I don’t see anything controversial in the article. Did I miss something? Just looks like a way to make sure the public figures and companies you are communicating with are who they say they are.
cyrano@lemmy.dbzer0.com
on 19 Apr 00:17
nextcollapse
Verification wise there is already domain.
But ultimately, it is too soon for the twitter exodus to get the blue check. All in all, this type of outrage is doomed to repeat with that type of central entity.
I think the existing domain-based verification system is a better way of doing that. Something like Mastodon’s verified links might be a nice addition. This more centralized system is… not what I hoped for.
I didn’t sound like a centralized system from the article. More like they want a third party like Verisign or something.
Something will have to be done as these platforms become more popular to cut down on fraud and disinformation. You don’t want people impersonating other people or organizations, or companies. Even if Bluesky starts federating to other platforms, just knowing that they have a blue sky blue check would be an improvement if you could display that check on other clients like mastodon posts.
ICANN has already made a mess of domain names so I don’t know if relying on the domain is enough. People are using non-Roman characters to trick people into thinking a website domain is the real thing. Others are buying up all these random domains so you get things like medicare.net and medicare.org and medicare.com etc etc.
I dunno what the answer is. Just rambling out loud in frustration.
I didn’t sound like a centralized system from the article. More like they want a third party like Verisign or something.
It’s going to be both. Bluesky will verify users, but they’re also going to have other authorized verification entities.
From what I’ve seen, there will be two distinct types of blue check- users verified by Bluesky will have one mark, and users verified by a trusted authority will have a different mark.
Now who will those third-party verifiers be, and how will they be selected, hasn’t been announced yet.
What are you talking about? This is a web of trust model, literally a decentralized model. Not everyone on social media needs to have technical skills to verify via DNS records, verified links etc. If you want a community that gatekeeps for for computer engineers only, you already have Mastodon.
The “ability” to decentralize has costs that scale quadratically. So in every practical sense, it cannot be decentralized. At best it could have a few servers that participate.
No, it doesn’t scale “quadratically”. That’s what going viral on Mastodon does to a small instance, not on bluesky. Pretty much everything scales linearly. The difference is certain components handle a larger fraction of the work (appview and relay).
Both a bluesky appview and a Mastodon instance scales by the size of the userbase which it interacts with. Mastodon likes to imagine that the userbase will always be consistent, but it isn’t. Anything viewed by a large part of the whole Mastodon network forces the host to serve the entirety of the network and all its interactions. So does a bluesky appview, in just the same way, but they acknowledge this upfront.
Meanwhile, you CAN host a bluesky PDS account host and have your traffic scale only by the rate of your users’ activity + number of relays you push these updates to. Going viral doesn’t kill your bandwidth.
I can’t speak to how traffic costs and mastodon works, but this article explains how having multiple blue skies federating with each other scales quadratically. dustycloud.org/…/how-decentralized-is-bluesky/ it is very thorough.
In fact, it is worse than the storage requirements, because the message delivery requirements become quadratic at the scale of full decentralization: to send a message to one user is to send a message to all. Rather than writing one letter, a copy of that letter must be made and delivered to every person on earth
That’s written assuming the edge case of EVERYBODY running a full relay and appview, and that’s not per-node scaling cost but global scaling cost.
Because they don’t scale like that, global cost is geometric instead (for every full relay and appview, there’s one full copy with linear scaling to network activity), and each server only handles the cost for serving their own users’ activity (plus firehose/jetstream subscription & filtering for those who need it)
For Mastodon instance costs, try ask the former maintainers of botsin.space
I’m sad that bots in space had to spin down, but there are still bots on Mastodon. One server quitting didn’t take everything down.
The part where if a mastodon post gets popular, it has to serve that to everyone makes sense because it’s kind of like a website. Maybe there could be a CDN like Cloudflare that a mastodon server could use to cache responses?
The part about Bluesky that doesn’t sound good to me is “to send a message to one user is to send it to all”. Wouldn’t this be crazy with even 100 servers for 10000 users, vs 2 servers with 5000 each? Not sure how the math works but it doesn’t look good if they have to duplicate so much traffic.
It doesn’t get served to all, but it has to be served to a relay which in turn is reachable by all.
While there is a firehose service which publishes all events as they happen, only services built on watching those needs to receive all (moderation services, etc). Everybody else gets a view already filtered and composed by services earlier in line. See jetstream as an existing optimization already delivered by bluesky themselves which reduces traffic.
A limited scope appview and relay is possible too, you can choose to only serve one community, and then fetch external content on-demand (but this will have the same impacts on latency as Mastodon and lemmy has when opening previously unseen threads)
InfiniteHench@lemmy.world
on 19 Apr 00:41
nextcollapse
As I understand it, the protocol has the ability to decentralize built in. But the technical requirements are prohibitively high to the point only large businesses or corps could afford to do it. I also believe (someone correct me) the company hasn’t switched on the functionality yet.
Drunemeton@lemmy.world
on 19 Apr 01:36
nextcollapse
Last heard (a few months ago) the cost is in storage. The protocol isn’t too complicated now, but it generates a shit ton of data, and IIRC you need a minimum of 3 copies.
Storage is cheap whwn it comes to webhosting and 3 replicas is honestly not much when it comes to enterprise standards. I think cloud storage providers like backblaze keep something like 9 copies of data across different mediums
Thedogdrinkscoffee@lemmy.ca
on 19 Apr 12:46
collapse
I believe in you!
unexposedhazard@discuss.tchncs.de
on 19 Apr 16:44
nextcollapse
The biggest thing is that you need to be manually authorized by them for federation. They will only ever federate with servers that arent serious enough competition to lead to democratization of the overall network.
They’re also actively supporting development of 3rd party appviews and relays.
unexposedhazard@discuss.tchncs.de
on 20 Apr 08:55
collapse
The power dynamic is still 1000000:1 they can do whatever they want and you will have to follow. If they defederate you, there is no value in your self hosted instance.
Partially - something running independent infrastructure like Whitewind (blogging on atproto) will still work just like before (it’s easier for them to run it independently because you don’t need a full network view, just pull in the posts from the user’s PDS for standalone display)
When the work to make appviews easier to run makes it more practiced this will be less of a risk.
Is anybody really surprised that a social media corporation didn’t make it their utmost priority to allow their userbase to connect out of their proprietary platform?
Interesting how other instances of the fediverse have no such restrictions. It’s almost as if they want to make it as difficult as possible so that people just don’t federate.
If it ends Elon, I’m gonna allow it. If Twitter fails, his stock in Tesla will have to back it. If that tanks… he’ll have to work his way out of bankruptcy. Just squeeze….
thatKamGuy@sh.itjust.works
on 19 Apr 02:00
nextcollapse
He’s already sold Twitter/X to xAI; he’s got his arse covered when the bottom eventually falls out.
Yeah for the masses they will likely always flock to commercialized easy to use social media that reaches critical mass the fastest, so them being willing to move and keep moving is best we can hope for. For rest of us stuff like fediverse will be there to use.
Would it be so bad if it follows the same path as Twitter? If it connects people and organizations in an honest and helpful way for fifteen years?
Or we could all just keep shitting on it while it facilitates social and political movements and enables rapid communication across the planet. Then more than a decade from now when some Ultra-Nazi trillionaire buys it, we can all say “I told you so,” and be real smug about it.
southsamurai@sh.itjust.works
on 19 Apr 00:57
nextcollapse
The fuck did anyone expect?
ComradeRachel@lemmy.blahaj.zone
on 19 Apr 01:01
nextcollapse
Tbh I’ve seen more people asking for this than the people complaining.
Rocketpoweredgorilla@lemmy.ca
on 19 Apr 01:05
nextcollapse
There’s been a lot of impersonated accounts popping up lately, so it doesn’t surprise me they’ve opted to do something like this.
TommySoda@lemmy.world
on 19 Apr 01:56
nextcollapse
Oh yeah, they are literally everywhere. And a lot of them are impersonating people that haven’t switched from Twitter yet to take advantage of it specifically.
MangoPenguin@lemmy.blahaj.zone
on 19 Apr 13:38
collapse
Bluesky already has domain based verification which solves that perfectly, I guess people just don’t want to use it.
MangoPenguin@lemmy.blahaj.zone
on 19 Apr 02:31
collapse
How come they don’t use the already built in domain verification? It’s basically fool proof to certify that an account is owned by a specific entity.
ComradeRachel@lemmy.blahaj.zone
on 19 Apr 05:18
nextcollapse
It’s what Twitter had and most people on blueksy just want Twitter before Elon. It sucks but that is really what the majority of people even want. They don’t care about the decentralized stuff.
