Bluesky announces data federation for self hosters
bsky.socialHey HN, the engineering team at Bluesky is especially excited to get to this point! We're happy to help answer questions and help anyone trying to run their own PDS host. Things should work pretty well for self-hosters right now, but we're standing by to help if there are any problems.
Technical details and the installer are in the GitHub repo https://github.com/bluesky-social/pds
And we're on Discord available to help: https://discord.com/invite/UWS6FFdhMe
Unrelated to engineering but the recent rebrand to a dead butterfly logo[1][2][3] may be off brand for a platform wishing to communicate a more open, social Internet built on first principles and scientific rigor.
[1]https://www.emilydamstra.com/please-enough-dead-butterflies/
Pedantic lepidopterists of the world, unite!
> built on first principles and scientific rigor.
Are you joking? This is private enterprise we're talking about. We'll all die before this company or anything similar is built on "scientific rigor" unless it directly relates to their profit margins.
> If you hadn’t previously noted the difference between a living and a dead butterfly, I’m afraid you will now begin to see dead butterflies EVERYWHERE, as I do.
I didn't know this (as most of us I'd guess). It was an interesting read though, thanks.
It's true. I read it some time ago...they're everywhere. You can't unsee it.
I think the value of a symbol is in the idea it communicates. Most people don't see a dead butterfly. They just see a butterfly. The reality of whether it is more or less like a dead butterfly doesn't especially matter unless a significant amount of people interpret the symbol that way.
It would probably be worth clarifying in that repo what the license is for both the code in that repo and the code that it's actually running. It looks like it's just a very thin wrapper around @atproto/pds, which is MIT/Apache 2.0 [0], but the repo you link to has no license.
Edit: now it has one! Thanks!
Yup, it's MIT/Apache 2.0. We'll fix that. Thanks for the heads up.
Awesome! Why did you choose Caddy as a proxy for PDS? (Caddy creator here.)
Thanks for Caddy, Matt! Some of us on the team have been using Caddy for years, for many of our projects. Because it's so simple, sufficiently high performance, and has lots of nice features.
The on-demand TLS certificates with an "ask" endpoint is especially useful for the PDS use-case. Because there's generally a wildcard DNS name that is used to give each new user a domain handle (@alice.example.com) but we don't want to be vulnerable to a TLS certificate DoS/rate limit situation.
Great reasons -- glad to hear that! Let me know if you encounter any hiccups or have feedback.
Love the fresh federated model btw!
Even if it may be simple in some areas, it doesn't handle edge cases such as https://github.com/caddyserver/caddy/issues/1632 in other areas out of the box unlike other server software.
That is a bit unfair, as it is intentionally not doing so. You may disagree with it, sure, but as it stands I think your comment implies oversight or immaturity, which is evidently not the case reading the discussion on the issue you linked.
>That is a bit unfair, as it is intentionally not doing so.
That doesn't change my point. I am pointing out a an easy pitfall Caddy users can fall in since it is not automatically handled for them as it is with other server software, nor is it pointed out in the documentation fkr Caddy. Simple server software would avoid these pitfalls automatically for users. So while it now be simple to get https working, properly configuring the server is now more complex to get right.
An intentional pitfall doesn't mean it isn't a pitfall.
you have been repeatedly posting this incredibly niche complaint for years at this point
Is it possible you're vonfusing that user with me? I used to be relatively vocal about this issue on HN. For reference, that's not me.
And it's probably not niche if dozens of users are posting about it for years.
I have only brought this up once before on HN and it was over 2 years ago. Not adopting a new project because it is missing something niche is an extremely common reason why people stick with tried and true, mature software. I do not see anything wrong with pointing out niche issues because to some people these issues are important. Because it's broken out of the box it is allowing people who aren't aware of this problem to continue to setup broken sites. Even caddyserver.com. is broken.
Curious. What is the use case here? I’ve spent tens of thousands of hours of my life on the Internet and a lot of that as a sysadm and I’ve not once heard of people accessing or linking to sites this way.
Personally, I just want to properly handle this edge case and it would bother me if my sites didn't handle it correctly. There are advantages for using FQDNs since they are not ambiguous there are extra optimizations that can be done. I don't want my sites to be problematic for people who want to use them so I make sure my sites properly handle them. Usually handling FQDNs is easy as it just works out if the box on most server software.
Can you provide a URL to a page containing a link of this style? I’ll concede that it’s useful to someone if I see it! The term ‘FQDN’ does not always imply the dot at the end?
Do you just want a link?
https://news.ycombinator.com./
If you want a link to a page with a link like this you can click on the github issue I referenced in my original comment as there are links there like that.
If you want a more natural page that is less meta with such a link
https://jameswillia.ms/posts/shortest-urls.html
>Also, the term ‘FQDN’ does not always imply the dot at the end?
Yes, but if there is not a . at the end then there is ambiguity of if it is a FQDN or not.
Not for nothing, but when accessed from this HN app on an iPhone, Apple’s website with a trailing dot does not render correctly.
Hi. If the protocol is open, the software is free and the main instance openly federates with self-hosters, what's the monetization strategy here? Clearly it's not "harvest all the data and figure it out later" as that avenue seems to be shut down internationally by strengthened privacy laws and ads don't work well with federation and third party clients. Is "grow first, figure out how to make money later" still a viable strategy in this economy?
managed hosting perhaps? It works in the email industry at least (Google and Microsoft nearly dominate the email biz)
Yeah but that assumes ATP reaches anything even remotely approximating the ubiquity of email rather than ending up like Google Wave (not literally by being handed off to Apache - which took Wave behind the barn in 2018 in case you're wondering what happened to it).
Given the PDS server works on ports 80/443 and I'd like to use a domain (@nytimes.com in the documentation, but say @example.com), how does it interoperate with existing services that already operate on @example.com , for example a website, blog, cloud.
I'd imagine this use case is quite common for self hosters. If it can't operate alongside an existing, say, nginx on this port, are there recommended alternate practices?
I'm excited at separating identity from hosting, of which self hosting identity gets us closer.
Hi, what is the status of integration with the activitypub protocol? as its currently the most popular protocol in federated social media
There's a bridge nowadays, but… see https://pleromanonx86.wordpress.com/2024/02/17/mastodon-date... which also links to https://wedistribute.org/2024/02/tear-down-walls-not-bridges... https://techcrunch.com/2024/02/14/bluesky-and-mastodon-users... and https://news.itsfoss.com/bluesky-mastodon-bridge/
That was quit the mess. Ryan Barrett is a smart guy and seems quite nice, but it was very ill-advised to unilaterally decide to build an opt-out bridge. In general, if users one platform A want their stuff to be on platform B, they'll find a way to make that happen. If someone else takes it upon themselves to copy everything from A to B, people understandably get pretty bent about it.
If it had been an opt-in system, the response would probably have been far different.
I'm surprised that the tool in question is Bridgy Fed. Bridgy Fed has existed for a long time and is a very useful tool. Its alternative, Bridgy, has also been used to bridge between closed social networks and the open IndieWeb.
Why are Fediverse people only angry about it now? It's an open protocol. If you want privacy, don't publish something for the entire world to see. That's just basic common sense. At the very least, use Mastodon's privacy controls. The Fediverse is not special here, it doesn't get to destroy the open Web for everyone else.
In general, people on the Fediverse want to be able to make local moderation decisions; the way that extends to other federated sites is by not federating with them. Most Fediverse sites will not federate with sites that have bad or nonexistent moderation (or simply incompatible moderation policies). Bluesky's architecture basically means that it is one big unmoderated site. The normal reaction of Fediverse admins is then to block it.
As a controversy, it's been blown out of proportion. It's just Fediverse admins setting the moderation policies for their own sites, as always.
I agree that they should block it, I just don't think they should be harassing Bridgy Fed developers. The GitHub issues were pretty insane.
Well first not everyone on the fediverse is opposed to the bridge. I agree that public is public. But there are concerns about moderation being incompatible, it’s normal to voice them.
As for the fediverse destroying the open web for everyone else, I think you’re hyperboling quite a bit, the fediverse has done mountains to make social media more open, probably more than everyone else.
Yeah you're right, I think I did overgeneralise there. I was meaning more of the culture of "Mastodon users"; Mastodon itself has done a lot to help the open Web too.
Though I think "voicing concerns" is a bit of an understatement. I feel really bad for the developer of Bridgy Fed, working on their passion project and just getting caught up in all this heat and harassment.
I'm one of the persons who blocks the bridge, not because of privacy concerns but because it bluesky, specifically. I do not like the idea of for-profit, vc-backed entities being given data, or any kind of decision. We all know exactly where that leads, a term has been coined, mountains have been wrtten about it and yet it still happens.
It's the same situation with Threads.
As for privacy I disagree with you. There's nothing because nothing has been discussed, but the technical feasability should never dictate what we want as a society. When a family member dies, even though the news is known you know how to behave, who to share that information with, what to say. Would you be okay with a company coring up to you and saying "hey we learned your mother died, would you like to tweet it ? It is free !"
I half agree that technical feasibility isn't everything. For example, I can murder someone with a knife. But it's not what we want as a society.
But it's not never. For example, I can see your post. So I can send a screenshot of your post to my friends to dicuss it. I can't see your hard drive contents. So I shouldn't hack into it and send a screenshot of your hard drive to my friends to discuss it.
So technical feasibility influences what is reasonable to do as a society. It's not "feasible = reasonable", or else murder would be reasonable, but it definitely does influence it.
And in this case, I believe what the Fediverse people commenting in the GitHub issue want to be unreasonable. It is unreasonable to publish something publicly, on a federated network, where privacy controls exist (but are not being used), and then claim to have an expectation of privacy in a public space, especially when such bridges provide utility and benefit to others that just can't happen if it's opt-in.
It is reasonable to block it. It is unreasonable to expect everyone else to restrain themselves from using public data in the spirit of the open Internet. It is especially unreasonable to harass non-profit bridge developers in this case. That's not a social solution, just harassment.
Note about copyright: that's not a path one should go down, because it'll make the Fediverse illegal as a whole. It's probably fair use, anyway.
Note about AT protocol: yes it's designed by a for-profit, but it's good. Just because something is for-profit and VC-backed does not mean it will enshittify; take Element for example. It solves a lot of issues that people were having with Mastodon such as global full text search and a global feed. I would use it if it only had more relays to spread out the control.
Public is public.
And someone else will just go build an opt-out (or maybe even no opt-out!) bridge.
Nah. Consent is a thing and this wasn't consensual. Yes, the posts were publicly accessible, but the intent of posting to Mastodon isn't to have it show up automatically on another network. It's technically possible, yes. It's still a dick thing to do and it pissed people off.
And again, it wasn't about Bluesky in particular. If Google announced that they were going to ingest all Mastodon content and post it in a new Google Groups kind of thing, they'd be pretty understandably upset about that, too.
In general, "if I wanted my stuff on Bluesky, I would have put it there". It wasn't the bridge creator's decision to make.
Public = consent for the public to see it. That includes the public on Bluesky. It was consensual. And the ruckus was in fact about Bluesky in particular. That's why the same project already supported other protocols without a big ruckus.
In general, "I want my stuff on Bluesky but don't want to deal with cross-posting to multiple different platforms and keeping up with responses on all of them"
And, "I want my stuff on whatever platform people want to read it on without having to individually approve each one" (which is quite literally the entire point of public posts on Mastodon).
OH - and it wasn't the bridge creator's decision anyway; it was the decision of people on Bluesky to follow you that would trigger your posts to be federated, so...
It was meant for the public to see, not to bulk copy it en masse to somewhere else.
Similarly, I don't want my blog posts used to train LLMs. I know they're likely to be since they're published right there on the Internet for anyone to see and read. But my intent was for other humans to see and read them, not for someone to feed them into a regurgitator. There aren't technical means that let me allow humans to read my stuff without allowing LLMs to ingest it, and someone could make the (bad) case that if I didn't want my work to be used to train an LLM, I shouldn't have made it public. Maybe. However, I reserve the right to think someone's an ass for doing it.
Well, no technical hurdles kept the person from copying data out of the network people meant to post it to. It's probably not illegal. It's not a nice thing to do, though.
> It was meant for the public to see, not to bulk copy it en masse to somewhere else.
Except literally the entire design is for other Mastodon servers to bulk copy it en masse to somewhere else.
> There aren't technical means that let me allow humans to read my stuff without allowing LLMs to ingest it
Yes there are. Don't make it public.
> However, I reserve the right to think someone's an ass for doing it.
Of course! You can think anyone is an ass. You can think anything you want. That doesn't mean that person did anything wrong.
> "if I wanted my stuff on Bluesky, I would have put it there"
How about "If I wanted my stuff on the your Mastodon server, I would have put it there"?
"If I wanted my Mastodon content on your RSS feed, I would have put it there".
How about "If I wanted my stuff on the Internet, a publicly available internet, I would have put it there".
This tribalism around network/brands/protocols is beyond stupid. The thing that is killing Twitter is its closedness and the assumption that the means of communication is what matters. It's not. Let open protocols be open.
If people want privacy, then they should use a secure communication protocol and not a social media network.
> Yes, the posts were publicly accessible, but the intent of posting to Mastodon isn't to have it show up automatically on another network.
I thought that was the point of activitypub.
>If Google announced that they were going to ingest all Mastodon content and post it in a new Google Groups kind of thing, they'd be pretty understandably upset about that, too.
exactly like they did with usenet without any issue?
Well, at least they paid money for Deja. Slight difference no?
I'm completely confused under what moral framework the fact that Google paid to buy the Dejanews archive makes a any difference.
To make it clear, for people who don't know:
Google Groups was originally Dejanews, which was a web based archive and front end to Usenet. Google started searching Usenet, but didn't have historical archives so they bought Dejanews.
Obviously no one who posted on Usenet got paid under this transaction.
It's like if Google bought a Mastadon archive off someone now: this argument seems to indicate that would be better somehow than Google archiving Mastadon posts themselves.
I don't understand why at all?
> Consent is a thing and this wasn't consensual
The whole point of a fediverse is it's a federation. Therefore there is implied consent to copying from one instance to another.
