2017-09-04 UTC
cdchapman joined the channel
# 06:20 rhiaro jaywink, cwebber2: should ActivityPump in that grid be pumpio? xmpp-social joined the channel
# 06:44 xmpp-social [ajordan] That seems to match the implementations I know about dlongley joined the channel
# 14:41 cwebber2 Submitted the "ActivityPub: From Decentralized to Distributed Social Networks" papers to lobste.rs and Hacker News, let's see if anyone picks it up (yes, HN has its problems, but I'll still submit stuff there anyway ;P) timbl joined the channel
# 19:34 xmpp-social [ajordan] cwebber2: upvoted :-) # 19:35 xmpp-social [ajordan] <3 lobste.rs # 19:38 cwebber2 honestly I'm not sure lobste.rs will stay any better than HN once it scales up though # 19:39 cwebber2 you still see the same annoying behavior show up from time to time # 19:40 cwebber2 eg Reddit a decade ago is nothing like Reddit today is # 19:41 xmpp-social [ajordan] Yeah definitely but in the meantime it's nice # 19:41 xmpp-social [ajordan] The invites system helps too I think # 19:41 xmpp-social [ajordan] lobste.rs is free software I believe so # 19:42 cwebber2 I recently read the section on Usenet from (itself often problematic though also sometimes entertaining and informative) The Unix Hater's Handbook # 19:42 cwebber2 and it's like, wow, all the complaints being made about Usenet here apply to social networks today # 19:42 xmpp-social [ajordan] I think a model we might see in the future is lots of little lobste.rs-like sites (I mean, probably running some different codebase) # 19:43 xmpp-social [ajordan] Then you scale horizontally, not vertically, and you avoid the Orange Site problems # 19:43 xmpp-social [ajordan] Or the other way around; I never quite understood those terms # 19:43 cwebber2 yeah... recently Reddit closed down their open source implementation, did you see btw? and Reddit is pretty much very similar to the design of HN, Lobste.rs, etc # 19:43 xmpp-social [ajordan] Ah no I didn't. That's a bummer # 19:43 cwebber2 so in practice practically nobody ran their own reddit # 19:44 xmpp-social [ajordan] Hope someone saved the source # 19:44 xmpp-social [ajordan] Right # 19:44 cwebber2 the backend to that at least at one point was libre iirc # 19:44 xmpp-social [ajordan] But to be clear I'm talking about lots of little sites that explicitly do not federate # 19:44 xmpp-social [ajordan] I'm not so sure either but I bet people will try it # 19:45 xmpp-social [ajordan] Well lobste.rs is trying it in a sense. They're staying small cause of the invite system # 19:46 cwebber2 at this point there are a bunch of Discourse sites I might want to communicate on # 19:46 cwebber2 but it's a PITA because my identity doesn't really span them # 19:46 cwebber2 and GitLab sites are good instances of where you might justify "your own community" # 19:48 cwebber2 eventually plenty of those phpbb communities moved to subreddits # 19:51 ajordan cwebber2: ah no but I think forums and Discourse are fundamentally different than lobste.rs # 19:51 ajordan definitely 200% agree with you that those not federating is a bummer # 19:52 ajordan but link aggregation is different because the entire discussion is centered around something external # 19:52 ajordan in other words the canonical work under discussion in forums, Dicsourse etc. is the discussion itself # 19:53 ajordan but with link aggregators you have a discussion about a work whose canonical source is elsewhere # 19:56 cwebber2 I agree that there are differences, though the differences are mostly in intent/presentation than in structure # 19:57 cwebber2 phpbb is a bit more off because it doesn't have the same reputation/voting systems # 19:58 ajordan intent and structure have far-reaching impacts tho # 19:58 cwebber2 one fun question might be "how could you do something like reddit/hn/lobsters/discourse in AP?" And the main challenge IMO is the voting system # 19:59 cwebber2 sandro: not really, but the challenge is in how it's "decided" on what rises to the top # 19:59 cwebber2 you probably wouldn't have a collection that's ordered on insertion order to represent it # 19:59 ajordan and maybe also who is the canonical arbiter of votes, if there is one # 20:00 ajordan i.e. who "counts" votes? the server with the original post? each participant's server? # 20:00 cwebber2 yeah you'd probably want to be able to assign an arbiter to such a RankedOrderedCollection # 20:00 jaywink in a relational db it's easy - just count the likes and order_by ;) # 20:00 csarven could put it on blockchain to not have a bottleneck. # 20:01 ajordan there's also other interesting social problems, see for