• bloom_behind_a_window@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    Yous are hyping it a basic verification system which can’t be bought and is handed out for the sake of showing credibility is a good thing

    • NoSuchAgency@reddthat.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      The sake of credibility? What decides that though? Likes? Likes are a big problem imo. It doesn’t really do anything except create echo chambers.

      • lemonaz@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        IMO it’s not that blue check equals credibility, but rather it equals that you are who you say you are. This is a good thing particularly when it comes to public figures/officials — not for their sake, mind you, but for the sake of other people who may see a tweet from them. If the checkmark is there, then it’s them. If not, then it’s an impersonator. Right now it’s difficult to tell.

        Tl;dr: it doesn’t make what they say real, it just makes them real.

  • einkorn@feddit.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    Bluesky, the decentralized social network […]

    Were only one instance exist or did I miss something?

    • Pirata@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      I think their initial selling point was that Eventually©®™ Bluesky would federate with the rest of the Fediverse.

      Is anybody really surprised that a social media corporation didn’t make it their utmost priority to allow their userbase to connect out of their proprietary platform?

      • Natanael@infosec.pub
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        They never said they’d do so natively with other protocols - but they support Bridgy, so you already can do that.

        • Pirata@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          Interesting how other instances of the fediverse have no such restrictions. It’s almost as if they want to make it as difficult as possible so that people just don’t federate.

          • Natanael@infosec.pub
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            There’s literally no restrictions other than simple rate limiting, which you can ask for exceptions for.

            I don’t know a Mastodon/lemmy server which wouldn’t rate limit new peers

    • InfiniteHench@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      3 months ago

      As I understand it, the protocol has the ability to decentralize built in. But the technical requirements are prohibitively high to the point only large businesses or corps could afford to do it. I also believe (someone correct me) the company hasn’t switched on the functionality yet.

      • unexposedhazard@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        The biggest thing is that you need to be manually authorized by them for federation. They will only ever federate with servers that arent serious enough competition to lead to democratization of the overall network.

        • Natanael@infosec.pub
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          No, PDS federation is fully open now.

          They’re also actively supporting development of 3rd party appviews and relays.

          • unexposedhazard@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            The power dynamic is still 1000000:1 they can do whatever they want and you will have to follow. If they defederate you, there is no value in your self hosted instance.

      • Natanael@infosec.pub
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Maybe you remember PDS federation not being open for a while, but it’s open now.

        Running a public appview can be very expensive, but they’re working on making it cheaper to run one with a limited scope.

      • Drunemeton@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Last heard (a few months ago) the cost is in storage. The protocol isn’t too complicated now, but it generates a shit ton of data, and IIRC you need a minimum of 3 copies.

        • mac@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          Storage is cheap whwn it comes to webhosting and 3 replicas is honestly not much when it comes to enterprise standards. I think cloud storage providers like backblaze keep something like 9 copies of data across different mediums

      • noodle (he/him)@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        my mom has always told me that I had the potential to work at NASA. but the requirements are prohibitively high

      • Victor@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        This is a little bit more black and white compared with the other responses. 🙈

        • sem@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          The “ability” to decentralize has costs that scale quadratically. So in every practical sense, it cannot be decentralized. At best it could have a few servers that participate.

          • Natanael@infosec.pub
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            No, it doesn’t scale “quadratically”. That’s what going viral on Mastodon does to a small instance, not on bluesky. Pretty much everything scales linearly. The difference is certain components handle a larger fraction of the work (appview and relay).

            Both a bluesky appview and a Mastodon instance scales by the size of the userbase which it interacts with. Mastodon likes to imagine that the userbase will always be consistent, but it isn’t. Anything viewed by a large part of the whole Mastodon network forces the host to serve the entirety of the network and all its interactions. So does a bluesky appview, in just the same way, but they acknowledge this upfront.

            Meanwhile, you CAN host a bluesky PDS account host and have your traffic scale only by the rate of your users’ activity + number of relays you push these updates to. Going viral doesn’t kill your bandwidth.

              • Natanael@infosec.pub
                link
                fedilink
                English
                arrow-up
                0
                ·
                edit-2
                3 months ago

                In fact, it is worse than the storage requirements, because the message delivery requirements become quadratic at the scale of full decentralization: to send a message to one user is to send a message to all. Rather than writing one letter, a copy of that letter must be made and delivered to every person on earth

                That’s written assuming the edge case of EVERYBODY running a full relay and appview, and that’s not per-node scaling cost but global scaling cost.

                Because they don’t scale like that, global cost is geometric instead (for every full relay and appview, there’s one full copy with linear scaling to network activity), and each server only handles the cost for serving their own users’ activity (plus firehose/jetstream subscription & filtering for those who need it)

                For Mastodon instance costs, try ask the former maintainers of https://botsin.space/

                • sem@lemmy.blahaj.zone
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  3 months ago

                  I’m sad that bots in space had to spin down, but there are still bots on Mastodon. One server quitting didn’t take everything down.

