445 comments

[ 4.6 ms ] story [ 283 ms ] thread
> I have a lot of thoughts on this that are too long for a Tweet or Toot. Since some of my followers asked though I decided do a longform version of this

People should leave Twitter and start blogs so that they can talk about more complex things with more nuance

Some mastodon instances allow for much longer than 500-character posts. The qoto.org mentioned in the article allows 64K, perfect for blogging.
What you need, really, is centralized "big squares" where people can talk about limited topics with strong oversight (think: HN) but they can link too off-site spaces where smaller groups can have their own rules and topics.

I know some of these types of groups, and I don't really publicize them, because the people who would fit in will find them, no need to grow to world-wide size.

It would be great if the author backed up, really, any of their points with some kind of demonstration about what they're talking about. This article otherwise is seemingly a bunch of handwaving about vague "problems" that exist but without actually clearly stating examples.

Also the author is flat out incorrect on this:

> This decentralization however came with a lot of challenges and today decentralized package hosting is no longer supported by the Python ecosystem.

pip has supported github urls for a long time.

edit Further:

> The second thing that became apparent over time was also that decentralized services came with a lot of security risks. Every one of those hosts allowed the re-publishing of already existing packages. Domains that lapsed could be re-registered by other people and new packages could be placed there.

Linux package management systems solved the decentralization "problem" years ago. It's why there's so many mirrors available when you download packages. Signed packages, and even "trusted-source" checksums can provide for integrity in cases where decentralization exists.

That some package managers threw this away in favour of monolithic repositories is kind of irrelevant to how ActivityPub works.

Author here.

> pip has supported github urls for a long time.

setuptools used to be able to pull packages published to the index from external URLs. Support for this was removed many years ago. Also you cannot publish packages to PyPI that reference dependencies on GitHub.

About the rest of your points on package indexes I believe I addressed them in the post already.

That's specific to one scenario for Python.

It's hardly the entire ecosystem, which is my point. Decentralization is there already and well-supported in the provided tools. You just can't abuse the official PyPI sources, and that's a reasonable approach.

The point I was making is that systems have a tendency to centralize, even in the absence of a bad actor. Decentralization was really well supported in the Python ecosystem in former times, it no longer is. The trend is pretty self evident I would argue.
> It's hardly the entire ecosystem, which is my point.

It is, de facto, the entire ecosystem. Everything's on PyPI, and if your package can't interoperate with PyPI then it will wither away very quickly.

From experience, that hasn’t been true.

I’ll give an example. Rdkit[0] went for years without being able to be released via pypi and could only be installed easily via conda[1]. Despite this, it thrived enough as a project that users got its postgresql extension to be part of AWS Aurora[2] in 2020, which means wide adoption before rdkit had managed to figured out how to be distributed by pypi in 2021.

There are open source projects like this all over the place, thriving outside the centralized repos.

[0] https://rdkit.org

[1] https://stackoverflow.com/questions/58199504/how-to-install-...

[2] https://aws.amazon.com/about-aws/whats-new/2020/09/amazon-au...

And yet, all popular projects move to PyPI over time which is in line with the point I was making.
The article goes into some details beyond scaling that I can resonate with. I had a few forums and IRC servers in the past that grew rather large. I eventually shut them down, not because of scalability but because of legal liability and dealing with the myriad of personality issues that put my domains at risk. Scaling a forum or IRC to hundreds of thousands or even millions of people is not hard especially nowadays with cloud scaling and the current state of modern kernels and hardware.

What I found too challenging was having to moderate the content and finding moderators that could be trusted to remove illegal content in a timely manor. Worse, there were trolls that would use bots to post highly illegal material and then automatically submit their own posts to my registrars, server providers and government. The bots somehow even grabbed screenshots right after they posted content. I say bots because there was no way a human to perform their actions so quickly. This was a losing battle and I did not have the legal resources to deal with it, nor the development resources to play the cat and mouse arms race 24/7. I do have my own conspiracy theories as to who these bot owners were but that doesn't matter any more. Nowadays I could probably block more of those bots with techniques I have learned but I just do not have the desire to get back into that quagmire.

I suspect some of the Mastodon admins will learn this lesson with time. They, like me, will probably start in a state of denial and dismiss the risk until it gets real. And it certainly gets real.

The only technical work around I could find was to set forums to make all posts moderator-approved, meaning only the poster can see their post until a moderator approves it. This does not scale and people want their posts to be instantly available. With IRC I had to constantly add new file sharing domains to word filters to block the links to illegal material and that was also a losing battle.

[Edit] BeefWellington brings up a good point. I should add that I am referring to public instances of forums and IRC servers that anyone may join. Private servers are at much lower risk assuming the trusted members are good at setting strong passwords and static content is not accessible at all without an account and Mastodon servers are not linked to lesser trusted or non-private instances.

> I suspect some of the Mastodon admins will learn this lesson with time.

I doubt it. A lot of the new instances are invitation-only, and the point of Federation is I can just run my own instance and seek out the content I desire. I don't have to let anyone else onto my instance.

I can see that working. Private instances that only invite truly trustworthy people are probably much lower risk, the only risk being account take-over and the static files are are not accessible by bots then the bar is set much higher.

I should clarify that I was referring to forums and IRC servers that anyone could join. The Mastodon model in this case would be public instances that are not strictly private and are linked to other instances. Private instances would be much safer. The risk of linked instances would map to the weakest link.

That's the solution to many of the decentralization problems; invite-only.

But people WANT the chance of winning the "lottery" as it were, and going viral.

You're not doing that in your small discord or private mastodon.

I completely understand and agree with their incentives. Those with the public instances will play the winning/losing lottery, losing being not managing the troll automated induced bad content fast enough. I encourage anyone taking on this challenge to first and foremost get some trustworthy non-toxic non-power-tripping moderators around the world for the "follow the sun" management of the instances.
Creating scarcity in access will lead to shared accounts, account re-sale, hacking, takeovers – all the classical account management problems.
Some of those will exist no matter what (Twitter accounts are unlimited and still sold) but - limited to invite only doesn't need to mean "limited as in scarce" - there's no reason to share an account if you can just invite the person, instead.
I've managed closed Fb group for ten years now. For new members we have a voting system in place. Inviting wouldn't work because if members could invite whoever they choose it will sooner or later lead to having members that not everybody is comfortable with. A friend of my friend may not necessarily be my friend. It'll create friction and lead to all sorts of interpersonal problems and soon enough it's not a peaceful community anymore, people start to block each other or lash out in comments just because their personalities or beliefs clash. I don't believe in invites anymore.

Google Wave and Googl+ also had invite system, it didn't work out well. Gmail is exception to the rule I'd say.

Right but at this point it's just fancy RSS feed with extra steps.
Not really, since you can still interact with content on other instances, not merely consume it.
That's ONE point of federation, but the other is cross-instance discovery and communication. If that part is underused (blocked, disabled), there's very little point in using Mastodon. You can recreate this everywhere, including at Twitter, Reddit, Discord.
> My Claim: Decentralization is a Questionable Goal

Hard disagree with this. Email is the example I give people of how federation could work. You can use any email provider and interact with any other email provider effortlessly. This is undeniably an improvement over internal direct messages within a centralized service (i.e. Facebook or Twitter DMs). If you leave facebook, you leave your contact list and message history. On email, if using a custom domain, you can switch email providers or even host your own server without anybody on your contact list even having to know this occurred.

Lots of people have been banned from platforms, rightly or wrongly. You can't get banned from email. You can't get banned from having your own website. You can't get banned from the telephone system. If you don't own your own data, you are at the mercy of those who do.

> On the topic of moderation the very same issue is even more absurd. Some instances want uncontrolled free speech where some instances effectively are pure shit-posting instances which are completely de-federated from the most of the fediverse as a result. Other instances really like to control their content, where some popular ones such as fosstodon ban all languages than English as a result to allow moderation.

These are talked about as problems, rather than being the primary selling point.

> You can't get banned from email.

If you're on Google or spamhaus's blacklist, you're effectively banned.

You != your email address.

Yes, a specific server or address can be "banned". But there is nothing stopping you from just opening another gmail / yahoo / whatevermail account.

And how to change a dozens accounts on others services to a new email without old one?
How does being on a spam blacklist prevent you from receiving email?
He means that you will no longer receive mails sent to your old addresses.
That's my question. Say if gmail adds user@example.com to their spam list. Does that mean gmail users won't be able to send emails to user@example.com? That is bizarre.
> Hard disagree with this.

From me as well.

> You can use any email provider and interact with any other email provider effortlessly. This is undeniably an improvement over internal direct messages within a centralized service

But the general public went for siloed systems instead.

So I’d say you or me want decentralization, but I don’t think that holds true in general.

True, but it's way easier to add centralization to a system that is decentralized by nature than it is to somehow decentralize something that is centralized by nature.
> But the general public went for siloed systems instead.

And yet some former Twitter users have identified why this is a problem, and are now moving back towards a decentralized platform. It's why scaling Mastadon is even a topic right now.

A comparatively tiny group of outspoken people switched. And it's not even clear if they'll stay.
> Hard disagree with this. Email is the example I give people of how federation could work.

That depends on how one looks at it. If spam and illegal content are considered, it may not be "working" in the sense a public service needs to be.

Email works because it's private, so the requirements are much looser; a large part of the article is how to solve the bad actors problem, which doesn't apply to email (well, it applies, but spam is more or less accepted as fact of life, while fake news etc. isn't - and it may never be, independenly of being right or wrong).

> If spam and illegal content are considered, it may not be "working" in the sense a public service needs to be.

By that standard, centralized social networks have utterly failed us as well.

> By that standard, centralized social networks have utterly failed us as well.

They're not on the same level; moderation of social networks like Twitter/Facebook can be considered insufficient, but it exists. Contrast to the very low barriers (if any) to send spam emails, where the filter is, ironically, in the hands of centralized services like Gmail.

