The linked-to post is content-free fluff; I suspect the only reason it got upvoted is because people enjoy arguing politics.
Here is the actual ActivityPub spec. I hadn’t looked at it before; it’s got some decent ideas and its heart is in the right place, but when I flipped to “Security” it was clear that they’ve completely sidestepped all the really difficult parts of a workable decentralized social network, like authentication and trust. Sigh.
As someone mentioned in an earlier comment here, accepting traffic from another AP server requires a lot of trust in them, which is a significant part of why people ban each others’ servers. The other reason is that federation isn’t fully decentralized, and there is a large power differential between the people who run instances and the mere users. Twitter and Facebook may not have better intentions than J Random Sysop, but they’re a lot more accountable so in some ways I trust them more.
Unfortunately, the details are a little barebones, because the authors are working on the lower-level details to prove it out (which is a good thing, in my opinion. Prove it out before standardizing it.)
The idea is to use the Spritely Project as a foundation or at least design inspiration.
The original CapTP Protocol comes from E, a “secure distributed persistent language for capability-based smart contracting”. The Spritely Project aims to bring a modern implementation of E’s ideas, and eventually build an alternative to ActivityPub that gains all of Spritely/CapTP’s security advantages.
Capability security is not an evolution of ActivityPub. Rather, the goal is to treat ActivityPub announcements, or other person-to-person communication, as capabilities. You can idle in #erights on Freenode if you want more information.
It is important to understand that most of the advantages of capabilities come from having software which is written in capability-safe languages. Capability-oriented data design is not the same thing as having proper objects with rights.
Hi! Co-author of ActivityPub, and founder of Spritely, here.
Corbin is right in their description: you can treat ActivityPub as a capability system. More ideas relevant to that in the OcapPub writeup
CapTP support is also something Goblins is actively working on. In a sense, it’s another protocol, so it seems orthogonal to ActivityPub. But there’s a key idea that unifies the two: in a sense, CapTP and ActivityPub both can be perceived of as membranes (though, I would love to have an even simpler explaination of membranes to point to).
One of the planned sub-projects of Spritely is Mandy, which links the Spritely work to the ActivityPub world and demonstrates how to build ocap-safe AP implementations even for systems which aren’t being as extremely ocap-oriented as Spritely. In theory anyway. That part hasn’t been done yet, but it’s coming.
Why this is interesting is probably best understood by looking at goblin-chat, though just looking at a git repository might be insufficiently clear. You can see a gif with some explaination on the Spritely Goblins v0.7 release post, and a bit more progress here, but the short version is: that you can implement a working chatroom and user participation protocol in less than 225 lines of code (and that includes whitespace and comments) should raise an eyebrow… especially with it being peer to peer / end to end encrypted, with not a single line of code in the chat protocol mentioning the network or cryptography (because we lean on the work that CapTP and friends is doing for us).
But obviously this is in early demonstrative changes. How that maps over to ActivityPub will be clear, I hope, fairly soon.
From what people have said, one of the other big weaknesses is that the C2S protocol is super bare. No way to mute (yes, you can implement that client-side, but now you have to sync your mute lists), no way to search, probably some other stuff.
Twitter and Facebook may not have better intentions than J Random Sysop, but they’re a lot more accountable so in some ways I trust them more.
After everything that Twitter and FB have done over the past 10 years, you still hold them up as models of accountability? The removal of APIs, the ever-changing privacy settings, the constant changing of ToS, the data breaches, the bulk selling of data, the rampant promotion of hate and misinformation? They have proven over and over again that they are only accountable to their shareholders and advertisers.
I would (and do) trust J Random Sysop way more than Twitter or FB, because at least I know they have a soul.
“Models of accountability” is not what was said, but things are not that easy.
In some ways, the lack of a soul can be an advantage. A soulless entity doesn’t get angry, jealous, petty, drunk, get a psychosis and think you’re a reptilian trying to steal his wife, etc.
J. Random Sysop is … just this guy. Who may be a good guy or a bad guy. This of course also applies to e.g. Twitter employees, but the risk there is much more spread out over many people, and if it does happen you actually have some recourse as the employee who misbehaved has a boss, whereas J. Random Sysop doesn’t.
Risk of data breaches is probably higher for some random server, and a random server can just stop existing tomorrow. They can probably get away just breaking the ToS/Privacy policy at-will because few people are watching them.
All things considered, these kind of trust issues are quite hard.
At any rate, “J. Random Sysop” vs. “Twitter” is probably a bit of a false dilemma as they’re hardly the only two options available.
Exactly. I trust J. Random Sysop more when it comes to not selling my data out to advertising companies. I trust Jack Dorsey and the Twitter engineers more when it comes to not reading my DMs for a laugh.
Not only can a Mastodon user communicate with users on different servers on Mastodon, perhaps more importantly this user can also communicate e.g with a Friendica (macroblogging) user or a Pleroma user. These are totally different networks that all support ActivityPub. But this is even taken a step further where that same Mastodon user can follow his favourite PeerTube channel or someone that shares great photos on Pixelfed. This is like you were able to follow someone with your Twitter account on YouTube or Instagram. This also means that this Mastodon user can comment or like the PeerTube video from his/her Mastodon user interface. This is the true power of ActivityPub!
There is also Tribes which provides a custom-hosted version (I run mine here).
In all fairness, Mastodon has one of the least spec compliant ActivityPub implementations out there. It gets stumped with a lot of valid payloads that were generated by other services inasmuch as having to implement Mastodon’s quirks is mandatory if one wants to do development for the fediverse.
Maybe an unpopular opinion, but without Mastodon ActivityPub would be living the life it was living before, used by dozens of nerds.
Of course that’s not a proper discussion point to some, you may or may not like its ideas and technical features, but to me it was kinda useless when it was only identi.ca and statusnet and whatnot. I’m saying this as someone who was pretty involved in many FLOSS projects at the time. Utterly useless. It was Twitter if you wanted a thing like this and 90% happened on mailing lists and IRC anyway.
