this post was submitted on 06 Feb 2024
220 points (97.0% liked)

Asklemmy

44182 readers
1290 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Pretty much in the title. Maybe you wouldn't even use it, but would like to simply see it exist for the sake of having a federated alternative.

For me, it'd be the following:

  • LinkedIn
  • Meetup
  • Tiktok

I am on the first two, but would prefer a federated alternative. I'm not on Tiktok, but would like to see a federated alternative.

I'll admit these might not be a good idea. But as a thought experiment, I'd be curious about the community weigh in on what you all think this might look like.

you are viewing a single comment's thread
view the rest of the comments
[–] danhakimi@kbin.social 26 points 10 months ago (2 children)

I don't think the fediverse needs more platform alternatives.

What I really think we need is a way for people to use one fediverse account to log into different interfaces, so people can try out a new app / interface without starting a new account. Many apps can do this, but web apps generally cannot, they're generally tied to an instance.

[–] makeasnek@lemmy.ml 4 points 10 months ago (1 children)

This requires having an identity that is separate from an instance. This is what nostr does and why I prefer it over mastodon. It also means if your mastodon or lemmy instance closes up shop, you don't lose your post history, DMs, followers, etc.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

couldn't your instance just serve your identity to other instances?

[–] makeasnek@lemmy.ml 3 points 10 months ago* (last edited 10 months ago) (1 children)

If you are talking about something like openauth (where you sign into some random website using your Google account) yes, but your base identity is still tied to Google. So if Google goes down, you lose your google account, and you also lose your account at every other website you logged in to using your google account.

If you are meaning transfer your account from google to say office365, this is possible but there's a few problems:

  • If your instance shuts down without doing this, you lose everything
  • How does your instance choose which instance to transfer it to? What if users don't like that choice?
  • Transferring means sharing your login credentials with the new instance.
  • Your "username" that you share and post online for people to follow you has changed. It's no longer user@instance but user@newinstance. Some kind of a redirect could be setup I suppose.

Some of these problems are solvable with some changes to the AP code. Some of them are not, at least not without a rewrite of the entire AP structure. Nostr sidesteps all these issues by simply not having your username tied to an instance in the first place.

[–] danhakimi@kbin.social 2 points 10 months ago

If you are talking about something like openauth (where you sign into some random website using your Google account) yes, but your base identity is still tied to Google. So if Google goes down, you lose your google account, and you also lose your account at every other website you logged in to using your google account.

Yeah, essentially that. The back-up plan in case your instance goes down is a separate issue, my main plan is just that users shouldn't need a new account for each fediverse application they want to try, considering one account is already able to make any kind of post.

[–] CanadaPlus@lemmy.sdf.org 1 points 10 months ago (2 children)

That's not technically possible.

You could have one instance offer more than one platform, though, and you can already use multiple frontends with whatever instance you're on. Kbin, which you're on, actually tries to do the Swiss army knife thing IIRC.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

You can log into a pixelfed app on android with a mastodon account. Why can't you log into a pixelfed web frontend with a mastodon account? What law of physics makes that impossible?

[–] CanadaPlus@lemmy.sdf.org 2 points 10 months ago* (last edited 10 months ago) (1 children)

Uhh, let's see...

After a search, it seems like they actually just copy the settings from your Mastodon account. It's still a separate account. I'll keep checking in case I missed something.

It doesn't even sound like they securely bring over the password, which presents a little bit of a phishing threat if people are re-entering their Mastodon password into third party apps like this one.

Edit: Yup, here's a video/gif. I'd do a federated link but I'm not sure Lemmy supports that yet.

You could totally copy someone else's Mastodon this way, so that's fun.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

alright, well that's not great, but my point is more that we could update the protocol to allow this to be done securely and conveniently.

[–] CanadaPlus@lemmy.sdf.org 1 points 10 months ago* (last edited 10 months ago) (1 children)

It would still be a separate account, but yes, seamless migration to a new instance could be a thing. There's scripts for it already. OPs suggestion that you can just move between instances with the same account isn't how the fediverse works.

If you just want to been on Pixelfed and Mastodon, your instance giving access to both would be the cleanest, best way.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

OPs suggestion that you can just move between instances with the same account isn’t how the fediverse works.

I'm OP.

I'm not sure why you're speaking in the present tense about a suggestion I am making for the future.

[–] CanadaPlus@lemmy.sdf.org 2 points 10 months ago* (last edited 10 months ago) (1 children)

Ah, sorry. Didn't notice, there's a few people talking to me.

Yes, it's not a thing that could work. If you had some centralised way to handle accounts it wouldn't be federated anymore. It would be another (semi-)walled garden or some kind of blockchain-ish thing, but either way it wouldn't be ActivityPub-complient.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

If you had some centralised way to handle accounts it wouldn’t be federated anymore.

So why can't you have some federated way to handle accounts?

but either way it wouldn’t be ActivityPub-complient.

Unless you changed activitypub, right?