No, the filter is in the hands of everyone who runs a mail server. Gmail et al. run the most centralized spam filters, but anyone running their own MX will almost certainly run their own spam filter as well. Likewise, Mastodon moderation falls to the servers.
> Email is the example I give people of how federation could work... You can't get banned from email.

Except e-mail has been a total failure when it comes to spam/abuse, and in practice it isn't this federated, decentralized paradise at all -- virtually everyone I know uses Gmail for their personal account. And if you want to run your own server, good luck getting Gmail to accept your e-mails at all.

And if you can't get Gmail to trust your server, that's pretty much a ban for all practical purposes.

Plenty of organizations and individuals run their own servers and have no problem exchanging email with Google, Microsoft, and other large providers.

The point is that they can and do because the system is not, in fact, centralized.

Also, judged only on the volume of spam and abuse, many systems besides email -- decentralized and centralized alike -- could be called a "total failure." And yet somehow these systems remain stable and functional and useful.

The only problem with doing this could be mail deliverability. But if you setup SPF/DKIM/DMARC, and use a mail service, it works fine if you're not spamming. Mailgun, Amazon SES, Mxroute, they'll all deliver your mail and for cheap. There's no single point of failure needed to get your mail delivered.
You don't need to use a delivery service. It's true you need to set up SPF/DKIM/DMARC for many peers to accept mail from you, but then you can deliver the mail yourself directly.
Yes, this is true, but I still get better delivery through delivery services. For example a lot of email providers send any email coming from a cloud hosting IP directly to spam.
Even with that most big providers (looking at Outlook) still use IP reputation. Some popular email blacklist providers will list entire /24s if they receive enough abuse complaints so you generally need a high quality provider that takes abuse seriously to prevent getting caught up with a bad neighbor or your own IP block.

After using the same Digital Ocean IP for 8 years, I got unlucky and their /24 block got listed on spamhaus (or mailcop, or similar) and major providers (Outlook and Gmail) stopped accepting messages from my server.

It works great until it doesn't

For some definitions of fine, sure. I run my own mail, and relay it through an AWS EC2 instance that I've used on the same IP for over 5 years. It took an exceptional effort over many months to get off the Hotmail blacklist a while back. I still wonder when emailing someone I've never emailed before if that message will go do a Junk folder, or be delivered.

The benefits outweigh the costs, but it is not easy, and you can start having problems that are very hard to solve.

No one called it a paradise. That's a strawman argument.

I've been using my own domain for my email for over two decades. In that time it's been self-hosted, hosted with Google, and hosted with Fastmail. I control it, so I can take it wherever I want. I've been able to take my full message history with me too.

It has not been a "total failure" with spam/abuse either, though I'm glad to have Fastmail handle that for me these days.

In any case, I'll take the tradeoffs over a centralized system.

Same position here, and having the ability to move my domain is by far the most important to me. And also why my medium to long term plan is to move my Mastodon setup to my own domains.

> though I'm glad to have Fastmail handle that for me these days.

I get less spam in my Fastmail account than on my remaining Gmail accounts, but far more importantly for me: I get far fewer false positives with Fastmail. The amount of real mail that used to end up in my Gmail spam folder made the spam filtering pretty much pointless because I ended up going through the spam folder daily anyway.

>"I've been using my own domain for my email for over two decades."

Same here since the end of the 90s. Completely agree with the rest of your post.

I receive as much social media spam as I do email.
But that's enabled by the DNS MX record. There isn't anything like that for social AFAIK, so if you wanted to do the same with your mastodon account you are hosed. Some people are saying once you have million followers on mastdon.social, you are not going to restart from zero on mastodon.net. You can, but it's hard. So centralized or federated, without handle portability, it's not very different. You are stuck. It seems to me federated mail and federated social are similar for people who don't own their DNS entry (gmail addresses), but for people like you, that's a substantial difference. You'd have to run your own instance to have your own social handle, and that isn't portability, that's DIY. It only works for a small number of techies, you have to have an instance and a domain.
> Some people are saying once you have million followers on mastdon.social, you are not going to restart from zero on mastodon.net.

i think we should have learned by now that when “some people are saying…” we should be very skeptical if those claims are based in reality.

in this case, they’re not. if you wish to move from .social to .net you move your account and your million followers go with you.

> anything like that for social

If I understand correctly, /.well-known/webfinger should do the trick.

I’m “at” the same long term domain in several protocols—

  @name@mydomain # ActivityPub
  @name:mydomain # Matrix
  name@mydomain # Email
—and none of those services are actually run by the server behind the A record.
And when I wanted to rid myself of all things Google, nobody needed to know, I didn't need to rebuild my contacts -- I moved my custom domain to a different provider, done and done.

Beyond that, Twitter is rife with spam, scams, and tons of other abuse. So is Facebook. So is reddit. The fact that email doesn't work that way doesn't matter.

My email addresses do get more spam than, say my Twitter DMs. But my email provider (not Gmail) is good at identifying most and my own Mail client can pick up the rest.

So the net number of spam emails in my email inbox is less than 1 per week. On Twitter, for me it's at least 1 per day and there's nothing I can do to tweak the filtering.

(comment deleted)
Sadly, this is very true!

It's a total nightmare out there!

I have clients on big Hosts like SiteGround, and sending email is a problem!

I'm 100% in support of the idea that services should be protocols though! :-)

> virtually everyone I know uses Gmail for their personal account.

Which, ironically enough, is the answer to everyone’s problems with mastodon.

Does everyone you know use gmail for their business accounts?

Does absolutely, 100% of the people you know use gmail for personal accounts?

I’m going to go out on a limb and say no to both the above.

There’s no reason mastodon has to be everyone runs their own server just like everyone doesn’t have to run their email server today. People use the company server for work stuff and fluffycat233575@yahoo.com for personal stuff.

I don’t know if it’s just the HN bubble but all people post is why it can’t (or shouldn’t, because, get off my lawn) work. It’s like people have a vested interest in making sure non-adtech doesn’t succeed, almost like their very livelihoods depended on it.

—edit—

And, back in the day, spam filtering was something you had to do on your own or just dealt with all the spam. The big email providers became big in part because they solved that problem for most everyone. In ‘97 nobody (OK, nobody but the US postal service) was saying there needed to be this gigantic corporation monitoring everyone’s emails for wrongthink or only a central entity could solve the spam problem. People just bucked down and solved the problem enough to get a sizable portion of the population using email…I’m genuinely curious if there’s ever been a technology with higher uptake than email now.

> The big email providers became big in part because they solved that problem for most everyone.

Yes, and the major way in which they did it also made it hard to self-host an e-mail server.

> I don’t know if it’s just the HN bubble but all people post is why it can’t (or shouldn’t, because, get off my lawn) work. It’s like people have a vested interest in making sure non-adtech doesn’t succeed, almost like their very livelihoods depended on it.

Perhaps it's true in some cases, but I think it's more likely that people here recognize the new federated communication services are structurally equivalent to e-mail, so there's little reason to expect they'll end up in a better state than e-mail did. On the contrary, there are reasons to expect they'll end up worse, because e-mail had the benefit of predating the commercialized web and mass adoption of the Internet by not tech-savvy people.

They are not structurally equivalent though. Social networks are whitelist-based (i.e. follows). A spammer has to somehow make people follow them to send them spam.
It doesn't; most (all?) social networking sites allow unsolicited messages, and if they have a feed, it tends to accumulate second-hand spam.

The issue here isn't spam, though, it's about who sets the rules. Spam is just one of the strongest drivers that make a federated network evolve into an oligopoly. It was the driver in case of e-mail, but e.g. for Mastodon, I'd say political extremism is the primary force. The result ends up being the same, because the dynamics are content-agnostic: users migrate to nodes that offer most reliable communication, and as those nodes grow in usercount, it makes it easier for them to fight undesired communication with blunt tools (e.g. instance or IP blocklists). It's a positive feedback loop.

That’s what people want though, a twitter replacement with all the filters and whatnot Musk is talking about dismantling.

And they show up on mastodon, because everyone is talking about it, and find it isn’t the safe space they carefully curated with their twitter blocklists and write a blogpost (because they can’t complain on twitter anymore) about how it’ll never work.

I don’t understand why these tech-savvy folks can’t give positive criticism to maybe fix the problem instead of “it’ll never work, can’t we just have our twitter back, pretty please?”

> a twitter replacement with all the filters and whatnot Musk is talking about dismantling.

All the filters and whatnot people talk about people talking about Musk dismantling.

There's a mass hysteria happening. Pretty much nothing of consequence has happened on Twitter on user side, except for what people make it in their heads, or talk about to show off in front of the group, one-upping each other in their newly discovered deep hatred for Musk.

They check out Mastodon and are disappointed, because despite the fact it does give you more control and tools to "carefully curate your safe space", it's not the "Twitter but without Musk" they hoped it to be. It's not, and can't be, because the userbase isn't there, and the culture isn't there. Fediverse is still driven by political extremists crafting their own safe space to stew in their own vitriol, and the very identity is still defined as "we're not Twitter". Fediverse won't grow until it develops its own identity, that's not just negative space between commercial social media (and until it insulates the federation against political crazies).

Federation is hard. E-mail and Mastodon are both, simultaneously, large successes and huge failures. There's a lot to learn from it, there's a potential to do better - but now is not the time, not when the topic is covered by the wannabe Internet stars doing performative anti-Musk dances.

> “(...) can’t we just have our twitter back, pretty please?”

They still have it, and guess what, they're still on it - because all this whining is just for show.

> Pretty much nothing of consequence has happened on Twitter on user side, except for what people make it in their heads, or talk about to show off in front of the group, one-upping each other in their newly discovered deep hatred for Musk.

You mean the pay to verify thing never happened?

There's definitely some hysteria, but that's because it's hugely entertaining. That doesn't mean there aren't underlying proceedings that are material. Particularly, on the back end, 80% of the contractors were let go. Y'know, the ones that do account/content moderation. That, along with various shenanigans with the verification system, means we now have profiles like [0][1][2] with an official gray check.