> but the intent of posting to Mastodon isn't to have it show up automatically on another network
Mastodon isn't a network, the network is the fediverse. Mastodon is some software that runs on the network.
What thing is consent?
Mastodon is an odd sort of network, there's more blocking than I expected and it somehow seems as if blocking is an intrinsic part of the design. In Mastodon, blocking looks like a choice one makes for whatever reasons, not an unloved measure needed for fighting abuse.
As if the design doesn't tell users "you can follow people in the fediverse" but rather "your ability to follow people in the fediverse is limited by you and three other parties and the software isn't among the three".
So… if the mastodonish idea of consent doesn't extend to all of the fediverse, what makes bluesky different from some unvetted mastodon site run by weird people? If the poster's/follower's/would-be follower's consent isn't taken for granted in one case and isn't taken for granted in the other, what makes the two cases different? There obviously is a technical difference, but what is the difference wrt. consent?
> what makes bluesky different from some unvetted mastodon site run by weird people?
Absolutely nothing! Fediverse admins block unmoderated sites all the time, for being unmoderated. Bluesky is just, effectively, one unmoderated instance that everyone will block by default.
Assuming your assertions are correct (they're not, but let's assume they are) - what's the problem with the bridge being opt-out if everyone will block it anyway?
> If Google announced that they were going to ingest all Mastodon content and post it in a new Google Groups kind of thing, they'd be pretty understandably upset about that, too.
Except that's not what the bridge does, at all. It only follows you on someone's behalf when someone on Bluesky specifically requests to follow you through the bridge.
I’m a sucker for a particular mix of condescending plus wrong.
And Fediverse admins will block that bridge, just like they would any other site with bad/nonexistent moderation, and will advise each other to block it. That's just how moderation works in the Fediverse. I guess it's sad that, unlike the admin of an instance with bad moderation, the bridge operator can't do anything to fix the problem, but in the end, that's their problem.
Hey! Congrats on the release.
Does the AT Protocol only optimize for Twitter-like flows, or does it allow for other types of social applications to be built like Activitypub? For example a reddit-like social media.
Currently, atproto works probably best for public social apps, like microblogging, forums, etc. So yes, it's definitely possible to build a reddit-like social app on atproto.
Part of the change today is that the PDS and Relay[1] now support non-app.bsky record types. This is quite new, so there could be issues, but we're prepared to fix any issues that crop up.
1. https://bsky.social/about/blog/5-5-2023-federation-architect...
> microblogging
Would it be possible to use it for macroblogging, i.e. long posts with markdown markup, embedded images, etc? If so is there a python library tghat implements atproto?
Yes, it should be totally possible to build a blogging system on atproto. And the "app.bsky" API should serve as an example for almost all of the functionality required.
Another really neat aspect of atproto, is that apps can interact theoretically. So you might create a blog system but use "app.bsky" (Bluesky) for comments.
OAuth support is coming soon as well, which is a big step in simplifying auth.
Congratulations on the release! If I may ask a question - is it possible to register an account without a phone number on a 3-rd party server?
Thanks!
Yes, it's totally up to a PDS operator to decide how they create user accounts. It's also not required on the Bluesky PDS service any longer, in most cases.
By default the self-hosted PDS requires an invite code, to prevent random people from creating an account. Later other options will exist, including OAuth support which is coming soon.
That's great, thanks!
> It's also not required on the Bluesky service any longer, in most cases.
That's also nice to hear - when last time I tried to register an account (shortly after the free registration launch) the phone number field in the registration form was marked as required, if I am not mistaken.
Yeah, you're right, it was. That was temporary measure during the public launch to prevent spam/abuse. We've made some improvements here recently.
I'm a little confused why the PDS server is both dockerized and has an installation exclusive to Ubuntu/Debian.
Yeah, there's nothing preventing someone from running the PDS server on other distributions. The installer just does a few convenient things for you (like install Docker, opens port 80/443 using ufw, etc) and we haven't added and tested support for other distributions.
There is a Docker compose file in the repo, and advanced users shouldn't have any problems running the code on another distribution or even without Docker if they prefer.
Advanced users can just view the installer script as documentation.
Why do you need to open ufw if it runs in Docker? Docker does its own routing magic and will happily blast right through any ufw rules.
Very cool to see this available though, I might have to try it out later this week!
Are there any independent projects implementing the AT protocol?
There are a number of independent projects using atproto in various ways.
There's an (incomplete) list here: https://docs.bsky.app/showcase
And the protocol is documented here: https://atproto.com
Thank you, I might be searching for the wrong things, but I don't see any independent servers. There's clients, libraries, bots, but no servers, am I missing something?
My question was motivated by the fact that from the outside the AT proto ecosystem looks pretty monocultural, and personally I don't trust that. :)
Federation was just opened up with this announcement. I don't think there was a lot of energy for working on independent PDSes until after this has happened. In the past day, a bunch of copies of this reference PDS have been deployed. We'll see how things change in the future.
Basically, you're right, but just because you're asking early on. This is about to change real quick.
Sorry to be dismissive but if people need a reference PDS to implement a protocol, I kinda lose faith in its expressiveness.
I'm contrasting this through the prism of having seen people implementing ActivityPub software as early as 2017, when it was merely a draft and everyone was complaining about how many things had been left out.
There are dozens of things being built on the protocol. Just not PDSes. And it’s not because it’s difficult, but because there’s no point until there are others to try and connect to.
Sorry, I feel like I'm not getting my point across: if building independent software that implements a "federated" protocol doesn't give you a "PDS" then the protocol has failed. You shouldn't need a reference implementation to do it, you should be able to federate with multiple instances of your own software or with other independent implementers.
I've also had pretty good luck using the GH topics for finding obscure projects https://github.com/topics/atprotocol https://github.com/topics/bluesky https://gitlab.com/explore/projects/topics?search=atprotocol (empty, but I usually check there, too)
Will this work for bare metal?
I use BSD, and all I see is a installer for Debian/Ubuntu.
No guide in sight for bare metal nor telling you what services/software are required.
yeah it works fine on bare metal, you'll just have to do a bit more set up work yourself (https terminating and such). The installer script should be instructive in how to run it but you'll have to figure out the BSD specific stuff
Look into the service folder in the repo—this repo is just a very thin packaging wrapper for a JS library, which you should be able to run anywhere you can run Node.
If I wanted to create a consumer hardware product that packages the PDS host in a user-friendly interface, does the software license permit that?
Also, services like Twitter started off with a developer friendly open API, and then it got closed off when the business needed to make money off the platform. What's the difference with Bluesky?
(I don't work at bluesky)
It's MIT/Apache 2.0 licensed, so yes. However, because it's also an open protocol, even if it wasn't, you could write your own under whatever license you want.
> What's the difference with Bluesky?
BlueSky is built off of an open protocol, called AT. https://atproto.com/ BlueSky is a particular app built on the protocol. As such, there's no way to "turn off the API," as BlueSky itself is a participant in the open protocol.
They could like, re-write everything to be a central service, port the user data over to it, and then pull out from the network, but then two things would happen:
1. stuff would break, as it's no longer part of the network.
2. since there is true account portability, users could simply swap to a different PDS and client, and re-route around the damage.
Also given that it's against their entire stated mission and goals, it would be social suicide.
Ok, I think I understand the hype now — this is sweet? Thanks for the reply.
When I was thinking about rolling my own federated social service (during the whole Twitter / Mastodon shuffle), I started thinking about the negative impacts of federation. “How can I build a kill switch into this thing in case bad actors start to participate?”
Of course, that means a central authority having moderation control.
But then, part of me thought.. does there need to be a kill switch? Do we want centralized moderation control? If laws are being broken, or social issues are being pressed to the fringe (*lons X), then the ISP would intervene. Or… the responsibility of moderation shifts elsewhere than the provider of the software. (To where do moderation responsibilities shift, if anywhere? I think is still a question.)
I personally landed at the spot of: it’s really no different than what the WWW provides — it’s just easier access. But, is that easier access to self host content and media dangerous? (lol I guess I’m still conflicted about what could happen with wider ease-of-access to self hosting.)
… back to sleep. This stuff literally keeps me up at night lol
(I didn’t get to the other comments further down in this post that talk about content moderation .. but I’m seeing them now!)
Now that individual posts can be viewed without logging in, is there a way to view/load a feed without authentication?
I'm working on a client and there's a specific scenario where I want to be able to show a feed like "Top 20 - Past 3 Hours" before a user has logged in to their Bluesky account.
Gonna be that guy!
Any chance the team could create a Home Assistant add-on for this? https://www.home-assistant.io/addons/
I think the Home Assistant community would go WILD for being able to self-host their Bluesky data straight from home with just a few clicks.
It's a pretty big crowd of people. https://analytics.home-assistant.io/ 327k willing to opt-in to analytics.
we need a new version of Zawinski's Law: every system capable of deploying plugins will eventually expand until it is a full hosting solution.
I know if there's one thing I'm eager to do it's to host even more stuff in that clunky piece of shit that has half a dozen main menu items for nonsense and buries everything of interest or value under "Settings"
The add-ons are just docker containers?
It's wasteful to get an entire second machine for something that can use the resources available on the machine running Home Assistant OS
How would it interact with or extend home assistant?
I switched to Bluesky but then moved back to twitter. I'm glad that they are trying to compete with Twitter (Twitter is a conservative cesspool), but all of my non-technical friends have stayed on Twitter. So, I end up going where they are.
I think the reason my friends did not join Bluesky despite me inviting them is that it just isn't as good of a product as Twitter. You can't post videos or DM.
I am not a tech executive and have no idea about corporate strategy, but it seems like Bluesky should focus less on technical differentiators and more on building killer features that have mass appeal and a community that people want to join.
IMHO this milestone, while cool, means absolutely nothing to people outside of the hacker news crowd.
I'm rooting for Bluesky, but it seems to me it will die without a critical mass of users.
Again, I'm kinda dumb, so this may all be wrong.
I think everything you said was fair, but you also mentioned Twitter being a conservative cesspool, and a lot these features like federation and composable moderation are designed to help prevent the whole "rich guy buys the company and turns it into something you don't like" scenario.
I don't see how - I'm not sure how Bluesky works but there must be moderation - otherwise the whole website would succumb to bots and gorespam, so there are people in charge who decide what you get to see.
If the end result is politically unbiased, it's due to their conscious decisions, not some magic algorithm.
I think moderation is per server/community - like mastodon (or, conceptually, reddit)
As opposed to centralized moderation (twitter, FB, IG, etc.)
This is not the case, moderation is decoupled from each server. Users choose how they want moderation to work, and can share those tools with others.
See here for more: https://news.ycombinator.com/item?id=39471973
Federation is nice but when the platform only does one-third of what the platform you're trying to leave does then the whole thing feels like a toy
It's really unfortunate that the tech companies set the precedent in the first place by pushing hard political agendas into their policies and moderation biases. If it was truly neutral in the first place we would not be having this conversation. All the people complaining only now about Twitter doing this are part of the problem.
Of course people are going to complain about content they don't want. That's the product. Twitter changed their product to deliver different content, so its audience has changed.
Calling it 'The Problem' like climate change or the national debt gives it too much power. Just use something else. People use group chats for real relationships now anyway.
FYI a government can’t borrow a currency it issues, there is no national debt (or all money is debt).
There is no "true neutral" when it comes to moderation. There are a million examples, but the most obvious are of the form "you can have group X or people who hate group X and are dedicated to driving them off the platform". Somebody's not going to have "free speech" in that case. And even if you go for what most "true neutral" advocates want, which is a lack of rules, you'll quickly find that quite a lot of people don't want to hang out at the place that's filled with Nazis or scam artists or spammers or whatever.
So in practice you have to make choices, or you'll end up running the new 4chan and being sad about your life. As happened to the guy who ran the old 4chan: https://www.rollingstone.com/culture/culture-features/4chans...
True neutral means moderating consistently, judging behavior without regard to identity.
The ideal, platonic version of this would be that moderators only see an "identity scrambled" version of each tweet/post when they make their moderation decision. Like a screen that blinds orchestra musicians when they audition, the human would see a statement like "I hate New Yorkers" and not know if the original message said "I hate New Yorkers" or "I hate Floridians." So they would have to make a decision based on the general principle of whether a statement of this form is allowable.
Anywhere you want to draw the line is fine with me, as long as you draw it consistently.
That sounds like a very personal definition of "true neutral". And also an unworkable one.
Take the use of reclaimed slurs, for example. When used against the discriminated group by a dominant group, their intention is often to cause harm. When used within the group, the intention is to reappropriate the term: https://en.wikipedia.org/wiki/Reappropriation
Similarly, harassers will use terms in ways that are plausibly read different ways depending on who they're talking to. So something that might sound innocuous or just odd when directed at me will be correctly read as a racist attack when directed at somebody else.
And that's not even counting when they'll just come up with new terms so they can be awful in ways that are novel enough that automated filters or out-of-date moderators won't catch. E.g.: https://www.vice.com/en/article/bv88a5/white-supremacists-ha...
In short, because there's a great deal of identity-based hate in the world, identity-blind moderation ends up being an aid to the identity haters out there.
The element of moderation that you consider essential -- the latitude to apply subjective judgments that rely on knowing the specific identities of the participants -- is precisely the element that I do not trust moderators to perform.
That this moderation strategy would prevent the use of all slurs (even reappropriated ones) sounds like a feature to me, not a bug.
"That this moderation strategy would prevent the use of all slurs (even reappropriated ones) sounds like a feature to me, not a bug."
You're proposing erring on the side of censorship to avoid some gray areas. While this is a reasonable position, it doesn't satisfy some ideal of neutrality and won't really avoid the gray areas, and so still would require subjective judgement.
For sure. While at the same time allowing the more clever variety of abuser to sail on past.
In practice, almost any nominally "neutral" position ends up allowing an enormous amount of abuse. Which is why you'll see most platforms that start with a free-speech maximalism approach coming up with a lot of nuance and exceptions over time. And those that don't turn into cesspools.
Most people are pretty great, but moderation has to be built for the worst-case attacker.