I just saw a group is going to start doing custom feeds with ads inserted. I blocked the account and every single sucker who comes in to say congrats and how excited they are about it. Fuck the lot of them. That said, that’s a third party, but also an example of what they could do.
Not same as “all tech starts out”. You’re literally typing on tech stack that didn’t start out like that. Then there’s Masotodon, fediverse, gnome, kde, linux etc. Etc. - literally almost no good software comes out of VC world statically speaking.
Nah it was not good. Domain names already do that and are accessible to all at all times with full transparency and decentralization. Bluesky is literally regressing.
Even mastodon’s verification system is better than checkmarks.
The id.au domain name you choose must match or be an acronym or abbreviation of your first name or family name, or your nickname
you have to provide ID to register any .au, so you’re verified as a person, and though they don’t pre-check your nickname, AFAIK if there’s a complaint you do have to prove that you’re “known by” that name
Far from perfect, but I think it’s good to have a layer that very visibly shows ‘yes, this is the account you want’.
Domains are a worthwhile addition, but they run into almost the same problem as usernames and handles. Can be made misleading easily - sure, I could often go to the web address and verify it (if they don’t put up a convincing fake site), but that’s much lower visibilty.
Eg, you can probably register nintendo@nintendoamerico.com or similar and get it by some folks just as easily as registering the Twitter handle. There’s a payment step to get the domain, but that’s about it.
The centralization problem you mention is a good point though. It was a fine system, if you felt like you could trust Twitter as a verifier. Today obviously, one could not. But Bsky seems to at least theoretically have a ‘choose your verification provider’ idea in mind, which would (again theoretically) resolve a lot of that issue.
“Everyone should be able to setup their own domain and mess with DNS records to get a verified account”
Do you realize how utterly disconnected from reality this sounds?? Technical people that have absolutely not clue on how make good UX for end users is how we got Mastodon in the first place, and why its adoption is abysmal.
You can pay someone to do that for you tho it’s not any different form paying someone to verify you ina centralized way. Its really not that hard.
Even with more complex setups like mastodon servers you already see markets for this. You can get a basic managed instance for yourself for like 15$/mo - that’s basically nothing for anyone who needs to verify themselves as a brand.
This is not a “pay for verification” model. Have you even read the article or anything related to it? It is literally not centralized, it’s web of trust.
If the same authority is doing verification that is also doing moderation and both ultimately in a for profit setting, that has conflict of interest.
We dont know how reliable bluesky moderation will stay. We dont know how they will respond to political pressure. We dont know how they will monetize past the growth phase and then could also argue a “service fee” for verification.
In a perfect world none of these would happen, but then everybody could still be on twitter and be fine there.
This is just a web of trust model, aka a decentralized model of verification. This thread is mostly people that haven’t read the details that want to confirm that “Bluesky has been enshittified”.
Decentralized isn’t the right word to use for a system like this.
Even though BS is going to appoint multiple different volunteer moderators (aka “Trusted Verifiers”) for this system, ultimate authority and control are entirely centralized with BS.
Mars2k21@sh.itjust.works
on 19 Apr 05:22
nextcollapse
idk man I haven’t seen anyone complaining about it on Bluesky
This is a net positive, nice to have a social media where verification checks are…actually used for verifying the person behind an account
cyrano@lemmy.dbzer0.com
on 19 Apr 05:24
nextcollapse
But isn’t the domain already doing that?
spongebue@lemmy.world
on 19 Apr 05:31
nextcollapse
If they are, and there isn’t anything to display it, how are we to know what’s been vetted and what’s slipped through the cracks? Especially on a new account?
MangoPenguin@lemmy.blahaj.zone
on 19 Apr 13:33
collapse
It’s the username so already quite visible.
For example someone at say, NPR, could use a name like @bob.npr.org which is only possible by verifying ownership of the npr.org domain name, so there is no need to vet anything.
That’s great for an organization like NPR which may have the resources to tie its own domain name into Bluesky. For some freelance reporter or otherwise verifiable person, I’m not sure it’s quite so practical.
And tying it to the Bluesky system? Not sure the cost of that (I swear I saw it was a potential monetization they were looking into) but also the time to figure it out isn’t practical for everyone.
FourWaveforms@lemm.ee
on 21 Apr 05:17
nextcollapse
thekerker@lemmy.world
on 19 Apr 13:52
nextcollapse
I saw some small talk about it, and it really just boiled down to domain verification is great for more tech savvy folks, but trying to get larger accounts (think politicians, celebrities, etc) is a lot harder. Having a visual check, using tools within the app or site, is a lot easier.
And personally I like the idea of verification checks as long as it remains a simple means to do just that: verify the owner of the account. Morons like Musk and his ilk always thought it was a clout thing, and for a small minority that was probably the case, but by and large before he ruined it, it was great.
nekusoul@lemmy.nekusoul.de
on 19 Apr 14:09
nextcollapse
The problem with domains is that regular people would need to know what a domain is and what verified ownership says about the account in question.
01189998819991197253@infosec.pub
on 19 Apr 18:19
nextcollapse
That link was a super interesting read!
lagoon8622@sh.itjust.works
on 20 Apr 14:25
collapse
Excellent post as usual from Troy, but use Bitwarden, not 1Password
nekusoul@lemmy.nekusoul.de
on 20 Apr 15:54
collapse
Personally I use KeePassXC + Syncthing, but Bitwarden/Vaultwarden is also a great.
What’s somewhat amusing, for lack of a better word, is that even that advice doesn’t fully resolve the issue, as Troy himself recently was the victim of a phising attack, where one part of the issue was that even legitimate sites changes their sign-in domains frequently enough that you kind of become numb to when the auto-fill stops working and just “correct” the issue without the necessary due diligence.
BackwardsUntoDawn@lemm.ee
on 19 Apr 17:17
nextcollapse
I feel like domain usernames are still inherently susceptible to phishing, you can get a typo or similar character to try and trick someone that your username is an official one
Domains only help you verify organizations and individuals you recognize directly.
This verification system also allows 3rd parties (it’s NOT just bluesky themselves!) to issue attestations that s given account belongs to who they say they are, which would help people like independent journalists, etc.
Idk. Celebrities and Politicians usually have other vetted channels such as their own website or a website of their ogranization representing them. It should be basic journalistic work to see if their social media links link to the account in question or not.
BeardedGingerWonder@feddit.uk
on 20 Apr 17:12
collapse
I’m not seeing the advantage of everyone having to do the same vetting process repeatedly.
So it is not given to a centralized authority, that is guided by for profit motives and also does the moderation of its plattform.
Where this can lead was shown with twiiter. The moment the central organization is captured, the central authority will abuse the authentification for its own goals. Then instead of just having to check for the authentification to be reliable you need to question everything that is on that plattform as a whole, which is infinetly more consuming, but also simply impossible.
BeardedGingerWonder@feddit.uk
on 20 Apr 19:51
collapse
This doesn’t appear to be given to a centralised authority. If the authentication process fails then it falls back to the previous method anyway. In reality most people won’t bother to authenticate if it involves any significant work.
Most of the complaints I’ve seen were about Bluesky’s lack of a formal verification system.
They could never figure out how the current system of checking the username.
setsneedtofeed@lemmy.world
on 20 Apr 00:19
collapse
Based on how verification was revoked for some users on Twitter based on their content rather than question of their identity, I’m cautious about this system turning into the status symbol it became on Twitter rather than the verification it claimed to be.
Supervisor194@lemmy.world
on 19 Apr 05:36
nextcollapse
I’ve seen this movie before.
Opinionhaver@feddit.uk
on 19 Apr 09:24
nextcollapse
I don’t see how even the way Twitter does it is any worse than not having such system at all.
Tattorack@lemmy.world
on 19 Apr 17:02
nextcollapse
So long as the checkmark isn’t bought through some subscription service, I’m fine with this.
The whole reason why verification exists is because other will steal the name of someone famous and masquerade as them, with real world consequences. A verification system now means that certain platforms and people will get more attracted to be there, and thus Bluesky will grow.
setsneedtofeed@lemmy.world
on 20 Apr 00:17
nextcollapse
Unfortunately, the forecast isn’t good for the integrity of what should be a simple system. Under Dorsey, the Twitter blue checkmark had already become a tool for showing content approval by Twitter. In various instances users had their status removed based on their content and not on a question of if they were who they claimed to be.
