• Luden [comrade/them]@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    I’m not sure if this will entirely make sense, but do you believe there could be some kind of feature to authenticate with a specific instance, but make your ‘home’ instance another?

    In other words, to create your account on lemmy.ml, but visit lemmy.world and be signed into your account, effectively changing what your home page and ‘local’ looks like without needing to subscribe to all communities on another instance if you’re interested in having them curate your feed? Piped has something like this, where you auth with one server, but proxy video through another.

    The reason I ask is that this helps to get around tricky defederation situations and can improve security. Perhaps I want to auth from a server I trust more with my data, but I want to make .world or .ml my home page because they have more content that is relevant to me and that helps me discover it. Or I want to auth from lemmy.ml so I have access to instances that were defederated from .world, meaning I can still use them as my ‘home page’ without needing to actually make an account there.

  • diamat@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    First of thanks a lot for the effort that you put into creating lemmy. You have created a really friendly and welcoming place!

    I have a question regarding licenses. When you started developing, what were the reasons for your choice of the AGPL? As you are marxist-leninists, did you also look into other licenses like the the Anti-Capitalist Software License?

    • nutomic@lemmy.mlM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      AGPL was already used by most existing Fediverse platforms, and ensures that all code changes need to be published. Its basically an improvement over GPL which also takes effect when the software is hosted on a server, not running on the user’s computer.

      The Anti-Capitalist Software License is not an open source software license.

      That alone rules it out.

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      To me, AGPL is the most pragmatic choice. As a hard copy-left license, it enforces derivative works to adopt the same license, unlike the more open and “soft” copy-left licenses that let corporations capture and digitally enclose your labor as they see fit.

    • Blaze@discuss.online
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      There are several examples of communities moving from instance to another, or refusing a mod powertrip.

      !unixporn@lemmy.world was an attempt from the mods subreddit to get the community back, but most of the people rejected that and stayed on !unixporn@lemmy.ml.

      Small scale example, but I like the show “the Office”. !dundermifflin@lemmy.ml is the historical community, but as some people are not fans of lemmy.ml, we moved to !dundermifflin@lemm.ee, which is now the most active community on this topic.

      I guess that shows that community takeover is possible, and does not need additional tools, just some time and dedication.

      Also, keep in mind that except if there is a real reason (admin/mods powertripping, problematic instance direction), there is no incentive for users to move to another community. But the important thing is that the possibility is very much there, and helps keeping everyone in check.

  • hendrik@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    When do we get advanced moderation features? And for example the ability to block all users from a single instance to prevent for example brigading? I mean for the user, so we don’t have to rely on defederation so much.

    Are you planning to revamp defederation? I mean it’s rather complicated the way it works and the triangle that is the user’s instance, the other user’s instance and the instance the community is located.

    What about features like automatically kicking of moderators / revoking their ownership. In the early days of the Reddit exodus, some people reserved lots of communities just so they’d be the owner of the community, but they don’t do anything with it. I think admins mostly already dealt with that. But there are ideas floating around to migitate for things like that and other common annoyances. I think good moderation is key (and the tools that go with that and the whole architecture of the platform should favor a good atmosphere.)

    • nutomic@lemmy.mlM
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      9 months ago

      When do we get advanced moderation features? And for example the ability to block all users from a single instance to prevent for example brigading? I mean for the user, so we don’t have to rely on defederation so much.

      This could be added to the existing instance block feature, but so far no one has even bothered to open an issue I think.

      Are you planning to revamp defederation? I mean it’s rather complicated the way it works and the triangle that is the user’s instance, the other user’s instance and the instance the community is located.

      Its very simple and effective in that in prevents all network connections to the blocked instance. So I dont think it makes sense to change that, but other tools can be added on top for more fine-grained restrictions (eg user-level instance blocks in 0.19).

      When do we get advanced moderation features? And for example the ability to block all users from a single instance to prevent for example brigading? I mean for the user, so we don’t have to rely on defederation so much.

    • CannotSleep420@lemmygrad.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      Users can already block entire instances, so progress has been made on this front.

      I’m curious how we’d go about automatic mod kicking. Instance admins are already able to remove and appoint mods to communities. What would a sensible trigger for auto-removing mods be?

      • hendrik@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        Afaik the current instance blocking just hides communities from showing up in the All feed, not users.

