I was struggling to wrap my head around how federated social media works until I realized that email has basically been doing the same thing for 30 years. Different email servers are like instances of a federated network. You can send emails to people from within a single server or you can send emails to people on any other mail server. Your email address is a username followed by an ‘@’ and the server address, just like on Lemmy. Email is a decentralized service I’ve been using the whole time!
Also, DNS, and routing protocols. The Internet was designed for it. Walled gardens are an affectation of capital used to create the artificial scarcities it then exploits.
In the old days, when you wanted to do something new on the Internet, you designed a protocol and published an RFC. Perhaps you provide a reference implementations, but maybe you didn’t. Anyone who wanted to could implement clients and servers for that protocol. People created things just to empower each other.
Today, capital dominates development on the Internet. When capital wants to provide a new service, it encapsulates it in an app. Users may only interact with the service as an access-controlled black box. Capital creates things to parasitically multiply itself.
The old Internet never went away. It never really even stopped growing in absolute terms. It just got out-competed by the wild malignant growth of the commercial Internet. But, the old one is still there, and today it’s like it was in the 1980s, early 90s all over again; people who live on the old Internet are once again finding ourselves alienated from mainstream culture.
Now that debt isn’t free and unlimited anymore, things might change. I hope the old, free, distributed, democratic Internet has a revival. Everyone who doesn’t find us or can’t unplug from the matrix is going to get terribly exploited.
I don’t disagree, but I think it’s a bit of an oversimplification to attribute it all to capital. There is a failure in how the original internet (and traditional FOSS for that matter) envisioned the world.
The original vision was that everything will be distributed. There are protocols, there are implementations, and there are “users”. Where the term “user” encapsulated everyone from the person developing/contributing/maintaining the code, the person deploying and operating it, all the way to the grandparent or child or otherwise absolutely non-technical end user.
The idea was sound. You are a technical user, you could run email server for a set of people you know. Others could do the same. Small companies could start offering paid services, etc.
But the devil is always in the details. Who is maintaining it? Who is keeping everything secure and updated? How does it scale? How frequently do you need to migrate everything because the operator is going out of business or has come down with health issues, or has died. How much trust do you have to put in every operator? People don’t want downtime. People don’t want frequent migrations. People don’t want to have to trust hundreds of small providers and have churn all the time in services they rely on for their day to day.
The rise of a centralized, large, and popular operators of each type of service is inevitable in that case. A couple of large email providers were always distant to happen. Same with storage, messaging, etc. It’s difficult to selfhost everything yourself, and it’s incredibly burdensome to do it for free for a large number of people.
No, we don’t disagree, though you might be reading in a stronger point than I made. I don’t recall saying it’s all capital’s fault, whatever “it” is. However, I could probably be baited into doing so.
A tremendous amount of capital has been poured into Internet ventures. It out-competes mere human altruism. I think that if we want to have meaningful human experiences in our lives, we need to intentionally create spaces capital is not interested in occupying, or is prevented from occupying.
I think the janky details are important. Not the actual details, just the fact that they are janky. It forces one to understand and engage with the medium, which gives one power over the medium instead of the other way around. I think humans getting old, sharing what they know, and passing on is a vital feature of the human social experience, not a bug we need to patch around. (Ed Hew’s registrar.ca will always be my spiritual domain registry.) There are lots of good business reasons why we would like commodified services provided by fungible service units rather than a society of human relationships, but I suspect there are some important psychological reasons for doing it the messy way, though no benefits to capital.
I think human spaces will always be fleeting and messy, as humanity constantly loses control of the most lucrative and populated spaces to our own greedy wealth. Human spaces are hard to use because they are always shifting, displaced and forced out to the frontiers, where things are less comfortable. In a real way we are all becoming marginalized citizens of an increasingly less human globe-spanning empire.
If I remember correctly, Usenet, which in my mind is a precursor to reddit, worked the same way as well
Remember forums? They were toxics. But legit most of my issues with hardware can be solved on forums.
The OG federated social media was Usenet.
And… usenet messages are basically email messages with a few extra header lines. The format is otherwise the exact same.
Much like how this is just ActivityPub with a few extra metadata to thread them.
The problem is, that email isn’t really decentralised/federated anymore.
It’s impossible to day to setup your own mailserver and have the email accepted by the major email providers (where most of the people are)!
Checkout this article: https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html
It’s sad, but while email is decentralised in it’s core protocol, it’s execution has become too centralised today. Fortunately, HTML and the web standards are better as we at least still have Firefox (a non-chromium BLINK engine based browser) today. But even there, chrome takes up too much of the market share.
Doesn’t prevent me from doing it.
I send a mail to you and your shitty mail provider blocks it as spam, even though I setup my SPF and DKIM entries correctly? Well that’s your problem, complain to your provider then lmao.
Of course that cannot be applicable to every use case. Sometimes you need a mail to go through in which case I still use GMail or iCloud Mail, unfortunately.