Duamerthrax@lemmy.world
on 20 Apr 04:38
nextcollapse
My default is to just assume that they aren’t the same person unless corroborated by that person.
SwingingTheLamp@midwest.social
on 20 Apr 03:55
collapse
Reminds me of a meeting my co-worker and I had with the IT staff of a company that is a customer using research instruments in our facility. The meeting was to ask us to enable data synchronization through SharePoint. (We’re a Linux shop.) We asked what the issue was with getting their data files with SFTP. They said, “It’s open source.”
Then, a few beats of silence as it sinks in for us that there is no next step in the chain of logic. That is the totality of their objection.
joel_feila@lemmy.world
on 20 Apr 06:34
nextcollapse
Ok so they knew enough about software to use open source correctly in a sentence, but could not even list one reason why they didn’t want to use it.
lagoon8622@sh.itjust.works
on 20 Apr 12:43
collapse
We had to fight tooth and nail to get even a few of us able to use Ubuntu on our development machines (even though 90% of our servers are Ubuntu). The old heads in IT were like, “Uhh that open-source stuff? We use Windows for security”. Like wtf?? Lack of cognitive dissonance much? They are completely brainwashed by the old Microsoft FUD
The amount of moments of “and therefore?” This stumps me equally with my small child as it does clients. Like, why TF are you saying this thing? How is that your supporting argument. There’s no argument! What’s your fucking thesis statement damnit?!
ImmersiveMatthew@sh.itjust.works
on 19 Apr 23:46
nextcollapse
Bluesky is like a mini example of why Communism and Capitalism does not work. Centralization is a drug.
Editing to explain as some did not make the connection. This is a comment about centralization that even when a system has the best intentions like communism and in this case Blusky, centralization still will lead to corruption as anything centralized is ripe for takeover as power is a drug.
You can not make any commentary on Communism here. You will get down voted even if your criticism was correct. Probably even more so and the reason why this is likely to get downvoted out of hand, as well.
Edit: Proven right. Yet again
ImmersiveMatthew@sh.itjust.works
on 20 Apr 04:10
nextcollapse
That is ok. I have never had an issue sharing facts that may trigger some. In fact the only reason it triggers some is it hits somewhere deep.
All of it? Your definition of communism is the same as that of the failed dictatorships of the 20th century.
When most people nowadays talk about socialism or communism they talk about a democracy in the workplace and in politics. People who want a strong state that owns everything are a loud minority in leftist circles, as you can see on lemmy. But they’re not as big in real life.
ImmersiveMatthew@sh.itjust.works
on 20 Apr 06:17
nextcollapse
Thanks for the reply. I am not understanding. What is the modern definition of communism then? Are you saying it is really about Socialism?
It’s a bit cliche but the first paragraph of wikipedia says it better than I could:
Communism (from Latin communis ‘common, universal’)[1][2] is a sociopolitical, philosophical, and economic ideology within the socialist movement,[1] whose goal is the creation of a communist society, a socioeconomic order centered on common ownership of the means of production, distribution, and exchange that allocates products in society based on need.[3][4][5] A communist society entails the absence of private property and social classes,[1] and ultimately money[6] and the state.[7][8][9]
My description above is just a quick way to point to the things that would change in our lived reality (assuming you live in a western democracy). You wouldn’t have to share your house or car or whatever. Just take responsibility for your workplace with colleagues, just like you vote in a democracy.
ImmersiveMatthew@sh.itjust.works
on 20 Apr 07:49
collapse
I moved to Vietnam and thus I am confused about Communism. Seems to me that the state described in the wiki is the same end goal so have read about, but it just seems like we do not get there as humans with power do not want to let go even if the intentions are good. Like BluSky. They have a great vision and idea that reminds me of communism. First you have to have centralize to coordinate the decentralization…and then it never happens. It is why I really believe this only way to keep centralization in check is decentralization to balance the equation.
I don’t think that modern communists should follow the “centralize first and hope the leaders give up the power then” approach.
ImmersiveMatthew@sh.itjust.works
on 21 Apr 00:04
collapse
How do you get to the decentralized place then as those in power will never let go. Perhaps if we the people embraced decentralized alternatives, it would start to tips the scales and bring more balance but it seems like we need more suffering first.
NoSuchAgency@reddthat.com
on 20 Apr 13:30
collapse
Lemmy & Reddit
birdiebop@lemmy.world
on 20 Apr 04:11
nextcollapse
perhaps if u make a coherent or relevant criticism this could be avoided
joel_feila@lemmy.world
on 20 Apr 02:50
nextcollapse
Something like this unavoidable.
Example, ted cruz the car mechanic in marfa Texas has just has much right to use blusky as professional shit bag senator ted cruz. But hiw do tell the real one from the racid sack of weasels.
emeralddawn45@discuss.tchncs.de
on 20 Apr 05:38
nextcollapse
People use usernames like they always have, and rely on reputation to distinguish themselves from the fakes? Senator ted ceuz makes an account called ‘senatortedcruz’ or if thats taken ‘therealsenatortedcruz’, and the mechanic makes one called ‘tedcruzcars’ or whatever. I dont see how your example is even relevant, because under a checkmark verification system both the mechanic ted cruz, and the senator ted cruz would be valid and deserving of a check mark, so there has to be some other way of distinguishing them anyway.
Its whay the original lawsuit that created checkmarks was about.
emeralddawn45@discuss.tchncs.de
on 20 Apr 06:33
collapse
What is? How does a checkmark help distinguish between two people that have the same name? The checkmark just shows that the person is who they say they are.
Well the original point was to verify famous people and groups.
sugar_in_your_tea@sh.itjust.works
on 20 Apr 17:10
collapse
It’s easy: cryptographic signatures. If you want to prove your identify, post a public key on something that you need to prove identity for (personal website or something) and sign your posts with the same key. That way everyone can tell the that the same key listed on the website is used for SM posts. Clients can check this automatically and flag anything on your “official” account that’s signed with a different key.
This is much better than a checkmark system, because accounts get hacked and whatnot. It’s really easy to check a cryptographic signature, and it’s really hard to fake. If the website gets hacked, the signature won’t match previous posts.
The main concern here is losing the key. If someone steals your key, generate a new one, and sign it with the old key and the new one. Boom, now everyone can tell you control both keys, while the attacker only controls the old one.
FourWaveforms@lemm.ee
on 20 Apr 19:57
nextcollapse
That’s only easy for nerds, and it doesn’t help if the private key is on a device that gets compromised.
sugar_in_your_tea@sh.itjust.works
on 20 Apr 21:41
collapse
Regular people wouldn’t need identity verification, and the keys can be something the user never sees, just like with Signal. The UX can be pretty good here.
But how would a user see that this poat was made with the right crypto key. Maybe some check mark on the Post or some sign.
sugar_in_your_tea@sh.itjust.works
on 20 Apr 21:44
collapse
Ideally, they wouldn’t see anything if everything is good. If there’s an anomaly, flag it with a warning.
But yeah, you could put a checkmark on it, but then it actually means something more than “this person spent money.” Ideally, the checkmark would only show if it’s a publicly verifiable key outside the platform.
Yeah that’s a better system then. We need something that shows the user then post or user is verified. How it works doesn’t matrer to them. Amd the key system would be betterment
Bluesky is the new X.
After canceling the accounts of Turkish protesters this is the next step for the big money behind Bluesky. That’s why I deleted my account a few days ago.
DoomProphet@lemmy.dbzer0.com
on 20 Apr 08:47
nextcollapse
Same. Deleted my account when they started to censor the Turkish protestors. Not that I used the account really but still.
SouthEndSunset@lemm.ee
on 20 Apr 10:38
nextcollapse
Exactly, Bluesky has been shitty for a while for lots of reasons. I’m not understanding why this is the line in the sand.
zarkanian@sh.itjust.works
on 20 Apr 13:07
collapse
NoSuchAgency@reddthat.com
on 20 Apr 19:38
collapse
The way the article describes Turkey and the press is the same thing that’s been happening in the US with the legacy (state funded) media. Hopefully, that’s changing now though.
lovewhenshe@lemmy.world
on 20 Apr 06:10
nextcollapse
Yous are hyping it a basic verification system which can’t be bought and is handed out for the sake of showing credibility is a good thing
NoSuchAgency@reddthat.com
on 20 Apr 13:25
collapse
The sake of credibility? What decides that though? Likes? Likes are a big problem imo. It doesn’t really do anything except create echo chambers.