                  The part where if a mastodon post gets popular, it has to serve that to everyone makes sense because it’s kind of like a website. Maybe there could be a CDN like Cloudflare that a mastodon server could use to cache responses?

                  The part about Bluesky that doesn’t sound good to me is “to send a message to one user is to send it to all”. Wouldn’t this be crazy with even 100 servers for 10000 users, vs 2 servers with 5000 each? Not sure how the math works but it doesn’t look good if they have to duplicate so much traffic.

    • massi1008@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      You can easily host your own instance with a simple docker stack.

      I dont know of any public instances except the main but I also havent searched.

  • reddig33@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    I don’t see anything controversial in the article. Did I miss something? Just looks like a way to make sure the public figures and companies you are communicating with are who they say they are.

    • cyrano@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Verification wise there is already domain. But ultimately, it is too soon for the twitter exodus to get the blue check. All in all, this type of outrage is doomed to repeat with that type of central entity.

    • Zak@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      I think the existing domain-based verification system is a better way of doing that. Something like Mastodon’s verified links might be a nice addition. This more centralized system is… not what I hoped for.

      • reddig33@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        I didn’t sound like a centralized system from the article. More like they want a third party like Verisign or something.

        Something will have to be done as these platforms become more popular to cut down on fraud and disinformation. You don’t want people impersonating other people or organizations, or companies. Even if Bluesky starts federating to other platforms, just knowing that they have a blue sky blue check would be an improvement if you could display that check on other clients like mastodon posts.

        ICANN has already made a mess of domain names so I don’t know if relying on the domain is enough. People are using non-Roman characters to trick people into thinking a website domain is the real thing. Others are buying up all these random domains so you get things like medicare.net and medicare.org and medicare.com etc etc.

        I dunno what the answer is. Just rambling out loud in frustration.

        • Billiam@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          I didn’t sound like a centralized system from the article. More like they want a third party like Verisign or something.

          It’s going to be both. Bluesky will verify users, but they’re also going to have other authorized verification entities.

          From what I’ve seen, there will be two distinct types of blue check- users verified by Bluesky will have one mark, and users verified by a trusted authority will have a different mark.

          Now who will those third-party verifiers be, and how will they be selected, hasn’t been announced yet.

      • merdaverse@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        What are you talking about? This is a web of trust model, literally a decentralized model. Not everyone on social media needs to have technical skills to verify via DNS records, verified links etc. If you want a community that gatekeeps for for computer engineers only, you already have Mastodon.

    • MangoPenguin@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      3 months ago

      It already has domain verification which is better IMO. Its more reliable and safer as you have to own the domain to use it.

  • aeronmelon@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    Anyone who is surprised that BlueSky is going down the same path as Twitter (X, not withstanding) belongs on BlueSky.

    • Jay@lemmy.ca
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      There’s been a lot of impersonated accounts popping up lately, so it doesn’t surprise me they’ve opted to do something like this.

      • TommySoda@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Oh yeah, they are literally everywhere. And a lot of them are impersonating people that haven’t switched from Twitter yet to take advantage of it specifically.

    • MangoPenguin@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      How come they don’t use the already built in domain verification? It’s basically fool proof to certify that an account is owned by a specific entity.

      • Rachel@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        It’s what Twitter had and most people on blueksy just want Twitter before Elon. It sucks but that is really what the majority of people even want. They don’t care about the decentralized stuff.

    • Billiam@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Right now, venture capital investments - same as all tech starts out.

      How it’ll monetize to become self-sufficient remains to be seen.

      • Dr. Moose@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Not same as “all tech starts out”. You’re literally typing on tech stack that didn’t start out like that. Then there’s Masotodon, fediverse, gnome, kde, linux etc. Etc. - literally almost no good software comes out of VC world statically speaking.

  • emb@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    I do not see anything to be angry or disappointed about?

    Verification badge was good, the dumb thing Twitter did was throw it away by letting anyone pay for it.

    • Dr. Moose@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      3 months ago

      Nah it was not good. Domain names already do that and are accessible to all at all times with full transparency and decentralization. Bluesky is literally regressing.

      Even mastodon’s verification system is better than checkmarks.

      • Pup Biru@aussie.zone
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        domain names do that for people with well known domain names, and verification processes do that for people without

      • merdaverse@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        “Everyone should be able to setup their own domain and mess with DNS records to get a verified account”

        Do you realize how utterly disconnected from reality this sounds?? Technical people that have absolutely not clue on how make good UX for end users is how we got Mastodon in the first place, and why its adoption is abysmal.

        • Dr. Moose@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          3 months ago

          You can pay someone to do that for you tho it’s not any different form paying someone to verify you ina centralized way. Its really not that hard.