Oh, I fully agree that Mastodon is overall a force for good in the Fediverse, at least in the fact that it made it popular with the non technical crowds, but I still wish they would work harder at some things related to ActivityPub compliance. Probably my own service will not be super compatible with it, as it skirts webfinger - something that Mastodon can’t do user discovery without. :(
I didn’t look into it very deeply, so can’t comment if they made some shortcuts for time to market, or enable stuff that would’ve been hard to do, or just because they were careless or simply didn’t care…
From my perspective they’re prioritizing the features that makes them a better micro blog platform than the features that makes them a better ActivityPub one.
I would like to say that being the major player in this niche they should take their responsibilities in this regard more seriously, but in the end they work on what they enjoy more, and that’s absolutely fine.
Agreed. I am present on a few Mastodon instances but my personal instance is Honk which is a very opinionated and pure (I guess?) ActivityPub server/client/thing
The servers recommended on that page are some of the most notorious in the fediverse, notable for hosting bigoted shitheads and having nazi-friendly moderation policies.
If you sign up on them, you will find yourself blocked by basically all fediverse instances with active and competent moderators.
If you sign up on them, you will find yourself blocked by basically all fediverse instances with active and competent moderators.
This was one of the reasons I stopped using the Fediverse. I don’t like the concept of full-on instance-bans to begin with (something like warnings for out-going actions and filtering for unrequested ingoing actions would be more appropriate). I’m not sure if federation necessarily has to lead to fragmentation, but some people seem to accept it as a necessary tool and don’t care if anyone has a different opinion. In my case I wanted to hear what people on the spinster server had to say, but it was blocked on the instance I was on (ironically this made me go out of my way to listen to the points of radical feminists, which I don’t think was the intention).
Part of the problem with Mastodon specifically is that it has inherited a lot of the worst Twitter-culture by presenting itself as “Twitter with better moderation”, while paradoxically decentralisation is usually understood as a means to avoid being shut down by a central authority. Then again, it all ties into more fundamental issues with the Fediverse and how it presents itself as “each server is it’s own community”, while at the same time I don’t care about what server another person is using. The only thing I am interested in is the moderation policy and how well they administer the server.
The part of the Fediverse I still remain hopeful for is Peertube.
I’m not sure if federation necessarily has to lead to fragmentation, but some people seem to accept it as a necessary tool and don’t care if anyone has a different opinion.
Instance bans allow for coexistence without cohabitation. You always have the choice of choosing your own policy domain/deferring to someone else. Forcing all nodes to be wide open would remove a lot of point and cause unnecessary annoyance.
You always have the choice of choosing your own policy domain/deferring to someone else.
To a degree yes, thought I’d still rather that not be the case, because I rarely agree with someone on everything, meaning I have to administer an instance myself. But it is not only a personal issue, with instance bans threads are also fragmented, so depending on your perspective, you might unknowingly not see the entire conversation going on, leading to more confusion than necessary.
Instance bans are sledge hammers that are applied to eagerly (I do think they make sense for actual spam servers). Maybe the situation has improved since, but I remember there only being three states:
No limits on federation
Instance bans by Users
Instance bans by Instances
Where I think that there should be more going on between 2. and 3.
There are degrees between 1 and 2, at least on mastodon. Admins can “silence”, meaning posts from that instance won’t show up in the federated timeline by default. If I’m not mistaken, there’s also “mute”, meaning interactions from that instance won’t be shown to the muting instance unless there’s a preexisting relationship between the actors.
I should also note that instance bans are not really a thing– you can mute an instance at a user level, but your data is still sent there and you must trust that server’s administration.
instance bans threads are also fragmented, so depending on your perspective, you might unknowingly not see the entire conversation going on, leading to more confusion than necessary.
this seems to be an issue even if the instance isn’t banned. I see this happen with my small instance, where viewing the thread on the hosting instance (or from an account on another instance) shows different posts, and I’m pretty sure the missing posts aren’t from blocked instances.
iirc mastodon will fetch replies upthread, but not downthread: that is, if the chain goes X -> Y -> Z, and your instance is made aware of post Y (someone follows the poster, it gets boosted, whatever) then it will fetch X but not Z. this is why some people have a norm to boost the last post in a thread, as opposed to the first. this isn’t a technical limitation, since pleroma (the other big fedi server) will fetch the entire thread.
of course, in either case, if one of the posts in the thread is private and you don’t follow the person you’ll just break the thread entirely, but there’s not much that can really be done there.
Due to how ActivityPub works, you need to have near-ultimate trust of an instance if you wish to federate with them. If you believe the admins are bad actors, using acceptance of harmful ideologies as a proxy for that, then you can’t trust them with your user’s data, and must defederate.
ironically this made me go out of my way to listen to the points of radical feminists, which I don’t think was the intention
This isn’t necessarily against what the blockers wanted! What is called “censorship” on the fedi is usually about protecting their own users. Trans folks don’t want to have to see the same tired take on trans exclusionism for the fifth time today, nor do they want their posts to be seen by those folks.
As you discovered, there was absolutely nothing stopping you from finding out more from the spinsters, and nothing stopping you from making an account there either, right?
If we think decentralization is the key to freedom, then we can’t stop short of free association.
Due to how ActivityPub works, you need to have near-ultimate trust of an instance if you wish to federate with them. If you believe the admins are bad actors, using acceptance of harmful ideologies as a proxy for that, then you can’t trust them with your user’s data, and must defederate.
What do you mean by “trust them with your user’s data”? Is there something a server can only access if they are federated, that a “blocked” instance couldn’t see via it’s public feed?
What is called “censorship” on the fedi is usually about protecting their own users.
I get that an instance would decide to mute another instance by default, but if a user explicitly requests to receive data, why should they not be able to interact?
