I assume you hold your own cryptographic keys, but I'm not actually sure how that works. Your client needs access to them to make posts, and it wouldn't make sense for the server to hold your private key, since that would mean the owner of your instance could make posts as you.
I haven't actually signed up to BlueSky to figure this out yet.
Edit: So it looks like users are authenticated using https://github.com/did-method-plc/did-method-plc
But the keys are stored on the server, with an option to view your key for backup and migration. That does mean a certain level of trust with your instance, but you can self-host if that's a concern. A malicious host at least can't prevent you from rotating your keys and leaving (unless of course they steal your account entirely by rotating your keys themselves)
That's certainly a problem. It's one of the big reasons I think THC vapes should be both legal and regulated. In the states were it is legal, there's strict inventory tracking every step of the way.
Admittedly it's a lot harder to get people on board with regulating drug-free vapes, but I think it would be a good idea to have guarantees about what you're consuming just like food.
Well, I'm impressed they actually did test JUST the vape liquid, even though they're still calling them e-cigs.
Quoting from the journal itself:
There were no significant differences in changes of BAL inflammatory cell counts or cytokines between baseline and follow-up, comparing the control and e-cig groups. However, in the intervention but not the control group, change in urinary PG as a marker of e-cig use and inhalation was significantly correlated with change in cell counts (cell concentrations, macrophages, and lymphocytes) and cytokines (IL8, IL13, and TNFα), although the absolute magnitude of changes was small. There were no significant changes in mRNA or miRNA gene expression. Although limited by study size and duration, this is the first experimental demonstration of an impact of e-cig use on inflammation in the human lung among never-smokers.
The way I read this, it seems like there's a small correlation with inflammation, but there's no measurable risk of developing lung cancer from it (they were doing cancer research after all). Personally for an adult, I feel like "inflammation" is kind of a nothingburger, just stop vaping for a while and you'll be fine. But for kids developing habits, I can understand the concern.
If you'd like to point me at some studies go ahead. The only dangerous cases I've heard about were black market vapes that had other contaminants in them. It's been very hard to find reliable studies because most I've seen are self-reported using the entirely generic term "vaping" without any qualifiers on the kind.
The way you phrased that perfectly illustrates the current problem AI has: In a problem space as large as natural language, there are nearly an infinite number of ways it can be wrong. So no matter how much data we feed it, there will always be some "brand new sentence" someone asks that breaks it and causes a wrong answer.
I'm getting a lot of downvotes, and maybe I'm wrong about what kinds of vapes kids are using? Obviously if they're using nicotine vapes, that's bad and chemically addictive.
But I don't have a problem with kids vaping the drug-free, flavored juice. It can be habit forming, but so can fidget spinners. As long as it's not actually dangerous then I don't see the problem.
Banning fruity flavors sounds like it would inadvertently ban all of the drug-free vapes... Flavor-only vapes get you all the big clouds and cool-factor that's a big drive for kids, with none of the Nicotine or weed. Just inhaling the vapor on its own can be fairly safe.
Vaping is not the same as smoking and can be done perfectly safely with no drugs involved at all (i.e. flavor only vapes). It's barely different than inhaling steam.
Edit: I'm willing to admit when I'm wrong, and now think "relatively safely" is a better way of putting this. There's a few concerns that I'm perfectly happy to live with as an adult, but I get that kids won't have spent as much time trying to understand the risks.
Supposedly BlueSky has solved this by separating the data storage servers from the "relays" and "app view" servers, and since your account's posts are cryptographically signed, they can come from any instance as long as the signature matches.
That at least covers migrating followers and new posts, but I'm not really sure what would happen to old posts if a data server just went offline. I've still got more reading to do.
The main problem with that seems to be that the original server needs to be active to migrate. If the instance I'm on shuts down or is uncooperative, then my account history is gone. And for Mastodon, that's even worse if you have a bunch of followers. These are all reasons I decided to self-host before I built up too much of a presence.
Personally I wish there was a better way to link multiple accounts together to say they're the same person. When I switched to hosting my own instance, I basically just abandoned my old account, but I would have loved to link them to have the history there.
We have the technology, it could be as simple as SSH keys, or like how bitcoin wallets are unique and don't require internet to verify a match.
Edit:
I actually just discovered that this is one of the main feature differences between ActivityPub and BlueSky's AT Protocol. BlueSky has "account portability", and now that you can self-host it, I'm seriously considering setting it up. It would be really nice if we get an update that lets the protocols federate with each other. I think that BlueSky has said they intend to support ActivityPub federation in the future.
I'm perfectly fine being part of a community not driven by capitalism. It means there's a lot less incentive to create spam bots. I also can't run my own BlueSky instance, but I can run Lemmy/Mastodon pretty easily, just like an email server.
Edit: I didn't realize BlueSky was also federated, but just using a different protocol. I don't think that was an option back when I set up lemmy.
Personally I still use the Firefox + uBlock + SponsorBlock + YouTube combo on my phone too. Maybe if I watched more YouTube on my phone it'd be worth figuring out an app with a better mobile UI, but I like that it's a consistent experience anywhere I watch from.
If you're implying that an essential service should be managed by a private company instead of the government, I'd like you to take a look at the other services we have that are privatized... Like Internet providers and healthcare providers. People are dying because saving them is not profitable. And Comcast absolutely will throttle your connection for their own benefit.
If the Internet archive ever became for-profit, it would absolutely ruin the value of it to the public.
My Firefox says it now has Total Cookie Protection, and at least the notification about it wasn't there before. Some other comment I read said that it was part of the Strict privacy setting before (i.e. not the default), but if you want more of a source then that, I lost the comment.
xthexder @ xthexder @l.sw0.com Posts 1Comments 850Joined 2 yr. ago
I assume you hold your own cryptographic keys, but I'm not actually sure how that works. Your client needs access to them to make posts, and it wouldn't make sense for the server to hold your private key, since that would mean the owner of your instance could make posts as you.
I haven't actually signed up to BlueSky to figure this out yet.
Edit: So it looks like users are authenticated using https://github.com/did-method-plc/did-method-plc But the keys are stored on the server, with an option to view your key for backup and migration. That does mean a certain level of trust with your instance, but you can self-host if that's a concern. A malicious host at least can't prevent you from rotating your keys and leaving (unless of course they steal your account entirely by rotating your keys themselves)