If detecting abuse requires knowing the identities of the people involved, it sounds like another way of saying that some behaviors are fine if they are directed at certain people, but "abuse" if directed at other people.
Which is ultimately what I object to.
No, I'm proposing erring on the side of consistency. I think it's likely that this strategy would result in less "censorship" in some cases, and more in others.
What we have now is a system where, on many platforms, moderators often put their thumbs on the scale and decide that certain groups need more protection than others. Generalizing about or disparaging certain groups is ok, but the sensitivities of other groups are considered sacrosanct and must be deferred to.
Like I said, draw the line anywhere you like. If it applies to everyone equally, I am happy. I am fine with things that require subjective judgment, as long as that subjective judgment is behind a screen that conceals identity.
And also “what’s a slur” alone is very subjective. For instance on Twitter Elon has decided “cis” and “cisgender” are slurs, but “trans” and “transgender” aren’t. But in gender discussions the terms come up all the time, and they are just terms.
Moderation is full of gray areas, and they are unavoidable.
truly neutral = post anything? there exist such platforms and they're cesspools because human nature
It's a fair point and we definitely debated it, but it was too important to us that we complete the mission.
Ah yeah, I get that. I don't mean to be cynical on the day you complete that mission.
Congrats on launching! Excited to see what y'all do next.
You guys made the right call. You're not trying to become the next TikTok.
Debated videos and DM? Mastodon has those features; if you're not doing them at all you may want to reconsider.
We definitely want to implement these features, the question was whether they should hold back releasing support for federation or not. Since federation is a core constraint on any features we'd like to build, the team felt that there is no reason to hold federation back, and that releasing it as it's ready makes sense.
We're thinking about Bluesky as both a product and a protocol (informing each other's design), and you're 100% right that for the end user, the product itself is what matters. Because we've taken on the decentralization constraint, we take longer to "catch up" to features that centralized platforms tend to have from the start, but it's definitely going to be a major area of focus for us going forward. (Ofc Mastodon isn't centralized, but note that it's had a few years of head start on feature development. We'll get there.)
Mastodon DMs have absolutely no privacy: https://github.com/mastodon/mastodon/issues/18079
For a decentralized protocol doing things right is much more important than doing things fast, it is very difficult (and in a lot of cases impossible) to break backwards compatibility.
DMs on any other service also have no privacy. Signal or Telegram could read your DMs by simply releasing an update to their code, for example. You always have to trust the person running the service you use. (Unless you have E2EE/something like OTR, in which case you have to trust the persom who makes that code!)
The whole point of end-to-end encryption is that you don't have to trust the people running the service you use.
If Signal releases a malicious update (and they don't provide reproducible builds), it is very much possible for you to know about it, as everything is on your device. Even if the binaries are different from the source code, decompilers, analyzing network traffic, etc. gives the community a good chance at catching malicious updates. Mastodon admins can simply pull up your plaintext DMs on their servers and no one will ever know.
> The whole point of end-to-end encryption is that you don't have to trust the people running the service you use.
Well then I guess it's pointless because it doesn't accomplish that.
(The actual point, FYI, is that you don't have to trust all of: them, their hosting providers, your ISP, the ISPs between, the government, and their mom.)
> it is very much possible for you to know about it
"Possible" != "done"
> analyzing network traffic
How are you gonna do that? Surely if they wanted to sniff it would still just look like any other encrypted data
> gives the community a good chance at catching malicious updates
Sure, when the same application is used by everyone, which is not true in either the Mastodon world or the new Bluesky-small-instances world
I think Mastodon has a pretty good balance here – when you try to send a DM it explicitly tells you that it will not be encrypted: https://u.ale.sh/Vo1ahx.png
And the linked privacy policy goes into further detail (at least on my instance, mstdn.io):
> Please keep in mind that the _operators of the server and any receiving server may view such messages_, and that recipients may screenshot, copy or otherwise re-share them. Do not share any sensitive information over Mastodon.
Overall, I think it's safe for most chit-chat, and for anything more serious you can add link to Matrix or your email and PGP key in your profile.
As a sidenote, I'd also like to point out that a lot of serious communication nowadays still happens over unencrypted email. You can consider it whataboutism, but it's still worth remembering IMO. (And of course, like others pointed out, DMs on Twitter aren't encrypted, too, so it's the status quo here.)
Just make ci releases with daily updates. Good luck reverse engineering and auditing that.
If the protocol is not open, you have to rely in the clients provided by the vendor, and you can slip a backdoor throigh easily.
When did you last audit your Signal client? Where is “the commjnity” organizing this effort and publishing the results?
Debian shipped an entropy lowering in house patch despite the “many eyeballs” fos years (for OpenSSL). Don’t lure yourself into false feeling of security bevause of the “community” might be doing something. Only count on defenses surely in place, with traceable operation and output history, with responsibles who are allocated resources for the work and having stakes at its outcomes.
Debated prioritizing them before federation, not debated their existence. They are a must-have for social.
I think it's sensible to have at the very least federation function as intended ahead of DM's as I imagine DM is another part pretty contingent on federation due to the privacy issues becoming approximately 10x more complicated with federation. ;-) Twitter is having it easy.
Videos might be more of a resource issue. Hardly a good time to launch videos almost at the same timeframe as they spike their user base by going public.
this is the correct order of operations for sure
Not sure I agree. Being the thing that the tech folks find cool isn't a bad starting position at all. And it's significantly harder to achieve than DM's.
I've been using Bluesky for a week and I'm impressed. I actually appreciate that there is less media, it's more about conversation. So far it feels very much like Twitter before it became a cesspool. I'm conversing with local journalists, prominent scientists, sci-fi authors, etc... It's wonderful.
This whole thread is oof. Modern politics, to include both sides of the spectrum, has devolved rapidly. It feels like a real-life version of the Spiderman meme.
If anything, modern politics is better.
No video in 2024 is a total deal breaker for most users. That's insane.
Video is also prohibitively expensive outside of Google-scale endeavors and will likely crush both third-party BGSes and PDSes. Everyone doing video is either selling you ads (whether it's in that video or around it), selling you the video itself, or is losing money. Possibly all three.
As it is, og-embeds do work for video and audio from a few different providers.
If storage is a problem, couldn’t Blusky add a size limit to video uploads?
It's not storage, it's bandwidth. Most system providers, for Bad Reasons, charge a lot for egress; even relatively good ones like Cloudflare have particular payment shenanigans around video. Size uploads could help in that situation, but it's a bandaid on a bullet wound when the video still gets played a million times, y'know?
> It's not storage, it's bandwidth.
A size limit affects both equally.
> even relatively good ones like Cloudflare have particular payment shenanigans around video
That's only for the web service. Workers and R2 let you do video just fine. And small videos don't need any fancy logic, just toss them over http.
> Size uploads could help in that situation, but it's a bandaid on a bullet wound when the video still gets played a million times, y'know?
No, I legitimately don't know. Why is it different from an image that gets a million views?
Then people are going to link to YouTube and benefit of getting lesser copies is small. The rest of media that works within a limit on a microblogging are junk.
How does Mastodon do it?
By externalizing costs onto server owners, the same way they do everything.
It's not a good way to do it, though, and it's worse for Bluesky because it implies that in order to move your PDS (one of the best features of the design), you'd have to pick up the freight for video that already exists. If PDS mobility is important, attaching large economic strings to that is a big disincentive.
> By externalizing costs onto server owners, the same way they do everything.
I mean that's the whole point of the Fediverse, a federated network of independent nodes. Of course the nodes take care of the functionality.
That gives me a great idea: If you self-host your PDS you can have video but moochers don't get it.
Sure, but that's Scary(tm), because an unexpected viral skeet is going to cost you a lot of money. In this case I'd expect almost all video to be fraudulent--either in terms of pirated egress or in terms of disinfomation scams.
Obviously you should choose a hosting provider that doesn't allow bandwidth overages.
In such a case you absolutely should! At the same time, it makes sense that bsky, as the protocol stewards, might not want to make that pit too easy to fall into.
Why must we insist on calling these things after an euphemism for ejaculation?
Never going to be taken seriously by the public.
Because it's funny.
Great. But without video you lose most of your users.
I am increasingly of the mind that this is a feature, not a bug.
If you want to be Twitter, you'll end up being Twitter. We already have one of those, it sucks, and we don't need another one.
Social networks go to crap above a certain scale. If everyone can see your posts, you'll write posts to be seen by everyone. Which, as it turns out, ends up benefiting no one. The magic comes when there is a community, where you give a shit about the people you're sending messages to, and they give a shit about you. If the community is too small, then nobody bothers with it and it dies. If the community is too large, then it ends up being old men screaming at clouds, and (see above) we already have one of those. So a platform that is good enough to use, but limits the number of disaffected members, is the only thing worth creating.
If something I'm saying requires a video, then I can always link to one. If something someone else is saying requires a video, and it requires the video to be immediately visible while I'm reading whatever they're saying, then there's a good chance I'm better off not seeing it anyway, even if I think I want to.
(Ironically, in this post I am an old man screaming at clouds...)
I agree with this--and also, again, you have video, if you upload it to YouTube. Or stream via Twitch. Like, you don't need on-platform video. Google makes more money than God; let them pay for the perturbed bits.
Feature requests opened since 2023-07-24:
GIF support: https://github.com/bluesky-social/social-app/issues/1047
Audio/video support: https://github.com/bluesky-social/social-app/issues/1052
I'm not sure what kind of "cesspool" Bluesky is, but it's unbearable. It's like 2015-era Tumblr but worse, somehow. Twitter, by contrast, feels like a breath of fresh air.
I'm wondering if you really mean "2015-era Tumblr" or are trying to evoke pre-Trump liberals on Tumblr (i.e. "manspreading is a micro aggression" pop feminism and teenagers creating fan lore about gender identities) by referring to it as that.
If anything, my experience of Bluesky has been the inoffensive vapid thought leadering of peak Twitter alongside the playful air-headed liberal self-help that is also fairly reminiscent of peak Twitter. In one word: bland. Being able to paint over the offensive things like nazis and porn by sweeping them under your personal rug rather than blocking or banning them only adds to this impression for me.
Twitter, your breath of fresh air, on the other hand is overrun by ChatGPT spam bots and shovelware drop shipping ads worse than the crypto "giveaway" scams and paid tweets of the immediate pre-Musk days and every even moderately left-leaning political tweet is filled with replies describing the violent acts they want to do to that person in excessive detail by accounts that openly post literal neo-nazi propaganda videos of Adolf Hitler denouncing "degenerate art" as a Jewish plot to weaken the German volk and national spirit and going "I don't agree with everything he did but he had a point". Political discussions about the Middle East in turn are split evenly between right wing calls for genocide of all adults and children in Palestine and right wing defenses of Palestinians for being victims of the international Jewish conspiracy to exterminate the white race through mixed breeding with brown refugees.
We used to always call Twitter "the bad place", "hellsite" or "cesspool" before Musk but it certainly deserves those names now more than ever, arguably rivaling 4chan in its political takes although the depictions of gore are mostly limited to uncensored war footage and the porn is decidedly more tame.
The reason Twitter is called a "right-wing cesspool" is not because it's full of right-wing people (that would just make it a "pool"), it's because of the vicious explicit threats of violence and celebration of human suffering propagated by those people. For all its faults, the bland libs on Bluesky don't do much of that.
Granted, my experience of Twitter might be tainted by the fact most people I used to follow in the old days have either left or are no longer active and any time I visit the algorithmic timeline hits me at full blast. And a lot of the edgier posts (not replies) by right wing folks the avalanche of drama RTs throw my way are clearly created to farm engagement in the hope of striking it big if the bluecheck authors make the payout lottery.
> Twitter is a conservative cesspool
I disagree. If anything now it's more balanced, every "right of Portland-liberal" is no longer hidden and shadow-banned or worse. I like it a lot more!
Now you can actually read and learn about stuff you care about.
Yeah, maybe we just have different politics and I'm too dismissive of alternative worldviews.
Still though, I get like Matt Gaetz' tweets recommended to me. Does anyone like that dude? How is this happening? Why on earth would I want that? I feel like all this conservative stuff is surfaced by the application to me.
[Proof](https://ibb.co/ypHS8fN)
I got notifications, on my dang phone, for the dumbest fucking takes. I don't get them for liberal people. Possible I am just in the demographic of people they think would swing conservative so they target me.
It’s not just you. I echo your sentiments.
I use Twitter for tech, but my feed is now conservative politics, gore video, & tech tweets intermingled.
This is funny to read since this is basically what conservatives experienced for the last ten years on Twitter pre-Elon.
Navalny’s wife was just banned and then shadow banned. There are countless examples of leftist accounts getting banned just for being critical about Musk.
It’s absolutely conservative cesspool. Nazis can are literally posting 14 words propaganda all day long and there are no consequences.
To think that Navalny or his wife are in any way leftists is insane. They were leaning more towards nationalism (just for Russia instead of the US).
In the face of current events though, that can be overlooked as it is not a narrative that serves western interest.
But to give an anecdote about an alternative, I rarely see any bigotry on Mastodon. Instances which allow that or don't moderate it correctly get block listed by instances I like. These instances may defederate into their own bubble in which they can still exist but cause no harm to the general timeline. Yet everyone still remains the freedom to express themselves. I like this because it's just a natural way of how to solve this problem for the end user.
There are other reasons than being vocally left-wing [1] or being a journalist [2][3] that get you suspended or banned on Twitter these days.
Musk is grandstanding about "free speech", but what Twitter actually does now is fold and cave to demands for censorship from any authoritarian government that asks [4][5].
[1] https://www.businessinsider.com/twitter-leaked-internal-mess...
[2] https://theintercept.com/2022/12/20/elon-musk-twitter-banned...
[3] https://www.thedailybeast.com/elon-musk-suspends-insiders-li...
[4] https://restofworld.org/2023/elon-musk-twitter-government-or...
[5] https://www.techdirt.com/2023/05/15/once-again-free-speech-a...
They’re left of Putin so I dunno what you’re talking about.
Putin is a fascist dictator and Navalny wanted democratic rule.