A user’s private posts are always federated to any instance that has a single actor subscribed to it. That means that instance is storing a user’s private posts. If the admin’s a bad actor, they could see the private posts even if they’re not authorized to normally.
yes, but email doesn’t use the term ‘private’ anywhere. I think many(most?) people understand that email is not useful for HIPAA or other things where privacy matters.
Many people sign up for things with firstname @gmail.com, and then claim the account owner “hacked” them. Many people think that companyname @somecustomdomain.com means you work for them. Many people think that anything @someother.tld means you actually meant @someother.tld.com.
I don’t think most people understand anything about email.
I think with all things, it’s complicated. I’m sure people in their 70’s and older who have very little exposure to email are likely not very versed.
For the average professional that is legally required to care about privacy, then I think they mostly have the understanding that email != private communication.
Developers SHOULD know better, but they still do stupid things with email, because it’s the only thing you can reasonably assume someone has. (like login with email, use email for password recovery, etc) There are sane things you can do to help mitigate these things, like single use tokens, etc, but.. I’m sure there are still tons of code out there that doesn’t do these things.
I agree email ADDRESSING, which is what you mostly are referring to, is full of assumptions and mostly none of them can be assumed. The only thing you can mostly assume from user@domain, is that the domain admin at some point thought that user should exist. :)
I agree with you it’s a bit of a branding problem.
I’m just so used to the store and forward model of email and NNTP that I just applied that model to the fediverse too. And I have not heard anything about E2EE in the “mainstream” Fediverse.
The servers recommended on that page are some of the most notorious in the fediverse, notable for hosting bigoted shitheads and having nazi-friendly moderation policies.
Citation needed.
One of the servers recommended on that page, gleasonator.com, actually was created by someone that experienced bigoted behavior from mastodon’s toxic and neoracist moderation policies: https://blog.alexgleason.me/gab-block/
As a queer person and regular fedi user, I concur that these servers are notorious. Multiple accounts from shitposter.club harassed a trans friend of mine just this week because they posted a selfie to their timeline. Freespeechextremist’s users have a habit of sea-lioning their way into my mentions; I think the last one was an extremely tedious “wow aren’t gay people bigoted” monologue mixed with Q-anon rants. Freespeechextremist.com, shitposter.club, spinster.xyz, and glindr.org (another Alex Gleason joint) all have the dubious distinction of being on the relatively short mastodon.social and mstdn.social blocklists for hate speech, harassment, and transphobia. With the exception of mstdn.social, this is not a general-purpose instance list: these instances all share moderation policies aligned with reactionary views on gender and sexuality.
That transphobic bigot wasn’t ejected by mastodon’s moderation policies. Mastodon is the service, moderation responsibilities lie with the server admins.
That transphobic bigot was ejected by todon’s moderation policies, because, as he so proudly proclaims, his bigotry is contrary to the server’s stated goals and aims.
“we do not accept (among other things): racism, homophobia, transphobia, sexism, ableism and other forms of discrimination, harassment, trolling, hate speech, (sexual) abuse of minors and adults (also not virtual), glorification of violence, militarism, nationalism and right-wing populism, right-wing and religious extremism, tankies (ML), capitalists, (right-wing) conspiracy ‘theories’, hoaxes, and of course no spam and other forms of advertisement.”
Gleason is a bigot. That bigotry was noted by other todon users (I number myself among them) and he was shown the door.
Usually the use of these terms outside of political environments brings a toxic ambiance and is not conductive to anything felicitous or productive to the domain. I’m sure you’ll have a hard time finding any actual instances of fear/hate (which is what “phobia” literally indicates) from Gleason; and of course defending for female sports rights doesn’t qualify as one (saying otherwise would be bigoted and would at best qualify as … umm … imagined phobia).
’tis a good thing Lobsters is not politically woke to ban the likes of Gleason, eh?
Gleason is a peddler in transphobic bigotry. Its an essential part of who he is. His “sex-essential” “gender-critical” nonsense is a paper-thin mask for hatespeech against a marginalised element in society.
You have now defended him, Freedom of Speech Zealotry, White Supremacists and transphobic bigotry up and down this story, which you appear to have posted just to link to the aforementioned listing site for hatespeech and bigots.
You can put all the ten-dollar words you want all over your post, I can say without hesitation that you’re both posturing and a troll.
All you are doing, in your anonymous account to boot, is to accuse other people (Gleason and now me–that are not anonymous, neither are afraid to hide behind a mask) without evidence and without engaging rationally (as in without refuting the central point) but merely with politically loaded language (as in resorting to thinly veiled ad hominem).
Lobsters would be better off without such toxic comments expressing actual bigotry, and I assume on good faith that you did not intend that, and is writing in a state of not being with a sound mind - so I suggest you take a break.
They out themselves as a transphone one sentence into the blog post. I’m sure many transphobes think being told they’re a transphobe is toxic.
For those who haven’t read the article in full, this is what the first sentence (which according to the parent commenter indicates that Alex is outing himself to be a “transphobe”) reads: “I got deplatformed from Mastodon for supporting women’s sex-based rights. Now Mastodon is trying to stop me from using Gab.”
They also had no problem joining Gab and admitting that it’s full of, their quote, “literal nazis” in the same article.
Again, for those who haven’t read the article in full, here’s the full quote: “Gab is a free speech platform. It is true that there are indeed “literal Nazis” on it. This isn’t a hyperbole, as there are some users who quite literally advocate for the extermination of races of people. The reason is because Gab censors no one. It’s not because Gab likes those people or wants them there.” - and that quote was a prelude to explaining why censorship is bad, by citing past examples:
“Marginalized people are at the greatest risk of being impacted by censorship. The Feminist movement laid the groundwork for freedom of speech in the United States with the formation of the Free Speech League in 1902. They were being censored from distributing material about sex-education and abortion. Keep in mind that the majority of people were against them at the time.”
