Based on his support of Nostr, #Mastodon and #ActivityPub should have nothing to do with him.
Nostr, and quite likely Blue Sky wants to make it impossible to ban or remove a users access for violating server or network policies. This is a recipe for rampant hate and bigotry, along with harassment and hate speech. Something twitter seemed designed to encourage from the very start.
@Susan_Larson_TN "In its latest update, Bluesky has added Thread Muting, so that you can mute notifications of conversations in which you have been mentioned. A few days ago, Bluesky was updated with content moderation for the first time. Users can now report a post as spam, hate content, copyright infringement, or illegal."
@strypey I hope you're right. But my reading of the ATproto docs — with "speech", "neutrality", and "protection from bans" mentioned front-and-center, while moderation does not even seem to be considered — makes me doubt it.
We've already heard that they want to be able to label toxic accounts and give users the ability to filter them out on the client end. That speaks to them not actually moderating shit, and putting the burden entirely on the end user.
It also speaks to them wanting to allow bad actors to flourish there.
@kichae > they want to be able to label toxic accounts and give users the ability to filter them out on the client end
Depending on the implementation, that sounds like a good feature. Some people in fediverse would love to be able to subscribe to a blocklist, so they're not relying entirely on their admins to screen out Bad Actors.
> putting the burden entirely on the end user
It also puts the *power* in the hands of the people using the network.
@strypey what I worry about is that on fedi, there are two layers of block: - account block - instance block / defederation
Admins/moderators block specific users, and if many are coming from specific instances, they get to block whole instances. Thus raising the cost — in very real terms (domain name, for example) — of allowing misbehaving users on an instance.
I don't see how that cost can be raised on BlueSky, even with "labels-based blocklists".
@strypey what's stopping a harasser from setting up a new account and continuing their harassment? Once they do, they have to be *again* labeled by someone and added to the blocklist. And again. And again.
On fedi every fedi admin knows or learns fast there's a trade-off between open signups and potential for abuse, which might lead to defederations. So people tend to keep their house in order, or the house gets put in quarantine.
@strypey on BlueSky, at least based on my reading of the protocol, all moderation will be per-account. No cost to having sockpuppet accounts, no cost to creating new accounts once old ones get labeled and added to blocklists.
Meanwhile, somebody has to maintain these blocklists. Somebody has to label these posts. This is real work, that now has to be done with a per-account resolution, instead of per-instance. That's the "burden on end user" mentioned by @kichae. @atomicpoet @Susan_Larson_TN
@strypey I'll add one more thing to this: fedi's model allows for somewhat effective moderation (no question it needs to improve!) while at the same time allowing for pseudonymity.
You can be pseudonymous on a reputable instance. Nobody will ask for your phone number, "real name", etc. because as long as you behave, there is no reason to. And if you misbehave, either you get booted off of the instance, or the instance gets defederated from.
@strypey effectively, instances on fedi are "proxies" for trust and reputation. You trust an instance to behave and if you see misbehaving users, you expect the instance to deal with them. Users can remain pseudonymous though.
I suspect BlueSky will struggle with it greatly because there is no such proxy for trust and reputation. It seems attached to the user account. And since creating a sockpuppet account is faster than moderating it… yeah.
@rysiek > on BlueSky, at least based on my reading of the protocol, all moderation will be per-account. No cost to having sockpuppet accounts, no cost to creating new accounts once old ones get labeled and added to blocklists
Ah, I see. I agree the lack of server-level moderation is a problem. Is this an unavoidable downside of full account portability? Is there any way for a protocol to enable both?
@strypey I don't think so, no. But as I keep saying, I would love to be proven wrong.
Yes, I believe this is an unavoidable downside to having full account portability with no moderation power put in the network's nodes (PDS's in case of BlueSky).
Basically, choose two: - full account portability - real pseudonymity - effective moderation
Let's call it "rysiek's triangle of moderation sadness".
@strypey as consider this very rough around the edges, though. It's more of a feeling than a well thought-through rule.
There are many more dimensions/sides possible that might be relevant here. For example: global consistency. Or is that included in "full account portability"? 🤔
It also hand-waves away the fact that "effective moderation" is somewhat hard to define. Effective for whom?
But I do think the general direction is roughly correct here.