How do you get shadow banned after getting banned ?!?
They publicly claimed to unban her so they could convince people it was a mistake, and then they shadow banned her.
I agree. I now see both extremes(horseshoe) and in-between as much. While before it was heavily leaned towards the left.
> Twitter is a conservative cesspool
Interesting. I see it as the de-facto journalist platform, which to me (as a non american) make it very left leaning. But then again, I don't use X.
It was. In the last year it’s become largely conservative, and not in a standard reasonable small-government, etc. way. It’s like reading Facebook posts from your dumbest uncle.
It didn't become, just suppressing what was already there is gone.
American journalism isn't left-leaning. At best it is "click" leaning, and say what they need to do to get eyeballs on their content. This is why they helped normalize trump so hard, and repeatedly fail to call out the extremist right wing in the US.
This is what a lot of people don't get about the "pop feminism" era of online "journalism" in the pre-Trump era: it wasn't feminism, it was clickbait. At best it sold an idea of feminism but the emphasis was always on the selling part and not anything ideological. "Girlboss feminism" helps no-one except the bosses.
The same is true about most so-called "left-wing" journalism. Some journalists may be true believers but the platforms exist to make money, not to be any threat to the systems those ideologies explicitly oppose.
Heck, this even goes for political parties like the Democrats: the Texas governor literally rejected the authority of the federal government and legislative system by deploying his military at the border and the Democrat president's response was to propose a bill that would have created a legal avenue for what the treasonous governor was trying to make happen. Decorum is used as an excuse to keep intentionally ceding ground to the supposed political enemy.
Speaking of, the political compass places 2020 Trump as somewhat more authoritarian than 2020 Biden, and barely more on the right :
I think they nailed every Mastodon criticism that I've heard floating around and addressed it, however I'm especially curious to learn about the moderation layer in-depth.
> I'm especially curious to learn about the moderation layer in-depth.
You'll want to read:
* "Composable Moderation," this is the core conceptual idea: https://bsky.social/about/blog/4-13-2023-moderation
* "Moderation in a Public Commons," which describes specific features that were added in pursuit of the previously-described goal https://bsky.social/about/blog/6-23-2023-moderation-proposal...
* "Bluesky 2023 Moderation Report," which discusses specifically how (what is now) the main instance was moderated last year https://bsky.social/about/blog/01-16-2024-moderation-2023
I cannot see how BlueSky's moderation system can ever work. Decoupling moderation and hosting means there's no onus to do the moderation that they describe: which makes me think it will be BlueSky Inc., and only other corporations, that have resources to throw employees at a now thankless, Facebook-style moderation job. And instances have to moderate anyway, in order to not host illegal content.
I hear you on some level. That said, we are already seeing people creating blocklists, and tools to share them with others. That is happening alongside the company's investment in paying people to work on T&S related issues on their instance.
I am not sure if it will succeed or fail, but I am interested to see how it plays out.
That relies upon the benevolence of corporations to much more of an extent than I am comfortable with. 20 years of social media has convinced me that that's a bad idea. And, I think, it removes much of the benefits of federation: if the only way to sustainably moderate is to rely upon gifts from BlueSky Inc., moderation is going to be necessarily dependent upon them.
To me, the company moderating their instance feels like additional moderation capacity, rather than replacing it.
I don't believe I subscribe to any blocklists on BlueSky. If I end up doing so, it is much more likely to be one run by someone I trust than by a company. Having the option of either seems worthwhile to me.
Blacklists feel more like reinforcing the echo chamber than moderation.
Then you are free to not subscribe to any of them, and see every post. It is under your control.
A lot of the popular users subscribe to the blocklists uncritically. It breaks the UX of the site if you get placed on one.
Users are not entitled to the dissemination of their opinions. Either you let users block other users or you will turn your site into a cesspit.
No, I am talking about as a reader. If you are blocked, you cannot follow threads, even if you never post.
As the plaform matures so will the blocklist ecosystem. Hopefully blocklists with good appeal mechanisms will win mindshare.
> Decoupling moderation and hosting means there's no onus to do the moderation that they describe:
I'm not sure this follows. There is a similarity to the reddit model of moderation. The host provides some base amount of moderation but supplemental moderation comes from members of the community. In the Bluesky model, a 'subreddit' is analagous to an indexer/aggregator (aka Relay/AppView) that provides a moderated and/or weighted feed of content. The same incentives for volunteer mods on Reddit will exist for volunteer mods on Bluesky.
One of difficulties with content moderation is it's been targeted by some as a tool available for the few to control and shape public opinions to far narrower degrees than legally required, which is harmful to free speech. I'm not completely sure but externalizing that part probably mitigates that issue a bit.
EU is moving towards requiring all social media obey EU laws, under loose notion that their laws is the least restrictive and most reasonable. No one is, and the sum of all ethical standards on Earth is not going to be something very popular, so that's nonsense. OTOH, it's perfectly reasonable that content served at scale in a region will have to be lawful; "this content you want removed is lawful in MY country" is sort of nonsense too. So moderation decoupling and, ahem, moderation localization is going to be necessary for social media. I suppose that's where they're going.
Interesting that you have picked EU, while sites like Twitter are already blocking or removing content on request of countries like Turkey, China or Russia.
I remember Turkey and China pressuring on political sides, and Russia as well as Germany kind of ignoring jurisdiction as well, but EU is the most recent and formalized approach of that so that came to mind first.
Communities are built on shared values and expectations of what is or isn't acceptable conduct. If a guest to your club house starts pooping on the carpet, you throw them out not only because you don't want that to happen in your club house but also because throwing them out demonstrates to the other people in your club house that they can expect there to be actual consequences to that kind of behavior, allowing them to feel safe knowing that they won't have to worry about it. Bluesky's solution apparently boils down to just telling everyone to ignore the poop guy and giving them the option to not be able to see him.
The problem with censorship isn't the enforcement of rules. The problem with censorship is the enforcement of rules the individual that has to enforce them doesn't agree with. Free speech absolutism on social media is often argued for with appeals to "the town square" but the difference between social media and an actual town square is that if you make a complete ass out of yourself in an actual town square, eventually someone will punch you.
wtf. The problem with censorship is censors are subservient to his nation and don't get to pick victims at his will? "demonstrates ... that they can expect there to be actual consequences" ? You really must hate the concept of a modern nation and social contract.
Post 18th century world started with peasants beheading kings and gutting his body into pieces so no single individual shall have any meaningful parts of it. The fact that kings had the power to throw anyone out of "his" club, deemed no longer his simply by volume of peasants within, at his king's discretion without the newly established ultrabureaucratic people's approval processes, was the problem they had enough of.
I'm not even sure in which part in the history of humanity your definition of free speech and censorship problems could come from. I don't think even ancient Roman Senate honored that kind of view as I've never heard they held sessions with bags of stones around. That isn't an anarchist view either, since it will lead to their minority views alone justify such "consequences".
Just wtf?
Sure, telling people who openly advocate for the death of people in your group to take their opinions elsewhere is exactly like peasants beheading kings or kings throwing people they didn't like into the pit. I'm not even sure how to begin responding to such a creative interpretation of what I said.
> throwing them out demonstrates to the other people in your club house that they can expect there to be actual consequences to that kind of behavior, allowing them to feel safe knowing that they won't have to worry about it.
> telling people who openly advocate for the death of people in your group to take their opinions elsewhere
These parts of your comments imply your default model of safety is a safe haven in a barbarian land with perimeter walls and armed guards and a benevolent property owner. Clearly your thinking is privatized violence is integral to safety. You might be thinking that's what freedom of speech is, as in freedom implemented in speech domain, but that is wrong. Freedom of speech as this phrase is used is something different from that.
Freedom of speech means speech is always taken as unserious as practically possible. Absolute freedom of speech would mean even advocating for death, or however terrible the messaging might be, are taken as weird jokes until an action is taken.
This is not the matter of thresholds and analogies, your model of freedom is just wrong.
It'd be nice to see an updated version of those that describes how those ideas and tools relate to a self/third-party hosting. The best I can tell, this is the model:
My understanding is that each host has control over what they host and can subscribe to third party content filtering services to help do so.
Then various indexes/aggregators (potentially third party) crawl hosts and provide services to find content. This is where voting or toxicity checks can be applied to manipulate reach.
This content is also tag-able via third party services (and may be used by indexes/aggregators).
The user is then able to select/configure indexes/aggregators and filter based on tags.
I'm kind of tired of social networks in general, but this is attractive to me just because of that. I like Mastodon, but the underlying ActivityPub protocol was rather underwhelming.
What's nice about the architecture most fedi software including Mastodon follow is that if a better protocol than ActivityPub comes along (like perhaps, Spritely) they can add support for it and concurrently federate with both protocols. Mastodon used to do this with OStatus.
Rather underwhelming from which point of view?
From the point of view of a small federated client developer, exploring the ActivityPub protocol. Far from thorough or objective.
There is barely any project that supports client to server ActivityPub protocol, so from that point of view is underwhelming, yes. If you tried to implement a Mastodon compatible client, that's a different thing though.
Is the AT protocol is superior in your opinion?
I don't know enough about it to give feedback. However Martin Kleppmann's[1] involvement is a huge selling point to me. It's also, seemingly, good enough that they're building very useful things on top of it like PDS, migrating users, etc.
ActivityPub (AP) felt a bit like "good enough to get something done", which is amazing on one hand - people can do a lot with it. But it also means some harder problems are totally ignored[2], so the landscape between instances felt rocky to me. I also heavily disliked how federation worked in AP, ie how the protocol felt like it favored centralized instances because small instances were less likely to be pinged, were lower priority, in general was very spammy, etc. Not that the AP proto did anything to cause that.. it just didn't do anything to address it in my view, it was just data.
Does AT fix my concerns over AP? No idea. But i appreciate a proto that had a bit more time in the oven and being used to (maybe) solve the harder problems that i experienced with AP.
[1]: https://arxiv.org/abs/2402.03239 [2]: These are only my opinions from a very brief stint in trying to write an AP client to federate with Mastodon, Lemmy and Kbin. I did not dive deep into AP, so please don't judge it from my experience.
> I don't know enough about it to give feedback. However Martin Kleppmann's[1] involvement is a huge selling point to me.
Oh, so it's just hype.
It's interest, yes. Notably because the existing solution (AP) has been a negative to me.
Not sure how you call that hype. Is everything hype until you understand it well to you?
Does that mean after Bluesky reaches critical mass, it'll turn the federation off, like Google Chat killing its XMPP federation?
For clarity: I'd love to see this comment and say "I was wrong" 5 or 10 years later.
The network is designed to be "locked open" in a way that prevents this. The architecture is designed to work like the web.
Nothing against Bluesky, but I think we are all a little jaded after seeing decades of the "embrace, extend, extinguish" pattern.
Being jaded is understandable, but because this critique is generic, it is applicable to literally anything and everything. I don't see how you can ever get something that's considered good if you always assume it will turn into something bad regardless of its current stance.
Thats easy, you don't have a structure made with a single large actor capable of changing the rules of the game mid flight.
You get something good system by sharing power, not by once again falling for "trust us bro." You get it by understanding power imbalances and avoiding them the same way my dog avoids objects with large amounts of potential energy, because they're predictably dangerous.
I understand this, yet, when presented with exactly this, the response was "well what about EEE."
The protocol and hosting mechanisms are open source. There’s one actor currently sure, but it seems like bluesky is not holding onto that.
So presumably today's announcement that they are now supporting self-hosted instances is welcome news to you -- it is a huge stride in the direction you are advocating for.
Actually it's very hard, and becomes tiring after some point. I personally always keep a hope that I'll be wrong in the long run.
Sometimes I'm spot on, sometimes I stand corrected. The problem is, as time goes, your free time reserve starts to decline. You optimize things, consolidate services, etc., and these kind of migrations start to take tons of time.
Because of this, I gave "big web" up and moved to "small web", and always have plans to evacuate any service in a moment's notice.
It's like being a doomsday-preparer from a point, but at least I have backups and backup plans for everything.
This would be more "create, extinguish", because there's no existing AT protocol network to embrace.
"embrace" would be the rise of decentralized social media
If there can exist an "extinguish" step for the concept of decentralized social media itself then decentralized social media has already failed. The whole point is supposed to be about changing hearts and minds to embrace self-governance, a rug pull should just result in people moving somewhere else.
But that's sort of why Bluesky is not really decentralized, just federated. It's a pretty significant difference. Mastodon is federated and decentralized. Twitter is non-federated and centralized. Bluesky is trying to be the federated, centralized option.
Whether that works, we'll see. I for one just gave up social media about 8 years ago and, while feeling like I'm missing something flares up from time to time, it's nothing like the disaster my online life was before I gave it up. It wasn't a problem of missing federation or not being centralized. It was inherent to the way social media functions against my person.
How is BlueSky centralized? I could see that argument before this feature shipped, but "BlueSky is trying to be the federated, centralized option" goes counter to what the team has said directly.
I could maybe see an argument not based on technical premises, but instead something like "it will defacto become one because running a relay is too expensive" or such. Is that what you're going for?
I'm not who you replied to, but yes, that's my main concern: Bluesky is still a company building a thing to pay back the money it owes investors.
I worry that Bluesky becomes the de facto central actor and, due to having no stated business plan and a countdown to repay the money they took, pulls a Google, leveraging its dominance to introduce proprietary, breaking changes.
Yes, right now, the tech, team, interviews, etc sound mission-driven, but "revenue is the dominant term"[2] in the equation of a company's life, and there's still a very real chance that Bluesky dominates whatever federated AT Protocol network ends up forming, then uses that leverage to walk back all this promised openness.
I'm cautiously interested in Bluesky, but I'm watching for this kind of de facto dominance and we're probably too early on to see where the AT network is headed.
- [1] https://somehowmanage.com/2020/09/20/revenue-model-not-cultu...
Yes. In the sense that Mastodon is decentralized because there is no one Mastodon server. One may accumulate more users or be the "default" for the community of users, but there is no Mastodon server (much to the chagrin of many new users).