The new boss has a different opinion of free speech than the old boss, (and who he's allowed to cancel) and is starting to make changes effecting that point of view. Downplay that all you want, but that's something of consequence for a social media site. If Twitter were a car company, it would be difficult but not impossible to ignore all the talk and focus on the product, the cars. However, seeing as how Twitter is "only" good for talking on, the tone of that conversation changing is quite important to the people in that conversation, and they are liable to have gasp conversations about that change.

[0] https://twitter.com/amymek - banned in Germany for Nazi shit

[1] https://twitter.com/realadolphhitle

[2] https://twitter.com/funnymonkey9876 - "dead tw*tter employee hanging from a tree groyper" Their pinned tweet is especially lovely. It's been up for almost 6 hours. (cw: boringly uncreative use of the n-word) https://twitter.com/FunnyMonkey9876/status/15735249917940858...

[3] https://twitter.com/richardbspencer - Nazi that previously lost verification for throwing Nazi rallies.

Your politics and their relation to the above, and whatever you believe of free speech; it's uncontrovertible that it's no longer their Twitter, it's Elon's Twitter now, and not everybody is going to like that.

Following up, [0] and [3] are still up, but [1] and [2] have been removed.
> tends to accumulate second-hand spam

The second hand also has to follow spammers. Most humans just don't do that, do they?

> It was the driver in case of e-mail, but e.g. for Mastodon, I'd say political extremism is the primary force. The result ends up being the same, because the dynamics are content-agnostic: users migrate to nodes that offer most reliable communication, and as those nodes grow in usercount, it makes it easier for them to fight undesired communication with blunt tools (e.g. instance or IP blocklists).

I agree with this bit. But I think there is an opportunity to avoid it this time. We're much more aware of the potential pitfalls than when email was conceptualized as a protocol, and we have some quite amazing tools to tackle some of these challenges differently. I predict we'll see some innovation on this front, and I'm honestly pondering participating in that effort. The fruits of that would be very much worth it.

FWIW, I have been using ProtonMail for about four years for my personal email, and I haven't had any issues with communicating with folks from Gmail or Outlook.

Regardless, I don't think it's contradictory that people flock towards a somewhat-centralized system like Gmail; the point is that it still supports an open protocol. The fact that Protonmail "just works" when emailing Gmail is a testament to the fact that federation can work in practice, even if it does start becoming more centralized.

Also on Protonmail.

I haven't been able to send mail to Pocket support for about a year based on Gmail blocking.

YMMV.

I’ve had a different experience. I have been mysteriously appearing in surbl periodically ever since I switched to ProtonMail. Never had that problem in like 10 years of owning my domain, but within a month of ProtonMail sure enough, I started having deliverability issues. I usually get removed fairly quickly but it was still extremely disruptive when important emails would randomly not get delivered. It hasn’t recurred in a year or so, but the situation with no calendar integration is driving me crazy. That’s another topic… I think I am done w Proton though and am going to give in and sell my soul back to the devil.
> And if you want to run your own server, good luck getting Gmail to accept your e-mails at all.

I still can, but only because I hate myself enough to run my own email for more than 20 years, so there must be some magic field of trust somewhere in the background. I wouldn't start from scratch though.

You live in a weird bubble if that's the case, or maybe in the USA. Or both.

Less flippant, very few companies except startups and one person shops use GMail in Germany. I'm no fan of Outlook and Exchange, but that doesn't mean I can just ignore it away.

But mail and Facebook/twitter/mastodon are different: one works on the principle of private message, the other work on the principle of agora. And emails grew organically with the web, not the others, it change a lot of things
Email is an example of how federation fails, not how it works. It is now centralized in the hands of a few providers with the power to blackhole independent actors.
That centralization mostly occurred due to the economics of below-cost pricing though. It's not necessarily due to federation itself failing as a mechanism for email.

In other words, Gmail is the most popular email provider because it's in Google's interest to have people be logged in all the time so they can personalize search results, so that incentivizes them to make a very good email system and then give it away for free. Giving something good away for free because you gain indirect benefits via some other business will rapidly centralize more or less anything, which is why there are at least theoretically rules against market dumping and tying (which aren't really enforced in the software world, but that's another matter).

We can imagine a parallel universe in which search is far more competitive, with lower margins, and thus Google couldn't financially justify subsidizing consumer Gmail for so many years. In such a world it's likely that there'd be more players, perhaps they wouldn't be as good but there'd likely be more of them, there'd probably be companies that specialized in selling spam filtering tech to them and it'd look more federated than what we have today.

> blackhole independent actors

Freedom doesn't mean the requirement to spend the community's resources propagating material that the community agrees is harmful or objectionable. That would be the opposite of freedom.

The ability to refuse actors that the community doesn't want to spend resources on is essential to freedom.

Every actor has the freedom to choose whether to conform to community norms, or to form their own communities with different norms.

Freedom for titanic companies like Google to control what can or can't be said through enforcement on their monopolistic platforms is also not freedom for the individual.

Your idea here works when the system is fragmented enough that these choices are personal choices, but the existence of so many large platforms makes their choices systemic, not personal.

This argument comes with the rather absurd assumption that the only material that's being blocked is that which the community agrees is harmful. When more often than not it's simply the material that is from individually small enough third-parties where the content doesn't really matter.

On top of that, there isn't community agreement as much as there is community ignorance. For every case we hear about of someone being banned or blocked by an automated system despite doing nothing wrong, there are hundreds more similar cases which simply don't gain enough traction for the 'community' to hold the service provider responsible.

> rather absurd assumption that the only material that's being blocked ...

It's fallacious reasoning to assert that any system that is less than 100% perfect should be changed.

If the current system meets the community's expectations 98% of the time, and alternative systems meet the community's expectations 90% of the time or less, it would be silly to throw out the current system.

That's like saying stop signs at intersections should be removed because sometimes I have to stop when there are no other cars there, and sometimes other drivers fail to stop when they should, and some stop signs have been defaced or knocked down.

This point is pointless. The question is whether federation works, or whether it instead degrades into a short list of large providers.

It's amusing that the first response to that point being made is to miss it, and to somehow paint the isolation of smaller servers as a strength of federation (because it gives users control over what they see.) Then the next one is literally an argument that decentralization will inevitably centralize, because that centralization will satisfy the communities expectations 98% of the time.

The last paragraph wanders very close to claiming that it is childish and entitled to expect your decentralization not to be centralized. Doesn't that just enthusiastically reinforce idlewords's claim?

So, if certain minorities have more representation in crime statistics in an area, it is acceptable to have a bias in random searches towards them because doing so meets the expectations of the majority to have to deal with neither crime nor random searches compared to the alternative of unbiased searches which lower arrest rates and expose the majority to more searches?

Even putting aside the slightly absurd difference in stakes with my example, there's also the issue that you're just arguing for centralization, which defeats the point of a system designed for federation in the first place.

> This argument comes with the rather absurd assumption that the only material that's being blocked is that which the community agrees is harmful.

The new orthodoxy requires us to assume that all censorship is in good faith. "What were you doing to make them censor you?" is the question of the day.

> "What were you doing to make them censor you?" is the question of the day.

And the answer increasingly often is, "I did not censor the other people quickly enough and visibly enough when I was told to."

It's almost like humans have a tendency to come to an agreement about what is acceptable speech and what is not and to want these rules enforced.

Like when you go into a pub and start yelling insults at the guests, the patron will "censor" you by throwing your out of their private locality.

Yes, that's the universal argument that can be used to argue for or against anything, depending on what you find fashionable at the moment.

The concrete truth is: majority of users will do whatever to make their e-mail (or other form of communication) work, so the easy solution to spam is to blackhole anyone that isn't coming from or vouched by a major provider, and have the minority with specialized needs jump through hoops to get unblocked (or preferably, to change their needs/preferences so that mainstream provider is sufficient).

There isn't any actual user community here. GMail address owners aren't a community. Twitter users aren't a community. Mastodon users aren't a community. The only community is that of the federation instance owners, and it operates as oligarchy. The major players decide who they'll peer with, the minor players have to accept it if they want to be peered with. The actual, non-crazy-activist users, have no power, and are forced to either use the "blessed" providers and accept their rules, or not use the service.

This is already the case for Mastodon for quite a while, BTW.

It's still viable to use a minority email provider, even if that now has to be a medium-size ISP (at minimum) instead of your own server. There's still a difference between no choice and many choices.
And so we should just leap to consolidation from the get-go?
I'm skeptical of everything, and have been a long-time skeptic of Mastodon in particular, but I'm less concerned about this particular argument.

* People don't need nu-Twitter to be perfectly reliable they way they do for mail

* For that matter, nu-Twitter doesn't really need to be a unified namespace; it can be less coherent even than email addressing and still add value, the way RSS feeds did.

* In the years before Google centralized all of email, it was pretty common for people to have multiple email identities on different services, which seems like the worst this is going to get.

I don't love the software, and the user experience definitely isn't ready for prime time yet, but the basic model seems workable?

I agree. Did RSS feeds suffer spam? I don't think so, and the reason was because you have to actually follow someone to receive things from them (whereas with email you get to receive everything anyone sends you so long as they have your address)
Email kind of works though. It's pretty flawed, but we all use it.
In the article itself, he points out that banking is decentralized and works wonderfully.

He doesn't even mention email or phone service, both of which are decentralized and work well enough.

> In the article itself, he points out that banking is decentralized and works wonderfully.

Except it isn't actually decentralized in the same sense as Mastodon is. You can't self-host a bank.

> He doesn't even mention email or phone service, both of which are decentralized and work well enough.

The same with phone service - it's not decentralized in this sense. You can't just run your own phone network, you can only choose from a single-digit number of major providers in your country, which are increasingly just multinationals.

The only reason banking and phone service may sometimes feel they're decentralized is because of the high interest governments have in them, and the copious amount of regulation in the industries that prevent the worst kinds of consolidation and abuse of power.

