So... Has anyone on here actually talked with the people from the #SocialWebFoundation?
-
@[email protected] @[email protected] How about we brainstorm a way of doing signatures in a way that allows each instance to act as a relay. If I am on instance A, I write a post my instance has to send it out to B & C. If C is in fucking Europe, while B is on the coast a lot closer to Europe than me in Central US... why can we not just have my instance send a post to B, and B forwards it to C to minimize latency. I get that what you want for this to happen is an initial key exchange. ie instance A talks directly to instance C to exchange keys so C can verify the notes have not been modified or altered during transit... There's so many things about the fediverse that need to be addressed in order to reduce the large amounts of traffic between instances. I get that is a hard problem to solve, I have talked about this with other people but you're looking at MULTI BILLION DOLLAR INTERNATIONAL CORPORATIONS so if anyone has the money to shove towards an entire dedicated team of cryptographic researchers to accomplish this it would be them.
No, of course we're going to just get fancy markdown nobody asked for. I can display Wordpress blogs perfectly fine. I've seen the blogposts, they render in my client absolutely fine. Sure they're a bit long, but they don't just break my instance or my client. God forbid we look at things like shared inboxes (TO THIS DAY NOT EVERY INSTANCE SOFTWARE SUPPORTS IT!! THIS WAS SUPPOSED TO HELP REDUCE NETWORK TRAFFIC TO MORE MANAGEABLE SIZES). my god there's so many much low hanging fruit even prior to big alteration to how instances federate. you don't have to sit there hiring a team of cryptography experts to implement basic rate limiting on /inbox. content moderation tooling is something you can provide via a variety of ways. One of which... @[email protected] made a program that attaches to the database called "modshark" and it's used as our automod. I am writing a C# library for misskey api with the emphasis on client development & a bot framework (as additional optional dependencies you can install) to help make mod bots and other contraptions. this is awful. -
@puppygirlhornypost2 @Raccoon @hazelnoot im not sure you'd really get much out of relaying. discovering which instances are online and their ping between each other would be immensely complex and fragile, and the benefit of 100ms faster inbox deliveries isn't that appealing when job queue delays can be more than that. it also partially breaks the only moderation tool we really have today (defederation) in allowing defederated instances to see our public posts
-
@mia @hazelnoot @Raccoon @puppygirlhornypost2 the fediverse has actively moved away from forwardable signatures precisely because they remove moderation agency from people
-
@[email protected] @[email protected] @[email protected] @[email protected] true. I guess this would actually aid in the authorized fetch bypass stuff i complain about. Well, scratch instance relaying the other stuff is still valid imo.
-
@[email protected] @[email protected] @[email protected] @[email protected] Like, I remember there being a similar discussion regarding thumbnail previews and just "trusting" an instance to generate a thumbnail preview, but then you got into MITM stuff. I see what you mean.
-
@mia @Raccoon @hazelnoot @puppygirlhornypost2 I'm not sure how much relays would help with anything, really - the only major issues I've seen with federation traffic overloading things are due to inefficient or overly heavyweight job queues (staring at Sidekiq in particular)
Oh, and the sheer size of media, but thats a traditional virality ddos -
@[email protected] @[email protected] @[email protected] @[email protected] I mean, the way to deal with job queues is ratelimiting. Right now we just have exponential backoffs but then they're limited so you end up with the same problem of like oh, the instance gets hammered 9 hours later. Meanwhile if you had instances abiding by each other's rate limit (instead of literally FLOODING requests until they get 429 or another status) you remove that burst of traffic and turn it into a trickle of manageable traffic.
-
@[email protected] @[email protected] @[email protected] @[email protected] hence why there is not a gitlab issue written by me about the relay stuff (because i think that is not really necessary) and more about the rate limit, shared inboxes and other approaches to minimize load. we also need to consider that at scale, cryptographic operations do start becoming expensive as you run out of entropy for generating keys (we have what, 30,000+ instances in the fediverse and that number is only going to grow)
-
@[email protected] @[email protected] @[email protected] @[email protected] Like we're already testing our luck with TLS on some of these instances that easily get >10,000,000 AP requests per day.