IMO it’s not that blue check equals credibility, but rather it equals that you are who you say you are. This is a good thing particularly when it comes to public figures/officials — not for their sake, mind you, but for the sake of other people who may see a tweet from them. If the checkmark is there, then it’s them. If not, then it’s an impersonator. Right now it’s difficult to tell.
Tl;dr: it doesn’t make what they say real, it just makes them real.
sunglocto@lemmy.dbzer0.com
on 20 Apr 06:26
nextcollapse
Preaching to the choir
But anyway anyone who thinks bluesky is actually decentralised will learn sooner rather than later that that’s not the case
TheEighthDoctor@lemmy.zip
on 20 Apr 08:18
nextcollapse
No one disliked the check mark before “Genghis Kunt” started selling it
brucethemoose@lemmy.world
on 20 Apr 20:16
collapse
It was selectively given to institutions and “major” celebrities before that.
Selling them dilutes any meaning of “verified” because any joe can just pay for extra engagement. It’s a perverse incentive, as the people most interest in grabbing attention buy it and get amplified.
Their position is that custom domains are “too hard.”
jaemo@sh.itjust.works
on 20 Apr 14:51
nextcollapse
ARE WE LEARNING HOW “SOCIAL MEDIA” WORKS YET HUMANITY?
Seriously. How many more fucking times do we need to go around this goddamn merry go round until we just start calling each other on the phone and meeting face to face again. You know, where the only enshittification is the one you bring with you. It’s fucking boring me now, how many of these stupid ass things I didn’t join because I’ve already, apparently, gotten the memo and how, inevitably, something like this happens, and everyone acts surprised and disappointed , as though inevitability was a concept they felt they’d been given a sabbatical from or something.
This. Shit. Ain’t. Free. There is an inherent cost, an “effort” required to communicate with others. You pay it with money, time or privacy. The overwhelming choice lately has been “privacy”, but it’s obviously something that not everyone is comfortable with, because we didn’t have the term “enshittification” before we started this flavor of our collective idiocy.
Can I subscribe to your social media accounts? I would like to follow your opinions.
Nah, for real though, I’m so glad my best friend is still fairly analog and we use the phone for what it is (we just call each other when we want to meet up).
Lemmy is the last of social media that I use and I regularly take breaks from it because the echo chamber is very apparent and not something I wish to be consumed by.
UnderpantsWeevil@lemmy.world
on 20 Apr 19:51
collapse
ARE WE LEARNING HOW “SOCIAL MEDIA” WORKS YET HUMANITY?
Apparently not, because people keep feeling surprised and offended when the Networking Effect happens.
Seriously. How many more fucking times do we need to go around this goddamn merry go round until we just start calling each other on the phone and meeting face to face again
Idk, when are we going to get low-cost public transit and VoIP that’s not like talking over two tin cans connected with string?
Thanks for the link. That’s what I found, so I’m certain I’m missing something. Can you clue me in on why people are getting surprised and offended by it?
CalipherJones@lemmy.world
on 20 Apr 16:06
nextcollapse
Yeah I deleted my Bluesky. All public companies eventually turn to shit because of the shareholders unending greed.
morphballganon@mtgzone.com
on 20 Apr 17:12
nextcollapse
Lots of “how dare they solve a real problem with the only method yet invented” in these replies. Gtfo losers, clutch your pearls harder. If you don’t like Bluesky don’t use it. Don’t be a whiny little bitch about it.
sugar_in_your_tea@sh.itjust.works
on 20 Apr 17:20
nextcollapse
The checkmark is the wrong approach. You should never trust accounts, because accounts get hacked. We should instead use cryptographic signatures on individual posts, and clients can warn when that signature doesn’t match the account’s public key, or if that key changed recently. The private key would never live on the server, and ideally live outside the app.
This doesn’t verify identity, it just proves the key didn’t change. To establish identity, the person needs to use the same key in multiple places, such as posting it on a personal website or something. If a service wants to add their own stamp of approval, they can sign these public keys and embed them into the apl for clients to use (e.g. show a blue checkmark if Bluesky can verify the public key outside its system).
If the private key is compromised, repeat the process, potentially signing the new key with both the old and new key to prove control of both (or start from scratch if needed). Repeat whenever they get hacked.
AHamSandwich@lemmy.world
on 20 Apr 20:01
nextcollapse
This is a great idea.
sugar_in_your_tea@sh.itjust.works
on 20 Apr 21:38
collapse
It’s also not new. GPG has been around for decades, and is pretty much this.
vodkasolution@feddit.it
on 20 Apr 18:44
nextcollapse
you don’t kill a cow for a scratch on her leg (I hope the saying is understandable for everybody since it doesn’t come from English).
I’m on mastodon and bluesky: the first is even less populated than here and a big part of the interesting content comes from bot reposting popular accounts from x or reddit, while the second is far from being THE solution but it’s nowadays a -not wildly populated- compromise.
I don’t condone (while I understand) the Turkish bans and I’m not interested in a verification system: if I’d like one, I’d use https://en.wikipedia.org/wiki/EIDAS.
I hope bluesky will correct its approach for what they can (the “good old” twitterin the golden era was banned in Turkey)
I believe the equivalent saying would be “don’t let perfect be the enemy of good”.
I couldn’t give a single shit about these twitter alternatives, because the whole concept is stupid.
brucethemoose@lemmy.world
on 20 Apr 20:10
collapse
the whole concept is stupid.
+1
Being that algorithmic just makes any Twitter-like design too easy to abuse.
Again, Lemmy (and Reddit) is far from perfect, but fundamentally, grouping posts and feeds by niche is way better. It incentivizes little communities that are concerned about their own health, while users have zero control over that shouting into the Twitter maw.
yea lemmy/reddit definitely seems like more of a sweet spot. with twitter/mastodon or anything that has a “say something” text box right in your face on every page, you are going to end up with a lot of noise, because most people just dont have interesting things to say most of the time
TomasEkeli@programming.dev
on 20 Apr 20:18
collapse
I don’t understand - do you think mastodon (or the fediverse in general) is sparsely populated? That’s not my impression at all!
That’s exactly what I meant: very few people, only on main niches, and some political and lifestyle ideas are common to 90% of the userbase (ie: anti-Trump, pro-Palestine, pro-Foss, etc).
I’m not complaining, just reporting what I see
It seems that you don’t curate your followers much and/or don’t follow many people. The timeline is what you make it to be by following a variety of people as there isn’t an algoritm to curate it for you. There’s plenty of interesting content circling around and it’s wholly up to you wether it makes it to your timeline or not.
I get it, but I don’t want to curate my followers, I’m not a news media, I just follow users I totally like, I usually look for content I don’t see in my timeline, do a lot of surfing, but in the end it’s not that big as today
mindaika@lemmy.dbzer0.com
on 20 Apr 19:47
nextcollapse
Any system built on anonymous accounts is going to have the exact same problems. Lemmy is not “less bad” than Reddit because it’s decentralized. Blue checks isn’t the problem with twitter, and neither is Elong
brucethemoose@lemmy.world
on 20 Apr 20:05
collapse
Not sure where you’re going with that, but it’s a perverse incentive, just like the engagement algorithm.
Elon is a problem because he can literally force himself into everyone’s feeds, but also because he always posts polarizing/enraging things these days.
Healthy social media design/UI is all about incentivizing good, healthy communities and posts. Lemmy is not perfect, but simply not designing for engagement/profit because Lemmy is “self hosted” instead of commercial is massive.
UnderpantsWeevil@lemmy.world
on 20 Apr 19:51
nextcollapse
I can’t believe the guy who originally administered the creation of Twitter would do all the exact same things that originally made him billions of dollars selling the company to Elon Musk.
There’s no way he’s just speed-running what he did last time in hopes of another $44B buyout.
Lucky_777@lemmy.world
on 20 Apr 19:53
nextcollapse
Figured they would go down this route. Don’t use it anyway
If they really, really want to fix 99.8% of the problems with hate speech (and many other issues), each user needs to agree to have their real name, home address, email address, and phone number available to the public, in their profile. While what I’ve just said is completely absurd, for almost everyone, it’s the anonymity that empowers people to say the absolute worst things.