Email is, indeed, decentralized. And as many commenters already wrote, it's a disaster and a great example of how federated systems fail.

I don't believe that government intervention is needed for banks to stay decentralised. The ability to send money between banks is just too convenient, why would they ruin it?
"Email is the example I give people of how federation could work"

That presupposes that federation is actually a goal and not a means to an end. It's amazing how great developers are at not understanding what creates value. Twitter's value is _reach_. Get 400M users in one place, hook them with interesting content, server them ads, nudge them to sign up, track their engagement to make the platform sticky and attract more contributors. Any censorship that has been done has been for one and only one reason and it's protect the value of the platform. Primarily to advertisers, but also to users because users make the platform valuable. Decentralization deliberately cripples the main value of the platform (reach) in exchange for what exactly? Lack of moderation?

If you want decentralized, uncensorable communities, we solved that 30 years ago with usenet. Or, like you said, you can't be banned from email or running your own website. That's always been the case. People still write blogs. Yet Twitter sold for $44B and Tumblr was sold for $3M. Why? Because Twitter has reach.

And, conversely, optimizing platforms for advertising cripples them for the users. And there's a lot more users, so if this is an either-or, it's clear where the balance ought to be.
> You can't get banned from email. You can't get banned from having your own website. You can't get banned from the telephone system.

The platform may not be able to automatically enforce a ban, but you can still be banned via non-technical means. Not using email or the phone can be a condition of bail or parole, for example, like how Kevin Mitnick wasn't allowed (by court order) to use the telephone system in the early aughts.

>Lots of people have been banned from platforms, rightly or wrongly. You can't get banned from email. You can't get banned from having your own website. You can't get banned from the telephone system. If you don't own your own data, you are at the mercy of those who do.

If there's anything to be learned from the KiwiFarms saga, it's that these statements are no longer true.

KiwiFarms was back within days, if anything the KiwiFarms saga showed that it is still true.
And it was down quick after that, but right now it is accessible in some countries.

This saga has really muddled up responsibilities of different parts of the chain that makes the internet, where companies that should not be filtering traffic are doing exactly that.

On the topic of censorship / cancellation my limited experience so far has shown me that defederation happens and plenty of servers are entirely unreachable from the rest of the ecosystem. I’m not sure if this is an argument in favor or against anything, but at least it shows me that there are different standards and ideas at play and they really don’t fit well together into a coherent view of what Mastodon is. It really depends on “which mastodon”. poa.st and hachyderm.io are both Mastodon instances but they generally don’t cross as an example.
It stands to reason that, in a cultural & political environment that encourages bubbles, fediverse would evolve into a bunch of several such bubbles - federating within each other, but not outside. Eventually, I hope we'll see some "frontier" servers that could be federated by different sides to serve as a meeting place for the brave souls.
KiwiFarms is the perfect example on how that it is still true. The Twitter crew forgot about them after a week and it went back to normal.
(comment deleted)
Kiwifarms is very much online at its original url... getting booted from cloudflare does not by any means mean you have been banned from having a personal website (even if your content is reprehensible).
Funny, email is the example I give of why it doesn't.
Someone posted delta chat[0] on here a while back. Basically chat that is email. Or maybe email that is chat. It struck me as a clever idea at the time and got me thinking whether you could make a social network entirely out of email. Sounds bonkers and probably is but you know, gotta think, right?

[0] https://delta.chat/en/

Seems like NNTP would be the better choice.
>Lots of people have been banned from platforms, rightly or wrongly. You can't get banned from email. You can't get banned from having your own website. You can't get banned from the telephone system.

This right here is why I can't take anyone seriously who takes the free speech "issue" surrounding corporate platforms. There is no free speech on a platform, ever.

> On email, if using a custom domain...

The problem starts here. Not many people who are not tech savvy even know what a custom domain is. Let alone having an email with a custom domain.

> You can't get banned from email

Ask people who get locked out of their gmail account.

What we techies miss is that there are more people who don't understand technology and are not willing to spend time learning about it as they have other more important things to do. Tech is just one of the tools they are using to get their tasks done. We cannot expect people to spend time understanding everything about tech. It is not surprising that it took a commercial company with aggressive behaviour when it comes to controlling users data to put BSD on regular non-tech consumer desktops. And why Microsoft Windows succeeded in being on regular consumers desktop OS whereas commercial Linux-based OS struggled; and the company that successful put Linux on mobile devices also has quite a record when it comes to users data.

We techies can talk a lot about decentralisation and owning data. But the regular non-tech users really don't care. They just want simple things done quickly using tech and get on with their lives.

Recently I saw videos from multiple news channels on how to use Mastodon. They were at pains to explain to users how there are multiple servers and one has to choose a server, which is run by individuals or organisations. And if the server goes down then the user has to move to another server. Regular non-tech users really don't want to get into this complexity. Has anyone ever seen TV channels explain with great effort how to use Twitter?

(comment deleted)
> They were at pains to explain to users how there are multiple servers and one has to choose a server, which is run by individuals or organisations. And if the server goes down then the user has to move to another server. Regular non-tech users really don't want to get into this complexity. Has anyone ever seen TV channels explain with great effort how to use Twitter?

I would point out that the concept is really no different from how ISPs work, and yet the public seems to have wrangled with that one.

> I would point out that the concept is really no different from how ISPs work, and yet the public seems to have wrangled with that one.

Geographic locality helps. At any given location, the choice of ISPs will be severely limited. If my experience in a major European city scales, there will be between one to three ISPs able to service your areas, plus a few more niche/specialized ones. The actual choice is usually made based on ads, or asking a tech-savvy acquaintance for help.

So, you're saying that people can get the concept, but only if there's only two or three choices?

I get that choice can be overwhelming, but that generally doesn't change whether people get the concept.

> I would point out that the concept is really no different from how ISPs work, and yet the public seems to have wrangled with that one.

If someone could figure out a way to provide internet to consumers so that they didn’t have to deal with ISPs/carriers they’d capture a huge market overnight.

I don't disagree (though it's hypothetical enough it's hard to reason about). The fact remains that the concept isn't unnavigable to the vast majority of the public.
>> You can't get banned from email

> Ask people who get locked out of their gmail account.

And, from the other end, ask people who actually self-host e-mail - not just own the domain, but also run their own mail server. The anti-spam measures of major e-mail providers are, in practice, banning insufficiently determined self-hosters from e-mail.

come on. its not "that bad". i knew when i started, that outlook and gmail were going to be a problem but i made calls, i had people recieve email on those providers which would go into spam and i would call them to mark as not spam. one time i accidentally sent a bunch of emails with attachments to gmail and got spam. called some people, tomorrow everything was fine.

I've been doing for 2 years now. Mailinabox. occasionally using a one line terminal command to update the system but other than that, smooth sailing.

my only gripe. domain buying/administration should NOT BE THAT HARD for beginners.... its 2023 almost and setting up a domain is very difficult for new users...

i excensively use email alises and filters, something not possible in gmail or others (yahoo mail has that for free) and just that has made the whole thing worthwhile for me.

email aliases are charged an arm and a leg compared to other features but in your own systems, its great

Disclaimer: I work for Cloudflare

iCloud makes it very easy to register a domain through Cloudflare and route email at that domain to your iCloud email: https://support.apple.com/guide/icloud/purchase-a-domain-mma...

ok. that looks nice but.... you need to be on icloud+, which limits who can use this.... does cloudflare have an api so that someone like mailinabox could add that to the install script and do all this? or like for mastodon who wants to give users this same functionality? it could be tied to your cloudflare account so you could migrate from one provider or the next?
I don't think there's such an API at the moment but I wouldn't be surprised if it's in the pipeline. I'm very far removed from the Registrar team so I'm not sure what their future plans are.
It really is "that bad". I've been running mailservers for decades now. It really is.

It is impossible to use a VPS from any sizable or affordable VPS servers. The IP blocks from digital-ocean, linode, AWS, OVH, etc all are, have been, or will be randomly put on blacklists. Not the blacklists that you can apply for to be deregistered from. It's sheer impossible to have mail from a mailserver on any such host delivered to hotmail, gmail or such.

It is impossible to run a server at home. "domestic" IP addresses are treated similar to those of affordable VPS providers.

It is expensive to get a clean and proper IP address. It takes years of serious volume to give an address any authority. It takes only one mistake by any of the thousand typists at hotmail or gmail to undo this investment. Without any way to recover from it. None of these large mailproviders have any incentive to improve this: an "engineer" at their end making a "mistake" actually benefits them.

I've ran a mailinabox for as long as the project exists. But I'm sunsetting it moved everything to tutanota (but don't like the service so will move to an alternative in january). I just gave up: the monopolies have won.

You can get banned from gmail but not all email. There are plenty of alternatives to Google.
This is a topical distinction if your email address gets banned from sending to gmail. Unless you want to keep changing IP addresses and email addresses to get around it. Gmail/Microsoft host a significant portion of the internets email.
I'm a techie and I know how to setup my own email and custom domain, and even then I can't be bothered.

I also know how to bake my own bread, but I'd rather get it from the store.

Completely self-run email is a bad user experience, just like making my own bread. Most people here forget that people want convenience over anything else.

> What we techies miss is that there are more people who don't understand technology and are not willing to spend time learning about it as they have other more important things to do.

I'll go stronger than that: if your theory is that people should want to be their own sysadmin, and people who don't want to be a sysadmin don't deserve [a thing] then your theory is bad and you should feel bad.

Getting locked out of Gmail is not the same as getting banned. One is losing access to a specific account. If you get banned from Twitter or Reddit you are ostensibly not allowed to just create a new screen name.
Email is my go-to example of all the problems of federation. In theory any person can stand up their own server and interact with everyone else. In practice, there's been so much abuse over the decades that it takes a staggering investment in time/energy/money/expertise to do so. Enough that's it's completely beyond the reach of the vast majority of people.

This problem is so bad that's it's driven a quiet de facto re-centralization of email.

Spam destroys all.

