Mikina @ Mikina @programming.dev

Posts

5

Comments

482

Joined

2 yr. ago

EDIT: I though you are replying to the comment about just hosting single-user instances, and assumed that you meant that if everyone had their own single use private instances, it would be against the fediverse idea. Sorry about that.

I wouldn't say that's making the fediverse private - it's only making my personal account and data about what I visit private. That's what the ActivityPub protocol is for, and the more I think about it, the more I hope that some kind of app would show up - one that would be designed to just act as a personal front-end for the Fediverse, which would allow you to interact as a user from your instance with others, but also one that would keep all of your data, which are currently at mercy of your instance admins, at your personal instance.

Of course, you still need people to host instances that are actually made for communities and content, and that's what Lemmy or Mastodon is designed for - but I'd like to see a Fediverse app that isn't made for hosting content, but only for letting you interact with other instances. There's no drawback - quite the contrary, instance admins don't have to deal with and take care of my private data, because my instance is handling all of that, while I still will be providing content for their instance. I think that definitely fits into the idea of what Fediverse should be.

The only thing I'm not sure about yet is if it's possible - if I create a Post on an instance that's not my home, who is hosting the data? Do I only send ActivityPub Create Post with the data and the instance then saves it, or do I create the post on my own instance, send an ID, and if someone requests the Post data on the instance I posted to, it will be requested from mine? Because if it's the first one, then such a client that only implements DMs, your own user account, and a frontend for showing posts on other instances would be doable. And definitely something important, because it solves the biggest privacy issues of Lemmy right now. I see no drawback in that - the only data I would not be in control of are the ones I post to other instances, but that's ok. And even if you would be the one hosting it, all it means is that it would be a little bit harder do host it yourself.

Also, if I understand the ActivityPub right, if you're ok with not getting notifications or DMs, your personal instance wouldn't even need to be online at all times, since you only request data about communities and posts when you are browsing. But this would depend on whether the content and comments are hosted at your instance, or at the instance you are commenting or posting to.

I really like this idea. And from what I've seen of the ActivityPub protocol, it should even be that hard, aside from the UI.

Wouldn't that make it actually a lot worse? As in, if I just make my own instance with one user total, I'll just singlehandedly outvote every other server.

Hmm, that actually sounds like a great idea. Does it actually need to be reachable from the outside, if you don't want to host any of your own communities on it? Or will it be enough for the instance to just pool data? Apart from no-one being able to contact you via DM, that is.

I'll look into it, having my own home instance actually sounds pretty easy and it may work.

Actually - wouldn't it even be possible to build a browser extension for that? One that just simulates ActivityPub calls, and you just browse on someone else's instance without logging in while still allowing you to comment or vote on your behalf?

EDIT: I've posted some more thoughs about it to another comment, which I assumed was a reply to this one. The more I think about it, the more I really like the idea of a self-hosted front-end for Fediverse apps that doesn't host communities, but only user interactions and allows you to interact with other apps and instances.

Interresting. Looks like I have one of those knock-offs, I suppose we got it in a supermarket or something :D But I realize that paying for quality in something that includes any kind of razors will make a notable difference, so I guess the price can be justified.

This is something that will be hard to solve. You can't really effectively discern between a large instance with a lot of users, and instance with lot of fake users that's making them look like real users. Any kind of protection I can think of, for example based on the activity of the users, can be simply faked by the bot server.

The only solution I see is to just publish the vote% or vote counts per instance, since that's what the local server knows, and let us personally ban instances we don't recognize or care about, so their votes won't count in our feed.

Now that I read this, I'm kinda glad that our company doesn't do anything like that. But it's just a small indie team porting games to consoles, so I guess what you're mentioning is the bigger corp problem.

I work as a pentester and Red Teamer, I can attest that even for some large companies, you always stumble upon something that's just dumb, and completely renders their multi-million investment they are probably making into security tools and solutions worthless.

Now I want a Pepper Cannon. Would you recommend getting it, before I ruin my hype by looking up the price or what is actually is? :D

All I see is **********

From what I've heard, only if you are compensated for it.

