So... Has anyone on here actually talked with the people from the #SocialWebFoundation?
-
Raccoon at TechHub :mastodon:replied to Amber last edited by
@puppygirlhornypost2
Their website has language about concrete goals, which include encryption on private messages and better support for long form / rich text posts like those on CoHost or WordPress, which I would be in favor of. I think the most concerning thing here is that there are a couple companies listed as being involved who don't seem to be involved, namely Facebook/Threads... -
Amberreplied to Raccoon at TechHub :mastodon: last edited by
@[email protected] WHY PRIVATE MESSAGING OMG. That's fucking awful. Nobody needs E2EE haphazardly slapped on the protocol for a false sense of security with private messaging. You want encrypted private messaging? Go to literally any other platform fedi is not the place for that. I am actually pissed, there's no way in hell that I would want to administrate something like that. I have seen countless examples of Matrix home servers going wrong within this community due to a lack of moderation tooling. We're not talking just a couple racists we're talking about child sex trafficking, csam distribution... Ugh. That pisses me the fuck off. Rich text posts are a nicety to have, I'd really like for things to adopt markdown and not mfm (fuck mfm imo it's okay but it's not a markdown and it's definitely not something that's viable long term. it's a gimmick). I guess I missed their "mission" page. Now I'm even more furious, because none of this is going to help the fediverse be widely adopted.
We are at a turning point. Running an instance is a lot of fucking work, we lack moderation tooling (yes, every software currently out there has some sort of flaw when it comes to mod tools. Akkoma has some bulk moderation tooling but is also lacking in other areas). The last fucking thing we need is encrypted dms to be used as a tool for harassment. We already suffer enough with how you can't disable replies in a post. It is awful that this is used as a vector for harassment in combination with setting visibility to restricted modes (such as follower only, so that only the original author can see the bigoted comment and the fanbase of the bigot can also jump in). What the fuck were they thinking? This is some actual shit. Fuck . -
@[email protected] this is horrid. I am so glad I defederated them. Fuck that. All of it. This is not the type of "help" administrators such as you and I need. What we need is the ability to have legal counsel, something like the EFF to represent us. There’s so much unknown legally about having a fediverse instance. Starting with things like the media proxy. If it’s on your domain but pointing elsewhere is that still you hosting the content? This is important in places like Germany in which federated media can contain hate symbols such as swastikas. How about things like the requirements for running adult oriented communities? Of course they’d never touch on that. Meta and Automattic just ban them outright because it’s too much work. How about things like working on the underlying server implementations?
I have drafted gitlab issues that touched on major problems within the fediverses' current implementation far more useful to read than whatever this shit is. https://activitypub.software/TransFem-org/Sharkey/-/issues/620 Right here. Right fucking here. How about instead of implementing E2EE we standardize rate limit headers for fediverse software so that instead of literally exploding instances with THOUSANDS OF REQUESTS at once we maximize throughput by using a leaky bucket abiding by the ratelimits given. That would do so much more than any of these other shitty proposals to the network. Talk about fixing some federation issues, and making it easier for smaller instances to federate media and other stuff without being overloaded to death forcing operators to move to hyper scale level hardware to run a small 100 user instance. Jfc. It is actually horrifying that I have given more advice to the fediverse that starts the ball rolling on conversations than the SWF such as talking with @[email protected] about server side modules and getting iceshrimp.NET to implement them. Fuckkk I hate this -
@[email protected] @[email protected] How about we brainstorm a way of doing signatures in a way that allows each instance to act as a relay. If I am on instance A, I write a post my instance has to send it out to B & C. If C is in fucking Europe, while B is on the coast a lot closer to Europe than me in Central US... why can we not just have my instance send a post to B, and B forwards it to C to minimize latency. I get that what you want for this to happen is an initial key exchange. ie instance A talks directly to instance C to exchange keys so C can verify the notes have not been modified or altered during transit... There's so many things about the fediverse that need to be addressed in order to reduce the large amounts of traffic between instances. I get that is a hard problem to solve, I have talked about this with other people but you're looking at MULTI BILLION DOLLAR INTERNATIONAL CORPORATIONS so if anyone has the money to shove towards an entire dedicated team of cryptographic researchers to accomplish this it would be them.
No, of course we're going to just get fancy markdown nobody asked for. I can display Wordpress blogs perfectly fine. I've seen the blogposts, they render in my client absolutely fine. Sure they're a bit long, but they don't just break my instance or my client. God forbid we look at things like shared inboxes (TO THIS DAY NOT EVERY INSTANCE SOFTWARE SUPPORTS IT!! THIS WAS SUPPOSED TO HELP REDUCE NETWORK TRAFFIC TO MORE MANAGEABLE SIZES). my god there's so many much low hanging fruit even prior to big alteration to how instances federate. you don't have to sit there hiring a team of cryptography experts to implement basic rate limiting on /inbox. content moderation tooling is something you can provide via a variety of ways. One of which... @[email protected] made a program that attaches to the database called "modshark" and it's used as our automod. I am writing a C# library for misskey api with the emphasis on client development & a bot framework (as additional optional dependencies you can install) to help make mod bots and other contraptions. this is awful. -
@puppygirlhornypost2 @Raccoon @hazelnoot im not sure you'd really get much out of relaying. discovering which instances are online and their ping between each other would be immensely complex and fragile, and the benefit of 100ms faster inbox deliveries isn't that appealing when job queue delays can be more than that. it also partially breaks the only moderation tool we really have today (defederation) in allowing defederated instances to see our public posts
-
@mia @hazelnoot @Raccoon @puppygirlhornypost2 the fediverse has actively moved away from forwardable signatures precisely because they remove moderation agency from people
-
@[email protected] @[email protected] @[email protected] @[email protected] true. I guess this would actually aid in the authorized fetch bypass stuff i complain about. Well, scratch instance relaying the other stuff is still valid imo.