Usenet is another example of the problems with 0 moderation and federation. Sure, it distributed amazingly (many ISPs mirrored usenet data), but once spammers started spamming, it quickly died as a discourse medium.

Those with concerns over censorship need to face the fact that we've previously had 100% censorship free platforms and nobody uses them anymore. We dumped those platforms because of the lack of censoring, not in spite of it.

Heck, HN is moderated as well, I don't think most of us would be here if it was unmoderated.

How do you spam on a whitelist-based system? Spammers simply... don't get followed...
Why the downvotes? Was my question difficult to understand?

How does spam work on a social-media-like system where you have to wilfully follow someone to start getting their feed? Do you volontarily subscribe to receive spam?

You are assuming integrity and good-faith participation of all systems involved. This is not a reasonable assumption in the context of service abuse. Account compromise and host compromise spring to mind as avenues for spam. All it would take is popping a poorly configured server and then spam can be injected into the feeds you've chosen to follow.
There are miles between "account and server compromise" and the kind of things you get from email spam.

> All it would take is popping a poorly configured server and then spam can be injected into the feeds you've chosen to follow.

This is still way, way harder and more expensive than email spam. (Can be swiftly dealt with, after which you have to go compromise another server)

(comment deleted)
There is a major difference between censorship and moderation though that is frequently conflated.

Censorship is blocking/removing speech as judged by its content. Moderation is warning/removing participants based on their behaviour.

They're not mutually exclusive of course, but it's frustrating to see moderation projected as Big Brother, when it's actually an extremely useful and necessary too for civil discourse. Moderation can be very effective without making any decisions about speech content.

The line between moderation and censorship is rather subjective to the moderator's own biases, don't you think? I'm not saying we should be free of moderation, just that it's very difficult to keep it completely objective, especially if there's any politics involved.
Not really. Perhaps slightly in how 'rude' you let people be, but none of that is censoring ideas or thoughts.

This comes down to the moderator I guess, an assumption is that they know how to distinguish the two.

There are people who think any moderation is censorship.

The problems usually are based around where to draw the line, and the categories of content that should be moderated.

If you cuss someone out on HackerNews, you will have your comment removed. Some people call that moderation, some people call it censorship.

There's literally censorship on HN, under your own definition.

Also content moderation is quite literally censorship - deeming which expressions(which are actions) are appropriate and removing inappropriate.

Usenet servers had admins and tools to deal with spam: cancel messages and in extreme cases the UDP. If you were on a decently run server it wasn't any worse than Reddit or HN even.
Is it bad that one email provider has lots of the market? It doesn't mean there's still not a long tail of alternatives for anyone to use if they feel like it. We haven't "standardized" on Gmail until no one else is using anything else, and we're a hell of a long way from that. Gmail has 30% of the market.
If the major advantage of federation is the ability of small players to function on an event footing, yet a handful of large players control the vast majority of the market, it calls into question how real this advantage is.
I don't think that's that major advantage at all. The major advantage is that there's many players. If the cost of entry is non-zero, maybe that's not ideal, but so be it. Food carts aren't free, but I don't see anyone saying, "Welp, screw it then, we might as well just all eat at McDonalds because the whole system of restaurant federation is useless."
(comment deleted)
Email is still vastly better than just about any other online communication platform we have devised since. Even with re-centralization, there's still plenty of small email providers - and the crucial part is that they all interoperate with GMail, Outlook.com, and other big brands. And for those who absolutely must run their own server, they can do that, even if it takes a lot of effort.
Email is still holding up, but realistically if Google, Microsoft and perhaps 2-3 other email hosts decided to collude and disallow any other email origins (let's say they would allow outgoing to them still) the majority of people's reaction to those complaining would be "just get yourself a gmail account".
> the majority of people's reaction to those complaining would be "just get yourself a gmail account".

That is the reaction now when issues with self-hosting email are brought up.

>ealistically if Google, Microsoft and perhaps 2-3 other email hosts decided to collude and disallow any other email origins the majority of people's reaction to those complaining would be "just get yourself a gmail account".

That's exactly what these big email providers should do: just make a short list of allowed email hosts, including some governments and academic institutions and large corporations, and ban everything else. What are people going to do about it? Start running their own mail hosts? Hahaha. It would solve the spam problem quickly.

A better solution would be some kind of Email 3.0 system that's designed for better security and trustworthiness, but we've already proven it's nearly impossible to get people to adopt a new open standard, so we need to stick with a locked-down corporate solution run by an oligopoly.

> What are people going to do about it?

Bring the anti-trust sledgehammer on them?

>Bring the anti-trust sledgehammer on them?

Hahaha, that's funny! I really hope you aren't serious, because otherwise I would question your grasp of reality.

Well the EU would definitely not take this lightly.
I haven't seen any instances of the EU really enforcing anti-trust law effectively. They're levied some large fines and made some money that way, but it hasn't changed anything.
It worked before in this country, so it can be made to work again, even within the constraints of this political system.
> That's exactly what these big email providers should do

Why bother with half-measures? They should just make a short list of people to allow and get everyone else killed.

Why bother killing anyone? We're only talking about email here. The tech oligopoly can do whatever they want here, and no one can do anything about it. Well, they could, technically, but they're not going to: we've seen over and over that users will always choose the most convenient choice, not the one in their best long-term interests. We've also seen that governments will do little to nothing to counteract this oligopoly when it abuses its power or becomes monopolistic.
Do people even use email anymore? Looking at the number of sent emails I have across all email addresses, usage is going down down down.
Outside of work I almost never send email these days. I sometimes go weeks in between.
> Email is the example I give people of how federation could work.

Why does this example keep coming up? Email is highly centralized these days. It is an example of how decentralized systems BECOME centralized. Not an example of how decentralized systems work. The centralization process here made email far easier to use and was critical to its mass adoption.

(centralization/decentralization is a spectrum obviously and not a binary option)

> These are talked about as problems, rather than being the primary selling point.

The Mastodon implementation of this is legitimately flawed.

The issue is you need users to be independent of servers.

That isn't hard to implement. Make the user ID in the protocol the user's public key and user@domain is just a human-friendly pointer. If you transition from user@a to user@b, your pointer changes -- or you can use both for an indeterminate amount of time -- but the public key stays the same and so everyone who followed you or signed up for your feed still sees it.

The current implementation is broken for multiple reasons.

First, it makes you have to care who is hosting you, because if they become adversarial or go out of business or you become large enough to want to self-host, you lose your account. That shouldn't happen.

Second, with users tied to hosts, it becomes "convenient" for hosts ban entire other hosts, which is poison because it's the dynamic that led to the bulk of email moving to GMail and Outlook. Once providers are big enough they can ban smaller ones ("for spam filtering") to exclude competitors. The protocol needs to prevent this by making the host fungible. Not doing so is a significant design flaw.

Well, it's too late now, so I guess we're stuck with it. Just look at email for example: its fundamental design is quite flawed as well, since it was conceived before anyone dreamed of spam, but now there's no way to fix it aside from hacked-on additions like spam filtering. The protocol, devised in the 1970s, can't be changed now, and we can't get everyone to upgrade to a new protocol.

Why didn't the architects of Mastodon think of this stuff before? It should have been pretty obvious that people might want to move their accounts between servers. But now, they'll *never* be able to. The only way it can happen is if someone creates an entirely different social network like Mastodon and somehow gets everyone to switch to that instead, but it's probably too late now.

Mastodon still has like four users compared to any of the major social networks. Fix it now even if it takes a breaking change before it hurts more later, or do better with whatever thing actually does eventually rival the user count of Facebook or email.

> The protocol, devised in the 1970s, can't be changed now, and we can't get everyone to upgrade to a new protocol.

This is untrue. There is a clear path to adding things like DKIM or SPF. First you add support to the major servers and publish a spec, then you give everyone else a reasonable amount of time to implement it, then you turn it on. This breaks anyone who hasn't implemented it yet, but by then that's only people who suck, and anyway so does dumping all of the mail they send to spam with nothing they can do about it.

The problem with email is that the major providers don't want to do more things like that (e.g. implement hashcash or similar), because it's better for them for the smaller providers to be destroyed than to design a protocol improvement that facilitates their existence.

Which is why it's better for it to be there from the start. But the best time to do it was yesterday and the second best time is today.

>Mastodon still has like four users compared to any of the major social networks. Fix it now even if it takes a breaking change before it hurts more later,

It's already too late. It should have been fixed before Twitter nose-dived. Coming up with a replacement at this point isn't going to work: the Mastodon name is already out there, and this is the time when an alternative has to be ready and usable: it's first-mover advantage.

>There is a clear path to adding things like DKIM or SPF. First you...

So why hasn't this been done yet? We've had decades.

>The problem with email is that the major providers don't want to do more things like that

Exactly my point. Email *can't* be fixed at this point because of first-mover advantage. Incumbents don't want to fix it. Users moved to email because it was available when they were ready, and it was the best alternative at the time.

Mastodon is likely in the same place now. Something better doesn't exist yet, and doesn't have any name recognition. Mastodon itself can't be fixed because the designers like it how it is: if they wanted a better design, they would have designed it that way from the outset. So if Mastodon catches on, we're stuck with it as-is.

> It's already too late. It should have been fixed before Twitter nose-dived.

There's nothing existential wrong with Twitter. Elon Musk generates drama which the media plays up for clicks. It's an open question how many of the people creating Mastodon accounts because a reporter mentioned it are going to be actively using them in six months. And if it continues to be the same kind of garbage fire subject to the whims of oligarchs as the networks people are fleeing, that's not likely to be many. Fixing this kind of problem is how you get people to stay.

> Coming up with a replacement at this point isn't going to work: the Mastodon name is already out there, and this is the time when an alternative has to be ready and usable: it's first-mover advantage.

Twitter has first-mover advantage. Mastodon is still a tiny thing.

> So why hasn't this been done yet? We've had decades.

DKIM and SPF were done. They're widely supported and work as designed.

> Incumbents don't want to fix it.

