I can’t believe the guy who originally administered the creation of Twitter would do all the exact same things that originally made him billions of dollars selling the company to Elon Musk.
There’s no way he’s just speed-running what he did last time in hopes of another $44B buyout.
The checkmark is the wrong approach. You should never trust accounts, because accounts get hacked. We should instead use cryptographic signatures on individual posts, and clients can warn when that signature doesn’t match the account’s public key, or if that key changed recently. The private key would never live on the server, and ideally live outside the app.
This doesn’t verify identity, it just proves the key didn’t change. To establish identity, the person needs to use the same key in multiple places, such as posting it on a personal website or something. If a service wants to add their own stamp of approval, they can sign these public keys and embed them into the apl for clients to use (e.g. show a blue checkmark if Bluesky can verify the public key outside its system).
If the private key is compromised, repeat the process, potentially signing the new key with both the old and new key to prove control of both (or start from scratch if needed). Repeat whenever they get hacked.
Average user:
“Wait how do I get cryptocurrency with my key?”
This is a great idea.
It’s also not new. GPG has been around for decades, and is pretty much this.
ARE WE LEARNING HOW “SOCIAL MEDIA” WORKS YET HUMANITY?
Seriously. How many more fucking times do we need to go around this goddamn merry go round until we just start calling each other on the phone and meeting face to face again. You know, where the only enshittification is the one you bring with you. It’s fucking boring me now, how many of these stupid ass things I didn’t join because I’ve already, apparently, gotten the memo and how, inevitably, something like this happens, and everyone acts surprised and disappointed , as though inevitability was a concept they felt they’d been given a sabbatical from or something.
This. Shit. Ain’t. Free. There is an inherent cost, an “effort” required to communicate with others. You pay it with money, time or privacy. The overwhelming choice lately has been “privacy”, but it’s obviously something that not everyone is comfortable with, because we didn’t have the term “enshittification” before we started this flavor of our collective idiocy.
Can I subscribe to your social media accounts? I would like to follow your opinions.
Nah, for real though, I’m so glad my best friend is still fairly analog and we use the phone for what it is (we just call each other when we want to meet up).
Lemmy is the last of social media that I use and I regularly take breaks from it because the echo chamber is very apparent and not something I wish to be consumed by.
ARE WE LEARNING HOW “SOCIAL MEDIA” WORKS YET HUMANITY?
Apparently not, because people keep feeling surprised and offended when the Networking Effect happens.
Seriously. How many more fucking times do we need to go around this goddamn merry go round until we just start calling each other on the phone and meeting face to face again
Idk, when are we going to get low-cost public transit and VoIP that’s not like talking over two tin cans connected with string?
What is this networking effect you mentioned? I tried searching online but I think I’m missing the context needed to find the right info.
Networking Effect
Thanks for the link. That’s what I found, so I’m certain I’m missing something. Can you clue me in on why people are getting surprised and offended by it?
you don’t kill a cow for a scratch on her leg (I hope the saying is understandable for everybody since it doesn’t come from English).
I’m on mastodon and bluesky: the first is even less populated than here and a big part of the interesting content comes from bot reposting popular accounts from x or reddit, while the second is far from being THE solution but it’s nowadays a -not wildly populated- compromise. I don’t condone (while I understand) the Turkish bans and I’m not interested in a verification system: if I’d like one, I’d use https://en.wikipedia.org/wiki/EIDAS.
I hope bluesky will correct its approach for what they can (the “good old” twitterin the golden era was banned in Turkey)I believe the equivalent saying would be “don’t let perfect be the enemy of good”.
I couldn’t give a single shit about these twitter alternatives, because the whole concept is stupid.
the whole concept is stupid.
+1
Being that algorithmic just makes any Twitter-like design too easy to abuse.
Again, Lemmy (and Reddit) is far from perfect, but fundamentally, grouping posts and feeds by niche is way better. It incentivizes little communities that are concerned about their own health, while users have zero control over that shouting into the Twitter maw.
yea lemmy/reddit definitely seems like more of a sweet spot. with twitter/mastodon or anything that has a “say something” text box right in your face on every page, you are going to end up with a lot of noise, because most people just dont have interesting things to say most of the time
I don’t understand - do you think mastodon (or the fediverse in general) is sparsely populated? That’s not my impression at all!
That’s exactly what I meant: very few people, only on main niches, and some political and lifestyle ideas are common to 90% of the userbase (ie: anti-Trump, pro-Palestine, pro-Foss, etc).
I’m not complaining, just reporting what I seeIt seems that you don’t curate your followers much and/or don’t follow many people. The timeline is what you make it to be by following a variety of people as there isn’t an algoritm to curate it for you. There’s plenty of interesting content circling around and it’s wholly up to you wether it makes it to your timeline or not.