But it became like that because we let it become like that. We should use email as it was intended to be used, and if it doesn’t work, well fuck it. It’s the recipient’s fault for choosing a shitty or “non-compliant” provider.
While I can understand your sentiment, the problem is that many people simply didn’t care, and hence they never demanded that from their providers or moved away when they added such anti-competitite policies.
For the large majority of humans, even understanding what the hell the internet is and what computers do is still a mystery. I can understand, that for most people, it was difficult enough to get used to email and cloud stuff in the first place.
But now, over the past decade, many people have often experienced the problems of corporate-owned non-decentralised services. (Twitter, EverNote, etc.)
And with these experiences, it’s much easier to convince and have people move over to alternatives.
Again. I understand why you’re ‘angry’. And I feel that too. But I also see, that many people don’t care and simply take the most comfortable options as they don’t see the risks in lock-in.
Unfortunately, what email has also shown is that platforms can develop much faster than protocols. I hope all works out for lemmy in the end, but it will be interesting.
Absolutely. Now we’re stuck using a protocol that has zero encryption because decades ago no one thought about that. All our private correspondence is readable by every ISP and government it passes. If only we could make an email 2.0…
No, encryption was considered. It was supported from pretty early on via PGP. If you check out decent mail clients (obligatory digdeeper), you’ll find the tooling.
Why didn’t it ever become the norm?
Encryption was illegal back in those days, especially for export. Google “crypto wars”.
Furthermore it was quite computationally expensive. Modern CPUs have special instructions to work with AES and other algorithms, but back then it had to be done with individual instructions and with slow clock speeds.
It takes effort to set up a PGP client and the person you’re sending it to probably doesn’t have PGP set up. It’s used for some confidential journalism and whistle blowing stuff, but since everybody just uses webmail anyways, it’s not practical to use.
Email with PGP is very far from secure. No forward secrecy (one mistake and the entire thread history is revealed) and metadata is unencrypted.
PGP email has nothing to do with the email protocol. All your message metadata and headers are still not encrypted/can’t be encrypted. You can only encrypt some payload with a PGP key, and it’s up to the receiver to figure out whether or not they want to trust any of the message metadata. The entire envelope is still plaintext everywhere. PGP email is just email, but you’re sending some random encrypted text in it.
I mean, it’s not like theres really anything stopping the big providers to implement PGP on top of Email.
They just don’t, because users don’t care. So you have to do it yourself, in a plugin or whatever.
Still works, just more cumbersome, but I wouldn’t blame the protocol… at all.Adopting a consistent way to do it that everyone agrees on is the hardest part. PGP works but you have to make it easy and integrate it with all the top email providers so that most people are using it without even noticing.
@nodsocket @technology I think the real challenge with the user experience of PGP is making it possible for people to actually do the whole “web of trust” think in a practical way, and making management of private keys over a long period of time by individuals. It’s way too easy to lose your keys
The nominal answer to that was PKI, i.e. TLS (and maybe SMIME). But that’s just a different shitshow.
The other challenge is IMHO there’s two kinds of tasks here that are related but not the same.
One situation is for stuff like most e-mail and posts online etc. You don’t care or need a strong identity guarantee, you just need to be able to say ID1 from yesterday is strongly confirmed to be ID1 today. For things you make first contact and only contact online - this is really all you need, along with the privacy of the content. Stuff like PGP and SSH do this just fine. Self Signed TLS certs do too, except for browsers somehow treating them as worse than unencrypted.
The other is where you do want a strong identity verification. This is where TLS how most people use it works, except it’s a false sense of verification. People want something like a Government ID - so you KNOW Amazon is Amazon verified by a trusted third party. But this sadly isn’t how the certificate authorities actually work, and now it’s considered so hard to take care of your keys that a certificate lasting more than a year (pushing for 90 days) is “too big a risk”. Imagine any other ID you had to renew every 3 months! It clearly doesn’t work, and only continues IMHO because it’s how the web ended up working. But in actual practice IMHO - you basically get the same thing you would have from option 1 for most people. It’s not like there’s an enforced standard or anything for the CAs, it’s just can you pay. And with LetsEncrypt for those 90 day renewals there’s not even payment so it really might as well be just telling you it’s encrypted and forget about the identity alltogether.
you wouldn’t even relly need to find one consistent way, just identify the way servers do it, and have a list of supported methods.
let’s say there are implenetations a,b,c, and d
if let’s say google supported b,c and d, and apple b, and hotmal c and d, only hotmail-apple traffic would be unencrypted as they can’t agree on a common method.pretty sure that’s how TLS (i.e. https) works.
It used to, but v1.3 supports only 3 ciphers now.
I use GPG mail with Apple Mail client and it works great. Just need to get the public keys of people you want to send encrypted email to.