“The Civil Rights movement of the 1960’s fought hard for free speech. The movement won a landmark case, New York Times vs Sullivan, in which Martin Luther King supporters were sued for running an ad which criticized the police.”
“Black Civil Rights activists were also arrested for: praying, “parading, demonstrating, boycotting, trespassing and picketing.”, “statements calculated to breach the peace.”, “distributing literature without a permit.”, “conduct customarily known as ‘kneel-ins’ in churches.””
Nevermind that Twitter for instance has an uncommon number of neoracists as well.
I flagged your comment as unkind, because essentially it is a low-effort post made to flippantly accuse somebody without evidence, and there is zero fellowship regard (much less an assumption of good faith) towards Alex to the point of even misrepresenting what he wrote.
Friendly warning: anything anywhere that mentions transphobia or nazis becomes a bozo bit here on Lobsters. Don’t try to argue semantics, don’t appeal to actual text or logic or history, don’t waste yours or anybody else’s time–just steer clear of it and save those cycles for making things or engaging in communities with more mature discussion capabilities.
“Women’s sex-based rights” is absolutely a dogwhistle for transphobia, and if you look at what he wrote in his own words he says that ‘transgenderism [was] first popularized on Tumblr’ (?????), links the “TERF is a slur” page, and says “transgender ideology is fiction”. He’s transphobic through and through.
I’m also extremely unconvinced that there’s no way to prevent people from being actual literal Nazis while not hurting marginalized people. Like, if someone was to come in to the comments section of a Lobsters post and say “by the way, I think we should kill all the Jews”, they’d get flagged and banned, right?
And you’re ignoring the fact that constantly seeing people say that they think people like me (hi, I’m trans) are abominable freaks that are better off dead, or even ‘just’ mentally ill people who need to stop pretending, is likely to push me away from a place. This is going to happen with any sort of ‘free speech’-focused Masto instance: the bigots will migrate to your instance because they get kicked off elsewhere, and the people who don’t want to have to deal with bigots are going to go elsewhere.
And, going back to the list, it’s not just gleasonator. As someone who’s used Fedi for several years, every single one of those instances aside from mstdn.social is one that I’ve had shitty experiences with. And it’s not a coincidence that mstdn.social is the only one that’s described as not allowing racism or sexism!
Like, if someone was to come in to the comments section of a Lobsters post and say “by the way, I think we should kill all the Jews”, they’d get flagged and banned, right?
Yes. And it’s happened: a few years ago a comment on a story about net neutrality attempted to use that to explain why the U.S. should commit genocide in the middle east. I deleted it and banned the author.
branching off from the thread, that quote is infuriating. they make the following argument:
marginalized people are affected by censorship (citing civil rights activists)
gab does not participate in censorship
gab has literal nazis on it
therefore:
it’s ok for gab to continue to host literal nazis because banning them is similar to the prejudice that civil rights activists face
i.e. propagating the speech of who people arguing for an ethnostate and committing real-life violence against minorities is somehow beneficial for those same minorities. fucking inane.
A transphobe is someone who fears or has a negative perception of trans people. Supporting “women’s sex-based rights” is the same as saying that people born with female sex organs have different rights than trans people who are women. That is a negative perception of trans people who are women. Saying that women who were born with female sex organs have different rights than trans people who are women is, precisely, transphobia.
Your comment is a low-effort attempt to deny that basic fact; if you recognize that trans people exist, saying they should be denied affordances that cis people have is clearly a manifestation of transphobia.
That claim is so obviously false and inflammatory that I have flagged your comment as a troll. I’ve done you the courtesy of leaving this comment explaining why even though my own comment should rightly be flagged as offtopic. That’s because I’m assuming some good faith even though the obviously false and inflammatory nature of your comment makes me think that’s vanishingly unlikely.
Looking forward a real Fediverse alternative to Reddit, there are centralised and some decentralised alternatives out there but none of them makes makes them a real alternative.
An ideal reddit alternative would by design be decentralizing the power to censor/moderate out of the hands of a select group of admins into distributing it to the users at large. Democratic, not authoritarian. For example,
[…] it simply shouldn’t be up to the centralised tech giants to be unilaterally making those policy decisions. It should be up to the people and their representatives to decide what information they wish to view (outside questions of illegality, of course)
[…]
The answer is to remove the centralisation. Users should be able to make up their own minds and make their own censorship decisions - something that we’re actively working on and supporting via Matrix’s decentralised reputation work.
British people are no longer allowed to go out for a fag. Scientists are unable to discus retarded time or the retardation of planetary orbits. You can’t talk about your spaying your bitch.
But hey, some right-wing troll will have to go through the extra effort of writing b*tch (and only people on the right use insults, it is a well known scientifically proven fact) so it’s all worth it.
This is profoundly misguided. Moderation on these kind of platforms is a hard problem, both technically and socially, but this has got to be the silliest take I’ve seen yet.
I think the biggest advantage of Fediverse is that it’s largely non-commercial at the moment. Traditional commercial social media platforms compete in a zero sum game. Each platform wants to keep their users there in order to monetize them, and if people visit other platforms that’s seen as taking away from the profit of your platform. Therefore, commercial platforms tend to gravitate towards lock ins making it difficult to share media across them. This is why screenshotting things and reposting them to different platforms has become so prevalent.
On the other hand, Fediverse being non-commercial means that it’s a positive sum game. The entire Fediverse grows as people join any of the platforms, and that means more users and more content for everybody. In this model there is incentive to share content across different platforms, and ActivityPub provides a standardized way to achieve that.
Non-commercial isn’t the whole story; I think a lot of Fediverse applications copied the UX of proprietary social media without thinking of the repercussions. Twitter is designed to maximize engagement to the detriment of community; taking out the profit motive but keeping the design means you still have the design decisions that led to problems in communities.
I find Mastodon has actually done quite a bit to address problems with Twitter UI. For example, Mastodon explicitly chose not to allow quote tweeting since that’s often used abusively. It has a great content warning system, and better ways to manage interactions with users such as blocking. I think it’s disingenuous to say that the UX was simply copied.