We don't even need the hypothetical "it will defacto become..." because Bluesky Social was, up till now, the ONLY way to participate in the community. They had 3 million users before federation, and now we can start to hook into what they've built, but the idea from the start was clearly not built around federation and decentralization, otherwise it would have been federated from day one, as Mastodon was. They can HOPE now, that people accept the federation concept, but there's enough gnashing of teeth around the pain of running Mastodon instance that it seems really clear that going from central to decentral is, if we're being intellectually honest, a bridge too far for most to cross.
How can it "lock open"? If 90+% of users are on the official bluesky servers, what could possibly technically prevent bluesky from just no longer federating with other hosts?
In the same way that Google stopped federating by no longer accepting connections from others, as long as most people keep their stuff at Bluesky they can also just close themselves off from others again. I don't necessarily think it is a big risk, but the only reason the web is resilient to this is that no single ISP controls enough of the network to take it "private".
Basically, until atproto is much bigger than bsky.app, the situation is not very different.
what binds this? I have no interest in joining if Jack can sell to Elon again and a switch gets flipped
That specific scenario is impossible, in my understanding, because Jack does not have an ownership stake in the company.
This release, of federation, is in my mind a major answer to the real question you're asking, which is the same but with "the employees" instead of "Jack," as they have the equity stake.
Once things are federated, other folks gain power over the protocol, by virtue of usage. If Bluesky PBLLC starts to do shady things, the other instances can refuse to do so, and talk to each other instead.
This is why the split between AT and BlueSky is important, and why this news matters, as it is meaningfully delivering on the desire to protect against such a thing.
Right I didn't mean to get into the business aspect, but essentially "what prevents someone from undoing this for money." Thanks for the detail.
It's all good. The Jack thing is, in my mind, a bit sensitive, because a lot of people criticizing BlueSky talk as though Jack runs the place, owns it, etc, all of which seems factually incorrect. He has a board seat, but seemingly cares about it so little that he deleted his account. From what I hear, nostr is his focus, but I'm not on there so I can't speak to that personally.
Jack has certainly been successful in building a general perception that bsky is "the Twitter founder's" next social network project, intentionally or otherwise
The issue here is that if 99% of people use BlueSky and 1% use non-BlueSky AtProto servers, that leaves BlueSky with all the power to turn off federation. If BlueSky starts to do shady things, other instances can refuse and talk to each other instead - and eliminate 99% of your followers, 99% of the people you're following, etc.
Email is open, but if GMail decides to block all email from you, you're toast. And while GMail is large, their percentage of email inboxes pales in comparison to BlueSky's percentage of AtProto users (which is near 100% at the moment).
Yes, once things are federated, other folks start gaining some power over the protocol by virtue of usage. However, if 99% of people remain with BlueSky, everyone else essentially has no power.
mastodon.social has around 15% of the Fediverse on its server and it means that it has a lot of power. Mastodon (the software) is around 72% of the Fediverse which means that other ActivityPub software essentially has to use Mastodon-flavored ActivityPub with whatever quirks might exist in Mastodon. But that's still way less power than BlueSky has in the AtProto ecosystem.
Open protocols are only good as long as there's enough reason for lots of different parties to keep those lines of communication open. mastodon.social needs to keep supporting ActivityPub because they'd lose 85% of their network if they stopped. Let's say it's 2030 and AtProto has 500M users and 99% of them are using BlueSky. BlueSky could simply turn off all the AtProto endpoints and make their web and mobile apps use proprietary endpoints. I'm not saying they'd do that, but they certainly could. Now, if 2030 comes around and there are 500M AtProto users and 10% of them are on BlueSky, then it wouldn't really be possible for BlueSky to turn off AtProto. They'd lose 90% of their network.
But we don't know if AtProto will catch on outside of BlueSky or if BlueSky will remain the vast majority of the network. If there isn't a lot of use outside of BlueSky, there could come a day when it's very tempting to turn it off - or do something that isn't quite turning it off, but would effectively accomplish it. Maybe they just start making breaking changes to AtProto, rolling it out, and documenting the change a week later and third parties just end up unreliable and people migrate off them. There's lots of options.
Five years from now, how is BlueSky making money? Are they just storing, processing, and serving lots of content without good monetization as third party apps start grabbing users and making money off their servers? I mean, we saw what Reddit and Twitter did. If BlueSky controls 99% of AtProto users, they can turn the firehose off. Even if they aren't trying to be evil or maximize their revenue, at some point they need money for all those engineers and servers. Maybe the official BlueSky app will be popular enough for them to get some ad revenue there and not feel the need to go after third party apps. Maybe a lot of things.
But until BlueSky is a minority of AtProto users/posts/etc., it's still something they have a lot of power over - including the power to pivot BlueSky off AtProto and make BlueSky a proprietary network.
For sure. One nice thing about AT's design is that, if they do, you can take your posts over to some other host, and it'll all Just Work. True account portability makes that kind of power grab harder. Of course, that would require users to actually move, which is not a given.
Time will tell!
> A central directory server collects and validates operations, and maintains a transparent log of operations for each DID.
(https://github.com/did-method-plc/did-method-plc/blob/main/R... linked from https://docs.bsky.app/blog/self-host-federation)
You are not in control of what you see in your feed, it's the algorithm that chooses for you. So while technically all kinds of content can exist, most users will only see what's officially approved.
BlueSky literally allows for users to create their own feeds with whatever algorithms they want, and to share them with others. You can follow them as easily as you can follow an account. I'm already following several.
So is Signal, and yet here we are
That would only work if Bluesky stays the only significant network node. Which is _possible_, but we haven't seen it with, say, Mastodon. Google Chat was arguably a bit of a special case; vast majority of users never used federation at all, whereas any Bluesky user will, pretty much, just by naturally using Bluesky.
It worked with Mastodon because it was diverse and well-distributed from the beginning even when it was young. I'm skeptical that other people are going to run their own BS servers at scale now that it's been normalized to always just use the firstparty one.
If they really want to they can fix this by closing the central server.
They would never do that since BS has VCs to answer to now.
It depends on their business model. Maybe running the server can't make money anyway.
If they can do that, then the whole federation idea is useless and just a theatre. But I don’t think Bluesky will ever reach critical mass anyway.
… and if not, what the heck is the business model here?
BlueSky's first revenue generation (in my understanding, I don't work there) has been a partnership with NameCheap that makes it easy for non-technical users to purchase a domain name and use it as their BlueSky username.
They have been a bit vague about other ways to generate revenue, except in one case: they will not be using advertisements to monetize.
That business model is laughable. The percentage of users who care about a domain name, are willing to pay a subscription for it and don't have one already has to be in the single digits.
They better have a good answer to this because it's a threat to the ecosystem as a whole if they don't. Because relying on VC money in this environment is not the smartest thing to do.
I would agree that if that were "the business model" instead of "a thing that generates some revenue," it would be laughable. However, nobody, including BlueSky, believes that this is solely enough to power the business.
I agree that a healthy Bluesky PBLLC is a good thing, and hope they manage to pull it off. Time will tell.
Well hopefully they take it more seriously.
Because based on them raising $8m in a seed round middle of last year they aren't going to have much time to decide and implement a strategy before they will need to start thinking about raising a Series A. Or maybe Jack does become a bigger investor.
Either way I think it's insane to prematurely rule out advertising.
I don't think they're not taking it seriously.
I also don't believe (and again, don't work there, just a huge fan, so maybe this is wrong) I'm not sure that the revenue was the reason for shipping this feature. It's best thought of as an accessibility feature, for folks who do not know what a "DNS record" is and have never hosted a domain. Without this, more technical users get something special that non-technical users do not: a nicer username. The money is just a side effect of the fact that purchasing a domain name already requires money, and so a partnership with a revenue split just makes sense.
> Either way I think it's insane to prematurely rule out advertising.
I hear you in an abstract "that's the way you make money in this space" sense, but I also think it's a smart reaction to the public sentiment around this stuff. People do not like advertising. It is a differentiator. We'll see if it works out for them or not.
The whole point of Bluesky is to build a social network that is not incentivized by advertising. They don’t rule it out completely, but it can’t be a major part of their revenue.
> They don’t rule it out completely,
Well,
> Are you thinking about advertisements at all?
>
> There will always be free options, and we can't enshittify the network with ads. This is where federation comes in. The fact that anyone can self-host and anyone can build on the software means that we'll never be able to degrade the user experience in a way where people want to leave.
https://www.wired.com/story/bluesky-ceo-jay-graber-wont-ensh...
This reads as definitive to me personally.
In their business-plan post, they stated: “We set out to build a protocol where users can own their data and always have the freedom to leave, and this approach means that advertising couldn’t be our dominant business model.” Which reads like advertising could still be a possibility, but not as a dominant factor.
Fair!
> enshittify with ads
> we'll never be able to degrade the user experience in a way where people want to leave
Neither of those is the same as "no ads". They're just saying that they can't make the ads so bad that most people want to leave, because then people will leave and the ads won't be shown to anyone.
Reddit destroyed Apollo so they could inject ads into the Reddit experience.
Bluesky doesn't have the ability to do this. There's no API key to revoke that could stop someone else from running parallel apps/infrastructure/etc. The network is completely open.
Reddit had ads long before they destroyed Apollo. Thanks for providing additional evidence for my point.
Sure, but Apollo made it easy for users that didn't want ads to use Reddit without them. Destroying Apollo removed that ability for most people.
I'm about as anti-ads as it gets but I don't object to other people using apps with ads in them, if that's their choice.
Ads.
I am very excited that this shipped! I believed the team would pull it off, but there's been a lot of skepticism, some justified, some unjustified, IMHO. Hopefully this will assuage some people's concerns.
I am unsure if I am going to run my own just yet. We'll see.
Thanks Steve! You've been very fair the entire time and your feedback/thoughts have been helpful.
I really like the fresh ideas in Bluesky, in this case especially the different ideas regarding federation in comparison to Mastodon. I've tried Mastodon extensively and it is lacking in so many ways.
There's no algorithmic feed other than "popular" (on large instances) which shows the same 10 people posting for months in a row, daily. Hence, discovery of people and content is very hard. No content or people are recommended and search is broken. Ordinary people not belonging to some cultish niche have a very hard time compiling a good feed, if they even understand it at all.
Federation itself is broken. The boosts and comments to a post do not accurately synchronize across the network, it depends on some complicated logic regarding whom from your instance follows anybody else from the other instance. The bottom line is that you may see 3 boosts whilst the original has 12. You may not care about boosts, but it's a disaster for comments/replies. Everybody is seeing a different subset of replies to the same damn post. It drives the OP mad because there will be 20 people replying the same thing because they cannot see that others already said it.
Instances have too much power over moderation. They control whom the instance federates with server to server. You may be following somebody on another instance but your instance owner defederates and now your connection is gone. This ability to not just moderate content but heavily impact your social graph isn't seen anywhere else. And this ability is heavily used as Mastodon is a network of activists.
Combine this over-use of moderation with the idea that instances go under all the time, and the only sane thing to do for most people is to join the default instance. Here you'll have reasonable "mainstream" moderation and the biggest federation reach with other instances/services. Which kind of defeats the point of a distributed social network.
I'm still impressed by what Mastodon has accomplished given its grass root origin and shoestring budget, but it's no social media of the future.
I don't know if Bluesky is, but at least it has a better design regarding nomadic identities, a user's ability to self-moderate, content protection, etc.
All good points and I've experienced similar.
I looked at the site and I see a lot of comparisons to 'old social'. But for people who might run their own node or decide to commit to the network and encourage their friends to join them, it seems your true major competitor would be projects like mastodon.
Yet there are no comparisons on the site. I don't see even see a mention. This makes it difficult to evaluate relative maturity, core competencies, limitations, and risks.
The linked blog post includes a section called "Does this mean Bluesky is going to be like Mastodon?" which lists a few differences. Is there something in addition that would be worth clarifying? I agree it would be great to include that on the site and not just on the post.
Thanks for pointing that out! I read again and see the blog post has a summary with 4 very high level points, which I admit I didn't read initially. I saw a wall of text about an expansion and I was still asking myself 'What exactly is Bluesky and how is it different?', so I skipped right to the main site.
Having read the post more deeply, particularly the bullet points you mentioned, it looks like there are four really high level differentiators listed:
* A focus on the global conversation
* Composable moderation
* Composable feeds
* Account portability
The term 'composable' seems almost misused when reading the extended descriptions, and is used differently between points. For example, 'composable moderation' indicates that moderation isn't done on a per-server level.
The fundamental censorship and algorithmic prioritization models for distributed social networks seems to have three layers: global (centralized), server, user.
In 'old social' the model is basically just 'global', as there are no servers and the only 'user-level' options are those determined by the global operator.
It doesn't seem like moderation would truly be 'composable' if it's only set on the global and user (and therefore global via centralized determination of client-level specs) level. It sounds like Facebook except with other people paying the data costs.
The next bullet indicates 'composable feeds', which sound like a very nice feature but really don't seem to follow a decentralized model either. The 'composition' does not combine from each global/server/user layer. They sound more like 'custom feeds' which users can define based on global content, using predefined criteria determined by a client (web app) which don't really a way to control the behavior of. Which makes this feature only truly operate on the global layer, and 'custom' rather than 'composable'.
It would be on the same level of 'old social' adding a new feature to their web app, more than a fundamental transfer of control to the network. As a result, when the dollars dry up and the feature isn't financially plausible, or a PM somewhere makes a bad decision because he read a blog post about how great it is to destroy user choice, there's risk the feature could go away.
Anyway, the question I'm still left with in the end is this. If moderation is done globally, and I can't exercise any control over the prioritization of content beyond what is granted to me by the global provider (even though there are more and better choices than 'old social'), what's the benefit of running a federated node?
I don't mean to make it sound like this is some kind of Twitter clone with an SSO login that outsources operational costs to volunteers while still keeping a fundamentally iron grip on control. I'm just honestly confused at the value proposition for volunteers. Exactly how much control is transferred to the network beyond simply hosting data which is displayed according to how the centralized portion of the system determines?