Why don’t most people in the checkout line (queue) at the grocery store act the same way they do in a traffic jam on a roadway? Because they’re much more likely to be held personally accountable for their conduct. I wonder how much traffic would change, if our name, address and telephone numbers were required to be posted on all sides of our vehicles?
musubibreakfast@lemm.ee
on 20 Apr 22:48
nextcollapse
I didn’t read what you said but I like it, everyone gets a license plate on bluesky.
it’s the anonymity that empowers people to say the absolute worst things.
humans behave badly when they perceive they have social license to do so. anonymity has little to do with it
exhibit A: public robberies of German Jews in the 1930s
exhibit B: rwandan genocide
exhibit C: any public confrontation video shot during the Covid pandemic
your second paragraph makes you sound like Larry Ellison. all you’re arguing for is the extension of the capacity of corporations to constrain and coerce invidiual behaviour, which is gross
I think anonymity has a lot to do with it, but you certainly point out that there’s more than anonymity to factor in. I also agree that, especially in our problemed data sharing environment, having our data on public display would be troublesome (understatement of the year). My comments weren’t so much of a “we should do this,” as much as a point of the cost of fixing the problem. Fixing the problem would be worse than the problem itself, but not by much, since all of our data is collected anyway. I personally believe that social media should mostly be outlawed - but I’m old enough to remember a better world before it existed.
threaded - newest
Embrace the fediverse
☑️
You’re hereby given a ✅
<img alt="" src="https://lemmy.dbzer0.com/pictrs/image/9bf871c3-1b33-4a31-ac34-54ea54b14a8d.webp">
I don’t see anything controversial in the article. Did I miss something? Just looks like a way to make sure the public figures and companies you are communicating with are who they say they are.
.
Verification wise there is already domain. But ultimately, it is too soon for the twitter exodus to get the blue check. All in all, this type of outrage is doomed to repeat with that type of central entity.
I think the existing domain-based verification system is a better way of doing that. Something like Mastodon’s verified links might be a nice addition. This more centralized system is… not what I hoped for.
I didn’t sound like a centralized system from the article. More like they want a third party like Verisign or something.
Something will have to be done as these platforms become more popular to cut down on fraud and disinformation. You don’t want people impersonating other people or organizations, or companies. Even if Bluesky starts federating to other platforms, just knowing that they have a blue sky blue check would be an improvement if you could display that check on other clients like mastodon posts.
ICANN has already made a mess of domain names so I don’t know if relying on the domain is enough. People are using non-Roman characters to trick people into thinking a website domain is the real thing. Others are buying up all these random domains so you get things like medicare.net and medicare.org and medicare.com etc etc.
I dunno what the answer is. Just rambling out loud in frustration.
It’s going to be both. Bluesky will verify users, but they’re also going to have other authorized verification entities.
From what I’ve seen, there will be two distinct types of blue check- users verified by Bluesky will have one mark, and users verified by a trusted authority will have a different mark.
Now who will those third-party verifiers be, and how will they be selected, hasn’t been announced yet.
What are you talking about? This is a web of trust model, literally a decentralized model. Not everyone on social media needs to have technical skills to verify via DNS records, verified links etc. If you want a community that gatekeeps for for computer engineers only, you already have Mastodon.
It appears to depend on Bluesky designating entities to do the verification.
It already has domain verification which is better IMO. Its more reliable and safer as you have to own the domain to use it.
Were only one instance exist or did I miss something?
Nope, it’s 100% centralized.
This is a little bit more black and white compared with the other responses. 🙈
It’s 100% centralized, but with the ability to be decentralized. Sorta like Threads before they started federating
Sure, but until it actually gets used significantly in that way, we might as well just say it’s centralized.
The “ability” to decentralize has costs that scale quadratically. So in every practical sense, it cannot be decentralized. At best it could have a few servers that participate.
No, it doesn’t scale “quadratically”. That’s what going viral on Mastodon does to a small instance, not on bluesky. Pretty much everything scales linearly. The difference is certain components handle a larger fraction of the work (appview and relay).
Both a bluesky appview and a Mastodon instance scales by the size of the userbase which it interacts with. Mastodon likes to imagine that the userbase will always be consistent, but it isn’t. Anything viewed by a large part of the whole Mastodon network forces the host to serve the entirety of the network and all its interactions. So does a bluesky appview, in just the same way, but they acknowledge this upfront.
Meanwhile, you CAN host a bluesky PDS account host and have your traffic scale only by the rate of your users’ activity + number of relays you push these updates to. Going viral doesn’t kill your bandwidth.
I can’t speak to how traffic costs and mastodon works, but this article explains how having multiple blue skies federating with each other scales quadratically. dustycloud.org/…/how-decentralized-is-bluesky/ it is very thorough.
That’s written assuming the edge case of EVERYBODY running a full relay and appview, and that’s not per-node scaling cost but global scaling cost.
Because they don’t scale like that, global cost is geometric instead (for every full relay and appview, there’s one full copy with linear scaling to network activity), and each server only handles the cost for serving their own users’ activity (plus firehose/jetstream subscription & filtering for those who need it)
For Mastodon instance costs, try ask the former maintainers of botsin.space
I’m sad that bots in space had to spin down, but there are still bots on Mastodon. One server quitting didn’t take everything down.
The part where if a mastodon post gets popular, it has to serve that to everyone makes sense because it’s kind of like a website. Maybe there could be a CDN like Cloudflare that a mastodon server could use to cache responses?
The part about Bluesky that doesn’t sound good to me is “to send a message to one user is to send it to all”. Wouldn’t this be crazy with even 100 servers for 10000 users, vs 2 servers with 5000 each? Not sure how the math works but it doesn’t look good if they have to duplicate so much traffic.
It doesn’t get served to all, but it has to be served to a relay which in turn is reachable by all.
While there is a firehose service which publishes all events as they happen, only services built on watching those needs to receive all (moderation services, etc). Everybody else gets a view already filtered and composed by services earlier in line. See jetstream as an existing optimization already delivered by bluesky themselves which reduces traffic.
A limited scope appview and relay is possible too, you can choose to only serve one community, and then fetch external content on-demand (but this will have the same impacts on latency as Mastodon and lemmy has when opening previously unseen threads)
As I understand it, the protocol has the ability to decentralize built in. But the technical requirements are prohibitively high to the point only large businesses or corps could afford to do it. I also believe (someone correct me) the company hasn’t switched on the functionality yet.
Last heard (a few months ago) the cost is in storage. The protocol isn’t too complicated now, but it generates a shit ton of data, and IIRC you need a minimum of 3 copies.
Storage is cheap whwn it comes to webhosting and 3 replicas is honestly not much when it comes to enterprise standards. I think cloud storage providers like backblaze keep something like 9 copies of data across different mediums
my mom has always told me that I had the potential to work at NASA. but the requirements are prohibitively high
all you need is a work ethic and a time machine
I believe in you!
The biggest thing is that you need to be manually authorized by them for federation. They will only ever federate with servers that arent serious enough competition to lead to democratization of the overall network.
No, PDS federation is fully open now.
They’re also actively supporting development of 3rd party appviews and relays.
The power dynamic is still 1000000:1 they can do whatever they want and you will have to follow. If they defederate you, there is no value in your self hosted instance.
Partially - something running independent infrastructure like Whitewind (blogging on atproto) will still work just like before (it’s easier for them to run it independently because you don’t need a full network view, just pull in the posts from the user’s PDS for standalone display)
When the work to make appviews easier to run makes it more practiced this will be less of a risk.
Maybe you remember PDS federation not being open for a while, but it’s open now.
Running a public appview can be very expensive, but they’re working on making it cheaper to run one with a limited scope.
I think their initial selling point was that Eventually©®™ Bluesky would federate with the rest of the Fediverse.
Is anybody really surprised that a social media corporation didn’t make it their utmost priority to allow their userbase to connect out of their proprietary platform?
They never said they’d do so natively with other protocols - but they support Bridgy, so you already can do that.
Interesting how other instances of the fediverse have no such restrictions. It’s almost as if they want to make it as difficult as possible so that people just don’t federate.
There’s literally no restrictions other than simple rate limiting, which you can ask for exceptions for.
I don’t know a Mastodon/lemmy server which wouldn’t rate limit new peers
You can easily host your own instance with a simple docker stack.
I dont know of any public instances except the main but I also havent searched.
you can host your own PDS, but everyone is still using the same appview
I dont see this in the article.
Anyone who is surprised that BlueSky is going down the same path as Twitter (X, not withstanding) belongs on BlueSky.
I think a few more people “get it” every time the cycle repeats, but also, a sucker is born every minute.
If it ends Elon, I’m gonna allow it. If Twitter fails, his stock in Tesla will have to back it. If that tanks… he’ll have to work his way out of bankruptcy. Just squeeze….
He’s already sold Twitter/X to xAI; he’s got his arse covered when the bottom eventually falls out.