I think the CW system as implemented is flawed; i.e. I think using tags in CWs would have allowed people to filter based on what they do/don’t want to see. As of now, I’m fine with most content enough I auto-expand things, but there are some things that I would prefer not to - the Mastodon implementation kinda desensitizes you to seemingly sensitive content.
I think papering over the reply count is a small step; I’m curious what a rethink of the UX would be like to avoid all the predatory behaviours would be like though.
Mastodon evolved based on user feedback and contributions from the community. The CWs might not be perfect, but it’s already much better than having nothing at all which is the case with Twitter. If people find the system to be deficient then it’s possible to have a discussion about it, and to submit patches to improve it. On the other hand, you have practically no control over the evolution of the UI on a commercial platform.
The linked-to post is content-free fluff; I suspect the only reason it got upvoted is because people enjoy arguing politics.
Here is the actual ActivityPub spec. I hadn’t looked at it before; it’s got some decent ideas and its heart is in the right place, but when I flipped to “Security” it was clear that they’ve completely sidestepped all the really difficult parts of a workable decentralized social network, like authentication and trust. Sigh.
As someone mentioned in an earlier comment here, accepting traffic from another AP server requires a lot of trust in them, which is a significant part of why people ban each others’ servers. The other reason is that federation isn’t fully decentralized, and there is a large power differential between the people who run instances and the mere users. Twitter and Facebook may not have better intentions than J Random Sysop, but they’re a lot more accountable so in some ways I trust them more.
There’s work on a followup to ActivityPub called CapTP that should answer many of the security, authentication and trust questions.
Would love to learn more about that. I am optimistic that a derivative protocol could see wider adoption beyond merely the social sphere.
Unfortunately, the details are a little barebones, because the authors are working on the lower-level details to prove it out (which is a good thing, in my opinion. Prove it out before standardizing it.)
The idea is to use the Spritely Project as a foundation or at least design inspiration.
The original CapTP Protocol comes from E, a “secure distributed persistent language for capability-based smart contracting”. The Spritely Project aims to bring a modern implementation of E’s ideas, and eventually build an alternative to ActivityPub that gains all of Spritely/CapTP’s security advantages.
Capability security is not an evolution of ActivityPub. Rather, the goal is to treat ActivityPub announcements, or other person-to-person communication, as capabilities. You can idle in
#erightson Freenode if you want more information.It is important to understand that most of the advantages of capabilities come from having software which is written in capability-safe languages. Capability-oriented data design is not the same thing as having proper objects with rights.
Hi! Co-author of ActivityPub, and founder of Spritely, here.
Corbin is right in their description: you can treat ActivityPub as a capability system. More ideas relevant to that in the OcapPub writeup
CapTP support is also something Goblins is actively working on. In a sense, it’s another protocol, so it seems orthogonal to ActivityPub. But there’s a key idea that unifies the two: in a sense, CapTP and ActivityPub both can be perceived of as membranes (though, I would love to have an even simpler explaination of membranes to point to).
One of the planned sub-projects of Spritely is Mandy, which links the Spritely work to the ActivityPub world and demonstrates how to build ocap-safe AP implementations even for systems which aren’t being as extremely ocap-oriented as Spritely. In theory anyway. That part hasn’t been done yet, but it’s coming.
Why this is interesting is probably best understood by looking at goblin-chat, though just looking at a git repository might be insufficiently clear. You can see a gif with some explaination on the Spritely Goblins v0.7 release post, and a bit more progress here, but the short version is: that you can implement a working chatroom and user participation protocol in less than 225 lines of code (and that includes whitespace and comments) should raise an eyebrow… especially with it being peer to peer / end to end encrypted, with not a single line of code in the chat protocol mentioning the network or cryptography (because we lean on the work that CapTP and friends is doing for us).
But obviously this is in early demonstrative changes. How that maps over to ActivityPub will be clear, I hope, fairly soon.
From what people have said, one of the other big weaknesses is that the C2S protocol is super bare. No way to mute (yes, you can implement that client-side, but now you have to sync your mute lists), no way to search, probably some other stuff.
After everything that Twitter and FB have done over the past 10 years, you still hold them up as models of accountability? The removal of APIs, the ever-changing privacy settings, the constant changing of ToS, the data breaches, the bulk selling of data, the rampant promotion of hate and misinformation? They have proven over and over again that they are only accountable to their shareholders and advertisers.
I would (and do) trust J Random Sysop way more than Twitter or FB, because at least I know they have a soul.
“Models of accountability” is not what was said, but things are not that easy.
In some ways, the lack of a soul can be an advantage. A soulless entity doesn’t get angry, jealous, petty, drunk, get a psychosis and think you’re a reptilian trying to steal his wife, etc.
J. Random Sysop is … just this guy. Who may be a good guy or a bad guy. This of course also applies to e.g. Twitter employees, but the risk there is much more spread out over many people, and if it does happen you actually have some recourse as the employee who misbehaved has a boss, whereas J. Random Sysop doesn’t.
Risk of data breaches is probably higher for some random server, and a random server can just stop existing tomorrow. They can probably get away just breaking the ToS/Privacy policy at-will because few people are watching them.
All things considered, these kind of trust issues are quite hard.
At any rate, “J. Random Sysop” vs. “Twitter” is probably a bit of a false dilemma as they’re hardly the only two options available.
Exactly. I trust J. Random Sysop more when it comes to not selling my data out to advertising companies. I trust Jack Dorsey and the Twitter engineers more when it comes to not reading my DMs for a laugh.
The key part,
There is also Tribes which provides a custom-hosted version (I run mine here).
See https://jointhefedi.com if you want to quickly try out the Fediverse.
In all fairness, Mastodon has one of the least spec compliant ActivityPub implementations out there. It gets stumped with a lot of valid payloads that were generated by other services inasmuch as having to implement Mastodon’s quirks is mandatory if one wants to do development for the fediverse.