It'd be good if the trade-off in terms of time, data, and performance for running your own node was simply to remove the capability of the centralized network to collect user behavioral metrics and such. That's a great and valid reason to host your own service or use a trusted party's service. But there's no mention of this if it is the case. If you provide that already without promoting the fact, maybe bring that up with your marketing team.
Anyway that's getting a bit off topic. But to the original point:
Ideally, a better comparison would be a dedicated page which coallates every feature of each platform in a grid. A row for each feature. Row cells would fill with 'has' or 'does not have' checkboxes or possibly text where there's something similar but differs sufficiently to require an explanation. Maybe with links to documentation or direct to UI on the line items where appropriate.
> sound more like 'custom feeds' which users can define based on global content, using predefined criteria determined by a client (web app) which don't really a way to control the behavior of. Which makes this feature only truly operate on the global layer, and 'custom' rather than 'composable'.
To be clear, custom feeds aren’t defined in the client app. Anyone can run a custom feed on their own server and with arbitrary logic. A custom feed subscribes to a global firehose (which could also be run by a third party) and uses the stream of the events in the network to produce its results. A user can then publish such a feed under their account, and other users can consume it. This is essentially event sourcing.
Here’s a technical paper with details: https://arxiv.org/pdf/2402.03239.pdf
We’ll have more to share on composable moderation in near future.
> If moderation is done globally, and I can't exercise any control over the prioritization of content beyond what is granted to me by the global provider (even though there are more and better choices than 'old social'), what's the benefit of running a federated node?
Running your own server (aka PDS) allows you to post content that might be blocked on other servers.
The "global" moderation in BlueSky is also federated. Anyone can provide a weighted feed, search engine or other content discovery service (aka AppView) by crawling servers or other indexers (aka Relay). This is like what google/bing/ddg does for webpages.
The user can then apply their own moderation to the results returned by the aggretator/indexer of their choice. This like running an add blocker.
I think the composable part comes from some internally recognized and more specific operational needs. There are multiple overlapping and sometimes offending legal requirements for free speeches and its limits, let alone ethical ones, on this planet.
e.g. Call for democracy can be highly illegal in some regions(no, not just in China, or just few countries that are "super backwards"). Some may wish to say that those regions are objectively wrong and deserve no attentions, those who ingest such content should fight to death for that speech, or something heroic along that. It's not that simple and easy, and in those cases a "zero tolerance on criticisms for social systems" filter might be useful in letting user in for what is worthwhile without asking for their lives nor blood on our hands.
btw, if only it was always something that heroic. Mastodon Fediverse exploded and sheared into camps of censored loli, uncensored furry, alt-right terrorism, and myriad rest of none-of-it isolates, all slowly declining. A global unified federated microblogging network that was almost completed, over that.
You have nailed it. Bluesky weirdly tries to omit that as much as they can, but they do admit in their protocol descriptions that everything goes through and depends on a central server with absolute power.
They also mention that anyone can run another of these, but there is zero chance anyone will be able to do that.
> "They also mention that anyone can run another of these, but there is zero chance anyone will be able to do that."
This is an odd claim since it's completely possible today and has always has been.
Each Bluesky Relay and PDS host has endpoints that anyone can use to receive network data (post/like records, etc) in a totally permissionless way.
A Relay:
A PDSwebsocat wss://bsky.network/xrpc/com.atproto.sync.subscribeRepos
And there are additional sync methods as well for doing backfill, etc. Not sure how this could be more open.websocat wss://puffball.us-east.host.bsky.network/xrpc/com.atproto.sync.subscribeRepos
To me, the only question worth asking is the following. If a hypothetical guy, let's say his name is Melon Usk (lol) tries to buy or otherwise influence Bluesky, he's going to still mostly be able to do it with this relatively centralized moderation model, yes?
This feels like "thanks for offloading some of the data, but we still retain most of the useful control?"
No. There are two components: data storage, and "indexing". You can always, feasibly, own your data. Being your own indexer is less feasible, but you'd choose one like you'd choose a Mastodon instance or something. Portability is trivial because you have the data. "Usk" buys your indexer to put ads on it, you can just move. Moderation only controls what you see on your feed, using a different indexer just means logging into a different site and seeing a slightly different set of posts.
I'm confused, your first word is "no," but your answer seems to suggest "yes, usk would be able to have considerable influence"
Which is to say, neither storage nor indexing -- but moderation -- the ability to have control over that would be the most important thing.
"Usk" buys (or otherwise leverages money to be able to put his thumb on the control of ) bluesky's moderation. Data storage just gives you the ability to leave? What am I missing?
Posts on AT are content-addressed. The feeds, as they're called now, just return content links. If "Usk" buys a feed provider it's trivial to move to another one. If you're curious why running a feed is more expensive than simply storing data, it's because you need to ingest the actual data for these links before figuring out what to serve in a feed. This storing, indexing, and aggregating is expensive.
Yeah this is my point. With X users are in a tough position because the platform sucks but they still have a huge amount of sunk cost in it. With Bluesky/AT, that doesn't exist in anywhere near the same way.
I guess the question I'm really trying to get at is "What is the worst that hypothetical Usk can do?"
I think I have a handle on it for Mastodon; the answer is "not much" or it's going to be pretty hard. While the deeply decentralized nature of Mastodon makes it harder to find a good "feed," it strongly protects against this; he'd literally have to seek out the individual instances and start trying to control them, one by one.
But it looks like Bluesky is closer to Twitter (I ain't callin' it X, idgaf) than Mastodon for purposes of what matters to a bad actor. Instances dropping off the map doesn't matter if you have a hand on the control of the relatively centralized recommendation algorithm?
Not your original parent, but my take.
> if you have a hand on the control of the relatively centralized recommendation algorithm?
There's nothing centralized about it. Anyone can run an algorithm. If you don't like that algorithm, drop that feed, and find a new one.
Basically, a big difference between BlueSky and Mastodon is that in BlueSky, almost everything is independent parts you can layer together however you like. Mastodon is based around instances, and so ties a lot of these sorts of choices together for everyone on that instance. On BlueSky, "my instance", that is, where my data is hosted, is separate from the posts that I see, because I can choose to follow whatever feeds I like. My instance is also separate from my personal moderation preferences, which I choose independent of my instance.
I just got this setup using Docker on https://fly.io.
It's running with wayyyy less resources than the github suggested. I am on a shared cpu with 512mb of ram running the container.
Could be a little simpler to setup, if the docs provided a docker run example without the shell scripts. Also has some duplicate env variables.
For anyone interested, I shared it in the discord: https://discord.com/channels/1207024379549061120/12070503280...
Overall super cool. My profile page says I am using an invalid handle, but otherwise it works, and I see it requesting my server for things.
You have shared a discord link. Does it allow publicly accessible links now? I was shown a login/signup screen.
The invite link is in the blog post. Assuming anyone can go to it after joining.
In the example I just hard code the env variables to demonstrate, but you’d want them in secrets after testing it out.
In case you are unaware, it's considered poor etiquette to share links to login-walled social networks, and something like Discord that forces you to join a chatroom with unknown implications (it may trigger a message drawing attention to you, it may require account verification, it may require manual action from a moderator, etc.) just to access some information, all that on top of requiring an account to view anything, is far worse. You can easily share information through one of the countless Pastebin clones out there.
I only did it because they’re requiring anyone who wants to launch their own self hosted install, to join this exact discord and fill out an application form….
So anyone who wants to run this, has to join that discord anyway. You can find it in the blog post.
I see, I thought that was their support platform for people who can't figure it out from their docs and GitHub. There goes my plan to try out self-hosting.
This seems like what Berners-Lee’s Solid project is trying to do, at least in principle. Is that correct?
Seems intriguing regardless. Congrats on making it happen!
Solid is more generic than social media but yeah, it has a similar storage/app split as Bluesky.
This looks pretty compelling! The best of controlling your own data and a global, network-effects-compatible content approach. Seems like a win for users if it gets adopted.
When is this going to support IPv6-only hosting? Would've loved to set up an instance to mess around with but requiring IPv4 is a showstopper for folks behind CGNAT (i.e. most people on earth).
CGNAT is for IPv4, so users can share IPs. It's pretty hard to use the internet without IPv4 access today, so it's not that much of a limitation.
But we do certainly plan to make IPv6 work on all our network services.
That’s… not what I said. If you want other people to host services (like to federate), it’s going to be pretty impossible for the vast majority of people to actually do it if you only allow IPv4 connections.
You cannot federate behind CGNAT, and most folks can only open ports over IPv6, because they don’t live in America where everyone can get their own public IPv4 address. This is a pretty big miss IMO.
Okay, I get what you're saying. Yes, hosting a PDS server behind NAT is a problem.
1. The expected scenario is that people would run PDS hosts on small VMs (Digital Ocean, Vultr, AWS, etc) where an IPv4 address is the default.
2. People running PDS hosts behind NAT would use a tunnel service of some kind (Cloudflare Tunnel, Tailscale Funnel, Ngrok, etc).
But IPv6 is something we do want to support, and it won't be a huge effort. It will just take a bit of time to get to it.
IPv4 is not the default on any of the platforms you mentioned, it’s a paid add-on you must pay extra for.
It just seems strange that a federated social network platform who wants as wide of an audience as possible, gatekeeps who can participate based on a trivial self imposed limitation.
Hope I don’t sound like a hater because I’m excited for this, but yea it’s a bigger deal than a lot of people think. Even just dealing with bots is 100x easier when you have v6 because you can fine tune rules based on ASNs much easier when you can expect v6 addresses from certain networks and what not. We saw this in India the most where most bot activity would be v4 only, while humans would connect over v6, so we could dynamically tune sensitivity on challenges based on solve rates and what not.
Another option is using zrok - https://zrok.io/. Its open source so you could build it directly into Bluesky and either host the backend yourself or use the zrok free SaaS. zrok also has SDKs so you could embed the capability directly into your binaries without having a separate agent.
I'm happy to see they dropped phone verification via SMS. I was critical about it a few weeks ago because 1) it's a dumb thing to do in 2024 and 2) it didn't actually work for me (they were trying to be too clever with German phone numbers and I couldn't get past their broken validation). I just signed up without that nonsense and it worked.
Thank you! Great to see companies taking feedback seriously.
Agreed, not to mention phone numbers can easily be used by entities to ID anyone's account which has a chilling effect on freedom of expression.
I hope someone comes up with a multi-protocol social server. Bridges are a bad architecture for decentralized systems, because they introduce single points of failure. I can understand using a read-only bridge to mirror content from external resources, but if the other side speaks a federation protocol you should find a way to communicate directly so you don't have to worry about intermediary failures.
Someone has been working on a bridge between BlueSky and Mastodon, and uh, it has generated a TREMENDOUS amount of controversy on the Mastodon side.
I have my own biases so I don't want to describe it further than that, nor link to it directly so as not to cause even more disagreement, but the controversy does not seem to faze the developer, so I believe you will have your wish.
Can you at a high level explain why people are mad about this? Is there a difference in the sort of people on Bluesky vs Mastodon, or is it a technical disagreement?
Again, please keep in mind that this is my perception of others' arguments, and so may have some bias. I am going to try and counteract that with my wording here, but maybe someone who holds this position can drop by and give their own summary.
I have seen two main complaints:
* This is opt-out not opt-in, and I don't like that.
* BlueSky is bad because it is run by a company (sometimes with a suggestion that Jack Dorsey owns and runs the place), and I think the fediverse should be free from corporate influence, and so I object to the idea of a bridge.
In my experience, the former was the majority of the complaints. The common sentiment I saw boiled down to "if I wanted my posts to be on Bluesky, I'd have posted them there." I agree with that completely. It wasn't so much that it was Bluesky in particular, as that someone made an opt-out system that would re-publish all their content elsewhere.
It is worth noting that being indexed by Google is also opt-out on Mastodon.
Anything run by someone like Jack Dorsey should be away from something like fediverse. He literally killed third party ecosystem on Twitter after multiple times begging developers to come and revive the platform. Without those third party apps Twitter would not have been anywhere close to the size it reached.
Yes, he, Dorsey, did it. I don’t should discount that one bit!
Should we give him or people like him another chance? Fuck no. History is filled with examples of embrace and extinguish. Let’s wish him luck for AT Proto (actually BSKY; he is not interested in AT; AT is the bait, the lure, because he knows well people will just flock the first and the biggest).
BlueSky isn't run by Jack Dorsey. I'm not a fan of him either. Luckily, he's doing nostr instead.
Got it. Thanks for correcting me. I was ill-informed.
(He’s on the board of directors though it seems - there are two people there I think).
Bluesky isn't run by Jack Dorsey BTW. It kind of looks like he disowned it.
People don't like the perception that someone is doing something to their posts without them opting in.
Mastodon is very sensitive to that.
People will still bridge the two in various ways.
People will also bolt on more direct bridging to Mastodon if there's any demand from Bluesky users.
Basically, unless Bluesky totally fails, it will be embraced and extended by the broader broader Fediverse, because why not?
A global bridge isn't a multi-protocol social server. The guy is free to do as he likes, but I'm saying I don't think public bridges like that are a good architectural decision for decentralized networks. The individual nodes should implement multi-protocol support instead.
Some probably will, but I think a fairly substantial part of the Fediverse will ignore Bluesky other than via global bridges unless/until it has a lot of traction.
I have two Mastodon instances, and I don't know if I'll bother. If I were to it'd be mostly because I feel that ideologically I think it'd benefit the Fediverse to embrace Bluesky real tight, take their best ideas, extend them, and ensure it feels like Bluesky is just another corner of the Fediverse with some pointless differences.
Just in practical terms, global bridges will see extremely high traffic if they become popular. I've watched people struggle to maintain operational bridges for single high-traffic channels. Not to mention the hosting cost of being a single point of failure for inter-network translation.
I think the future of decentralized social media is bright. I'm critically supportive of all the work being done and I'll be happy as long as we don't repeat the mistakes of email and xmpp.