        But nutomic seems to be right. There currently doesn’t seem to be a feature request open for that. The issues I found contain several duplicates, mix different things and sometimes users erroneously file something in lemmy-ui or the backend and it gets closed. I’m going to have a closer look and maybe file a feature request. Thx.

    • OsrsNeedsF2P@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      Nutomic said in another comment:

      Yes once we reach 1.0 there will be way fewer breaking changes and then it will be easier to do more frequent releases.

      So maybe that?

        • nutomic@lemmy.mlM
          link
          fedilink
          English
          arrow-up
          0
          ·
          9 months ago

          We want to change the API paths to make them more consistent, and have separate endpoints for image uploads (eg POST /api/v3/account/avatar). Not much else really.

      • nutomic@lemmy.mlM
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        Yes thats it, 1.0 just means there are no more breaking changes (until we decide to release 2.0).

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      I’m sry I can’t give a good answer there… but to me it seems like when we go a certain length of time (not sure how long) without any breaking changes. That will have proven that the API as it exists is stable and well-formed.

      That seems a long way off atm, because of all the features and new fields we’ve been adding and modifying on existing data structures.

    • Alsephina@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      Assuming this isn’t a bit they would most definitely try and probably succeed in taking down any platform that poses a real threat to CapitalTM

      But I doubt lemmy will get that massive anytime soon as cool as that would be lol

    • CannotSleep420@lemmygrad.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      Depends on what you consider taking down. The fact that the project is FOSS means anyone who wants to can fork the code, so it would be hard to eliminate one’s ability to get the source code even if the main repos got taken down and the maintainers are detained or killed.

      As to whether they can control the fediverse in a way that allows them to invent reality like they do with mainstream platforms, I could see them trying to compromise admin teams for individual instances. However, unlike mainstream social media, our eggs aren’t all in one basket so to speak. They won’t be able infect the entire platform like they can do with big tech.

  • mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Is there any new p2p/decentral technology that is trying to advance beyond federation?

    It would be cool to have a generic framework to make web resources that are inherently decentralized without the need for sponsor and hosting.

    Like IPFS but as a social site. Everyone helps partially host content in exchange for access to all the content.

    • phiresky@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      There is a ton of decentralized projects that no one has really ever heard of, new ones pop up all the time (I was watching multiple of them in the past). Sadly in most cases it seems like most authors stop working on their projects after a while.

      The same ideas have existed for a long time but both decade old projects (ever heard of Freenet? Probably no) and new ones . Many of them are very ambitious and try to replace huge swaths of things (not just file storage but also social aspects, web of trust, etc) but then collapse under the complexity. IPFS is the most well known new project and (good imo) has limited its scope, but sadly (still) suffers from huge scalability issues, some of which are deep in the design.

      I think it’s really hard to align incentives there - the nicer it is the harder it is to make money with it. So either these projects tend towards control by one entity or they tend towards death.

      Really the only one that seems to have a long lasting life so far is torrents. Which are amazing. And Email if you want to count that.

      • Dessalines@lemmy.mlOPM
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        Torrents are truly one of the best inventions of the internet.

        They’ve fully solved the static data distribution problem, in a way that’s resilient and practical. I do a few torrent-related side projects, and I’m also super-interested in how we could integrate them into lemmy UIs and apps in order to take on YouTube.

  • InfiniteFlow@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Is federated authentication being considered for the future? The federated model of the fediverse is great, but it runs into problems when instances “die”, you want to access different servers as they federate with different things, etc. leading to the need of having multiple accounts. If there were a decentralized network of auth servers, could use the same credentials everywhere.

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      9 months ago

      No, Activitypub isn’t based on a migrating authentication / single-sign-on model, but on server-to-server communication.

      Instances with many users already on them dying should be a rare occurrence, and its unfortunate that it happens not just for us, but in the whole fediverse.

    • nutomic@lemmy.mlM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      Then your (hashed) password would have to be copied to all servers, and the email as well for password reset. Seems very problematic for security.

  • 9point6@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Firstly, thank you so much for providing the means for me to cut Reddit out of my life, I feel like I’m engaging with content in a much more deliberate way since, and honestly it’s been a massive improvement to my mental health in a way that I was completely oblivious to there even being a problem before.

    Anyway, the question—regarding things happening entirely out of your control, what would be the best and worst things that could happen to lemmy from your perspectives? And as an extension, what are your goals for it?