This is an obstacle, not a death ray. Find a way to exert pressure on the incumbents to fix the problem. Isn't this supposed to be the benefits of centralization I keep hearing about? There are only a couple of parties you have to convince in practice to get something changed?

> Mastodon is likely in the same place now. Something better doesn't exist yet, and doesn't have any name recognition.

There will be a fresh omnishambles causing people to seek alternatives a year from now after you've implemented a proper protocol for people to switch to. Do it now so you're ready for then.

> Mastodon itself can't be fixed because the designers like it how it is: if they wanted a better design, they would have designed it that way from the outset.

That doesn't follow. People frequently make mistakes and regret them later.

> So if Mastodon catches on, we're stuck with it as-is.

So don't use it until they fix it. It's not like Twitter was actually incinerated. What good is switching to a known-broken technology? Wait for the one that works, and in the meantime build it.

>There's nothing existential wrong with Twitter.

Elon is removing all the moderation, so it's going to become infested with trolls and bots quickly. It'll be just like email, but without the spam filtering. On top of that, advertisers are pulling out, so it's going to run out of money and implode. The future of this company does not look good.

>Twitter has first-mover advantage. Mastodon is still a tiny thing.

Go back in time over a decade and you can say the same thing about Digg and Reddit. Where is Digg now?

>DKIM and SPF were done. They're widely supported and work as designed.

No one actually uses them or requires them for email.

>Isn't this supposed to be the benefits of centralization I keep hearing about? There are only a couple of parties you have to convince in practice to get something changed?

No, not really. With centralized services, you get stuff like MySpace and Digg. Then, when things fall apart, they implode, and everyone leaves to alternatives like Facebook and Reddit. No one actually fixes problems; it's just like empires: they rise, enjoy supremacy for a while, then fall apart. No one fixes the problems they have, they just get worse and worse and eventually implode, and later something else rises up in its place.

>What good is switching to a known-broken technology?

Don't ask me, ask the Twitter exodus. I don't use Twitter, just like I was never a Digg or MySpace user. The people who value this stuff aren't going to think the way you do. They'll all flock to some new hot thing, which right now appears to be Mastodon (though it's too early to tell if it'll really catch on).

>and in the meantime build it.

Who? Who's going to build it? Don't look at me; I don't really care about this stuff and am certainly not going to invest my time in it. It seems unlikely that some company is going to build a federated social network to replace Mastodon (which volunteers already built, over the course of many years), though they might make a Twitter clone.

> There's nothing existential wrong with Twitter.

I will return to this comment before a head of lettuce rots.

To be honest, I didn't expect to be back here after only two days. Say again?
Email has undergone enhancements over the years that have widespread support. IMAP, DKIM, and SPF all come to mind.
None of your arguments address his main claim which is that decentralisation should be considered a means to an end and not an end in itself.

Which makes sense to me, if you just use a system it can be hard to tell for sure if it is centralised or not, which makes it an implementation detail not a feature. Though there are definitely features that are easier to guarantee in a decentralised system, as well as features that are easier to guarantee in a centralised system, so it makes sense to look at it as a trade-off.

> You can't get banned from email.

Sure, you can host your own email server. Doesn't mean your emails are going to actually reach anyone (i.e., GMail, Outlook, etc. email servers). There's not much point in self-hosting your Mastodon service if it's just you and a few of your buddies (might as well just have a private IRC channel).

But the website, telephone analogies stand.

> There's not much point in self-hosting your Mastodon service if it's just you and a few of your buddies

That would imply that you did something so gross that everybody blacklisted your server. Currently there's only a couple instances that are blocked everywhere, and those were used solely for spam or mass harassment I think – single user instances are fine.

>You can't get banned from having your own website.

You must have missed the Kiwifarms controversy.

> Email is the example I give people of how federation could work.

Email being store-and-forward and therefore high-latency makes decentralization work reasonably well for email.

> You can't get banned from email. You can't get banned from having your own website. You can't get banned from the telephone system. If you don't own your own data, you are at the mercy of those who do.

Sure you can. Your site/IPs can get RBLed. Hosting sites can refuse to do business with you. Network providers can refuse to do business with you. DNS registrars can refuse to do business with you. Search engines can deprioritize your site. These things happen less with personal sites than they do with mass social media accounts, but they happen, and eventually they will happen a lot more, and they'll happen to Mastodon instances, I'm sure.

Email is only 1 to many of you know the addresses. There's no email "multicast" (unless servers support some kind of wildcard mailing list).

Mastodon is trying to support, like Twitter and most of social media, the one to many use case, which is incredibly hard to make distributed.

Calling email a good example is like saying SMS is a good example because you can join any carrier and message any number. It's a completely different use case.

> There's no email "multicast"

Sure there is? You can add as many recipients as you want.

Twitter didn't scale. Not at first.

Those of us on it during the early days were well acquainted with the Fail Wail.

But, with a lot of engineering work - and constant upkeep - it began to handle the load. Let it be so with Mastodon.

Nearly every point the author makes is subjective. That's fine, of course. But it doesn't help demonstrate that users do (or don't) want centralization.

Personally, I'd rather be moderated by my local community than by a faceless American company trying to appeal to advertisers. And if I don't like their stance I can go elsewhere.

The scaling requirements are also unevenly distributed. Servers hosting celebrities are going to have very different load vs servers hosting 99% of people who are mostly interacting with friends/family/interest groups. The overall resource footprint with Mastodon will surely be much bigger than a fully centralized service like Twitter that can continuously identify and engineer out inefficiencies across their whole user base, not sure this is a high ranking consideration though.
It's also not hard to solve. I've run large scale mail distribution systems, and I've run a webmail platform and been on the receiving end of large mailing list blasts.

The solution in both cases is just basic divide and conquer. Mastodon the software may not be able to scale effortlessly to the largest accounts, but that's a market opportunity. ActivityPub certainly can accommodate it.

If inbound volume is a problem, shard inbound activities, and zipper merge on lookup, likely maintaining a cache of the most recent n amount of entries, given this would mostly apply to things like the Federated feed for a large instance where "nobody" looks far back.

If outbound volume from a single account is a problem, you similarly just split the follower list into buckets and hand off delivery to a distributed set of workers for delivery; this scales just fine with the caveat that you depend on the receiving instances being able to handle the deluge. But ActivityPub allows for batched deliveries to shared inboxes [1] you can post to, to reduce the deliveries to one message per shared inbox (which would typically best case be one per instance; e.g. the "sharedInbox" property for my mastodon account is "https://mastodon.social/inbox). Assuming all current instances has a sharedinbox property (which is likely given most of them are Mastodon, and Mastodon does), currently delivering to all the ~6m Mastodon accounts requires delivering to ~1550 shared inboxes; delivering directly to 6m wouldn't have been a problem, but it's not necessary.

If handling the outbound volume from a single account arriving at your instance for delivery to a large proportion of your users is a problem, ActivityPub already has a built in solution: To find out where to deliver, you need to use WebFinger to obtain the profile urls, and get the profile urls to find the endpoints to talk to, including the inbox, which means foo@mastodon.social and bar@mastodon.social can have inboxes on different servers without even needing to do any more advanced sharding. But of course you can do the latter too and have the same inbox url mapped by your load balancer to any of a number of internal shards.

This is all stuff we had to solve literally decades ago for e-mail.

[1] https://www.w3.org/TR/activitypub/#shared-inbox-delivery

This is mostly an opinion piece that's critiquing issues we've only begun to solve.

Also, Elon has now shown us all the absolute danger of centralized platforms. Email and web servers are a federated system and function just fine, so I'm disinclined to believe so hand-waving about how this "wont ever work."

> Elon has now shown us all the absolute danger of centralized platforms

Elon showed us this? Haven't people been talking about centralized vs decentralized systems for decades?

This author seems to not back up any of their claims. Like most technology you have to scale the services. If you want to look at complex examples look at how GitLab scales.
> Like most technology you have to scale the services.

The blog post isn't really about how to technically scale a service though.

I enjoy that most instances are small and will remain that way. There are a few that may grow to the point where scaling could become difficult, but there are ways to combat that.

What the author sees as problems with mastodon (decentralization, moderation differences between instances, etc) to me are the strengths of mastodon. It's the whole dang point.

Most mastodon instances aren't trying to be another twitter. The ones that are and do want to scale will inevitably run into scaling issues that any large platform full of user-generated data will run into. I'm just glad that there are different instances so when one big instance runs into scaling problems, other instances can just keep rolling along unaffected by it

I think talking about mastodon as a singular entity is fraught with problems because it's simply not that

Isn’t it sort of an oxymoron when we try to distribute or decentralize a uniform or consistent platform?

Don’t get me wrong, I’m a huge fan of decentralization. I do systems engineering. Decentralizations means redundancy. Redundancy is good.

But if all you’re doing is federating a mono-platform/algorithm, then the single point of failures move to the platform itself. Decentralizing a uniform platform is like replicating the same human being lots to improve the redundancy of the human race. Ask the gene pool how well that works.

Variety is good. It’s what brings beauty to the human experience.

The Fediverse feeds are not uniform. You may have a "federated feed" in your Mastodon instance, but the feed you see on your instance is vastly different from another instance.

The federated feed is nothing more than a combined list of all public feeds from all the users on the instance. There is no way to get a central firehose, since there is a large number (I was going to say majority, but that's probably unlikely) of posts that never even leave the local instance.

There's a lot of software that speaks ActivityPub. Mastodon is the most popular, but Pleroma, Pixelfed, Hubzilla, Friendica, and several other less popular/mature options exist. Some of these, such as Friendica, are older than either ActivityPub or Mastodon, but integrated support for that protocol later.
This is why Bitcoin is money. Bitcoin creates an incentive to participate in running the network. Mastodon does not have such an incentive. Mastodon server admins have to either pay out of pocket or come up with a scheme to charge users.

Email is similar and now most people get their e-mail from one of a few providers who exploit their data for advertising purposes. This is exactly the problem we wish to distance ourselves from in regard to centralized social services such as Facebook, Twitter, Youtube, etc.