I get it, but I don’t want to curate my followers, I’m not a news media, I just follow users I totally like, I usually look for content I don’t see in my timeline, do a lot of surfing, but in the end it’s not that big as today
Then come over to Mastodon…
Bluesky is the new X. After canceling the accounts of Turkish protesters this is the next step for the big money behind Bluesky. That’s why I deleted my account a few days ago.
Exactly, Bluesky has been shitty for a while for lots of reasons. I’m not understanding why this is the line in the sand.
Same. Deleted my account when they started to censor the Turkish protestors. Not that I used the account really but still.
What’s the story with the Turkish protesters?
The way the article describes Turkey and the press is the same thing that’s been happening in the US with the legacy (state funded) media. Hopefully, that’s changing now though.
Bluesky has basically bowed to the Turkish regime: https://www.turkishminute.com/2025/04/17/bluesky-restrict-access-72-account-turk-amid-government-pressure/
Figured they would go down this route. Don’t use it anyway
No one disliked the check mark before “Genghis Kunt” started selling it
It was selectively given to institutions and “major” celebrities before that.
Selling them dilutes any meaning of “verified” because any joe can just pay for extra engagement. It’s a perverse incentive, as the people most interest in grabbing attention buy it and get amplified.
It really has little to do with Musk.
this is unnecessary with custom domains
Their position is that custom domains are “too hard.”
Something like this unavoidable.
Example, ted cruz the car mechanic in marfa Texas has just has much right to use blusky as
professional shit bagsenator ted cruz. But hiw do tell the real one from the racid sack of weasels.People use usernames like they always have, and rely on reputation to distinguish themselves from the fakes? Senator ted ceuz makes an account called ‘senatortedcruz’ or if thats taken ‘therealsenatortedcruz’, and the mechanic makes one called ‘tedcruzcars’ or whatever. I dont see how your example is even relevant, because under a checkmark verification system both the mechanic ted cruz, and the senator ted cruz would be valid and deserving of a check mark, so there has to be some other way of distinguishing them anyway.
Its whay the original lawsuit that created checkmarks was about.
What is? How does a checkmark help distinguish between two people that have the same name? The checkmark just shows that the person is who they say they are.
Well the original point was to verify famous people and groups.
It’s easy: cryptographic signatures. If you want to prove your identify, post a public key on something that you need to prove identity for (personal website or something) and sign your posts with the same key. That way everyone can tell the that the same key listed on the website is used for SM posts. Clients can check this automatically and flag anything on your “official” account that’s signed with a different key.
This is much better than a checkmark system, because accounts get hacked and whatnot. It’s really easy to check a cryptographic signature, and it’s really hard to fake. If the website gets hacked, the signature won’t match previous posts.
The main concern here is losing the key. If someone steals your key, generate a new one, and sign it with the old key and the new one. Boom, now everyone can tell you control both keys, while the attacker only controls the old one.
That’s only easy for nerds, and it doesn’t help if the private key is on a device that gets compromised.
Regular people wouldn’t need identity verification, and the keys can be something the user never sees, just like with Signal. The UX can be pretty good here.
But how would a user see that this poat was made with the right crypto key. Maybe some check mark on the Post or some sign.
Ideally, they wouldn’t see anything if everything is good. If there’s an anomaly, flag it with a warning.
But yeah, you could put a checkmark on it, but then it actually means something more than “this person spent money.” Ideally, the checkmark would only show if it’s a publicly verifiable key outside the platform.
Yeah that’s a better system then. We need something that shows the user then post or user is verified. How it works doesn’t matrer to them. Amd the key system would be betterment
mastodon exists
Preaching to the choir
But anyway anyone who thinks bluesky is actually decentralised will learn sooner rather than later that that’s not the case
So long as the checkmark isn’t bought through some subscription service, I’m fine with this.
The whole reason why verification exists is because other will steal the name of someone famous and masquerade as them, with real world consequences. A verification system now means that certain platforms and people will get more attracted to be there, and thus Bluesky will grow.
It’s not.
Not yet 😏
Unfortunately, the forecast isn’t good for the integrity of what should be a simple system. Under Dorsey, the Twitter blue checkmark had already become a tool for showing content approval by Twitter. In various instances users had their status removed based on their content and not on a question of if they were who they claimed to be.
My default is to just assume that they aren’t the same person unless corroborated by that person.
Yeah I deleted my Bluesky. All public companies eventually turn to shit because of the shareholders unending greed.
Bluesky, the decentralized social network […]
Were only one instance exist or did I miss something?
As I understand it, the protocol has the ability to decentralize built in. But the technical requirements are prohibitively high to the point only large businesses or corps could afford to do it. I also believe (someone correct me) the company hasn’t switched on the functionality yet.