This would be fine if every person got one domain name that they don't have to pay for. But as things stand, tying identity ownership to domain ownership forces people to pay protection money to a third party every year, or they lose their identity, and their posting history becomes invisible. This is a minor nuisance for the middle classes, but a major barrier to working class people.
Seven years ago, the international community made a commitment to halve the proportion of people living in extreme poverty and hunger between 1990 and 2015.
@miklo > The $4 (regular renewal price) per year for a low-cost domain
... at which registrars? I've been paying much more than that for my domains.
But the price is not really the point. Imagine having to pay each year to renew other forms of ID, like birth certificate, passport, or driver's license. Would anyone accept this?
basing account identity on domain identity one-to-one (as in: one domain name is one account) also breaks "real pseudonymity", as owning a domain name usually requires some form of ID and traceable money transfer.
@counterinduration I would say it indeed "breaks" full account portability — and I don't think that's moot (or a bad thing).
Full account portability ignores what identities are being hosted; the "reach" layer is where "blocking" happens. You could still move your accounts around anywhere you want, even if some people don't see it.
That's different from Zot, AFAIU, as Zot instance admins can block specific identities from using their instances.
@counterinduration imagine a protocol (ATproto might be that, reading the spec) where an instance/node/"personal data server" admins have no say and no tools to stop specific identities from being hosted on their nodes.
Anyway, "full account portability" probably needs a better term, and the whole thing is just a gut feeling type thing that I need to think through better. 😄
Allow users to configure An "allow list" - a list of CIDs they are willing to host or particpate in the discovery of. A "deny list" - a list of CIDs they do not want to host or participate in the d...
@rysiek > imagine a protocol (ATproto might be that, reading the spec) where an instance/node/"personal data server" admins have no say and no tools to stop specific identities from being hosted on their nodes
Nostr relay admins can ban identities, but that doesn't help if spinning up new identities is effortless, as you pointed out earlier.
@rysiek Idle thought; is there some way MAC addresses could be boiled into account creation? Such that you could see that accounts were coming from the same device, without being able to extract the MAC address or any other data about the device?
also, this is the wrong place to look for solutions in. A person having 50 well-behaving accounts accounts should be allowed to continue having 50 well-behaving accounts.
@rysiek > A person having 50 well-behaving accounts accounts should be allowed to continue having 50 well-behaving accounts
Agreed. I'm suggesting a way of identifying patterns of activity deriving from a single source, in case those 50 (or 500 or 5000) accounts are not well behaved. Not just in a speech sense either, this could be useful in mitigating DDOS attacks from within the network, for example.
@rysiek > I can trivially change my MAC address, there is even a GUI for it in my network management interface in my OS
Ok so it's not foolproof, but could it work against anyone who (like me) didn't know that was possible or how to do it? What if you also boiled the IP address into account creation as well, so you'd need to change both MAC and IP between each account creation to evade pattern recognition. That would add cost, right?
Aral Balkan
•#vc #ventureCapital #SiliconValley #SurveillanceCapitalism #BigTech
Ben Ramsey
•I did find this, though, which is somewhat relevant to this discussion.
Chris Trottier
•Which is a wild thing to say knowing what we know now.
Chris Trottier
•Sell it to everyone who uses Twitter and works on it.
That model works for many successful companies.
Chris Trottier
•Will he reply? Because I really want to know 🙂
Chris Trottier
•1. Subscriptions
2. Ads
3. Commerce/Transactions
Chris Trottier
•Glad to hear he regrets Twitter.
Sooo… when will Bluesky connect to multiple nodes?
Chris Trottier
•Chris Trottier
•Chris Trottier
•I agree.
I guess Bluesky should decentralize soon.
Chris Trottier
•That means they’re probably not coming to Bluesky either.
Chris Trottier
•meduz'
•MiKlo:~/citizen4.eu$💙💛
Susan Larson ♀️🏳️🌈🏳️⚧️🌈
•Nostr, and quite likely Blue Sky wants to make it impossible to ban or remove a users access for violating server or network policies. This is a recipe for rampant hate and bigotry, along with harassment and hate speech. Something twitter seemed designed to encourage from the very start.
Strypey
•"In its latest update, Bluesky has added Thread Muting, so that you can mute notifications of conversations in which you have been mentioned. A few days ago, Bluesky was updated with content moderation for the first time. Users can now report a post as spam, hate content, copyright infringement, or illegal."
https://9to5mac.com/2023/04/21/bluesky-moderation-new-features/
Nostr is a totally different situation. In a P2P network there are no server mods and everyone is their own moderator.