example the bandwagon problem(?) # 20:01 cwebber2 a decentralized ledger that doesn't have mining cpu costs might not actually be the worst for this # 20:01 sandro Everyone should count the votes they can find for themselves. Anything else turns into more silos. # 20:02 ajordan cwebber2: but then how do you deal with sybil attacks # 20:02 sandro you only count people you have a social connection to, somewhere in the graph. Anyone else is probably a bot anyway. # 20:02 ajordan unless by "decentralized ledger" you didn't mean in a strict P2P sense # 20:03 sandro right. that's the only way anything has ever worked in the history of civilization, as far as I can tell. # 20:03 cwebber2 ajordan: web of trust doesn't necessarily mean keysigning parties :) # 20:03 sandro ajordan, EVERYTHING already is web-of-trust. They're just degenerate ones, by and large. # 20:04 ajordan cwebber2: keysigning parties aren't the only things wrong with PGP's WoT model # 20:04 sandro offline is way harder, for sure -- eg keysigning. If everyone's online, you don't even need any public key crypto. # 20:05 cwebber2 I said web of trust, not "PGP web of trust, want to have a not fun time sending email" # 20:06 ajordan cwebber2: yes to be clear I can see non-PGP WoT models workign # 20:06 ajordan uhhh it was submitted to PRISM Break I think but I don't know a ton about it # 20:06 cwebber2 and I don't mean a young woman crawling out of a screen to give you a choice between death or spreading death # 20:07 cwebber2 ajordan: it's prety nice; it actually works and uses a very simple to understand web of trust # 20:08 cwebber2 this isn't as crazy as it sounds, a bunch of us old timers probably remember copying around ICQ numbers that weren't human readable # 20:08 ajordan yeah Tox works like that too, UIDs are onion service addresses # 20:09 cwebber2 so that doesn't give you a way to migrate your identity in case you lose your keys or upgrade them but # 20:09 cwebber2 it does give you a good idea that a web of trust can actually have good UX # 20:09 puckipedia <cwebber2> this isn't as crazy as it sounds, a bunch of us old timers probably remember copying around ICQ numbers that weren't human readable <- I, ehm, *looks up ICQ number* # 20:10 puckipedia at least I need to look up which email it's linked to # 20:12 Loqi [sedrubal] > But yes, absolutely.
Wow, stop! This was a rhethorical question, you can't answer "yes". - But that's an other thing. ;)
> Just Work™
Ok, I understand that. But you have to try smssecure. It works as good as TextSecure (and Whatsapp, or howeve... # 20:12 ajordan "you can't answer that rhetorical question with a different answer than we were expecting!" # 20:13 ajordan all I know about ICQ is that it's one of the thousand protocols that libpurple (shudder) supports # 20:14 cwebber2 ajordan: it pretty much set the direction for instant messaging as it's known today # 20:15 cwebber2 ajordan: anyway I agree that key management should mostly be hidden from users but I also think there's a variety of ways to do that # 20:15 cwebber2 ajordan: the fingerprint is something you could see under "advanced" but like SSL certs most people aren't going to click to go looking for it # 20:17 ajordan I've forgotten what they call it but Signal adopted the same model FWIW # 20:18 cwebber2 one thing they suggested in there, which I heard before but didn't really stick with me until this time # 20:19 cwebber2 is that if you have your friends on a web of trust, but then for people who aren't on your web of trust you require that they do some small payment that goes directly to you (but you have the option of refunding if you do trust the person) # 20:19 cwebber2 is that spam and social pile-on harassment would disappear # 20:19 ajordan tl;dr key changes are allowed up until you actually verify the other person's fingerprint, then it's TOFU # 20:20 cwebber2 I was very dismissive of that idea previously but I've been thinking about it more # 20:20 cwebber2 want to ping me without being in my WoT? That's $.05 which I may or may not refund # 20:21 ajordan btw gotta cut this discussion short in ~10 minutes to go to the gym # 20:21 jankusanagi_ are you sure you can trust him? he's 19... =) timbl joined the channel
# 21:19 jankusanagi_ not to be confused with and interesting 15-hit combo!! =)
xmpp-social [ajordan] That seems to match the implementations I know about
Loqi Rhiaro made 1 edit to [[Socialwg/2017-09-05]] https://www.w3.org/wiki/index.php?diff=104147&oldid=104110
cwebber2 the world remains both large and small https://lobste.rs/s/pak8kc/activitypub_from_decentralized#c_vibhoi