    • nutomic@lemmy.mlM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      The best thing would be if Reddit goes the way of Digg. Seems that will happen sooner or later. The worst thing, maybe if funding stops and we are unable to keep working on Lemmy. But even then admins could still host Lemmy instances.

      • Tangentism@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        9 months ago

        The best thing would be if Reddit goes the way of Digg.

        Well, it has already. The only reason it hasn’t fully imploded & all the users deserted for another site, is because there wasn’t an equivalent place to go to.

        They were sort of parallel in development but digg blew up and Reddit didn’t then Digg took a quick hard turn towards enshitification.

        Reddit has done the enshitification but like a parasitic infected spider, it’s wandering about and most of the users haven’t realised yet that it’s an empty shell.

        It’s slow demise would be better in the long run than a quick collapse like Diggs so it’s now putrid culture is not transmitted with an enmass exodus.

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      9 months ago

      Thx! Its pretty wild to me how much these algorithms, and formats, affect our mental well-being. Those giant US tech companies employing Psychology PhDs to figure out how to keep people angry, engaged, and watching ads, is doing so much harm to so many people, not just in the US, but the whole world, and unfortunately very few countries are doing enough to protect their people from these companies (who also act as surveillance arms of the US state) by blocking facebook and the rest.

      I’ve seen two professors I respected turn into angry children on twitter, in a way that would never happen in real life. Reddit, twitter, and Youtube platform reactionary rage-bait to get people trapped in a downward spiral of negativity. These companies do not care how much damage they do; all that matters to them is their profits.

      We don’t have those same incentive structures, so we can and should be doing everything we can to make this a positive and enjoyable experience, not about arguing constantly, but about learning, laughing, and understanding.

      what would be the best and worst things that could happen to lemmy from your perspectives? And as an extension, what are your goals for it?

      The best thing would be that we continue our slow and steady growth. Every user that migrates away from big tech to the fediverse is victory, so while we shouldn’t emphasize growth at any cost, its still a good thing when we can get people away from all that negativity.

      The biggest concern for me about Lemmy, would be a centralization onto one big server, that tries to replicate all the worst things and behaviors about reddit: its combativeness, xenophobia, bigotry, pro-US-foreign policy agendas, and advertising. There is a noticeable chunk of Lemmy’s users who don’t really see any problem with those things, they just want a reddit that lets them use 3rd party apps again.

  • BoisZoi@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Can there be an option to view deleted/removed comments? (this setting a user could configure in settings)

    I can understand why mods want to remove comments, but being able to see the text that was removed could be very useful. At the moment, the only way to do this would be having each post uploaded to internet archive, and hope many other lemmy users do the same thing.

  • hendrik@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    Have you put measures into place to assure the quality of future updates? In the past several updates have caused issues. And recently 0.19.x broke federation for the most of us. And it took weeks to fix it and make Lemmy usable again.

    • nutomic@lemmy.mlM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      We publish multiple release candidates and run them on lemmy.ml before the final release. That allows the community to test changes. We dont have a quality assurance team, and developers are notoriously bad at testing their own code, so I dont see what we can improve in this regard.

      • hendrik@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        developers are notoriously bad at testing their own code, so I dont see what we can improve in this regard.

        Sounds like software development… I mean automated tests help. But you’re developing a distributed/federated platform. Unit tests won’t do it. Maybe infrastructure that spins up a small fleet of instances and checks their ability to federate posts, delete comments and simulates interaction. That’d assure the most important aspects keep working. And I think there are tools for that available. But I get it. It’s complicated, there are real-world instances with special (niche) setups, you’re constrained, it has to be worth the effort and there are other important things to do.

        Maybe just do your best not to break too many things and we (users) can complain and have another discussion only if it’s a reoccurring problem. 😉

        • nutomic@lemmy.mlM
          link
          fedilink
          English
          arrow-up
          0
          ·
          9 months ago

          We have lots of unit tests, and also a test suite which launches a couple of local lemmy instances and ensures that they federate as expected. But it’s not possible to cover every single functionality, at least not with our limited resources. The problems all happened with things that are difficult to test and had major breaking changes in this release. In the future we won’t need such breaking changes so there will be less problems.

          Also keep in mind that Lemmy is provided for free and as is. We have no legal obligation to users. And you can always stay with an older version if you want more stability.

          • hendrik@lemmy.ml
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            9 months ago

            Thank you very much for explaining, and the whole AMA.

