kosmos.social is part of the decentralized social network powered by Mastodon.
kosmos.social is a friendly place for participating in the fediverse. It is run by the Kosmos open-source co-operative.

Server stats:

24
active users

Learn more

The old school hacker crowd is so blind-rage anti-cryptocurrency they're letting pretty great novel things like Nostr and Farcaster fly under their radar. If they tried to mimic these designs you'd end up with worse cryptography (because all the new interesting stuff is mostly related to cryptocurrency) and would probably look like PGP + key servers. They'll make an excuse to put up with the status quo and live with it.

Both Nostr and Farcaster have weaknesses in their design but they do provide a good foundation for decentralized social media that could survive longer term without your content disappearing off the internet permanently. It's just a hard pill for some people to swallow because the design breaks from tradition.

I predict ActivityPub will exist in some form for a long time but there will be a lot of data lost over the years. It's already happening.
Râu Cao ⚡

@feld I thought it would be obvious to everyone how important client-side signing and portable objects are. But I hear mostly crickets when it comes to those FEPs and the problem in general.

It would seem that a lot of people actually like control over other people's stuff. As an admin, I absolutely hate that our users have to depend on us to even enable follower migration in the first place, while content migration is not even a thing.

@feld My hope is that the keys they have to introduce for E2EE DMs will basically make it a no-brainer to use them for signing posts as well.

@raucao I don't think E2EE DMs will ever exist because getting your key onto multiple devices will be too hard so they'll demand a magical key server component and then years will be wasted making something worse than what Matrix has (which also sucks)

edit: also not all clients will support it which makes it even worse. At least with e.g., Nostr the client keys are a hard requirement to use the network in the first place

@feld Not an unlikely scenario, I agree. This is a problem space where it makes even more sense to look at e.g. Nostr for solutions.

At the same time, Nostr could learn a thing or two from federated systems to improve performance and UX. I always said it'll somewhat resemble a federated system eventually, for various reasons.

@feld Client support for proper private messages is actually terrible on Nostr right now, because the thing that all clients support (NIP-04) literally leaks all your metadata to everyone. But yeah, at least the keys have to be managed already.

@feld That is, if both of us run our own XMPP server, and they connect with TLS, then the two of us sending unencrypted messages is more private than NIP-04.

@raucao but what modern public key cryptography can you even choose without being attacked over lol

These people would be like "we gotta use PKCS11" and then the project will die in the cradle because sucks so hard by being overly complicated with old baggage

@raucao @feld It's not about control, it is about resources. Some developers may want to implement these FEPs, but that requires a lot of effort (especially if you're among the early adopters), and they can't commit to it. Other so called "protocols" are paying developers, so stuff gets done much quicker.

@silverpill @feld My point is that architectural basics *that* important should be on the roadmap of e.g. the Mastodon company, and prominent AP authors and proponents should be calling for them.

@silverpill @feld I agree that it's way too much to ask from just any casual contributors, or sole implementers of small projects.

I mean, I pondered this myself, and that idea didn't get far when I played it out in my head.

@raucao @feld These things are on the roadmap, but solutions are supposed to be developed in-house.