Last heard (a few months ago) the cost is in storage. The protocol isn’t too complicated now, but it generates a shit ton of data, and IIRC you need a minimum of 3 copies.
Storage is cheap whwn it comes to webhosting and 3 replicas is honestly not much when it comes to enterprise standards. I think cloud storage providers like backblaze keep something like 9 copies of data across different mediums
my mom has always told me that I had the potential to work at NASA. but the requirements are prohibitively high
I believe in you!
all you need is a work ethic and a time machine
Maybe you remember PDS federation not being open for a while, but it’s open now.
Running a public appview can be very expensive, but they’re working on making it cheaper to run one with a limited scope.
The biggest thing is that you need to be manually authorized by them for federation. They will only ever federate with servers that arent serious enough competition to lead to democratization of the overall network.
No, PDS federation is fully open now.
They’re also actively supporting development of 3rd party appviews and relays.
The power dynamic is still 1000000:1 they can do whatever they want and you will have to follow. If they defederate you, there is no value in your self hosted instance.
Partially - something running independent infrastructure like Whitewind (blogging on atproto) will still work just like before (it’s easier for them to run it independently because you don’t need a full network view, just pull in the posts from the user’s PDS for standalone display)
When the work to make appviews easier to run makes it more practical this will be less of a risk.
Nope, it’s 100% centralized.
It’s 100% centralized, but with the ability to be decentralized. Sorta like Threads before they started federating
Sure, but until it actually gets used significantly in that way, we might as well just say it’s centralized.
The “ability” to decentralize has costs that scale quadratically. So in every practical sense, it cannot be decentralized. At best it could have a few servers that participate.
No, it doesn’t scale “quadratically”. That’s what going viral on Mastodon does to a small instance, not on bluesky. Pretty much everything scales linearly. The difference is certain components handle a larger fraction of the work (appview and relay).
Both a bluesky appview and a Mastodon instance scales by the size of the userbase which it interacts with. Mastodon likes to imagine that the userbase will always be consistent, but it isn’t. Anything viewed by a large part of the whole Mastodon network forces the host to serve the entirety of the network and all its interactions. So does a bluesky appview, in just the same way, but they acknowledge this upfront.
Meanwhile, you CAN host a bluesky PDS account host and have your traffic scale only by the rate of your users’ activity + number of relays you push these updates to. Going viral doesn’t kill your bandwidth.
I can’t speak to how traffic costs and mastodon works, but this article explains how having multiple blue skies federating with each other scales quadratically. https://dustycloud.org/blog/how-decentralized-is-bluesky/ it is very thorough.
In fact, it is worse than the storage requirements, because the message delivery requirements become quadratic at the scale of full decentralization: to send a message to one user is to send a message to all. Rather than writing one letter, a copy of that letter must be made and delivered to every person on earth
That’s written assuming the edge case of EVERYBODY running a full relay and appview, and that’s not per-node scaling cost but global scaling cost.
Because they don’t scale like that, global cost is geometric instead (for every full relay and appview, there’s one full copy with linear scaling to network activity), and each server only handles the cost for serving their own users’ activity (plus firehose/jetstream subscription & filtering for those who need it)
For Mastodon instance costs, try ask the former maintainers of https://botsin.space/
I’m sad that bots in space had to spin down, but there are still bots on Mastodon. One server quitting didn’t take everything down.
The part where if a mastodon post gets popular, it has to serve that to everyone makes sense because it’s kind of like a website. Maybe there could be a CDN like Cloudflare that a mastodon server could use to cache responses?
The part about Bluesky that doesn’t sound good to me is “to send a message to one user is to send it to all”. Wouldn’t this be crazy with even 100 servers for 10000 users, vs 2 servers with 5000 each? Not sure how the math works but it doesn’t look good if they have to duplicate so much traffic.
This is a little bit more black and white compared with the other responses. 🙈
I think their initial selling point was that Eventually©®™ Bluesky would federate with the rest of the Fediverse.
Is anybody really surprised that a social media corporation didn’t make it their utmost priority to allow their userbase to connect out of their proprietary platform?
They never said they’d do so natively with other protocols - but they support Bridgy, so you already can do that.
Interesting how other instances of the fediverse have no such restrictions. It’s almost as if they want to make it as difficult as possible so that people just don’t federate.
There’s literally no restrictions other than simple rate limiting, which you can ask for exceptions for.
I don’t know a Mastodon/lemmy server which wouldn’t rate limit new peers
I dont see this in the article.
You can easily host your own instance with a simple docker stack.
I dont know of any public instances except the main but I also havent searched.
you can host your own PDS, but everyone is still using the same appview