Maybe an unpopular opinion, but without Mastodon ActivityPub would be living the life it was living before, used by dozens of nerds.
Of course that’s not a proper discussion point to some, you may or may not like its ideas and technical features, but to me it was kinda useless when it was only identi.ca and statusnet and whatnot. I’m saying this as someone who was pretty involved in many FLOSS projects at the time. Utterly useless. It was Twitter if you wanted a thing like this and 90% happened on mailing lists and IRC anyway.
Oh, I fully agree that Mastodon is overall a force for good in the Fediverse, at least in the fact that it made it popular with the non technical crowds, but I still wish they would work harder at some things related to ActivityPub compliance. Probably my own service will not be super compatible with it, as it skirts webfinger - something that Mastodon can’t do user discovery without. :(
I didn’t look into it very deeply, so can’t comment if they made some shortcuts for time to market, or enable stuff that would’ve been hard to do, or just because they were careless or simply didn’t care…
From my perspective they’re prioritizing the features that makes them a better micro blog platform than the features that makes them a better ActivityPub one.
I would like to say that being the major player in this niche they should take their responsibilities in this regard more seriously, but in the end they work on what they enjoy more, and that’s absolutely fine.
Agreed. I am present on a few Mastodon instances but my personal instance is Honk which is a very opinionated and pure (I guess?) ActivityPub server/client/thing
The servers recommended on that page are some of the most notorious in the fediverse, notable for hosting bigoted shitheads and having nazi-friendly moderation policies.
If you sign up on them, you will find yourself blocked by basically all fediverse instances with active and competent moderators.
This was one of the reasons I stopped using the Fediverse. I don’t like the concept of full-on instance-bans to begin with (something like warnings for out-going actions and filtering for unrequested ingoing actions would be more appropriate). I’m not sure if federation necessarily has to lead to fragmentation, but some people seem to accept it as a necessary tool and don’t care if anyone has a different opinion. In my case I wanted to hear what people on the spinster server had to say, but it was blocked on the instance I was on (ironically this made me go out of my way to listen to the points of radical feminists, which I don’t think was the intention).
Part of the problem with Mastodon specifically is that it has inherited a lot of the worst Twitter-culture by presenting itself as “Twitter with better moderation”, while paradoxically decentralisation is usually understood as a means to avoid being shut down by a central authority. Then again, it all ties into more fundamental issues with the Fediverse and how it presents itself as “each server is it’s own community”, while at the same time I don’t care about what server another person is using. The only thing I am interested in is the moderation policy and how well they administer the server.
The part of the Fediverse I still remain hopeful for is Peertube.
Instance bans allow for coexistence without cohabitation. You always have the choice of choosing your own policy domain/deferring to someone else. Forcing all nodes to be wide open would remove a lot of point and cause unnecessary annoyance.
To a degree yes, thought I’d still rather that not be the case, because I rarely agree with someone on everything, meaning I have to administer an instance myself. But it is not only a personal issue, with instance bans threads are also fragmented, so depending on your perspective, you might unknowingly not see the entire conversation going on, leading to more confusion than necessary.
Instance bans are sledge hammers that are applied to eagerly (I do think they make sense for actual spam servers). Maybe the situation has improved since, but I remember there only being three states:
Where I think that there should be more going on between 2. and 3.
There are degrees between 1 and 2, at least on mastodon. Admins can “silence”, meaning posts from that instance won’t show up in the federated timeline by default. If I’m not mistaken, there’s also “mute”, meaning interactions from that instance won’t be shown to the muting instance unless there’s a preexisting relationship between the actors.
I should also note that instance bans are not really a thing– you can mute an instance at a user level, but your data is still sent there and you must trust that server’s administration.
this seems to be an issue even if the instance isn’t banned. I see this happen with my small instance, where viewing the thread on the hosting instance (or from an account on another instance) shows different posts, and I’m pretty sure the missing posts aren’t from blocked instances.
iirc mastodon will fetch replies upthread, but not downthread: that is, if the chain goes X -> Y -> Z, and your instance is made aware of post Y (someone follows the poster, it gets boosted, whatever) then it will fetch X but not Z. this is why some people have a norm to boost the last post in a thread, as opposed to the first. this isn’t a technical limitation, since pleroma (the other big fedi server) will fetch the entire thread.
of course, in either case, if one of the posts in the thread is private and you don’t follow the person you’ll just break the thread entirely, but there’s not much that can really be done there.
oh wow, that’s confusing. :|
Due to how ActivityPub works, you need to have near-ultimate trust of an instance if you wish to federate with them. If you believe the admins are bad actors, using acceptance of harmful ideologies as a proxy for that, then you can’t trust them with your user’s data, and must defederate.
This isn’t necessarily against what the blockers wanted! What is called “censorship” on the fedi is usually about protecting their own users. Trans folks don’t want to have to see the same tired take on trans exclusionism for the fifth time today, nor do they want their posts to be seen by those folks.
As you discovered, there was absolutely nothing stopping you from finding out more from the spinsters, and nothing stopping you from making an account there either, right?
If we think decentralization is the key to freedom, then we can’t stop short of free association.
What do you mean by “trust them with your user’s data”? Is there something a server can only access if they are federated, that a “blocked” instance couldn’t see via it’s public feed?
I get that an instance would decide to mute another instance by default, but if a user explicitly requests to receive data, why should they not be able to interact?
A user’s private posts are always federated to any instance that has a single actor subscribed to it. That means that instance is storing a user’s private posts. If the admin’s a bad actor, they could see the private posts even if they’re not authorized to normally.
so private posts are not actually private, much like Facebook, though for totally different reasons. great.
Yes. Unfortunately, if you view private data disclosure as a security issue, Masto/ActivityPub is less secure than a centralized platform.
There’s hopes that CapTP will solve many of these concerns.