Assuming they operate the same way Mastodon itself handles federation and only relay the content people follow, there's no reason you can't fairly straightforwardly scale it by just running more of them. But frankly I'm not convinced Bluesky has much of a future. It needs to 1) offer something significant over the wider Fediverse - which is far more than "just" a Twitter-like and they only have a partial answer to the Twitter-like part - and 2) prevent being embraced and extended. E.g. nothing but inertia prevents the same level of indirection to provide smooth migration as Bluesky offers, and so if users care it will come to other services over ActivityPub too. The good parts of Bluesky will be copied. Then what? Especially if you're on the Bluesky side of a bunch of bridges where people on a lot of the instance on the other side look at you with suspicion and lock you out from their communities.
The limitations on filtering on Bluesky and the culture of filtering on Mastodon where this ability is seen as a community good means that if you want a 'global' view of the combined network, you're going to need to be on the Fediverse side of those bridges. That's not a good position to be in for Bluesky.
I know not the details, but all power to that developer.
In general, most of mastodon is too cliquey and over-dramatic to tolerate any sort of bridging. I see so many reports on block trackers of various kinds of bridging daily. Back when Threads had just been announced and merely mentioned eventually bridging with ActivityPub, the tracker was flooded with preemptive blocks of the domain.
And yet you can be on Mastodon and just never bother to pay attention to any of that drama and your life will barely be affected by it.
The cliques are mostly important to those who choose to make it important for themselves.
Yeah, that's what I do, was just pointing out that the loudest mastodon users are like.
The beauty of Mastodon is that if you pick your instance carefully, most of that noise doesn't necessarily even make it to your instance, much less your feed ...
That's Friendica. Bluesky apparently will be available in next release
Friendica is always doing the good work.
Yup, https://fed.brid.gy is one such project, and as another commenter mentions there's been a lot of discussion over the last couple of weeks. Some very good discussion, some interesting points, and a bit of unfair venting, but looks like it's moving in a good direction
Global bridges like this are single points of failure that defeat the purpose of decentralization. I'm saying that individual nodes should be full participants on all of the networks they want to communicate with. I don't have an issue with whatever they're trying to accomplish, but I've seen how hard it is to maintain stable high-traffic bridges.
Every time Bluesky comes up as a topic on Mastodon, the discussion becomes a total shitshow. I think most people are just going to be happier if the two stay separate.
This post immediately comes to mind: https://bsky.app/profile/caseynewton.bsky.social/post/3kktr3...
Personal Data Server (PDS) github link: https://github.com/bluesky-social/pds
> Specifically, each PDS will be able to host 10 accounts and limited to 1500 evts/hr and 10,000 evts/day
Can't have anyone competing with you, after all!
Basic anti-spam. Just look on Mastodon (and the thankless job of many instance mods) or on how Twitter gets overrun with porn, crypto, crypto scam or troll bots...
For what its worth I've yet to see any spam at all in my Mastodon feeds (regular user for about a year, accounts on multiple instances). Much respect to the admins for staying on top of it.
Ah yes, incredibly low limits with no way to say "hey look we're quality, let us do more". That's "basic anti-spam". Sure.
It's actually "you can host yourself and your friends but anyone who doesn't know someone with a server and technical knowledge must use our platform"
These are just the initial limits while we work out any issues. It'd be bad for everyone if the network was immediately overrun with spammers launching PDS hosts with millions of fake users/posts, etc. Even though our infra might be able to weather this kind of abuse, there are many independent feed generators (custom algorithms) operated by individuals that would likely fall over.
The plan is to increase limits sufficiently to account for all legitimate usage.
(It's also worth pointing out that these limits only apply to our Relay service. The expectation is that there will be other Relays on the network in the future.)
> Ah yes, incredibly low limits with no way to say "hey look we're quality, let us do more". That's "basic anti-spam". Sure.
Then please suggest how they can remedy this problem without giving spammers the same opportunity.
- Requiring upfront financial commitments would deter most low-yield spams, at the cost of raising requirements for running your own node - Domain-based filtering likely works for this, but this brings back in the topic of censorship (see Mastadon's domain blocking)
> It's actually "you can host yourself and your friends but anyone who doesn't know someone with a server and technical knowledge must use our platform"
You're complaining about the immediate first steps and how it doesn't immediately land on the moon. Simplifying the deployment process for everyone else still takes time. At minimum:
- Purchasing gateway for a custom domain name (requires partnerships with domain name sellers) - Server/Compute+DB rental gateway (because the average normal person doesn't have the hardware to run the service 24/7, nor do they want to know about Linux) - Togglable automatic updates to the federation service
Each simplification would require effort on the devs & partners to setup & maintain.
Somewhat unrelated, but I appreciate the existence of the public firehose endpoint at https://firesky.tv and wss://firesky.tv/ws/app
It's roughly 10 posts/second, so it's trivial to process it completely locally.
Does anyone why firesky went from showing the username, to now showing the "did" user code instead? Is this an effort at some privacy in AT?
Farcaster and Lens are much better alternatives than Bluesky. Not only you host your own data but you can choose your frontend and permissionlessly use the protocol backend. Web3 is the way to go for social media.
Why do Farcaster proponents never mention that it's not free in their pitches?
>To sign up, users must pay a $5 sign-up fee, meant to prevent the creation of spam accounts. Further, users can only post a limited number of “casts” on Farcaster apps, which are tied to packages called storage units. Storage units, which go for $5 a piece, grant a user 5,000 casts, 2,500 reactions, and 2,500 links or photo posts within a one-year period.
Web3 for social media? Isn't it just a crypto scam framework?
web3 = crypto = scams and weird scammy people. going to be hard to undo that association but good luck!
This I applaud as the tech in me.
It will quickly become a mess in the real world.
People will run pods on cheapest VPS and they will get hacked, run out of money, get bored, go broke etc.
Imagine as fractions of content goes missing for a while or is just deleted.
One guy runs a small pod with some people, kills it, 60.000 messages gone. How does that impact interconnected discussions?
If I own my own data. (good), and I can remove my data if I want (good). Then what happened to a BlueSky conversation I was having with 40 other people? some of whom belong to other pods.
Do the conversations remain with just blank lines where I used to be?
If not, if the content remains stored somehow then I dont own my data and I cant remove it?
With great power comes great responsibility. In a decentralized system you need to take responsibility for your data; specifically you need to backup your data. Bluesky has much better migration/backup/restore than Mastodon. If you want someone else to take responsibility for your data you can use a centralized system like Threads.
PDS are crawled by relays who cache the messages and can offer a holistic view over many PDSs for client apps to use. If a PDS goes down the data would still be stored by the relay.
> If not, if the content remains stored somehow then I dont own my data and I cant remove it?
This is true of any federated system. Once you put things out into the world, you can ask that others delete it, but that doesn't mean they will.
Even in centralized systems, things like archive.org exist.
In some sense, public statements are always immutable.
> People will run pods on cheapest VPS and they will get hacked, run out of money, get bored, go broke etc.
> Imagine as fractions of content goes missing for a while or is just deleted.
All of your complaints apply for the internet. Would you say the internet was a bad idea?
> Imagine as fractions of content goes missing for a while or is just deleted.
It may have changed since I have been user there but, I consider content on sites like Facebook or Twitter, that is not really recent, to be lost anyway. Because searching or browsing older content was hard.
The same criticisms and solutions apply to web pages.
Various organizations provide "archive" services. Relays and/or AppViews can utilize (or be) such a service. Removal from such a service depends on that service's systems (and possibly the legal context.)
This is nice, but I'm confused about one thing: how can instance owners ensure illegal content such as CSAM doesn't get cached on their servers if defederation is not a thing?
My understanding is that a PDS instance only hosts data for it's users.
Caching can happen at Relays or AppViews and those will presumably need to do something to avoid caching CSAM.
Does Bluesky allow different federations to require everyone they federate with to share a block list?
Mastodon has this problem and it makes it where you have to have multiple accounts if you actually want to use the platform. This might sound like not a problem, but it'll naturally lead to whatever account has access to 51% of your content being the one you use consistently, and you eventually just forget about the other 49%.
I linked to primary sources on moderation upthread: https://news.ycombinator.com/item?id=39471973
Block lists don't work at the instance level, so the answer to your question isn't just "no", but that it is impossible.
Only in the strictest sense and if you assume nobody will build graphs of interactions to use to block instead.
Sure, I was assuming "within the context of the protocol," because if we're willing to step out of that, then literally anything can happen.
It's a fairly safe assumption in this instance given how important these features are for people - either BlueSky will never get much traction, or people will add ways to achieve the same result.
Personally, I'm not very block-happy, but I still have a few instance-wide blocks in place for my even my single-person instance on Mastodon because there are literally a few instances full of nazis, run by nazis, where blocking one puts you at risk of brigading.
I'm in a privileged enough position to have relatively little to worry about, but this also extends to a safety issue for a lot of communities, where harassment and threats spill over into the "real world", and where being able to put in place broad, expansive blocks to minimize the ability for individuals who consider themselves "wronged" by one of their victims to utilize their communities to strike is the bare minimum when there isn't a central authority putting efforts into getting rid of these users.
I agree that blocking is important. I just think that the framing here is very mastodon centric, and not really a thing that makes sense given how BlueSky works.
For example, due to having true account portability, if you tried to block a particular instance, they could just move to another one to evade that block. You need to block the account to prevent this. If there’s an instance that hands out usernames as a subdomain, you could write a moderation service that takes that into account, but then they could transition to their own username, stay on the same PDS, and that would no longer work.
The more BlueSky native way would be to run a moderation service that tags accounts, and then a blocklist that bans accounts that get the tag. You’d then want to tag accounts that post from that PDS, and now, even if they move, they’re still blocked.
That is to say, “you can’t really do that” doesn’t mean that that isn’t important or impossible, just that different protocols require different means of implementing requirements.
After a couple of years on Mastodon this has just never been an issue for me.
If it is one for you, nothing stops you from using s client that supports multiple accounts.
But people banding together to not just block proven bad people (by whatever criteria) but also those who closely associate with them will happen in any federated system one way or other, because blocking at an individual level is too cumbersome.
>You need to join Discord to access the feature
Seriously?! Will this trend ever dies?!
I don’t want to use discord, can’t they just make a simple request form? Whenever I see “join our discord” for anything in any service I just never use that service, keep it as an option for whoever wants to hangout there just don’t make it the “only” channel of communication!
Is that a direct quote? I don't see it anywhere. What I do see is
> Because the PDS distribution is not totally settled, we want to have a line of communication with PDS admins in the network, so we’re asking any developer that plans to run a PDS to join the PDS Admins Discord.
https://docs.bsky.app/blog/self-host-federation
This is much more reasonable than an actual gate on the feature.
Not a direct quote. But Discord is the only means of communication.
This is just for a brief period during polishing/debugging since this is the first time third-party PDS hosts have been added to the network.
The goal is just to help PDS operators join the network and make sure that if there's a problem we have a channel of communication open.
Bluesky has a Matrix dev group (afaik it’s an official one) why not use that too in addition to Discord (or other comms channels)?
Unfortunately they declared they didn't have moderation bandwidth to maintain it as an official channel, and then apparently moved to Discord :(
I'm a little confused by this, how did switching to Discord reduce the load on their moderators?
i assume it didn’t. unfortunately, decentralised web projects don’t always do that well at having each others’ backs. (Matrix maintains a presence on Bluesky tho: https://bsky.app/profile/matrix.org)
Discord has better moderation tools than matrix
Welp, that’s unfortunate indeed.
P.S. Fantastic project (Matrix/Element)!
What would you like to see instead for groupchat-style quick low-threshold discussion?
Maybe Zulip.
Maybe some kind of federated option?
So what data goes and what data is blocked by transitioning away from the main server?
I am assuming a person's own posts would come along, but what about conversations with other people, or group discussions or things you have followed?
Any other features that would work / things you could see if still connected but no be available if you were federated and banned?
I think fbook has a hidden 'export your posts to WP' option somewhere, and you can download a copy of your data (if you are not banned / can still login) - but that data would not include replies in groups, marketplace, etc (? haven't checked, I'm sure other things)
I read they were turning off the groups access API and may not be offering a replacement option..
I think there is reasonable debate as to whether or not group posts and such should or should not be included in a data dump / backup..
Also not familiar with features that bluesky or mastadon or twitter do or do not have and what would break if you moved your data (would only your part of dms/chats come along? pictures others sent you or posted? )
> So what data goes and what data is blocked by transitioning away from the main server?
Nothing. It is fully transparent to everyone. Your followers won't notice, and you won't notice. Everything Just Works.
So if you port your stuff and blusky bans you, you keep all your posts, all your friends posts, all your groups' info, all your DMS, everything..
.. and the only thing that happens is you can't send data to/through blusky (or receive?) any more and and new data ?
I'd like to test this, any way to get someone from blusky to ban an account to test this?
> you keep all your posts
Yes, but there are some small caveats to how this works exactly, based on the architecture. I'll get to it.
> all your friends posts
Your friends weren't banned, you don't have their posts in the first place.
> all your DMS
AT is 100% public, there are no DMs.
> you can't send data to/through blusky (or receive?) any more and and new data ?
Okay so, we have to talk about the architecture of BlueSky here. There's a few moving parts:
* PDS: personal data server. This holds your posts and such. Before this announcement, BlueSky ran the only PDS. What's happened today is that new PDSes are able to federate with the BlueSky run PDS.
* Relay: this is a server that aggregates data from multiple PDSes. Relays replicate data from the PDSes, and present it as one firehose of information. In some sense, today's announcement is "BlueSky's Relay will now replicate data from PDSes other than theirs."
* App View: this is a service that takes the information from one or more Relays, combines it with whatever other things they care about, and presents the information to an end user. bsky.app is an App View.
I like to think about this like git and GitHub. Your PDS is like a git repository. BlueSky is like GitHub.
So, when BlueSky bans you, aka, when GitHub takes down your git repository on their site, what that means is that they have decided they no longer wish to host your PDS, and they don't let you use their App View. However, if you have a local copy of your PDS, you can simply host it elsewhere, and notify the relay of it, or join a PDS that's already federating with a known relay. Once you do that, you can resume posting. If you don't have a copy of the PDS, I believe you can reconstruct it from the copies that have been federated around the network, but this part is a bit fuzzy to me. Even then, saying "Hey my PDS lives over here now" means your new posts will still get pushed around the network, and the people following you will see them, but you may need to rebuild your following list.