If you're not the customer, you become the product.

Mastodon and the Fediverse made decentralized software that people want to use - but they didn't come up with a way to make it sustainable. Web3 has a model of financial sustainability, but they've yet to come up with any other decentralized software that lots of people want to use. These two communities focused on decentralization should really collaborate more.

Lightning network already works well for me, I use it on the internet regularly, and I bought a coffee with it on the street a few days ago.

I would happily pay a bit for Mastodon if I needed, but for me Twitter is good enough though for now.

I fail to see how bitcoin or another cryptocurrency makes funding good moderation easier. "Running the network" means very different things in those two contexts.

I would argue that in fact, cryptocurrencies famously face similar challenges to the fediverse with the moderation a decentralized community. Fraud, abuse and grift are rampant in the cryptocurrency community and even the good actors in that space seem to struggle to find any way to reduce that. The only limited successes there are from the centralized exchanges.

I know it's hard to imagine under Capitalism, but lots of things work without a financial incentive. The early-ish internet was powered by web forums. There are thousands of community run game servers. Wikipedia editors and contributors are unpaid. Volunteers do things because they want to see them happen and they like the community.

Bitcoin has brought out the worst in many people, to the point where coal power plants were coming back online in order to handle the power demand of generating bitcoin, and miners were grabbing up as many video cards as they could, boxing out gamers from reasonable build budgets for years. Bitcoin is how society runs when it only cares about financial incentives. There are plenty of parts of society that run without a financial incentive at all just fine, and I'm hopeful the future of the web is a lot more like Mastodon than it is like web3.

> Web3 has a model of financial sustainability, but they've yet to come up with any other decentralized software that lots of people want to use

In as much as any vague buzzword can have meaning, Web3's chief innovation seems to be creating a model of software that actively repulses a whole lot of people, e.g. play-to-earn video games where the financial incentive turned a fun and enjoyable leisure activity enjoyed by millions (i.e. video games) into a combination of a joyless job that pays less-than-minimum wage, digital feudalism, and a pyramid scheme.

These kinds of financial incentives have a habit of driving out non-financial incentives, and the latter tend to be what makes online communities any good, so it shouldn't surprise you to learn there's lots of animosity to web3 stuff in a lot of mastodon/fediverse-type communities.

For those not aware, the author is the creator of Flask.
I like him, even bought his first Flask book. I just don't agree with him on this one. He (I hope is he, correct me OP) tries to make the short term scaling issues of one Fediverse project (Mastodon) the reason of why decentralization is bad or not feasible.
Author here: just to clarify I did not write a book on Flask, I did create the framework though.
Oh crap, my bad, I thought Miguel did, thanks for Flask anyway.
This guy just has issues with all the issues that directly stem from decentralization. You cannot decentralize, allow everyone to host their own server, or to join a server someone else hosts without running smack dab into the same problems.

I’d argue that some of the things he sees as problems are actually features.

> An Open Source implementation of Twitter that is significantly cheaper to run than a Mastodon host that can scale to larger user numbers should be possible. And that being Open Source would potentially permit us to see this work out in practice by letting different communities exist side by side if we can't agree on common rules

Maybe Lemmy [1] with a Twitter UI is worth exploring?

[1] https://github.com/LemmyNet/lemmy

Heh, I'd get a kick out of seeing "twitter with downvotes" but one would have to admit that those two sites have a vastly different mental model and thus I wouldn't expect just a reskin to get it done
Lemmy is an engine. The Reddit UI was their first UI, and the PhpBB UI their second. Seems like a Twitter clone UI is completely within the reach of the engine, too.
I don't see anything here that is backed up with anything other than more dubious opinions.

When it comes to scaling in particular, we have a counter-example in e-mail which shows scaling an inbox model + reflection (mailing-lists) to a follower-list can scale to a vastly larger audience. Of course it can, given that it decomposes neatly into a trivially parallelisable set of components of a well understood nature.

It was when Twitter was still getting their fail whales, sometime around 2007, I first pointed out that parallel (might even have been on HN). There are some tricks to avoiding lag in presentation for accounts with huge numbers of followers, but there decentralisation already serves to turn a flat list of followers into a tree of instances -> subsets of followers per instance, and if/when any instances gets to a size when scaling a single instance becomes problematic, then decomposing into a virtual federated set of instances presenting a unified namespace solves that just fine (have built a mail setup doing just that - mapping <user>@<domain> to <user>@<backend shard> is not hard)

The issue of "unpaid Labour" and peoples lack of desire to self host also depends on an assumption that Mastodon is inherently tied to unpaid volunteers or self hosting, but you can already pay for Mastodon hosting, and more options are sure to appear if it keeps growing. And the largest Mastodon instance is run by a non-profit getting paid by sponsorships already.

And this goes straight to the issue of what happens when someone popular joins an instances and/or trust: No instance needs to accept someone who brings undue load without expecting donations or charging or just turning them away, but the converse is that trust is layered in Mastodon:

You can trust someone on the basis of a history of behaviour and integrity of the node you're on, but people who need more trust can also run their own instance on their trusted domain. E.g. if POTUS wants a trusted Mastodon account, the logical choice would be to have webfinger for @potus@whitehouse.gov or similar point to a trusted instance run by the government. Nobody else can set up addresses on whitehouse.gov because it requires controlling the ability to run a webfinger setup responding at https://whitehouse.gov/.well-known/webfinger?resource=acct%3...

Conversely, if people need someone trusted to run their instance, there are any number of people who'll happily take their money to provide guarantees.

The author claims decentralization is a questionable goal, but fail at explaining why. Claims we need something in the middle, like what? He tries to link decentralization to cryptocurrencies and defis, etc... very sneaky, but lazy argument. Decentralization means freedom, self determination and power, power to host your content on your own terms, or in a place that is friendly to you, and exchange ideas with people in other communities, where they also own their data. You can have people on @socialist.social talking with @billionaries.social , but one party can't make the other disappear just because. His other argument is against Mastodon technical design, I agree , I wouldn't pick the stack the Mastodon team chose, that said, there are many activitypub enabled projects, GoToSocial, Misskey, etc... which are more resource efficient, so the failure of one project , is just a learning opportunity for another newer projects. Regarding "unpaid labor and opsec", people can rent a server from a provider that guarantees updates and uptime, or host their own, in the same way is done across the industry. I'm not claiming this is what the author is saying, but most of the criticism I see of the Fediverse comes in the flavor of "Look all those people I don't like and can't get banned, how dare them to share their ideas, let me start complaining to make them disappear".
I keep having this thought that Twitter could be solved by Cloudflare or similar cloud systems that can expose HTTP APIs and cheaply serve content through global caches.

Start with the principle that you own (and pay for, if necessary) the cloud resources for your piece of the social network. A standardized API that does the things you expect of a microblog; post stuff, collect replies, followers, etc. runs in your account. You control it: access, moderation (possibly delegated as you prefer), advertising, throttling, whatever.

Assuming everyone is using a standardized protocol (DIDs for identity for instance) users could interact seamlessly. How hard could it be to clone Twitter on Cloudflare? Would it take more than a few thousand lines of Javascript/WASM to replicate the basic microblogging functions? A good onboarding system to automate the setup to be at least as easy(...?) as typical social networks would be necessary. Search would solve itself if the network was sufficiently popular.

In the fediverse, each instance is its own cache.
Not sure this article is internally coherent. It starts out saying that centralization or decentralization should be an implementation detail. At the end, it advocates for a market-oriented centralization approach. Throughout, it calls out problems that seem to be features.

The analogy to decentralized package hosting seems misaligned. If a package repo disappears, it breaks a tree of dependencies. If a social media instance disappears, the followers (the "dependencies") can adapt without being disrupted. This seems like a feature.

On the issue of "not agreeing what it should look like," this also seems like a feature. Communities can use the platform to self-organize according to their own visions and priorities. Surely, someone who has spent time exploring the various instances available can quickly identify this. Not agreeing what it should look like is what makes it what it is. Not having to force everyone to agree what it is, is what it is. Again, it's a feature, and something fediverse users have happily "learned to live with," and moreover, embraced.

Moderation and illegal content are a legitimate challenge on any platform. With the decentralized fediverse, everyone handles it according to their own policies. This does mean some admins allow it perhaps more than they should, but it also means they face the consequences directly. Admins who work to keep it out do face a daunting task in many cases, but there are tools for it. And a process of sort of natural selection already seems to favor those who have the resources and energy and motivation and skill to do it well. Seems, again, like a feature.

"Mastodon is old." Not sure how this has anything at all to do with centralization or decentralization. We all use things that are old. Many old things work great. As far as others not getting their changes merged back, well, that's the benefit of forking and open source. Anyone who wants changes that aren't part of the upstream can fork it and make those changes. If enough people like them, people will move to the fork. It happens all the time. Feature.

Technical challenges described are demonstrably surmountable.

Market-based approach: well, we're living it, and Mastodon in particular is succeeding in the market. There are competitors like Pleroma and microblog.pub. If enough people decide Mastodon proper has "fucked up too much," then there are others right behind it ready to "step in and replace it."

I dunno. There are arguable advantages to centralization, but I'm not sure this article touches on them, or at least not convincingly. Rather, it seems like the main complaints, if they're not in fact addressed by the design and operation of the fediverse, are design choices that give the fediverse advantages in other aspects. In any case, I don't see how the claim of the headline is well-supported by the points raised in the article.

I agree with the author.

Mastodon is quicksand. Instances are not guaranteed to keep existing, they depend entirely on a citizen running it, scaling it, and paying for all that, often with the help of donations. Even a relatively small influx of new users may pose an existential financial threat for the instance, or a lock so that nobody new can join.

Even when things are running "normally", instance owners may simply quit. Further, did you know that almost every instance regularly purges all media attached to toots?

Your instance, content within it, account you created within it, the media attached to your toots, are all incredibly fragile and can disappear at any time. The main Mastodon scaling approach: creating lots of small instances, makes this problem worse, not better. You're just spreading fragility.