That raised some eyebrows. Not sure it’ll hold just yet. Still. His world is getting smaller.
Good thing AI can’t fail.
Oh, no doubt - but he’s no longer personally on the hook for Twitter’s $44b debt-loan!
So when it eventually fails, it’ll be a corporate write-off and Elon’s wealth across Tesla and SpaceX are protected.
Wait is that what happened? Investors in his AI company are on the hook for Twitter now?
The rich really are a vampiric class.
Yes, that’s what happened: forbes.com/…/elon-musk-says-xai-has-purchased-x-f…
For what it’s worth, xAI is still a private company - so at least it’s not retail investors on the hook, just venture capital.
Yeah for the masses they will likely always flock to commercialized easy to use social media that reaches critical mass the fastest, so them being willing to move and keep moving is best we can hope for. For rest of us stuff like fediverse will be there to use.
.
Would it be so bad if it follows the same path as Twitter? If it connects people and organizations in an honest and helpful way for fifteen years?
Or we could all just keep shitting on it while it facilitates social and political movements and enables rapid communication across the planet. Then more than a decade from now when some Ultra-Nazi trillionaire buys it, we can all say “I told you so,” and be real smug about it.
The fuck did anyone expect?
Tbh I’ve seen more people asking for this than the people complaining.
There’s been a lot of impersonated accounts popping up lately, so it doesn’t surprise me they’ve opted to do something like this.
Oh yeah, they are literally everywhere. And a lot of them are impersonating people that haven’t switched from Twitter yet to take advantage of it specifically.
Bluesky already has domain based verification which solves that perfectly, I guess people just don’t want to use it.
How come they don’t use the already built in domain verification? It’s basically fool proof to certify that an account is owned by a specific entity.
It’s what Twitter had and most people on blueksy just want Twitter before Elon. It sucks but that is really what the majority of people even want. They don’t care about the decentralized stuff.
I think having both is nice
Decentralized, yeah sure!
I’m shocked. Shocked, I tell you.
<img alt="" src="https://sh.itjust.works/pictrs/image/4ff2c9e4-3fb4-4314-bd0c-f1596c5eb47b.gif">
Pikachushocked, even.
.
How does bluesky make money?
same way twitter made money.
.
Right now, venture capital investments - same as all tech starts out.
How it’ll monetize to become self-sufficient remains to be seen.
I just saw a group is going to start doing custom feeds with ads inserted. I blocked the account and every single sucker who comes in to say congrats and how excited they are about it. Fuck the lot of them. That said, that’s a third party, but also an example of what they could do.
Not same as “all tech starts out”. You’re literally typing on tech stack that didn’t start out like that. Then there’s Masotodon, fediverse, gnome, kde, linux etc. Etc. - literally almost no good software comes out of VC world statically speaking.
I do not see anything to be angry or disappointed about?
Verification badge was good, the dumb thing Twitter did was throw it away by letting anyone pay for it.
Nah it was not good. Domain names already do that and are accessible to all at all times with full transparency and decentralization. Bluesky is literally regressing.
Even mastodon’s verification system is better than checkmarks.
domain names do that for people with well known domain names, and verification processes do that for people without
Yup. Need something like EV certs to really verify… And that would only make sense if it’s a “no (non-real) screennames” kind of thing.
i think the .id.au domain licensing rules are a pretty reasonable middle-ground:
www.auda.org.au/…/id-au-domain-names/
you have to provide ID to register any .au, so you’re verified as a person, and though they don’t pre-check your nickname, AFAIK if there’s a complaint you do have to prove that you’re “known by” that name
Far from perfect, but I think it’s good to have a layer that very visibly shows ‘yes, this is the account you want’.
Domains are a worthwhile addition, but they run into almost the same problem as usernames and handles. Can be made misleading easily - sure, I could often go to the web address and verify it (if they don’t put up a convincing fake site), but that’s much lower visibilty.
Eg, you can probably register nintendo@nintendoamerico.com or similar and get it by some folks just as easily as registering the Twitter handle. There’s a payment step to get the domain, but that’s about it.
The centralization problem you mention is a good point though. It was a fine system, if you felt like you could trust Twitter as a verifier. Today obviously, one could not. But Bsky seems to at least theoretically have a ‘choose your verification provider’ idea in mind, which would (again theoretically) resolve a lot of that issue.
“Everyone should be able to setup their own domain and mess with DNS records to get a verified account”
Do you realize how utterly disconnected from reality this sounds?? Technical people that have absolutely not clue on how make good UX for end users is how we got Mastodon in the first place, and why its adoption is abysmal.
You can pay someone to do that for you tho it’s not any different form paying someone to verify you ina centralized way. Its really not that hard.
Even with more complex setups like mastodon servers you already see markets for this. You can get a basic managed instance for yourself for like 15$/mo - that’s basically nothing for anyone who needs to verify themselves as a brand.
This is not a “pay for verification” model. Have you even read the article or anything related to it? It is literally not centralized, it’s web of trust.
If the same authority is doing verification that is also doing moderation and both ultimately in a for profit setting, that has conflict of interest.
We dont know how reliable bluesky moderation will stay. We dont know how they will respond to political pressure. We dont know how they will monetize past the growth phase and then could also argue a “service fee” for verification.
In a perfect world none of these would happen, but then everybody could still be on twitter and be fine there.
They have already censored entire accounts at the request of governments.
This is just a web of trust model, aka a decentralized model of verification. This thread is mostly people that haven’t read the details that want to confirm that “Bluesky has been enshittified”.
Decentralized isn’t the right word to use for a system like this.
Even though BS is going to appoint multiple different volunteer moderators (aka “Trusted Verifiers”) for this system, ultimate authority and control are entirely centralized with BS.
idk man I haven’t seen anyone complaining about it on Bluesky
This is a net positive, nice to have a social media where verification checks are…actually used for verifying the person behind an account
But isn’t the domain already doing that?
If they are, and there isn’t anything to display it, how are we to know what’s been vetted and what’s slipped through the cracks? Especially on a new account?
It’s the username so already quite visible.
For example someone at say, NPR, could use a name like @bob.npr.org which is only possible by verifying ownership of the npr.org domain name, so there is no need to vet anything.
That’s great for an organization like NPR which may have the resources to tie its own domain name into Bluesky. For some freelance reporter or otherwise verifiable person, I’m not sure it’s quite so practical.
Domains are dirt cheap.
And tying it to the Bluesky system? Not sure the cost of that (I swear I saw it was a potential monetization they were looking into) but also the time to figure it out isn’t practical for everyone.
I just bought a domain for $2
Congratulations. You did a great job ignoring the rest of what I had to say.
I think it’s practical for most people to pay $2 for that
free (or at least it was when I did it)
I saw some small talk about it, and it really just boiled down to domain verification is great for more tech savvy folks, but trying to get larger accounts (think politicians, celebrities, etc) is a lot harder. Having a visual check, using tools within the app or site, is a lot easier.
And personally I like the idea of verification checks as long as it remains a simple means to do just that: verify the owner of the account. Morons like Musk and his ilk always thought it was a clout thing, and for a small minority that was probably the case, but by and large before he ruined it, it was great.
The problem with domains is that regular people would need to know what a domain is and what verified ownership says about the account in question.
Even then, reading domains is quite difficult, even for people who know about the topic: Humans are Bad at URLs and Fonts Don’t Matter
That link was a super interesting read!
Excellent post as usual from Troy, but use Bitwarden, not 1Password
Personally I use KeePassXC + Syncthing, but Bitwarden/Vaultwarden is also a great.
What’s somewhat amusing, for lack of a better word, is that even that advice doesn’t fully resolve the issue, as Troy himself recently was the victim of a phising attack, where one part of the issue was that even legitimate sites changes their sign-in domains frequently enough that you kind of become numb to when the auto-fill stops working and just “correct” the issue without the necessary due diligence.
I feel like domain usernames are still inherently susceptible to phishing, you can get a typo or similar character to try and trick someone that your username is an official one
Domains only help you verify organizations and individuals you recognize directly.
This verification system also allows 3rd parties (it’s NOT just bluesky themselves!) to issue attestations that s given account belongs to who they say they are, which would help people like independent journalists, etc.
Idk. Celebrities and Politicians usually have other vetted channels such as their own website or a website of their ogranization representing them. It should be basic journalistic work to see if their social media links link to the account in question or not.
I’m not seeing the advantage of everyone having to do the same vetting process repeatedly.
So it is not given to a centralized authority, that is guided by for profit motives and also does the moderation of its plattform.