@atomicpoet
Bluesky social network gets moderation and other new features
Filipe Espósito (9to5mac)Michał "rysiek" Woźniak · 🇺🇦
•@Susan_Larson_TN @atomicpoet
Strypey
•> who is reviewing these reports? Who is responsible for these decisions?
Good questions. No idea yet. But the existence of these features makes me skeptical that...
@Susan_Larson_TN
> Blue Sky wants to make it impossible to ban or remove a users access for violating server or network policies
@atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•@Susan_Larson_TN @atomicpoet
Christopher
•It also speaks to them wanting to allow bad actors to flourish there.
They're not going to do shit to protect anyone except their investors.
@strypey@mastodon.nzoss.nz@Susan_Larson_TN@mastodon.online@atomicpoet@mastodon.social
Michał "rysiek" Woźniak · 🇺🇦
•@atomicpoet @strypey @Susan_Larson_TN
Strypey
•> they want to be able to label toxic accounts and give users the ability to filter them out on the client end
Depending on the implementation, that sounds like a good feature. Some people in fediverse would love to be able to subscribe to a blocklist, so they're not relying entirely on their admins to screen out Bad Actors.
> putting the burden entirely on the end user
It also puts the *power* in the hands of the people using the network.
(1/2)
@atomicpoet @rysiek @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
•- account block
- instance block / defederation
Admins/moderators block specific users, and if many are coming from specific instances, they get to block whole instances. Thus raising the cost — in very real terms (domain name, for example) — of allowing misbehaving users on an instance.
I don't see how that cost can be raised on BlueSky, even with "labels-based blocklists".
@kichae @atomicpoet @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
•On fedi every fedi admin knows or learns fast there's a trade-off between open signups and potential for abuse, which might lead to defederations. So people tend to keep their house in order, or the house gets put in quarantine.
@kichae @atomicpoet @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
•Meanwhile, somebody has to maintain these blocklists. Somebody has to label these posts. This is real work, that now has to be done with a per-account resolution, instead of per-instance. That's the "burden on end user" mentioned by
@kichae.
@atomicpoet @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
•You can be pseudonymous on a reputable instance. Nobody will ask for your phone number, "real name", etc. because as long as you behave, there is no reason to. And if you misbehave, either you get booted off of the instance, or the instance gets defederated from.
@kichae @atomicpoet @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
•I suspect BlueSky will struggle with it greatly because there is no such proxy for trust and reputation. It seems attached to the user account. And since creating a sockpuppet account is faster than moderating it… yeah.
@kichae @atomicpoet @Susan_Larson_TN
Strypey
•@rysiek
> on BlueSky, at least based on my reading of the protocol, all moderation will be per-account. No cost to having sockpuppet accounts, no cost to creating new accounts once old ones get labeled and added to blocklists
Ah, I see. I agree the lack of server-level moderation is a problem. Is this an unavoidable downside of full account portability? Is there any way for a protocol to enable both?
@kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•Yes, I believe this is an unavoidable downside to having full account portability with no moderation power put in the network's nodes (PDS's in case of BlueSky).
Basically, choose two:
- full account portability
- real pseudonymity
- effective moderation
Let's call it "rysiek's triangle of moderation sadness".
@Susan_Larson_TN @kichae @atomicpoet
Strypey
•> Let's call it "rysiek's triangle of moderation sadness"
I knew there was one of those 'choose any 2' triangles there! I just couldn't think what the third side was. Thanks for this insight.
@Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•There are many more dimensions/sides possible that might be relevant here. For example: global consistency. Or is that included in "full account portability"? 🤔
It also hand-waves away the fact that "effective moderation" is somewhat hard to define. Effective for whom?
But I do think the general direction is roughly correct here.
@Susan_Larson_TN @kichae @atomicpoet
Strypey
•> "effective moderation" is somewhat hard to define
True, but you know it when you see it, and particularly when you see it lacking ;)
@Susan_Larson_TN @kichae @atomicpoet
Strypey
•> I believe this is an unavoidable downside to having full account portability with no moderation power put in the network's nodes
How does the Zot/Zap/Streams network resolve this with Nomadic Identity?