But as the others said, can you afford to find out?

If they were doing it and someone discovered proof then the company would be sued out of business.

Are there any examples of large companies being sued out of business for something like privacy breach? I may be mistaken, because it's one of the common conspiracies that large companies are listening though your mic, but weren't there actually cases like that? With sometihng like FB or Alexa or whatever?

I'm almost certain that if something like this happened to any fediverse instance - that a local police enforcement would contact the admin and asked for user's data, which they are required by law to provide or they would go to jail/get a hefty fine and possibly a criminal record, they would do that too. That's also why E2E is required, to prevent such problems for instance admins - but then again, there's really nothing you can do against local law, and if it requires that you have to be able to cooperate, well... Then there's not much the admin can do, without putting himself in a real risk of prosecution, because he is breaking the law by have E2E.

That's also a good reason to be careful when selecting your home instance, and making sure that you choose one in a country that has all right laws in that regard.

Of course, that's assuming the police makes contact. I don't suppose that the admins would be searching through the DMs of people to snitch on them. And if Meta is doing that preemtively and is actively snitching on people - that's downright evil.

While Metaverse is rightfully a laughing stock, I'm kind of looking forward to where will they take the Workrooms idea. I was dismissing it at first, because "meta, lol", but out of curiosity I've once booted my quest and convinced the other people working on a hobby project with me that we should do the meeting in there, since we all have quests.

The experience was way better than a soulless meeting of staring at a profile picture. Just the basic tracking of quest and the lower resolution was enough to make the meeting more engaging, and the virtual blackboard idea where you use the other end of your controller as a writing pen is amazing and fun to use. I would take VR meeting anytime over a simple Teams call now.

I've also tried a few times to take my quest with me when traveling, and using it as a virtual 3 monitors when working on a laptop at a hotel - even with the limited resolution of the quest, it was great. You can focus since it shuts down all of the distractions, you can work in a really small space and still have your assortment of large displays, and ever since they implemented the passthrough - meaning you have a square right above your keyboard/desk, so you see your hands when typing - using the computer in VR was smooth experience. Although still limited by the headset being uncomfortable to wear for long. I didn't have issues with the resolution, though, assuming you don't have the monitors too close and aren't working in 4K.

I'm looking forward to the Quest 3 for this reason, since the pricetag of Quest Pro is way above what I'm willing to pay (or the Apple headset - which I assume would be even better for this kind of use-case). But I do realize that it's still too early for that, and that we're nowhere near the comfort required to be able to wear the headset for a whole day. But once that issue is solved, I can imagine it being amazing for remote working or WFH in a virtual office. Being in an office boosts my productivity, mostly because I can just quickly bounce ideas or vent frustration with other on coffee breaks, and meetings where you get at least some semblence and illusion of gestures are more engaging than staring to an empty screen, or seeing people whose eyes are randomly darting on the screen in front of them though a camera, never being able to make eye contant.

So, a portable VR office is something I can imagine being amazing, especially if you travel a lot or have a limited space. I mean, come on, being able to pack 3+ large displays with me in a small bag? That's amazing! But I wouldn't want to use it for socializing outside of that - for that there is VRChat, or I can just go outside or something.

I was wondering about this, whether just taking some of my interresting or more sucesfull posts and discussions and reposting them to lemmy communities, maybe even summarizing the best comments from Reddit, would be a worthwhile endeavor. If so, it would be best to not do it at once, but gradually over the next weeks or months.

But you are right, I'll definitely do that for obscure questions I had that were answered in a helpful way, so I can finally start writing "lemmy" instead of "reddit" after every google search.

I agree that decentralization isn't anti-corporate. I would even say that it has nothing to do with your motives for doing it. But I'm hoping that the consensus that is reached about what Fediverse should be will include focus on being anti-corporate, and stay in the realm of community-owned and non-profit. Actually, I don't mind being for-profit, or even ads that are respectful, as long as it's not manipulating with users in any way based on their data, for example though the content they are shown. DuckDuckGo would be the best example - you get static search results, nothing is "personalized", and the ads you get are related to your current search only. No ML models exploiting you as much as they can. That's what I imagine under "privacy-centric"

And unfortunately, this disqualifies almost every larger company.