Where this can lead was shown with twiiter. The moment the central organization is captured, the central authority will abuse the authentification for its own goals. Then instead of just having to check for the authentification to be reliable you need to question everything that is on that plattform as a whole, which is infinetly more consuming, but also simply impossible.
This doesn’t appear to be given to a centralised authority. If the authentication process fails then it falls back to the previous method anyway. In reality most people won’t bother to authenticate if it involves any significant work.
Most of the complaints I’ve seen were about Bluesky’s lack of a formal verification system.
They could never figure out how the current system of checking the username.
Based on how verification was revoked for some users on Twitter based on their content rather than question of their identity, I’m cautious about this system turning into the status symbol it became on Twitter rather than the verification it claimed to be.
I’ve seen this movie before.
I don’t see how even the way Twitter does it is any worse than not having such system at all.
This was always bait to keep people using corporate social media instead of decentralizing. I am not sorry for the users one bit.
You eeediots!
Ren from Ren and Stimpy?
😎
So long as the checkmark isn’t bought through some subscription service, I’m fine with this.
The whole reason why verification exists is because other will steal the name of someone famous and masquerade as them, with real world consequences. A verification system now means that certain platforms and people will get more attracted to be there, and thus Bluesky will grow.
Unfortunately, the forecast isn’t good for the integrity of what should be a simple system. Under Dorsey, the Twitter blue checkmark had already become a tool for showing content approval by Twitter. In various instances users had their status removed based on their content and not on a question of if they were who they claimed to be.
My default is to just assume that they aren’t the same person unless corroborated by that person.
It’s not.
Not yet 😏
To quote my well known journalist friend after switching from twitter “what’s that? Oh, that open source stuff? Hahaha nah bruh, mastodon is silly”
Normies will not go on Mastodon.
Reminds me of a meeting my co-worker and I had with the IT staff of a company that is a customer using research instruments in our facility. The meeting was to ask us to enable data synchronization through SharePoint. (We’re a Linux shop.) We asked what the issue was with getting their data files with SFTP. They said, “It’s open source.”
Then, a few beats of silence as it sinks in for us that there is no next step in the chain of logic. That is the totality of their objection.
Ok so they knew enough about software to use open source correctly in a sentence, but could not even list one reason why they didn’t want to use it.
We had to fight tooth and nail to get even a few of us able to use Ubuntu on our development machines (even though 90% of our servers are Ubuntu). The old heads in IT were like, “Uhh that open-source stuff? We use Windows for security”. Like wtf?? Lack of cognitive dissonance much? They are completely brainwashed by the old Microsoft FUD
The amount of moments of “and therefore?” This stumps me equally with my small child as it does clients. Like, why TF are you saying this thing? How is that your supporting argument. There’s no argument! What’s your fucking thesis statement damnit?!
This shitshow sounds familiar.
Bluesky is like a mini example of why Communism and Capitalism does not work. Centralization is a drug.
Editing to explain as some did not make the connection. This is a comment about centralization that even when a system has the best intentions like communism and in this case Blusky, centralization still will lead to corruption as anything centralized is ripe for takeover as power is a drug.
What exactly a website related to Jack Dorsey has anything to do with Communism lol
Jack Dorsey hasn’t been around for a long time.
Of course he isn’t, but he was a huge part at the start and the project as a whole still has Dorsey’s ideas all over it.
Just that good intentions to become decentralized do not work. Not saying capitalism is better as they are two sides of the same centralized coin.
Bluesky is literally an example of enshittification under capitalism. Go away
I would agree. Both Capitalism and Communism are two sides of the centralized coin.
You can not make any commentary on Communism here. You will get down voted even if your criticism was correct. Probably even more so and the reason why this is likely to get downvoted out of hand, as well.
Edit: Proven right. Yet again
That is ok. I have never had an issue sharing facts that may trigger some. In fact the only reason it triggers some is it hits somewhere deep.
Not really but go off
What fact is incorrect?
All of it? Your definition of communism is the same as that of the failed dictatorships of the 20th century.
When most people nowadays talk about socialism or communism they talk about a democracy in the workplace and in politics. People who want a strong state that owns everything are a loud minority in leftist circles, as you can see on lemmy. But they’re not as big in real life.
Thanks for the reply. I am not understanding. What is the modern definition of communism then? Are you saying it is really about Socialism?
It’s a bit cliche but the first paragraph of wikipedia says it better than I could:
Communism (from Latin communis ‘common, universal’)[1][2] is a sociopolitical, philosophical, and economic ideology within the socialist movement,[1] whose goal is the creation of a communist society, a socioeconomic order centered on common ownership of the means of production, distribution, and exchange that allocates products in society based on need.[3][4][5] A communist society entails the absence of private property and social classes,[1] and ultimately money[6] and the state.[7][8][9]
en.wikipedia.org/wiki/Communism
My description above is just a quick way to point to the things that would change in our lived reality (assuming you live in a western democracy). You wouldn’t have to share your house or car or whatever. Just take responsibility for your workplace with colleagues, just like you vote in a democracy.
I moved to Vietnam and thus I am confused about Communism. Seems to me that the state described in the wiki is the same end goal so have read about, but it just seems like we do not get there as humans with power do not want to let go even if the intentions are good. Like BluSky. They have a great vision and idea that reminds me of communism. First you have to have centralize to coordinate the decentralization…and then it never happens. It is why I really believe this only way to keep centralization in check is decentralization to balance the equation.
I don’t think that modern communists should follow the “centralize first and hope the leaders give up the power then” approach.
How do you get to the decentralized place then as those in power will never let go. Perhaps if we the people embraced decentralized alternatives, it would start to tips the scales and bring more balance but it seems like we need more suffering first.
Lemmy & Reddit
perhaps if u make a coherent or relevant criticism this could be avoided
“Even if your critism was correct…”
Either way, even me touching on the notion is enough to get downvoted. Proof is my post.
This whole comment thread sucks lol. The top reaction literally just says “go away”. Talk about wannabe authoritarian tankies
Intelligent commentary on Communism is one thing, lunatic gibberish is of course going to be downvoted.
mastodon exists
Something like this unavoidable.
Example, ted cruz the car mechanic in marfa Texas has just has much right to use blusky as
professional shit bagsenator ted cruz. But hiw do tell the real one from the racid sack of weasels.People use usernames like they always have, and rely on reputation to distinguish themselves from the fakes? Senator ted ceuz makes an account called ‘senatortedcruz’ or if thats taken ‘therealsenatortedcruz’, and the mechanic makes one called ‘tedcruzcars’ or whatever. I dont see how your example is even relevant, because under a checkmark verification system both the mechanic ted cruz, and the senator ted cruz would be valid and deserving of a check mark, so there has to be some other way of distinguishing them anyway.
Its whay the original lawsuit that created checkmarks was about.
What is? How does a checkmark help distinguish between two people that have the same name? The checkmark just shows that the person is who they say they are.
Well the original point was to verify famous people and groups.
It’s easy: cryptographic signatures. If you want to prove your identify, post a public key on something that you need to prove identity for (personal website or something) and sign your posts with the same key. That way everyone can tell the that the same key listed on the website is used for SM posts. Clients can check this automatically and flag anything on your “official” account that’s signed with a different key.
This is much better than a checkmark system, because accounts get hacked and whatnot. It’s really easy to check a cryptographic signature, and it’s really hard to fake. If the website gets hacked, the signature won’t match previous posts.
The main concern here is losing the key. If someone steals your key, generate a new one, and sign it with the old key and the new one. Boom, now everyone can tell you control both keys, while the attacker only controls the old one.
That’s only easy for nerds, and it doesn’t help if the private key is on a device that gets compromised.
Regular people wouldn’t need identity verification, and the keys can be something the user never sees, just like with Signal. The UX can be pretty good here.
But how would a user see that this poat was made with the right crypto key. Maybe some check mark on the Post or some sign.
Ideally, they wouldn’t see anything if everything is good. If there’s an anomaly, flag it with a warning.
But yeah, you could put a checkmark on it, but then it actually means something more than “this person spent money.” Ideally, the checkmark would only show if it’s a publicly verifiable key outside the platform.
Yeah that’s a better system then. We need something that shows the user then post or user is verified. How it works doesn’t matrer to them. Amd the key system would be betterment
Bluesky is the new X. After canceling the accounts of Turkish protesters this is the next step for the big money behind Bluesky. That’s why I deleted my account a few days ago.
Same. Deleted my account when they started to censor the Turkish protestors. Not that I used the account really but still.
