful in MY country" is sort of nonsense too. So moderation decoupling and, ahem, moderation localization is going to be necessary for social media. I suppose that's where they're going.
The problem with censorship isn't the enforcement of rules. The problem with censorship is the enforcement of rules the individual that has to enforce them doesn't agree with. Free speech absolutism on social media is often argued for with appeals to "the town square" but the difference between social media and an actual town square is that if you make a complete ass out of yourself in an actual town square, eventually someone will punch you.
Post 18th century world started with peasants beheading kings and gutting his body into pieces so no single individual shall have any meaningful parts of it. The fact that kings had the power to throw anyone out of "his" club, deemed no longer his simply by volume of peasants within, at his king's discretion without the newly established ultrabureaucratic people's approval processes, was the problem they had enough of.
I'm not even sure in which part in the history of humanity your definition of free speech and censorship problems could come from. I don't think even ancient Roman Senate honored that kind of view as I've never heard they held sessions with bags of stones around. That isn't an anarchist view either, since it will lead to their minority views alone justify such "consequences".
Just wtf?
They better have a good answer to this because it's a threat to the ecosystem as a whole if they don't. Because relying on VC money in this environment is not the smartest thing to do.
I agree that a healthy Bluesky PBLLC is a good thing, and hope they manage to pull it off. Time will tell.
Because based on them raising $8m in a seed round middle of last year they aren't going to have much time to decide and implement a strategy before they will need to start thinking about raising a Series A. Or maybe Jack does become a bigger investor.
Either way I think it's insane to prematurely rule out advertising.
I also don't believe (and again, don't work there, just a huge fan, so maybe this is wrong) I'm not sure that the revenue was the reason for shipping this feature. It's best thought of as an accessibility feature, for folks who do not know what a "DNS record" is and have never hosted a domain. Without this, more technical users get something special that non-technical users do not: a nicer username. The money is just a side effect of the fact that purchasing a domain name already requires money, and so a partnership with a revenue split just makes sense.
> Either way I think it's insane to prematurely rule out advertising.
I hear you in an abstract "that's the way you make money in this space" sense, but I also think it's a smart reaction to the public sentiment around this stuff. People do not like advertising. It is a differentiator. We'll see if it works out for them or not.
Well,
> Are you thinking about advertisements at all?
>
> There will always be free options, and we can't enshittify the network with ads. This is where federation comes in. The fact that anyone can self-host and anyone can build on the software means that we'll never be able to degrade the user experience in a way where people want to leave.
https://www.wired.com/story/bluesky-ceo-jay-graber-wont-ensh...
This reads as definitive to me personally.
> we'll never be able to degrade the user experience in a way where people want to leave
Neither of those is the same as "no ads". They're just saying that they can't make the ads so bad that most people want to leave, because then people will leave and the ads won't be shown to anyone.
This release, of federation, is in my mind a major answer to the real question you're asking, which is the same but with "the employees" instead of "Jack," as they have the equity stake.
Once things are federated, other folks gain power over the protocol, by virtue of usage. If Bluesky PBLLC starts to do shady things, the other instances can refuse to do so, and talk to each other instead.
This is why the split between AT and BlueSky is important, and why this news matters, as it is meaningfully delivering on the desire to protect against such a thing.
Email is open, but if GMail decides to block all email from you, you're toast. And while GMail is large, their percentage of email inboxes pales in comparison to BlueSky's percentage of AtProto users (which is near 100% at the moment).
Yes, once things are federated, other folks start gaining some power over the protocol by virtue of usage. However, if 99% of people remain with BlueSky, everyone else essentially has no power.
mastodon.social has around 15% of the Fediverse on its server and it means that it has a lot of power. Mastodon (the software) is around 72% of the Fediverse which means that other ActivityPub software essentially has to use Mastodon-flavored ActivityPub with whatever quirks might exist in Mastodon. But that's still way less power than BlueSky has in the AtProto ecosystem.
Open protocols are only good as long as there's enough reason for lots of different parties to keep those lines of communication open. mastodon.social needs to keep supporting ActivityPub because they'd lose 85% of their network if they stopped. Let's say it's 2030 and AtProto has 500M users and 99% of them are using BlueSky. BlueSky could simply turn off all the AtProto endpoints and make their web and mobile apps use proprietary endpoints. I'm not saying they'd do that, but they certainly could. Now, if 2030 comes around and there are 500M AtProto users and 10% of them are on BlueSky, then it wouldn't really be possible for BlueSky to turn off AtProto. They'd lose 90% of their network.
But we don't know if AtProto will catch on outside of BlueSky or if BlueSky will remain the vast majority of the network. If there isn't a lot of use outside of BlueSky, there could come a day when it's very tempting to turn it off - or do something that isn't quite turning it off, but would effectively accomplish it. Maybe they just start making breaking changes to AtProto, rolling it out, and documenting the change a week later and third parties just end up unreliable and people migrate off them. There's lots of options.