It’s similar to plaintext email, no? As long as the plain text traverses a server somewhere it can be read by the server admins.
As far as I know, end-to-end encryption isn’t supported by AP.
yes, but email doesn’t use the term ‘private’ anywhere. I think many(most?) people understand that email is not useful for HIPAA or other things where privacy matters.
Many people sign up for things with firstname @gmail.com, and then claim the account owner “hacked” them. Many people think that companyname @somecustomdomain.com means you work for them. Many people think that anything @someother.tld means you actually meant @someother.tld.com.
I don’t think most people understand anything about email.
I think with all things, it’s complicated. I’m sure people in their 70’s and older who have very little exposure to email are likely not very versed.
For the average professional that is legally required to care about privacy, then I think they mostly have the understanding that email != private communication.
Developers SHOULD know better, but they still do stupid things with email, because it’s the only thing you can reasonably assume someone has. (like login with email, use email for password recovery, etc) There are sane things you can do to help mitigate these things, like single use tokens, etc, but.. I’m sure there are still tons of code out there that doesn’t do these things.
I agree email ADDRESSING, which is what you mostly are referring to, is full of assumptions and mostly none of them can be assumed. The only thing you can mostly assume from user@domain, is that the domain admin at some point thought that user should exist. :)
I agree with you it’s a bit of a branding problem.
I’m just so used to the store and forward model of email and NNTP that I just applied that model to the fediverse too. And I have not heard anything about E2EE in the “mainstream” Fediverse.
Citation needed.
One of the servers recommended on that page, gleasonator.com, actually was created by someone that experienced bigoted behavior from mastodon’s toxic and neoracist moderation policies: https://blog.alexgleason.me/gab-block/
As a queer person and regular fedi user, I concur that these servers are notorious. Multiple accounts from shitposter.club harassed a trans friend of mine just this week because they posted a selfie to their timeline. Freespeechextremist’s users have a habit of sea-lioning their way into my mentions; I think the last one was an extremely tedious “wow aren’t gay people bigoted” monologue mixed with Q-anon rants. Freespeechextremist.com, shitposter.club, spinster.xyz, and glindr.org (another Alex Gleason joint) all have the dubious distinction of being on the relatively short mastodon.social and mstdn.social blocklists for hate speech, harassment, and transphobia. With the exception of mstdn.social, this is not a general-purpose instance list: these instances all share moderation policies aligned with reactionary views on gender and sexuality.
That transphobic bigot wasn’t ejected by mastodon’s moderation policies. Mastodon is the service, moderation responsibilities lie with the server admins.
That transphobic bigot was ejected by todon’s moderation policies, because, as he so proudly proclaims, his bigotry is contrary to the server’s stated goals and aims.
Those goals, aims and indeed the moderation policy are clearly stated on the server:-
Gleason is a bigot. That bigotry was noted by other todon users (I number myself among them) and he was shown the door.
The word “transphobia” is often used as a loaded term, just like “hate speech” is,
Usually the use of these terms outside of political environments brings a toxic ambiance and is not conductive to anything felicitous or productive to the domain. I’m sure you’ll have a hard time finding any actual instances of fear/hate (which is what “phobia” literally indicates) from Gleason; and of course defending for female sports rights doesn’t qualify as one (saying otherwise would be bigoted and would at best qualify as … umm … imagined phobia).
’tis a good thing Lobsters is not politically woke to ban the likes of Gleason, eh?
Gleason is a peddler in transphobic bigotry. Its an essential part of who he is. His “sex-essential” “gender-critical” nonsense is a paper-thin mask for hatespeech against a marginalised element in society.
You have now defended him, Freedom of Speech Zealotry, White Supremacists and transphobic bigotry up and down this story, which you appear to have posted just to link to the aforementioned listing site for hatespeech and bigots.
You can put all the ten-dollar words you want all over your post, I can say without hesitation that you’re both posturing and a troll.
All you are doing, in your anonymous account to boot, is to accuse other people (Gleason and now me–that are not anonymous, neither are afraid to hide behind a mask) without evidence and without engaging rationally (as in without refuting the central point) but merely with politically loaded language (as in resorting to thinly veiled ad hominem).
Lobsters would be better off without such toxic comments expressing actual bigotry, and I assume on good faith that you did not intend that, and is writing in a state of not being with a sound mind - so I suggest you take a break.
They out themselves as a transphone one sentence into the blog post. I’m sure many transphobes think being told they’re a transphobe is toxic.
They also had no problem joining Gab and admitting that it’s full of, their quote, “literal nazis” in the same article.
For those who haven’t read the article in full, this is what the first sentence (which according to the parent commenter indicates that Alex is outing himself to be a “transphobe”) reads: “I got deplatformed from Mastodon for supporting women’s sex-based rights. Now Mastodon is trying to stop me from using Gab.”
Again, for those who haven’t read the article in full, here’s the full quote: “Gab is a free speech platform. It is true that there are indeed “literal Nazis” on it. This isn’t a hyperbole, as there are some users who quite literally advocate for the extermination of races of people. The reason is because Gab censors no one. It’s not because Gab likes those people or wants them there.” - and that quote was a prelude to explaining why censorship is bad, by citing past examples:
Nevermind that Twitter for instance has an uncommon number of neoracists as well.
I flagged your comment as unkind, because essentially it is a low-effort post made to flippantly accuse somebody without evidence, and there is zero fellowship regard (much less an assumption of good faith) towards Alex to the point of even misrepresenting what he wrote.
Friendly warning: anything anywhere that mentions transphobia or nazis becomes a bozo bit here on Lobsters. Don’t try to argue semantics, don’t appeal to actual text or logic or history, don’t waste yours or anybody else’s time–just steer clear of it and save those cycles for making things or engaging in communities with more mature discussion capabilities.
You’re too wise for this place
Wisdom is what you get when do something really stupid but take notes.
…I’ve taken a lot of notes.