          Even with more complex setups like mastodon servers you already see markets for this. You can get a basic managed instance for yourself for like 15$/mo - that’s basically nothing for anyone who needs to verify themselves as a brand.

          • merdaverse@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            This is not a “pay for verification” model. Have you even read the article or anything related to it? It is literally not centralized, it’s web of trust.

      • emb@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Far from perfect, but I think it’s good to have a layer that very visibly shows ‘yes, this is the account you want’.

        Domains are a worthwhile addition, but they run into almost the same problem as usernames and handles. Can be made misleading easily - sure, I could often go to the web address and verify it (if they don’t put up a convincing fake site), but that’s much lower visibilty.

        Eg, you can probably register nintendo@nintendoamerico and get it by some folks just as easily as registering the Twitter handle. There’s a payment step to get the domain, but that’s about it.

        The centralization problem you mention is a good point though. It was a fine system, if you felt like you could trust Twitter as a verifier. Today obviously, one could not. But Bsky seems to at least theoretically have a ‘choose your verification provider’ idea in mind, which would (again theoretically) resolve a lot of that issue.

    • Saleh@feddit.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      If the same authority is doing verification that is also doing moderation and both ultimately in a for profit setting, that has conflict of interest.

      We dont know how reliable bluesky moderation will stay. We dont know how they will respond to political pressure. We dont know how they will monetize past the growth phase and then could also argue a “service fee” for verification.

      In a perfect world none of these would happen, but then everybody could still be on twitter and be fine there.

    • merdaverse@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      This is just a web of trust model, aka a decentralized model of verification. This thread is mostly people that haven’t read the details that want to confirm that “Bluesky has been enshittified”.

  • Mars2k21@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    idk man I haven’t seen anyone complaining about it on Bluesky

    This is a net positive, nice to have a social media where verification checks are…actually used for verifying the person behind an account

    • Airportline@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Most of the complaints I’ve seen were about Bluesky’s lack of a formal verification system.

      They could never figure out how the current system of checking the username.

    • SSTF@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Based on how verification was revoked for some users on Twitter based on their content rather than question of their identity, I’m cautious about this system turning into the status symbol it became on Twitter rather than the verification it claimed to be.

      • Nick@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        I saw some small talk about it, and it really just boiled down to domain verification is great for more tech savvy folks, but trying to get larger accounts (think politicians, celebrities, etc) is a lot harder. Having a visual check, using tools within the app or site, is a lot easier.

        And personally I like the idea of verification checks as long as it remains a simple means to do just that: verify the owner of the account. Morons like Musk and his ilk always thought it was a clout thing, and for a small minority that was probably the case, but by and large before he ruined it, it was great.

      • spongebue@lemmy.world
        cake
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        If they are, and there isn’t anything to display it, how are were to know what’s been vetted and what’s slipped through the cracks? Especially on a new account?

        • MangoPenguin@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          3 months ago

          It’s the username so already quite visible.

          For example someone at say, NPR, could use a name like @bob.npr.org which is only possible by verifying ownership of the npr.org domain name, so there is no need to vet anything.

          • spongebue@lemmy.world
            cake
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            That’s great for an organization like NPR which may have the resources to tie its own domain name into Bluesky. For some freelance reporter or otherwise verifiable person, I’m not sure it’s quite so practical.

              • spongebue@lemmy.world
                cake
                link
                fedilink
                English
                arrow-up
                0
                ·
                3 months ago

                And tying it to the Bluesky system? Not sure the cost of that (I swear I saw it was a potential monetization they were looking into) but also the time to figure it out isn’t practical for everyone.

      • Natanael@infosec.pub
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Domains only help you verify organizations and individuals you recognize directly.

        This verification system also allows 3rd parties (it’s NOT just bluesky themselves!) to issue attestations that s given account belongs to who they say they are, which would help people like independent journalists, etc.

        • Saleh@feddit.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          Idk. Celebrities and Politicians usually have other vetted channels such as their own website or a website of their ogranization representing them. It should be basic journalistic work to see if their social media links link to the account in question or not.

            • Saleh@feddit.org
              link
              fedilink
              English
              arrow-up
              0
              ·
              3 months ago

              So it is not given to a centralized authority, that is guided by for profit motives and also does the moderation of its plattform.

              Where this can lead was shown with twiiter. The moment the central organization is captured, the central authority will abuse the authentification for its own goals. Then instead of just having to check for the authentification to be reliable you need to question everything that is on that plattform as a whole, which is infinetly more consuming, but also simply impossible.

      • BackwardsUntoDawn@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        I feel like domain usernames are still inherently susceptible to phishing, you can get a typo or similar character to try and trick someone that your username is an official one

  • Pirata@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    This was always bait to keep people using corporate social media instead of decentralizing. I am not sorry for the users one bit.

  • Opinionhaver@feddit.uk
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    I don’t see how even the way Twitter does it is any worse than not having such system at all.