@Susan_Larson_TN @kichae @atomicpoet
#Zap #Zot #Streams #NomadicIdentity #moderation
MiKlo:~/citizen4.eu$💙💛
But... #nomadic #identity, after all, does not have to be built into the protocol to be practically usable. If we base it on domain ownership and the server handles account creation on the user's domain ( #BringYourOwnDomain ) then we pretty much have it done (still a matter of migrating posts but that's already a small problem then).
And such a thing is supported by e.g. the #takahe project, compatible with mastodon api.
Strypey
•> If we base it on domain ownership
This would be fine if every person got one domain name that they don't have to pay for. But as things stand, tying identity ownership to domain ownership forces people to pay protection money to a third party every year, or they lose their identity, and their posting history becomes invisible. This is a minor nuisance for the middle classes, but a major barrier to working class people.
@atomicpoet @rysiek @kichae @Susan_Larson_TN
MiKlo:~/citizen4.eu$💙💛
The $4 (regular renewal price) per year for a low-cost domain (e.g. .uk) is an unaffordable amount for working class people ?
Note that one domain is often enough for an entire family, a group of friends, an organisation....
Michał "rysiek" Woźniak · 🇺🇦
•> Currently, 1 billion people worldwide live on less than one dollar a day, the threshold defined by the international community as constituting extreme poverty.
https://www.un.org/en/chronicle/article/surviving-pennies-we-must-help-worlds-most-deprived
@strypey @atomicpoet @kichae @Susan_Larson_TN
Surviving on Pennies: We Must Help the World's Most Deprived | United Nations
United NationsStrypey
•> The $4 (regular renewal price) per year for a low-cost domain
... at which registrars? I've been paying much more than that for my domains.
But the price is not really the point. Imagine having to pay each year to renew other forms of ID, like birth certificate, passport, or driver's license. Would anyone accept this?
@atomicpoet @rysiek @kichae @Susan_Larson_TN
Strypey
•> one domain is often enough for an entire family, a group of friends, an organisation
Not if you're using them as unique identifiers for portable accounts. For that, you need one per person.
@atomicpoet @rysiek @kichae @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
•@miklo @atomicpoet @kichae @Susan_Larson_TN
Michał "rysiek" Woźniak · 🇺🇦
Full account portability ignores what identities are being hosted; the "reach" layer is where "blocking" happens. You could still move your accounts around anywhere you want, even if some people don't see it.
That's different from Zot, AFAIU, as Zot instance admins can block specific identities from using their instances.
@strypey @Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
Kinda like IPFS, but for identities:
https://github.com/ipfs/js-ipfs/issues/2152
Anyway, "full account portability" probably needs a better term, and the whole thing is just a gut feeling type thing that I need to think through better. 😄
@strypey @Susan_Larson_TN @kichae @atomicpoet
Allow and deny lists for CIDs · Issue #2152 · ipfs/js-ipfs
GitHubStrypey
•> imagine a protocol (ATproto might be that, reading the spec) where an instance/node/"personal data server" admins have no say and no tools to stop specific identities from being hosted on their nodes
Nostr relay admins can ban identities, but that doesn't help if spinning up new identities is effortless, as you pointed out earlier.
(1/2)
@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Strypey
•Idle thought; is there some way MAC addresses could be boiled into account creation? Such that you could see that accounts were coming from the same device, without being able to extract the MAC address or any other data about the device?
(2/2
@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
@strypey @Susan_Larson_TN @kichae @atomicpoet
Strypey
•> A person having 50 well-behaving accounts accounts should be allowed to continue having 50 well-behaving accounts
Agreed. I'm suggesting a way of identifying patterns of activity deriving from a single source, in case those 50 (or 500 or 5000) accounts are not well behaved. Not just in a speech sense either, this could be useful in mitigating DDOS attacks from within the network, for example.
@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Strypey
•> I can trivially change my MAC address, there is even a GUI for it in my network management interface in my OS
Ok so it's not foolproof, but could it work against anyone who (like me) didn't know that was possible or how to do it? What if you also boiled the IP address into account creation as well, so you'd need to change both MAC and IP between each account creation to evade pattern recognition. That would add cost, right?
@counterinduration @Susan_Larson_TN @kichae @atomicpoet
Michał "rysiek" Woźniak · 🇺🇦
•they can be set by the user, they are not available to the server, and are not really available to the browser.
It makes zero sense to use MAC addresses in this context, at all.
@counterinduration @Susan_Larson_TN @kichae @atomicpoet