            Concerning the “providing the project for free”… I think that’s too simplistic. I mean users have expectations anyways. And you must have some motivation to maintain an open source project. Otherwise you wouldn’t put it out there, engage with your users, fix their issues and incorporate their requests. Or you’d make that clear in the first line of the Readme as some people do.

            I think open source is giving and taking. It’s not about legal obligations (we usually waive every responsibility in every open source license.) But perhaps ethically. I as a user feel obligated to honor and respect your work and the time you’ve put in. And I shouldn’t expect anything except for everyone abides by the license. But the devs aren’t the only one putting in time and effort. Downstream are admins who run the actual instances. There might be an ethical obligation to not waste their time either. And there are moderators and users who make the platform become alive. They also offer their time for free and are part of the ecosystem, like the developers are. And ethically it is correct to treat people nice who put in a few hours to prepare a proper pull request and work towards the same goal as core developers.

            And there are a few unique circumstances. This is a social network/link aggregator. And as such it relies to some degree on the network effect. It won’t work without a certain amount of users and them being happy here. Lemmy devs seem (to me) invested in the project and not just coding something for money. So you want it to be successful and catering for users is part of the equation. Additionally the users of a social network trust the platform with their private data. You can’t take legal responsibility for that. But if you accept users doing that, it’s at least an ethical obligation to make good choices.

            And the situation is: Since you have a few full-time developers… It’s not a hobby project anymore. So it’s a bit more complicated. And money might come with expectations. I personally differentiate between donations that are meant as a bounty, this money comes with obligations. And donations for the great work you’ve done so far. These come without.

            I think you’re doing a good job. I especially like that Lemmy development doesn’t seem to be focused on growth above all. You could implement things differently and completely focus on not showing user-facing issues, in order to assure fast growth. Or write a Reddit clone like some people would like, including gamification, awards and stuff. But you don’t seem to be interested in that. And that aligns well with what I like. I want a nice place to engage with people. I don’t need another platform that is commercial and does things in order to be successful at the market.

            I’m grateful. There are still bugs and a few more complicated annoyances I’d like to see being addressed. But I really enjoy spending some of my time here.

  • glibg10b@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Please stop using time zone abbreviations. Everyone can read an offset (UTC +02:00 in this case). But almost everyone has to look up the abbreviation

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      I linked a timezone convert link (before I updated the post), which I think I’d have to do even if we used the UTC offset format. I must be just far away enough from UTC to not know what my offset is at any given time.

    • davidgro@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      9 months ago

      Time math gets a bit difficult far enough from UTC. Where I live virtually any event in Europe or Asia will be happening on a different day there than here, so it’s not fun to try and figure in one’s head.

      The only universal solution is to link to a converter site.

      Personally I wish everything supported the automaticly-converting timestamps I’ve seen in Discord which just show up in local time or as a countdown.

  • hendrik@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    Since I read a few comments here… What is your oppinion on more democratic platforms? I mean something like electing moderators. (Or dropping them in a democratic process.) Or voting for other things in a community.

    (This is more a hypothetical question. I guess with the architecture as is, it can easily be exploited. And there is no way to implement this properly without severe changes and consequences.)

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      We’ve talked about it elsewhere, on github and one of these Q and A’s, but the main thing is that these things can be easily gamed. IE: making a ton of fake users to vote for a malicious mod.

      There’s a ton of ways that could be exploited that I can’t think of rn. I’d rather not stress test them in lemmy.

  • hendrik@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    How’s development going? Do you have enough funds to pay your salaries? Did the EU fund run out? What’s your workload? Is the amount of full-time developers enough to work on new features? Or is it barely enough to keep up?

    How do you like Lemmy and the people on it? (As of now)

    • nutomic@lemmy.mlM
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      We are getting about 4000 Euros per month which is not much to pay for two developers, so more donations would definitely be nice. From NLnet Dessalines and I still have a few milestones leftover from 2022 but those should be finished very soon. We could definitely use more developers, its impossible to keep up with all the issues so we have to try and prioritize the most important ones.

      The people on Lemmy are generally very nice, so I cant complain.

    • CannotSleep420@lemmygrad.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      I’m personally working a full time job in addition to this. However, I spend a lot of my free time contributing because if the only software I worked on was the corpo shit at my dayjob that ends up being cancelled before it reaches production half the time, I’d go insane.

      I’ve found the people pretty good. I find it’s easier to get a sense of community on here than it is on big tech platforms.