But fediverse isn't only a tool, but also a network and thus, a community. And a vision is pretty important for communities. So the question about what should be the main values and ideals behind the fediverse are important. If we would be only here because the fediverse is a tool - a social network - then there is a lot of better alternatives, with more content and better user experience. I mean, unless you want to talk about some super-controversial topics that would get you banned, there's not really that much of a difference in how limited are you in the way you interact with Reddit, Facebook or Twitter, apart from the UI being a little bit more difficult.

And letting any other big player into the fediverse will only lead to them eventually bringing the difficulties in, as has been already mentioned in other posts - by extending ActivityPub, and using their teams to create difficult to implement but really handy features that any FOSS will have difficulties with implementing, causing them to be inferior and bringing people over to them.

For me, the main issue is that I simply don't want to spoon-feed them data about my behavior, or give them my content to monetize on their platform as they see fit. I'm certain that if they ever implement something like subscription to communities on Lemmy, or a Frontpage or All, they will do so with their own algorithms that decide what content you see (* see edit below) - algorithms that are designed to manipulate with people, backed by a ML model that has unimaginable amount of data from FB and IG to train on, and 3 billion users to learn and experiment on to further be better at showing you the right personalized posts that keep you glued to their apps for as long as possible, no matter how unhealthy it may be or how it changes you for the worse.

While I understand that my content personally, or the whole of Lemmy isn't going to make a dent in the data they already have to work with, I still don't what to have anything to do with it, and I would be pretty sad if we've let them exploit Fediverse in such a way.

EDIT: Now that I think about it, I'm actually not sure if that's how ActivityPub works - from what I assume (and please correct me if I'm wrong), it's just a protocol that allows servers to query different instances for their content, but the content is then shown on that instance - so the frontend and the way the content is shown is decided solely by the instance owner, just as I use https://programming.dev/c/community@lemmy.ml if I want to see content from Lemmy.ml, and nothing is stopping programming.dev to have a different interface altogether, or show me the posts in whatever order they see fit. In the same way, if Mastodon wanted to let their users access Lemmy posts, all they would need is to query Lemmy instance for data using standartized ActivityPub API (what data actually? I need to finally read up on ActivityPub.) about the posts the user wants to see, and then implement frontend for that data. And if Mastodon user comments on something, it just sends the comment back to the Lemmy instance - using ActivityPub.

Is this correct? Or is there some kind of SSO involved in ActivityPub, so all of my Fediverse interaction isn't limited - and directed by - my home instance only? That's something I'm not really clear on, case my whole assumption about ActivityPub is based on random mentions here and there from comments around here.

Eh, I kinda hope that happens to be honest. I've finally got to the point where I just deeply refuse to use any of the large corporation stuff, and if they somehow kill community run social networks, then I'll finally be free of my addiction that I don't have the willpower to deal with as long as there's an ok-enough tempting alternative . Which I know is selfish, but I'd probably help me a lot :D

And that's another issue - if we federate, you won't even be able to block those trackers, because the Meta instance will just be able to ask the server for those data, if I understood it correctly.

Meta is not letting people out of it's walled garden. Meta will use our free world as a safari, selling tickets to their users so they can watch and interact with us, monetizing our content, while still being guided (since they can decide what content they see, and how do they see it) and watched by Meta (because they know every move of their users at any other instance) at every step they take outside of it's walls - because they are still from their instance. It will use those safari rides as an excuse to collect as much data about what we do here, unknowing to the people they sent here. In addition to that, you will get 3 billion of people who will just leave trash everywhere they go on our vast open plains, and Meta will eventually just use that as an example of how we can't handle cleaning our space, and use it as a reason why people should go live within their walls - because the walls will still be there, and every step you take within them, even if you're only visiting from outside, will be heavily monitored.