“Women’s sex-based rights” is absolutely a dogwhistle for transphobia, and if you look at what he wrote in his own words he says that ‘transgenderism [was] first popularized on Tumblr’ (?????), links the “TERF is a slur” page, and says “transgender ideology is fiction”. He’s transphobic through and through.
I’m also extremely unconvinced that there’s no way to prevent people from being actual literal Nazis while not hurting marginalized people. Like, if someone was to come in to the comments section of a Lobsters post and say “by the way, I think we should kill all the Jews”, they’d get flagged and banned, right?
And you’re ignoring the fact that constantly seeing people say that they think people like me (hi, I’m trans) are abominable freaks that are better off dead, or even ‘just’ mentally ill people who need to stop pretending, is likely to push me away from a place. This is going to happen with any sort of ‘free speech’-focused Masto instance: the bigots will migrate to your instance because they get kicked off elsewhere, and the people who don’t want to have to deal with bigots are going to go elsewhere.
And, going back to the list, it’s not just gleasonator. As someone who’s used Fedi for several years, every single one of those instances aside from mstdn.social is one that I’ve had shitty experiences with. And it’s not a coincidence that mstdn.social is the only one that’s described as not allowing racism or sexism!
Yes. And it’s happened: a few years ago a comment on a story about net neutrality attempted to use that to explain why the U.S. should commit genocide in the middle east. I deleted it and banned the author.
… now that’s a leap.
branching off from the thread, that quote is infuriating. they make the following argument:
therefore:
i.e. propagating the speech of who people arguing for an ethnostate and committing real-life violence against minorities is somehow beneficial for those same minorities. fucking inane.
My comment below is terribly off-topic, I think.
A transphobe is someone who fears or has a negative perception of trans people. Supporting “women’s sex-based rights” is the same as saying that people born with female sex organs have different rights than trans people who are women. That is a negative perception of trans people who are women. Saying that women who were born with female sex organs have different rights than trans people who are women is, precisely, transphobia.
Your comment is a low-effort attempt to deny that basic fact; if you recognize that trans people exist, saying they should be denied affordances that cis people have is clearly a manifestation of transphobia.
That claim is so obviously false and inflammatory that I have flagged your comment as a troll. I’ve done you the courtesy of leaving this comment explaining why even though my own comment should rightly be flagged as offtopic. That’s because I’m assuming some good faith even though the obviously false and inflammatory nature of your comment makes me think that’s vanishingly unlikely.
Looking forward a real Fediverse alternative to Reddit, there are centralised and some decentralised alternatives out there but none of them makes makes them a real alternative.
Lemmy is the main one I’ve heard of; IIRC it’s built on ActivityPub: https://lemmy.ml/
I haven’t tried it yet tho. What are the problems that prevent them from being a “real alternative”?
Lemmy is not fully decentralised and the dev has a bad rept of being really political.
Wait to discover how political is the rest of the fediverse…
Making FLOSS or Federated software is a political statement inside a political framework. How could they not be political?
I agree.
Lemmy is politically slanted. I wouldn’t touch it with a ten foot pole.
https://github.com/LemmyNet/lemmy/pull/816
An ideal reddit alternative would by design be decentralizing the power to censor/moderate out of the hands of a select group of admins into distributing it to the users at large. Democratic, not authoritarian. For example,
— 2021 escalated quickly, Jan 12, 2021, Element Blog.
British people are no longer allowed to go out for a fag. Scientists are unable to discus retarded time or the retardation of planetary orbits. You can’t talk about your spaying your bitch.
But hey, some right-wing troll will have to go through the extra effort of writing b*tch (and only people on the right use insults, it is a well known scientifically proven fact) so it’s all worth it.
This is profoundly misguided. Moderation on these kind of platforms is a hard problem, both technically and socially, but this has got to be the silliest take I’ve seen yet.
[Comment from banned user removed]
A bigoted anonymous troll on Lobsters? That’s a first!
Yeah, most of our bigots don’t bother hiding their names; they’re relatively proud of their bigotry.
I think the biggest advantage of Fediverse is that it’s largely non-commercial at the moment. Traditional commercial social media platforms compete in a zero sum game. Each platform wants to keep their users there in order to monetize them, and if people visit other platforms that’s seen as taking away from the profit of your platform. Therefore, commercial platforms tend to gravitate towards lock ins making it difficult to share media across them. This is why screenshotting things and reposting them to different platforms has become so prevalent.
On the other hand, Fediverse being non-commercial means that it’s a positive sum game. The entire Fediverse grows as people join any of the platforms, and that means more users and more content for everybody. In this model there is incentive to share content across different platforms, and ActivityPub provides a standardized way to achieve that.
Non-commercial isn’t the whole story; I think a lot of Fediverse applications copied the UX of proprietary social media without thinking of the repercussions. Twitter is designed to maximize engagement to the detriment of community; taking out the profit motive but keeping the design means you still have the design decisions that led to problems in communities.
I find Mastodon has actually done quite a bit to address problems with Twitter UI. For example, Mastodon explicitly chose not to allow quote tweeting since that’s often used abusively. It has a great content warning system, and better ways to manage interactions with users such as blocking. I think it’s disingenuous to say that the UX was simply copied.
I think the CW system as implemented is flawed; i.e. I think using tags in CWs would have allowed people to filter based on what they do/don’t want to see. As of now, I’m fine with most content enough I auto-expand things, but there are some things that I would prefer not to - the Mastodon implementation kinda desensitizes you to seemingly sensitive content.
I think papering over the reply count is a small step; I’m curious what a rethink of the UX would be like to avoid all the predatory behaviours would be like though.
Mastodon evolved based on user feedback and contributions from the community. The CWs might not be perfect, but it’s already much better than having nothing at all which is the case with Twitter. If people find the system to be deficient then it’s possible to have a discussion about it, and to submit patches to improve it. On the other hand, you have practically no control over the evolution of the UI on a commercial platform.