-
@[email protected] @[email protected] @[email protected] @[email protected] Like, I remember there being a similar discussion regarding thumbnail previews and just "trusting" an instance to generate a thumbnail preview, but then you got into MITM stuff. I see what you mean.
-
@mia @Raccoon @hazelnoot @puppygirlhornypost2 I'm not sure how much relays would help with anything, really - the only major issues I've seen with federation traffic overloading things are due to inefficient or overly heavyweight job queues (staring at Sidekiq in particular)
Oh, and the sheer size of media, but thats a traditional virality ddos -
@[email protected] @[email protected] @[email protected] @[email protected] I mean, the way to deal with job queues is ratelimiting. Right now we just have exponential backoffs but then they're limited so you end up with the same problem of like oh, the instance gets hammered 9 hours later. Meanwhile if you had instances abiding by each other's rate limit (instead of literally FLOODING requests until they get 429 or another status) you remove that burst of traffic and turn it into a trickle of manageable traffic.
-
@[email protected] @[email protected] @[email protected] @[email protected] hence why there is not a gitlab issue written by me about the relay stuff (because i think that is not really necessary) and more about the rate limit, shared inboxes and other approaches to minimize load. we also need to consider that at scale, cryptographic operations do start becoming expensive as you run out of entropy for generating keys (we have what, 30,000+ instances in the fediverse and that number is only going to grow)
-
@[email protected] @[email protected] @[email protected] @[email protected] Like we're already testing our luck with TLS on some of these instances that easily get >10,000,000 AP requests per day.
-
@puppygirlhornypost2 @mia @hazelnoot @Raccoon I've talked about supporting [RFC 6920](https://datatracker.ietf.org/doc/html/rfc6920) to spread the media processing load before but this really makes media impossible to ever retract
-
BeAware :fediverse:replied to Raccoon at TechHub :mastodon: last edited by
@Raccoon what do you mean they're "not" involved? They're on the advisor team... A.k.a. they're the financial backing...
-
WHY PRIVATE MESSAGING OMG.
Because Evan and Tom got a grant from Ethereum Foundation to implement E2EE for AP.
(I agree with you that it's a terrible idea for everybody but Evan and Tom, I just wanted to give the background as to why.)
@[email protected] @[email protected] -
kouhai, Breaker of Cachesreplied to Amber last edited by
@puppygirlhornypost2 @erincandescent @mia @Raccoon @hazelnoot I don’t think that’s a particularly big issue?
cryptographic RNGs don’t just run out of entropy because they get reseeded periodically. this happens automatically [ref: https://docs.openssl.org/1.1.1/man3/RAND_DRBG_reseed/#description].
the cpu time for TLS/pk ops, sure, that’s a concern. but not that
honestly, wrt e2e, I’m more concerned that we’re going to get a design that’s objectively worse than soatok’s well thought out draft.
https://soatok.blog/2024/09/13/e2ee-for-the-fediverse-update-were-going-post-quantum/
-
kouhai, Breaker of Cachesreplied to kouhai last edited by
@puppygirlhornypost2 @erincandescent @mia @Raccoon @hazelnoot holy shit just give soatok $250,000 to spend a year doing this.
like. do we want matrix. I suspect we’re just going to get “Messages can't be decrypted by receiver (session key missing)” social whatever foundation edition, now with more Automattic Matt funding
-
@[email protected] @[email protected] @[email protected] @[email protected] @[email protected] it depends on the hardware. Modern hardware? Sure that’s not a problem but older hardware does tend to run out of entropy faster than it can replenish it. Of course the last time I heard this being an issue was like 2014 so
-
@puppygirlhornypost2 @mia @hazelnoot @kouhai @Raccoon entropy exhaustion is a stupid concept (you can't destroy entropy! This is basic thermodynamics!!) promulgated by the fact that the Linux RNG was badly designed for a long time and had stupid "entropy accounting"
The RNG no longer "depletes" entropy -
The last fucking thing we need is encrypted dms to be used as a tool for harassment.
As per the actual work (and not just saying things) that Saotok and others have been doing, this would not be like Signal, content would be report-able and forward-able to instance admins if it goes against rules. It is to protect general conversations but not preventing the reporting of content; It is not and was never intended to be a Signal alternative.
There are concerns to be had about how content will be forwarded to administrators as you do not wanna just send out potentially illegal content (e.g csam) to other servers, as that'd count as distribution, but the general idea is to have a working report function.
I do not intend to downplay existing issues with Fedi and moderation, but the foundation is claiming work as theirs without proper transparency on what the goals are based on actual work actual contributors have already done before the foundations existence, leading to a skewed image of what some of these initiatives are supposed to be.
E2EE for AP is **not supposed to be confidential nor is it supposed to provide secrecy.** It is supposed to give a basic layer of privacy whilst still allowing content to be reported. Please see this to understand what I mean.