Five years from now, how is BlueSky making money? Are they just storing, processing, and serving lots of content without good monetization as third party apps start grabbing users and making money off their servers? I mean, we saw what Reddit and Twitter did. If BlueSky controls 99% of AtProto users, they can turn the firehose off. Even if they aren't trying to be evil or maximize their revenue, at some point they need money for all those engineers and servers. Maybe the official BlueSky app will be popular enough for them to get some ad revenue there and not feel the need to go after third party apps. Maybe a lot of things.
But until BlueSky is a minority of AtProto users/posts/etc., it's still something they have a lot of power over - including the power to pivot BlueSky off AtProto and make BlueSky a proprietary network.
Time will tell!
https://news.ycombinator.com./
If you want a link to a page with a link like this you can click on the github issue I referenced in my original comment as there are links there like that.
If you want a more natural page that is less meta with such a link
https://jameswillia.ms/posts/shortest-urls.html
>Also, the term ‘FQDN’ does not always imply the dot at the end?
Yes, but if there is not a . at the end then there is ambiguity of if it is a FQDN or not.
I have seen two main complaints:
* This is opt-out not opt-in, and I don't like that.
* BlueSky is bad because it is run by a company (sometimes with a suggestion that Jack Dorsey owns and runs the place), and I think the fediverse should be free from corporate influence, and so I object to the idea of a bridge.
Yes, he, Dorsey, did it. I don’t should discount that one bit!
Should we give him or people like him another chance? Fuck no. History is filled with examples of embrace and extinguish. Let’s wish him luck for AT Proto (actually BSKY; he is not interested in AT; AT is the bait, the lure, because he knows well people will just flock the first and the biggest).
(He’s on the board of directors though it seems - there are two people there I think).
Mastodon is very sensitive to that.
People will still bridge the two in various ways.
People will also bolt on more direct bridging to Mastodon if there's any demand from Bluesky users.
Basically, unless Bluesky totally fails, it will be embraced and extended by the broader broader Fediverse, because why not?
But it's not never. For example, I can see your post. So I can send a screenshot of your post to my friends to dicuss it. I can't see your hard drive contents. So I shouldn't hack into it and send a screenshot of your hard drive to my friends to discuss it.
So technical feasibility influences what is reasonable to do as a society. It's not "feasible = reasonable", or else murder would be reasonable, but it definitely does influence it.
And in this case, I believe what the Fediverse people commenting in the GitHub issue want to be unreasonable. It is unreasonable to publish something publicly, on a federated network, where privacy controls exist (but are not being used), and then claim to have an expectation of privacy in a public space, especially when such bridges provide utility and benefit to others that just can't happen if it's opt-in.
It is reasonable to block it. It is unreasonable to expect everyone else to restrain themselves from using public data in the spirit of the open Internet. It is especially unreasonable to harass non-profit bridge developers in this case. That's not a social solution, just harassment.
Note about copyright: that's not a path one should go down, because it'll make the Fediverse illegal as a whole. It's probably fair use, anyway.
Note about AT protocol: yes it's designed by a for-profit, but it's good. Just because something is for-profit and VC-backed does not mean it will enshittify; take Element for example. It solves a lot of issues that people were having with Mastodon such as global full text search and a global feed. I would use it if it only had more relays to spread out the control.
In general, "I want my stuff on Bluesky but don't want to deal with cross-posting to multiple different platforms and keeping up with responses on all of them"
And, "I want my stuff on whatever platform people want to read it on without having to individually approve each one" (which is quite literally the entire point of public posts on Mastodon).
OH - and it wasn't the bridge creator's decision anyway; it was the decision of people on Bluesky to follow you that would trigger your posts to be federated, so...
Similarly, I don't want my blog posts used to train LLMs. I know they're likely to be since they're published right there on the Internet for anyone to see and read. But my intent was for other humans to see and read them, not for someone to feed them into a regurgitator. There aren't technical means that let me allow humans to read my stuff without allowing LLMs to ingest it, and someone could make the (bad) case that if I didn't want my work to be used to train an LLM, I shouldn't have made it public. Maybe. However, I reserve the right to think someone's an ass for doing it.
Well, no technical hurdles kept the person from copying data out of the network people meant to post it to. It's probably not illegal. It's not a nice thing to do, though.
Except literally the entire design is for other Mastodon servers to bulk copy it en masse to somewhere else.
> There aren't technical means that let me allow humans to read my stuff without allowing LLMs to ingest it
Yes there are. Don't make it public.
> However, I reserve the right to think someone's an ass for doing it.
Of course! You can think anyone is an ass. You can think anything you want. That doesn't mean that person did anything wrong.
How about "If I wanted my stuff on the your Mastodon server, I would have put it there"?
"If I wanted my Mastodon content on your RSS feed, I would have put it there".
How about "If I wanted my stuff on the Internet, a publicly available internet, I would have put it there".
This tribalism around network/brands/protocols is beyond stupid. The thing that is killing Twitter is its closedness and the assumption that the means of communication is what matters. It's not. Let open protocols be open.
If people want privacy, then they should use a secure communication protocol and not a social media network.
I thought that was the point of activitypub.
exactly like they did with usenet without any issue?
To make it clear, for people who don't know:
Google Groups was originally Dejanews, which was a web based archive and front end to Usenet. Google started searching Usenet, but didn't have historical archives so they bought Dejanews.