It's also important to note that like, BlueSky's relay could say "never replicate posts from this PDS", but that's why there's multiple relays. If you don't like BlueSky's policies about their relay or app view, use one that implements the policies you care about.
> I'd like to test this, any way to get someone from blusky to ban an account to test this?
This is one step towards realizing this future; for now you have to manually tell BlueSky to federate with your new PDS. The truly federated network is sloooowly coming online. So things will get there.
Can a server hosting an account read all of the data belonging to that account?
The feature I'd like to see from federated social network like this is encrypt everything to keys only held client side (in the style of keybase), so servers can't read content (only some surrounding metadata so they know which other servers to communicate with about the content).
> Bluesky is a public social network.
> The AT Protocol, which Bluesky is built on, is designed to support public conversations.
Ah, ok.
How does this handle spam?
IIUC the main defense is choice over your own feed + moderators on the feed you choose.
Is this why DMs are not supported? Because there wouldn't be a good spam protection mechanism?
I wish I knew more about how one would stop instances full of malicious spam bots from flooding the services, but as for DMs, my understanding is the fact that everything is public through the AT protocol is probably why it doesn't yet have DMs (though maybe through public key crypto, one could have something). Maybe in the future, BlueSky will allow for messaging by tying accounts to some messaging protocol or services.
Apparently, DMs are low priority: https://github.com/bluesky-social/social-app/issues/1114
The real question:
How many of the well know personalities will abandon Mastodon for this?
Mastodon has a surprising number of famous personalities. Many popular open source developers live there. Lots of well known people in math/science (Terry Tao, etc). Lots of authors (Greg Egan, Neil Gaiman, etc). Lots of open source orgs.
Will they be willing to move networks yet again? Twitter made them unhappy. Will Mastodon be so poor (and Bluesky more superior) to get them to move again?
Live and die by network effects.
> Live and die by network effects.
If I have my facts straight, they have gone from 2M to 5M users since they opened to the public just 17 days ago.
And btw, using Neil Gaiman as an example, he is prolific on Bluesky. He has 861 posts on Mastodon, vs 4.5k on Bsky. He seems to have already made the move to a large extent.
It depends which one 100x’s the other
Given that there are some so-called Twitter / X alternatives and options to choose from like Threads, Mastodon and Bluesky and are now open for registration, we can now see which platform the most users will choose to go to if a major destructive change happens on X.
Once that happens we now wait for the platform that has the most sign ups.
It's no longer just about Twitter.
Meta yesterday integrated Threads with Facebook allowing you to cross post and almost every week they are deepening the integration with Instagram.
They are clearly trying to broaden the user base to include the other few billion who never signed up for Twitter.
> Your Mastodon timeline is only made up of posts from accounts you follow, and does not pull together posts from the whole network like Bluesky’s custom feeds.
This seems like a major win for Mastodon. Bluesky is clearly spinning this as a positive, however, so what am I missing?
These are optional things that you choose, and you can even write yourself. The default feeds are "posts of accounts you follow," just like Mastodon, so it's a positive because it's extra possibility on top.
As a meaningful example: someone (not BlueSky themselves, I don't believe) published a "Quiet Posters" feed. I have subscribed to that. Now, in addition to "Following," and "For You," I have a "Quiet Posters" feed. This exclusively shows posts by people who don't post very often. Since subscribing to it, I have seen a lot more content from the folks who aren't as chatty as the people who fill up my timeline. That's very nice.
Is there any good reason not to implement activity pub on top of bluesky? It seems that with all the twitter alternatives out there that are actively promoting federation as a thing, job #1 ought to be federating with each other.
See this thread: https://news.ycombinator.com/item?id=39471556
Why do people value their data so highly?
Can’t you just be ephemeral and delete your posts after a few days? Seems like nothing good comes from having a huge history of things you posted on a social network.
10 months later, this description of Bluesky is still accurate: https://fiatjaf.com/ab1127fb.html
In fact, it's mostly inaccurate.
> "the protocol has an official webpage with a waitlist and a private beta?"
Both the waitlist and the private beta are gone.
> "The “protocol” is just a description of whatever the Bluesky app and servers do, it can and does change anytime the Bluesky developers decide they want to change it"
1. atproto is well documented and the plan and desire is to make it a proper internet standard.
2. There are hundreds of independent projects relying on the protocol to create alternative clients and custom feeds (algorithms).
3. The protocol includes namespaced schemas so that different apps can evolve without breaking each other e.g. the "app.bsky" namespace is for the Bluesky microblogging app.
> "The “DID Placeholder” method..."
There is already support for did:web and plans to support other DID methods, including potentially (non-POW) blockchain methods.
> "All posts go through the Bluesky central server..."
All posts go through any Relay that anyone cares to operate. It's also possible to fetch posts directly form the origin PDS host, it's just slower and results in more load on the PDS.
> "And you, as a reader, doesn’t have any control of what you’re reading from either..."
Apps are in full control over where they get posts from. An app can enable users to select a Relay/AppView or fetch posts directly from the origin PDS.
> "But I fail to see why even more than one network provider will exist,..."
People may want to operate their own Relay/AppView services so they have more control for their specific application, for higher performance (latency/throughput) reasons, or for geographic/jurisdictional reasons, to name a few.
And the compute/network requirements are not beyond the capabilities of small startups, non-profits, coops, or public services and likely never will be.
Without JavaScript there is no text but only the footer. Quite weird.
I haven't followed the tech of Bluesky or the AT Protocol closely: does this step mean that people can now set up their own Bluesky instances? Where can I see one in the wild?
Bluesky doesn't have "instances", it has PDSes, Relays, and AppViews. People can run their own PDSes but PDSes are kind of invisible so you won't "see" them. You'll just see the whole Bluesky network as usual.
What I mean is: where is the website other than bsky.app where I can see content from the network?
The bsky.app web app is a JavaScript app that runs in a browser. It talks to an AppView (API server) which talks to a Relay which talks to all PDS hosts on the network.
There are other clients for Bluesky that do the same thing as the bsky.app web app: https://docs.bsky.app/showcase?tags=client
Does anyone know how this differs from the Nostr protocol?
Nostr is relays + clients.
BlueSky is PDS + relays + clients.
If you look at the history of Nostr and try to really understand the protocol, where it came from and what it was trying to solve, Nostr was also meant to work on a PDS + relay model, except it degenerated to the point where most Nostr app developers are simply writing Javascript browser apps that use relays as a "poor man's cloud", sort of, without any consideration for achieving self-sovereignty of the user.
"I save the data in the 6 most popular Nostr relays and done." is what 99% of the so called "Nostr apps" do. Sounds good in theory, until it is not. Relays were really meant to be treated as ephemeral actors, that come and go, and data was meant to be stored somewhere the user was in control of, but instead, relays are treated as some sort of reincarnation of IPFS, where you save your data and have it safe forever.
Bluesky seems to solve this by introducing the concept of PDS. It's not like PDSes cannot be built for Nostr - there are indeed some Nostr apps that work using the PDS model - save the data in a place the user has complete control of, and then propagate it to relays. The benefit of Bluesky seems to me that it formalizes the concept of PDSes, so that app developers don't have to think about it and cannot mistake the relays for PDSes.
It's free of any association with cryptocurrency for one thing.
I was asking about protocol, not content.
Self hosting your Postings is really a Fediverse Killerfeature. But it should be as simple as storing it on my shared hosting space.
This would have been formidable if only it weren't a year late. The height of transition from X/Twitter is over.
I believe that they have gone from 2M to 5M users since they opened to the public 17 days ago. All is not lost.
When do you think Bluesky will be officially a broad public social media network? It seems rather niche at this point
What do you define as "broad"? I'm not going to claim BlueSky is mega popular, but to put a number on it, hit 5 million users today. That's not huge, but it's also not small.
What is the point of hosting your own data? You don't gain anything from that, right?
Other people can't delete your account or your data. (They can moderate it into oblivion instead.)
They only do IPv4, right? At least the only mention v4 addresses on the GitHub page.
For now, yes, our network services are IPv4 only.
What happens when the bots show up? Do they have anything to defend against that?
Yes, we have an "AutoMod" system and other protections in place. But it is a cat-and-mouse game, so we expect it to be one of the challenges. But because the network is completely open, it's also something anyone who is interested can help with.
Bluesky has the technology, now it just needs the network, which is the hard part.
I love Bluesky, but not having DMs is a deal breaker!
This is really cool but I think "improving" social media is just going deeper into the hole. The incentives are just too perverse and hosting stuff is too expensive.
Interesting. What's this hole? I used Reddit and HN for a decade without complaint (well, the quality of Reddit nosedived a few months ago). Seems to me like they can last pretty long without perverse incentives. Bbcode forums have often been nice too.
Just registered on Bluesky, deliberately didn't choose News or Politics as an interest, and the first post on my feed is about Donald Trump.
There is no escape...
C'mon ya'll just use AP?
I am not interested in Mastodon and interested in Bluesky partially due to the differences in protocol. "just use AP" isn't interesting. This is.
(To me! others feel the exact opposite. Diversity is good here.)
This is good and all but, sigh are we really celebrating letting self hosting get into the hands of bad actors to federate with Bluesky?
And don’t say “lets defederate with said bad actors” since they would still exist and anyone can join said bad actors instances.
It’s akin to telling antelopes surrounded by lions to close their eyes and the lions are ‘gone’ yet the lions still exist around them.
This is entirely by design:
> Moderation on Bluesky is not tied to your server, like it is on Mastodon. Defederation, a way of addressing moderation issues in Mastodon by disconnecting servers, is not as relevant on Bluesky because there are other layers to the system. Server operators can set rules for what content they will host, but tools like blocklists and moderation services are what help communities self-organize around moderation preferences. We’ve already integrated block and mute lists, and the tooling for independent moderation services is coming soon.
The whole point is to decentralize moderation so that users aren't stuck with only the moderation provided by their host.
Decentralized moderation and the tools needed to support it are not solved problems but are instead ongoing projects. Block and mute lists clearly won't be sufficient to enable robust decentralized moderation so it will he interesting to see how support for third party content filters get implemented.
> And don’t say “lets defederate with said bad actors” since they would still exist and anyone can join said bad actors instances.
Er... fine, and who cares? If everyone defederates (slightly more a nuclear option on Bluesky than Mastodon but still I think possible?), then, well, the bad instance is its own problem.
Or are you saying that even an unfederated instance with bad people would be bad? Like, the only solution there is to ban all open-source social networking software.
Your argument against federation and open communication is that bad people might use it? What's to stop bad people from using the main Bluesky instance?
It's always porn, or political extremism. Nobody opposes literal spams, but the definition of former two depends on cultural backgrounds and there will always be demonization around those.
There is a form of moderation on the main instance.
A self hosted instance will have no such moderation.
A self hosted instance will have whatever moderation the host chooses to implement (such as CSAM monitoring if required by law.)
On top of that, user defined moderation will be applied from block and mute lists. Hopefully this will include using 3rd party lists and eventually, user specified content filters.
> A self hosted instance will have no such moderation.
Maybe I'm missing something here. Are the federated instances less functional than the main instance? Is this some kind of weird freemium thing they're doing? (I'm actually asking, I'm not familiar with Bluesky much at all.)
I have not yet reviewed the code, but the federated instances should be equally as functional as the main instance. However, having the option of functionality does not mean that they will operate the same way.
Your parent is not making a technical claim, but a social one: that there will be instances that are effectively unmoderated, because the people who run it hold that up as some kind of ideal, and that that is a problem.
I do not share this opinion personally, but have seen many people express it, so I feel like I am representing it accurately.
In fact, I would go so far as to say that it's incorrect, and not just an opinion, because unlike in Mastodon, moderation is not tied to your instance. Of course, whoever owns an instance can decide to kick someone off of it, but that's not the primary moderation mechanism in BlueSky, which allows you to choose your own set of moderation tools, regardless of which instance you or anyone else belongs to. I linked to the main three posts to understand BlueSky's moderation stances and features upthread: https://news.ycombinator.com/item?id=39471973
> Your parent is not making a technical claim, but a social one: that there will be instances that are effectively unmoderated, because the people who run it hold that up as some kind of ideal, and that that is a problem.
Ah that makes sense. Thanks for reframing this. I don't particularly agree either, but I think I now understand the viewpoint better.
Bluesky is starting to look like an elaborate reboot of Mastodon with a fancy username redirect, but I'm guessing its technical aspects, while those are series of great achievements, were not the crucial part to its success so far; the part that worked was community building.
Nostr worked to some extent despite existence of Mastodon because Mastodon bodged that part. Mastodon took off because Twitter broke its community. Bluesky's successes is really making me feel that the first S of the abbreviation S.N.S. do stand for what it stands.
> Bluesky's successes is really making me feel that the first S of the abbreviation S.N.S. do stand for what it stands.
There's tons of alternate social media out there. Forums, Subreddits, Tildes, Discourse, Matrix, IRC, Mastodon, Lemmy, Usenet, and on and on. The truth is the S in SNS is always what social networks have been about.
And a lot of them failed for their technical shortcomings and many others from social aspects.
IRC failed in technical side due to the failure in committee development model around IRCv3, Reddit succeeded by sole social factor despite being a carbon copy of Digg. To me, Bluesky vs Mastodon, and also Twitter vs Mastodon situations seems closer to the latter, even with controversial waitlist and the big turmoil, respectively.
>used for 30+ years = failed
I don't understand why so many technical people equate monopoly with success. I use IRC every day.
Me as well...
I actually like that IRC is less 'noisey' then most social media (I generally only hang on a few low volume channels) with no 'feed' being shoved at me, no algorithm deciding what I 'should' see. I bop into more popular channels as needed, but for general use, I find the self-directed nature of IRC to be the 'perfect social media' for me...eg I see only what I'm interested in.
I hate Electronification, WebNonsensification, Discordification, ... as much as the next guy, but median user age incrementing every year for past 10+ years -> fail to me.