Not sure how anyone can say “GPG” and “Works great” in the same sentence tbh. GPG is a usability nightmare except for the most advanced users who use it. Good luck trying to get your house contractor or doctor or representative or non-techie friends and family or really anyone to give you their “public key”
It’s a good analogy for how accounts are created, but the analogy breaks down when considering what happens when you send an email. When you send an email, you send it to specific people on specific domains. With the Fediverse, you post it to your domain, and anyone who wants to take a look, can.
It’s not so much of an analogy, email actually is a federated technology just like ActivityPub is and ActivityPub works a lot like email and even has audience targeting fields which map onto the same audience targeting fields that email has (
to,cc, etc.). Activities aren’t always publicly available, although they can be and when sent to specific people, and when they are they are delivered to the users’ inboxes (although if public they can be read from a user’s outbox).
I was explaining it to a friend today, and I came to the conclusion that Lemmy is a LOT like the old FIDOnet message network that was used on BBS’s.
Except it doesn’t take six days for the reply to come back. (I say this ironically, replying six days after your comment.)
Surprisingly I’ve heard that the email analogy is not very useful for explaining federation. But I guess not that surprising with people <=18. They’ve probably never even had an email address outside of school provisions or whatever.
Could you elaborate on that?
I’ve been told people under {some age, maybe 35 now?} only use e-mail at work. I’m not actually sure how this is really possible, because you need e-mail to get all those “social accounts”, as well as a lot of Government stuff (like DMV stuff), Banking and more, but it’s what I’ve been told.
I was more asking about the analogy not being good. I don’t know anything specific besides the analogy at the moment, so I’d love to know why it might fall short
I think the analogy is great - but analogies only work if the person is more familiar with the analogy than the actual topic - if the understanding is the same or less, it doesn’t function well.
I mean, in a lot of ways the fediverse is reinventing Usenet too, but if you don’t know the technical details of Usenet, that analogy doesn’t help you either.
Because they use fone number to register for things instead
Wow, this makes a ton of sense and I had never thought about it. Thanks for the example!
Email is my go-to example when explaining fedi to unfamiliar people. Its especially accessible to non-technical users because almost everyone has sent an email to someone with a different provider.
Its a reasonable analogy, but were not there yet. While mastodon instances will talk to mastodon instances, and pixelfed instances will talk to pixelfed instances, and kbin instances will talk to kbin instances, at the moment the intercommunication between apps is a real issue. Imagine postfix wouldn’t reliably talk to exchange servers, that would be a real barrier to adoption. I’m hopeful this will get sorted, but were on the bleeding edge at the moment.
What do you mean? I can talk to mastodon, kbin, pixelfed, peertube, etc users from inside lemmy and same with my mastodon
This is exactly the analogy I use even trying to explain fediverse to normies.
Exactly! I think someone else on another thread when trying to explain the fediverse to someone used how e-mail works as a comparison and it just made it click and make sense for me! It’s going to be my go-to way to explain it to someone now.
Yep. Sometimes, the old ways are best.
Kinda, sorta… not really. Eh
On email nothing really “federates”. A message is sent to user@server.com and that’s the extent of it.
And what do you think AP does?
Well yes, if you simplify pretty much everything online enough it becomes “send message to this address”.
With email, that’s pretty much it.
With ActivityPub, after being received that message gets federated out to all servers that have a subscriber of whatever service the message was sent to.
The difference is more about implementation, conceptually. Email is just far more one-on-one
I mean, I wouldn’t even really agree that Email is far more one-on-one.
Email newsletters and mailing lists are relatively known and are essentially one-to-many as well. If you think about with this angle, a post on a community is not very different from a post in a mailing list.
The main “benefit” to people for these communities vs mailing lists is online archives for later searching. Depending on how things go, I can certainly also entertain wanting Mailing lists back.
What about usenet?
Good point. Can we all go back to it?
I predict that’s exactly what generation alpha is going to do. Gen Z is already using y2k camcorders as cameras. It’s gonna be a trend.
Generation Beta:
-- --- .-. ... . / -.-. --- -.. . / -... . / .-.. .. - / ..-. .- -- / -. --- / -.-. .- .--.
We could, but the SPAM.
Not really… Google “bought” it out back in the early 2000s and took over the archives. And turned it into its groups product.
Google bought the company Deja and got their software, which turned into Google groups, and also got their Usenet archive.
They didn’t buy Usenet itself (which would be like buying “email”), and it is still very much alive, but it has changed, and most people have moved their preferred place to have discussions elsewhere.
Note: I was going to say “would be like buying a cloud”, but Google Cloud is a thing, so…yeah.
I was relying heavily on the quotes around “bought”. A large amount of Usenet had consolidated under Deja which went to Google. While there is still some remnants around. What it was before is no where near the same as it is now.
This is… either simplified to be confusing or a big misunderstanding of kind of everything. Google bought DejaNews an online Usenet text archive. Usenet still exists right now, and there are still at least 5 or more major Usenet server providers you could sign up with today, but most charge for access.
Telegraph has entered the chat.