Obviously no one who posted on Usenet got paid under this transaction.
It's like if Google bought a Mastadon archive off someone now: this argument seems to indicate that would be better somehow than Google archiving Mastadon posts themselves.
I don't understand why at all?
The whole point of a fediverse is it's a federation. Therefore there is implied consent to copying from one instance to another.
> but the intent of posting to Mastodon isn't to have it show up automatically on another network
Mastodon isn't a network, the network is the fediverse. Mastodon is some software that runs on the network.
Mastodon is an odd sort of network, there's more blocking than I expected and it somehow seems as if blocking is an intrinsic part of the design. In Mastodon, blocking looks like a choice one makes for whatever reasons, not an unloved measure needed for fighting abuse.
As if the design doesn't tell users "you can follow people in the fediverse" but rather "your ability to follow people in the fediverse is limited by you and three other parties and the software isn't among the three".
So… if the mastodonish idea of consent doesn't extend to all of the fediverse, what makes bluesky different from some unvetted mastodon site run by weird people? If the poster's/follower's/would-be follower's consent isn't taken for granted in one case and isn't taken for granted in the other, what makes the two cases different? There obviously is a technical difference, but what is the difference wrt. consent?
Absolutely nothing! Fediverse admins block unmoderated sites all the time, for being unmoderated. Bluesky is just, effectively, one unmoderated instance that everyone will block by default.
Except that's not what the bridge does, at all. It only follows you on someone's behalf when someone on Bluesky specifically requests to follow you through the bridge.
Whether that works, we'll see. I for one just gave up social media about 8 years ago and, while feeling like I'm missing something flares up from time to time, it's nothing like the disaster my online life was before I gave it up. It wasn't a problem of missing federation or not being centralized. It was inherent to the way social media functions against my person.
I could maybe see an argument not based on technical premises, but instead something like "it will defacto become one because running a relay is too expensive" or such. Is that what you're going for?
I worry that Bluesky becomes the de facto central actor and, due to having no stated business plan and a countdown to repay the money they took, pulls a Google, leveraging its dominance to introduce proprietary, breaking changes.
Yes, right now, the tech, team, interviews, etc sound mission-driven, but "revenue is the dominant term"[2] in the equation of a company's life, and there's still a very real chance that Bluesky dominates whatever federated AT Protocol network ends up forming, then uses that leverage to walk back all this promised openness.
I'm cautiously interested in Bluesky, but I'm watching for this kind of de facto dominance and we're probably too early on to see where the AT network is headed.
- [1] https://somehowmanage.com/2020/09/20/revenue-model-not-cultu...
We don't even need the hypothetical "it will defacto become..." because Bluesky Social was, up till now, the ONLY way to participate in the community. They had 3 million users before federation, and now we can start to hook into what they've built, but the idea from the start was clearly not built around federation and decentralization, otherwise it would have been federated from day one, as Mastodon was. They can HOPE now, that people accept the federation concept, but there's enough gnashing of teeth around the pain of running Mastodon instance that it seems really clear that going from central to decentral is, if we're being intellectually honest, a bridge too far for most to cross.
> telling people who openly advocate for the death of people in your group to take their opinions elsewhere
These parts of your comments imply your default model of safety is a safe haven in a barbarian land with perimeter walls and armed guards and a benevolent property owner. Clearly your thinking is privatized violence is integral to safety. You might be thinking that's what freedom of speech is, as in freedom implemented in speech domain, but that is wrong. Freedom of speech as this phrase is used is something different from that.
Freedom of speech means speech is always taken as unserious as practically possible. Absolute freedom of speech would mean even advocating for death, or however terrible the messaging might be, are taken as weird jokes until an action is taken.
This is not the matter of thresholds and analogies, your model of freedom is just wrong.
Bluesky doesn't have the ability to do this. There's no API key to revoke that could stop someone else from running parallel apps/infrastructure/etc. The network is completely open.
I'm about as anti-ads as it gets but I don't object to other people using apps with ads in them, if that's their choice.
That this moderation strategy would prevent the use of all slurs (even reappropriated ones) sounds like a feature to me, not a bug.
You're proposing erring on the side of censorship to avoid some gray areas. While this is a reasonable position, it doesn't satisfy some ideal of neutrality and won't really avoid the gray areas, and so still would require subjective judgement.
In practice, almost any nominally "neutral" position ends up allowing an enormous amount of abuse. Which is why you'll see most platforms that start with a free-speech maximalism approach coming up with a lot of nuance and exceptions over time. And those that don't turn into cesspools.
Most people are pretty great, but moderation has to be built for the worst-case attacker.
Which is ultimately what I object to.
What we have now is a system where, on many platforms, moderators often put their thumbs on the scale and decide that certain groups need more protection than others. Generalizing about or disparaging certain groups is ok, but the sensitivities of other groups are considered sacrosanct and must be deferred to.
Like I said, draw the line anywhere you like. If it applies to everyone equally, I am happy. I am fine with things that require subjective judgment, as long as that subjective judgment is behind a screen that conceals identity.
Moderation is full of gray areas, and they are unavoidable.