Exactly, Bluesky has been shitty for a while for lots of reasons. I’m not understanding why this is the line in the sand.
What’s the story with the Turkish protesters?
Bluesky has basically bowed to the Turkish regime: turkishminute.com/…/bluesky-restrict-access-72-ac…
turkishminute.com/…/bluesky-restrict-access-72-ac…
The way the article describes Turkey and the press is the same thing that’s been happening in the US with the legacy (state funded) media. Hopefully, that’s changing now though.
Yous are hyping it a basic verification system which can’t be bought and is handed out for the sake of showing credibility is a good thing
The sake of credibility? What decides that though? Likes? Likes are a big problem imo. It doesn’t really do anything except create echo chambers.
IMO it’s not that blue check equals credibility, but rather it equals that you are who you say you are. This is a good thing particularly when it comes to public figures/officials — not for their sake, mind you, but for the sake of other people who may see a tweet from them. If the checkmark is there, then it’s them. If not, then it’s an impersonator. Right now it’s difficult to tell.
Tl;dr: it doesn’t make what they say real, it just makes them real.
Preaching to the choir
But anyway anyone who thinks bluesky is actually decentralised will learn sooner rather than later that that’s not the case
Then come over to Mastodon…
No one disliked the check mark before “Genghis Kunt” started selling it
It was selectively given to institutions and “major” celebrities before that.
Selling them dilutes any meaning of “verified” because any joe can just pay for extra engagement. It’s a perverse incentive, as the people most interest in grabbing attention buy it and get amplified.
It really has little to do with Musk.
this is unnecessary with custom domains
Their position is that custom domains are “too hard.”
ARE WE LEARNING HOW “SOCIAL MEDIA” WORKS YET HUMANITY?
Seriously. How many more fucking times do we need to go around this goddamn merry go round until we just start calling each other on the phone and meeting face to face again. You know, where the only enshittification is the one you bring with you. It’s fucking boring me now, how many of these stupid ass things I didn’t join because I’ve already, apparently, gotten the memo and how, inevitably, something like this happens, and everyone acts surprised and disappointed , as though inevitability was a concept they felt they’d been given a sabbatical from or something.
This. Shit. Ain’t. Free. There is an inherent cost, an “effort” required to communicate with others. You pay it with money, time or privacy. The overwhelming choice lately has been “privacy”, but it’s obviously something that not everyone is comfortable with, because we didn’t have the term “enshittification” before we started this flavor of our collective idiocy.
Can I subscribe to your social media accounts? I would like to follow your opinions.
Nah, for real though, I’m so glad my best friend is still fairly analog and we use the phone for what it is (we just call each other when we want to meet up).
Lemmy is the last of social media that I use and I regularly take breaks from it because the echo chamber is very apparent and not something I wish to be consumed by.
Apparently not, because people keep feeling surprised and offended when the Networking Effect happens.
Idk, when are we going to get low-cost public transit and VoIP that’s not like talking over two tin cans connected with string?
What is this networking effect you mentioned? I tried searching online but I think I’m missing the context needed to find the right info.
en.wikipedia.org/wiki/Network_effect
Thanks for the link. That’s what I found, so I’m certain I’m missing something. Can you clue me in on why people are getting surprised and offended by it?
Yeah I deleted my Bluesky. All public companies eventually turn to shit because of the shareholders unending greed.
Lots of “how dare they solve a real problem with the only method yet invented” in these replies. Gtfo losers, clutch your pearls harder. If you don’t like Bluesky don’t use it. Don’t be a whiny little bitch about it.
Only method yet invented?
The checkmark is the wrong approach. You should never trust accounts, because accounts get hacked. We should instead use cryptographic signatures on individual posts, and clients can warn when that signature doesn’t match the account’s public key, or if that key changed recently. The private key would never live on the server, and ideally live outside the app.
This doesn’t verify identity, it just proves the key didn’t change. To establish identity, the person needs to use the same key in multiple places, such as posting it on a personal website or something. If a service wants to add their own stamp of approval, they can sign these public keys and embed them into the apl for clients to use (e.g. show a blue checkmark if Bluesky can verify the public key outside its system).
If the private key is compromised, repeat the process, potentially signing the new key with both the old and new key to prove control of both (or start from scratch if needed). Repeat whenever they get hacked.
This is a great idea.
It’s also not new. GPG has been around for decades, and is pretty much this.
Average user:
“Wait how do I get cryptocurrency with my key?”
you don’t kill a cow for a scratch on her leg (I hope the saying is understandable for everybody since it doesn’t come from English).
I’m on mastodon and bluesky: the first is even less populated than here and a big part of the interesting content comes from bot reposting popular accounts from x or reddit, while the second is far from being THE solution but it’s nowadays a -not wildly populated- compromise. I don’t condone (while I understand) the Turkish bans and I’m not interested in a verification system: if I’d like one, I’d use https://en.wikipedia.org/wiki/EIDAS.
I hope bluesky will correct its approach for what they can (the “good old” twitterin the golden era was banned in Turkey)
I believe the equivalent saying would be “don’t let perfect be the enemy of good”.
I couldn’t give a single shit about these twitter alternatives, because the whole concept is stupid.
+1
Being that algorithmic just makes any Twitter-like design too easy to abuse.
Again, Lemmy (and Reddit) is far from perfect, but fundamentally, grouping posts and feeds by niche is way better. It incentivizes little communities that are concerned about their own health, while users have zero control over that shouting into the Twitter maw.
yea lemmy/reddit definitely seems like more of a sweet spot. with twitter/mastodon or anything that has a “say something” text box right in your face on every page, you are going to end up with a lot of noise, because most people just dont have interesting things to say most of the time
I don’t understand - do you think mastodon (or the fediverse in general) is sparsely populated? That’s not my impression at all!
That’s exactly what I meant: very few people, only on main niches, and some political and lifestyle ideas are common to 90% of the userbase (ie: anti-Trump, pro-Palestine, pro-Foss, etc).
I’m not complaining, just reporting what I see
It seems that you don’t curate your followers much and/or don’t follow many people. The timeline is what you make it to be by following a variety of people as there isn’t an algoritm to curate it for you. There’s plenty of interesting content circling around and it’s wholly up to you wether it makes it to your timeline or not.
I get it, but I don’t want to curate my followers, I’m not a news media, I just follow users I totally like, I usually look for content I don’t see in my timeline, do a lot of surfing, but in the end it’s not that big as today
Any system built on anonymous accounts is going to have the exact same problems. Lemmy is not “less bad” than Reddit because it’s decentralized. Blue checks isn’t the problem with twitter, and neither is Elong
Not sure where you’re going with that, but it’s a perverse incentive, just like the engagement algorithm.
Elon is a problem because he can literally force himself into everyone’s feeds, but also because he always posts polarizing/enraging things these days.
Healthy social media design/UI is all about incentivizing good, healthy communities and posts. Lemmy is not perfect, but simply not designing for engagement/profit because Lemmy is “self hosted” instead of commercial is massive.
I can’t believe the guy who originally administered the creation of Twitter would do all the exact same things that originally made him billions of dollars selling the company to Elon Musk.
There’s no way he’s just speed-running what he did last time in hopes of another $44B buyout.
Figured they would go down this route. Don’t use it anyway
If they really, really want to fix 99.8% of the problems with hate speech (and many other issues), each user needs to agree to have their real name, home address, email address, and phone number available to the public, in their profile. While what I’ve just said is completely absurd, for almost everyone, it’s the anonymity that empowers people to say the absolute worst things.
Why don’t most people in the checkout line (queue) at the grocery store act the same way they do in a traffic jam on a roadway? Because they’re much more likely to be held personally accountable for their conduct. I wonder how much traffic would change, if our name, address and telephone numbers were required to be posted on all sides of our vehicles?
I didn’t read what you said but I like it, everyone gets a license plate on bluesky.
humans behave badly when they perceive they have social license to do so. anonymity has little to do with it
your second paragraph makes you sound like Larry Ellison. all you’re arguing for is the extension of the capacity of corporations to constrain and coerce invidiual behaviour, which is gross
I think anonymity has a lot to do with it, but you certainly point out that there’s more than anonymity to factor in. I also agree that, especially in our problemed data sharing environment, having our data on public display would be troublesome (understatement of the year). My comments weren’t so much of a “we should do this,” as much as a point of the cost of fixing the problem. Fixing the problem would be worse than the problem itself, but not by much, since all of our data is collected anyway. I personally believe that social media should mostly be outlawed - but I’m old enough to remember a better world before it existed.