-
@puppygirlhornypost2 @mia @hazelnoot @Raccoon I've talked about supporting [RFC 6920](https://datatracker.ietf.org/doc/html/rfc6920) to spread the media processing load before but this really makes media impossible to ever retract
-
BeAware :fediverse:replied to Raccoon at TechHub :mastodon: last edited by
@Raccoon what do you mean they're "not" involved? They're on the advisor team... A.k.a. they're the financial backing...
-
WHY PRIVATE MESSAGING OMG.
Because Evan and Tom got a grant from Ethereum Foundation to implement E2EE for AP.
(I agree with you that it's a terrible idea for everybody but Evan and Tom, I just wanted to give the background as to why.)
@[email protected] @[email protected] -
kouhai, Breaker of Cachesreplied to Amber last edited by
@puppygirlhornypost2 @erincandescent @mia @Raccoon @hazelnoot I don’t think that’s a particularly big issue?
cryptographic RNGs don’t just run out of entropy because they get reseeded periodically. this happens automatically [ref: https://docs.openssl.org/1.1.1/man3/RAND_DRBG_reseed/#description].
the cpu time for TLS/pk ops, sure, that’s a concern. but not that
honestly, wrt e2e, I’m more concerned that we’re going to get a design that’s objectively worse than soatok’s well thought out draft.
https://soatok.blog/2024/09/13/e2ee-for-the-fediverse-update-were-going-post-quantum/
-
kouhai, Breaker of Cachesreplied to kouhai last edited by
@puppygirlhornypost2 @erincandescent @mia @Raccoon @hazelnoot holy shit just give soatok $250,000 to spend a year doing this.
like. do we want matrix. I suspect we’re just going to get “Messages can't be decrypted by receiver (session key missing)” social whatever foundation edition, now with more Automattic Matt funding
-
@[email protected] @[email protected] @[email protected] @[email protected] @[email protected] it depends on the hardware. Modern hardware? Sure that’s not a problem but older hardware does tend to run out of entropy faster than it can replenish it. Of course the last time I heard this being an issue was like 2014 so
-
@puppygirlhornypost2 @mia @hazelnoot @kouhai @Raccoon entropy exhaustion is a stupid concept (you can't destroy entropy! This is basic thermodynamics!!) promulgated by the fact that the Linux RNG was badly designed for a long time and had stupid "entropy accounting"
The RNG no longer "depletes" entropy -
The last fucking thing we need is encrypted dms to be used as a tool for harassment.
As per the actual work (and not just saying things) that Saotok and others have been doing, this would not be like Signal, content would be report-able and forward-able to instance admins if it goes against rules. It is to protect general conversations but not preventing the reporting of content; It is not and was never intended to be a Signal alternative.
There are concerns to be had about how content will be forwarded to administrators as you do not wanna just send out potentially illegal content (e.g csam) to other servers, as that'd count as distribution, but the general idea is to have a working report function.
I do not intend to downplay existing issues with Fedi and moderation, but the foundation is claiming work as theirs without proper transparency on what the goals are based on actual work actual contributors have already done before the foundations existence, leading to a skewed image of what some of these initiatives are supposed to be.
E2EE for AP is **not supposed to be confidential nor is it supposed to provide secrecy.** It is supposed to give a basic layer of privacy whilst still allowing content to be reported. Please see this to understand what I mean.
-
@[email protected] wow this gets worse the more i hear about it, because i support Saotok. I can't believe the foundation is just spewing shit.
-
I initially gave the SWF a pass despite it's connections but with their page on E2EE being so vague that it gets misinterpreted like this and causes a massive hellthread is a sign that they're not up to the task
They NEED to be clear with their goals. Not making the distinction between Privacy and Secrecy on their page about E2EE in AP as well as many other mishaps that have already happened has caused nothing but confusion and outrage
Not to mention, whilst the general idea of their goals are nice and all, they do not represent the wider community, and they ESPECIALLY do not represent what actual Fediverse admins are lacking (as you outlined quite clearly)
So far, quite a failure.
-
Also, Mallory's graduate research is on encryption interoperability. She's on the board of LEAP Encryption Access Project which does LEAP VPN.
@[email protected] @[email protected]