[–] CanadaPlus@lemmy.sdf.org 1 points 10 months ago* (last edited 10 months ago) (1 children)

What does that mean? When you post, who's server's outbox do you post from? Inboxes and outboxes by server are a central part of the standard.

You can copy over a user, and make another similar account (like pixelfed), or you can do stuff on that server from another federated server, but at the end of the day you're not on the same account on different servers.

Unless you changed activitypub, right?

Sure. It'd be a pretty huge departure, though. To a weird degree, like Coca-Cola leaving the beverage business becoming a tire company.

If you wanted to make a new protocol, you could go beyond federation and have a fully decentralised system where everything happens on arbitrarily many servers in parallel, but that would be a lot of work and probably data-heavy before any users walk through the door.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

What does that mean? When you post, who’s server’s outbox do you post from? Inboxes and outboxes by server are a central part of the standard.

The server my account is stored on.

or any other, I don't give a shit, I'm not sure why this would make a difference, but that seems like the obvious answer to me.

You can copy over a user, and make another similar account (like pixelfed), or you can do stuff on that server from another federated server, but at the end of the day you’re not on the same account on different servers.

I don't know why the current pixelfed app needs to make a separate account.

I gather it finds that solution most convenient, as it means the fewest interactions with the Mastodon server, and there's currently no straightforward for the current pixelfed app to establish a secure long-term session with a non-pixelfed server. I understand that it currently does make a separate account.

I don't understand why it is inconceivable for the activitypub protocol to support such communication. eMail has multiple standards that let me log into Thunderbird from non-Thunderbird email servers.

Sure. It’d be a pretty huge departure, though. To a weird degree, like Coca-Cola leaving the beverage business becoming a tire company.

If you wanted to make a new protocol, you could go beyond federation and have a fully decentralised system where everything happens on arbitrarily many servers in parallel, but that would be a lot of work and probably data-heavy before any users walk through the door.

I feel like you're describing something I'm not calling for. I'm not calling for accounts to be mirrored to multiple servers. I'm calling for a system where client applications can access different servers without copying accounts to a more familiar server.

[–] CanadaPlus@lemmy.sdf.org 1 points 10 months ago* (last edited 10 months ago) (1 children)

And I feel like I've explained in as much depth as I can quickly what the problem is. I'll pass the ball over into your court now. Propose an architecture that can do this, prove me wrong.

Like, if you have specific questions I'm here, but it would be a waste of both our time to go "no, you can't; yes you can" back and forth.

[–] danhakimi@kbin.social 1 points 10 months ago (1 children)

I'm not saying "yes, you currently can do this with the activitypub protocol as it is," I'm saying this feature could be added to activitypub, and I've made specific references to protocols like POP and IMAP that handle logging into email servers from various client applications. I'm not going to code it myself, I'm an attorney, but I do know enough about computer science to know that there is no computabilty issue with my proposal, and that you dislike it primarily because you don't currently have an idea for implementing it, which is not my concern at all.

[–] CanadaPlus@lemmy.sdf.org 1 points 10 months ago

It's not just computability, networks are involved. If this was all on one machine, you're right, there's no reason you couldn't change it, but there's delays and information losses and even bad actors involved. To deal with this, ActivityPub assumes users are confined to servers at the very core of it's concept.

I'm not an attorney, but I know enough about the law - or at least policy - to attempt an analogy. It's like a legislator trying to add a requirement that all corporations are fiduciaries to their clients. Fiduciaries exist, and work. They couldn't work like that, though, because a market economy assumes a certain amount of pursuit of self-interest. How the hell would a corporation handle all the conflicts of interest that would arise? What happens when they inevitably misunderstand what the interest of a client is? What about when there's multiple parties fulfilling different functions in the same project, but who may have competing interests?

You could try and make a non-market system where production is handled by fiduciaries, and you could even call it "capitalism 2.0", but it wouldn't really be capitalism anymore - that would be the blockchain thing. I don't know what the Pixelfed approach would be equivalent to, but it's basically mimicking the functionality of the feature (fiduciary duties) without actually implementing them. Maybe just really strong consumer protection regulations.

To be clear, market principles are ActivityPub here. If I'm imposing funny ideas about law, no offense, but we're even. The takeaway is that decentralisation makes things a lot more nuanced than they ever are on a machine you fully control.

[–] masterspace@lemmy.ca 1 points 10 months ago* (last edited 10 months ago) (1 children)

It's entirely technically possible. Apps already use third party identity providers all the time, you just need federated apps to support OAuth both for signing in on the client and as a backend identity provider, and standardize how federated apps return user info that would be common to any federated app (usernames, saved / liked posts, subscribed feeds, stuff common to the ActivityPub spec).

[–] CanadaPlus@lemmy.sdf.org 1 points 10 months ago* (last edited 10 months ago)

You could use the same credentials to open a new account on another instance, sure, I guess. You still have to create another user on the new platform with their own ActivityPub inbox and so on.

I guess to a non-technical user that might seem like the same thing, but then again so would your home instance allowing you to view other platforms. The second one would be way cleaner and easier on instance maintainers.