You don't have this insecurity at Twitter, not at this fundamental level. Twitter pretty much auto-scales and your content is not lost. Sure, people may get banned, but a normy user would normally not face these existential issues.

The other thing that scales poorly is moderation. Twitter is sometimes perceived as being inconsistent in its rules (or biased), but this is a 100 times worse on Mastodon. Every instance has their own arbitrary and ever-changing rules. The same applies to federation. Instance mods regularly block federation with other instances based on arbitrary decisions.

Technically, the UX is inconsistent. One instance may work well whilst the other has page loads into the 10 seconds, or federated content delayed by hours.

Doesn't scale, fragile, and deeply inconsistent. It has a place and I still consider Mastodon an accomplishment. But it should not be compared with any of the centralized services.

I think there's an axiomatic difference here.

I don't believe any large service is more stable in the long term than a small one. To put it morbidly, all will be dust eventually. At least mastodon has account migration baked in.

Additionally, why would I want all my content to last forever? If I want something to last forever I'll carve it on a rock, not toot it.

Pretty much everything else you listed is a positive.

There's quite a lot of wiggle room between short term volatility and a concept like "forever". If you take it as far as "we'll all die anyway", you might as well not post anything, ever, anywhere.

Large central services give reasonable stability as to not easily shut down altogether, having your account and all content removed. On Mastodon, this is a constant threat.

> Large central services give reasonable stability as to not easily shut down altogether, having your account and all content removed. On Mastodon, this is a constant threat.

I'd be interested to see the halflife of centralized services generally to be able to tease out the patterns in a way less vulnerable to survivorship bias. I recognize that invoking Google's product shutdowns is like the free space on the HN comment bingo card, but... You could also point to the cases where Google shuts down someone's entire business or life on the internet for opaque reasons, without the user having any meaningful recourse, as a "constant threat" of a system that's scaled beyond the human.

This conversation was just very, very different before the move feature. When mastodon.technology announced it needed to shut down (https://ashfurrow.com/blog/mastodon-technology-shutdown/), yes, the users learned they would lose their little chunk of namespace – old URLs would break, old content would need to be downloaded to archive – but the crucial thing is the social graph, and the move feature lets you pick up and move your followers. This is like if I could reach into the contacts files of everyone who had my email and update it. This means that "having [my] account and all content removed" is just a lot less big of a deal than when e.g. Facebook nukes someone's account.

You have a point. The central services we consider stable are the winners, against a backdrop of many losers. We all flocked into a small set of winning services.

And the thing these winners have in common is that they are enormous. They require huge revenue streams (from ads) to be able to afford the enormous investments in scaling, moderation, compliance, etc.

The idea that a billion of us can keep dumping fresh content into our account for free and that none of this content seems to be ever lost, is honestly quite bizarre even if we take it for granted.

But that's the service level billions of people are used to. And it can only be delivered by these giants.

I ran head into the first one. Back in August my instance owner announced they was going to be shutting down. Gave me plenty of time to move, and while followers and people you're following are easy to move, your content really isn't.

Perhaps that's for the best? Perhaps social media in the microblogging style should be considered ephemera.

Moderation and performance you're 100% dead on.

I'm putting myself in the shoes of a common Twitter user. To exaggerate a little, they are spoiled and have zero tolerance for friction.

Look at all the complaints regarding onboarding. They are forced to pick a server and many directly stop at that, loudly complaining. Two days to wait for an activation email? Unacceptable.

As for content preservation, I get what you're saying. At the same time, I do believe that people are not used to the idea that their old media is purposefully deleted, automatically. Or that their toots and instance account can disappear at will. Those are new concepts and frictions when coming from a central platform.

To illustrate that point, Facebook has multiple giant data centers that host nothing but stale content. That pic you posted 7 years ago, it's over there. You will absolutely never ever look at it again, but in case you do...it's there. These massive investments underpin my idea that users expect their content to be persisted. If this wasn't important, Facebook would not do this.

I think the complexity of content preservation is that social media has various uses. You can chit-chat and use it as a casual conversation tool, yet others use it as a broadcast channel. Some may use it for record-keeping. Creators may build up a portfolio of rich media posts. Some people may be fine with the chit-chat deleted, but for many other uses it would be not acceptable at all.

This is a good point.

Though I can't help but wondering if this is a take by an older person or least an older way of thinking about things. Stuff like snapchat, or the stories feature is closer to what a lot of people want. Most people I'm connected with on Instagram (friends and family only) don't post anything besides stories. There are very few who want to leave a trace on the web anymore. Especially now that digging up old tweets has become a sport.

Perhaps everything you ever said being stored forever on the Great Servers in the Cloud is not the best way to go about things.

Loss and death are part of life, they should be part of online life, too. Especially for things that are basically a glorified chat room.

You're the second person to reply with this "forever" take. I never said forever, I'm talking about normal timelines where users on central networks expect their content to persist, which is what typically is the case.

And for the record, Mastodon content is stored on the Great Servers in the Cloud. Most instances run on AWS VPS.

My point is that in general "have to move everything because the instance I don't pay for is shutting down" should be more common, not less.

Most people are surprised that old things they did on the internet can be found, and they're perhaps right.

If you're suggesting that internet users are entitled, very much yes.
In the '00s, phpBB forums and IRC were popular, but the Internet far less hostile for users. Even bigger challenges will come when instance operators are asked to comply with local law, requiring them to have privacy policies, t&cs and enforce these alongside regulations like GDPR.
Fully agree. Hobbyist moderators currently do moderation at-will. They may have a day job, go on a holiday, and of course they sleep. Without having several moderators across time zones, everything you said might become an existential issue, especially on larger and open instances.

And to add insult to injury, better anti-harassment features are near impossible to implement because of the nature of federation. Other instances may run an older version, or simply chose to ignore your new rules.

If and when Mastodon grows to the size as becoming interesting for many mass scale harassment attacks, the only logical way out is to disable the federation part more and more. Which means you basically end up with tiny centralized bubbles. For which you could have simply created a subreddit or Discord, for free.

Those tiny centralized bubbles would be run by whoever runs the instances hosting them. With Reddit or Discord subs/instances, you're still at the whim of the people who own them.
Or they become hosted in jurisdictions that won’t help the EU collect any GDPR fines they choose to levy.
> The other thing that scales poorly is moderation

Moderation does scale poorly, which is why twitter is a shitshow and smaller forums (like this one) have a chance of being well moderated.

I get what you're saying, but you're missing some important aspects.

I wasn't commenting on the quality of moderation, instead on the scalability. Instance owners are easily overwhelmed and this problem gets worse as things grow.

Second, if your point is to create a tightly-moderated instance bubble, then Mastodon's federation features will largely go unused. If that is the outcome, then there's no point to Mastodon. You can recreate such spaces everywhere, for free.

>Your instance, content within it, account you created within it, the media attached to your toots, are all incredibly fragile and can disappear at any time

You realize of course that this is true of any platform? You do have this kind of insecurity with Twitter as we are seeing in real time. Musk has already stated that he wants to reduce Twitter's infrastructure costs, he could decide that all content older than N years is being discarded, even more easily than he discarded half of Twitter's workforce.

These insecurities are not at the same level, and do not compare. Don't see it as the difference between zero security and infinite security, it's a spectrum or scale instead.

On FB, I can go back 10 years and my content is still there. All of it. With the exception of a suspension, FB doesn't delete user content. Ever. The same applies to Twitter. Their track record of content persistence is excellent.

On Mastodon, media gets purged pretty much by policy. So you can be sure that you lose it all, thus rendering old toots useless. Add to this that every instance can disappear at any time, so besides your content, your account is also not safe.

What Musk could and could not decide is speculation. Track record looks back, not forward.

> Their track record of content persistence is excellent.

Musk has just replaced the entire leadership of Twitter. What kind of track record Twitter used to have is entirely irrelevant for how it will behave in the future.

It's the same fallacy like a reputable company selling a well-known brand. People will stick to the brand (for a while) because they associate it with the performance of the original company behind it. However, that's a deception. The brand itself will tell you nothing about how the new company will behave.

I really don't want to go down the Twitter rabbit hole. An exception to the rule (which is still speculative) does not disprove the rule. The rule being that on large centralized platforms, one has drastically better content security.
> Instances are not guaranteed to keep existing,

What is guaranteed to keep existing in this world? certainly not the Internet....

Don't get hung up on the word "guarantee" and make this a question of absolutes. The question is whether you would bet on your content still being on twitter vs still being on Bob's server X years from now. And the answer is that you would definitely bet the farm on twitter, no matter what X is.

That's an architectural problem with Mastodon, and can probably be fixed. But twitter has it solved by acting as a sort of well-established, large data bank; a place where you store your tweet data. Going to a Mastodon instance is like going to a tiny credit union, if credit unions weren't regulated in any way.

I think it's necessary to separate technical problems from social ones. If necessary, the protocol can be changed to scale better (Mastodon is trying to be nice to respect a pre-existing standard, but if that standard crumbles, it's fair to come up with a better one, and IMHO it is solvable).

Mastodon from the start wanted to tackle the social part of the problem about the fundamental disagreements about moderation. There's a wide spectrum between people who are keen to start Internet fights, people willing to tolerate that in the name of "free speech" principle, and people who just want to have a nice place where they can hang out without randos demanding they "debate" their right to exist.

These groups will never agree what level of moderation is appropriate. Even within Mastodon communities it's controversial what the rules for federation, bans, and content warnings should be.

Twitter, Facebook and others begrudgingly ended up being arbiters in political culture wars and must en masse decide what is acceptable to say. This ends up being an absurd situation where they try to balance the amount of abuse to an advertiser-acceptable level.

Mastodon's answer is that you can moderate your community however you want, and cut off whole parts of the network you don't like. This is ridiculed as "bubbles", but if you don't agree — make your own anything-goes instance!

It doesn't work quite well. There's still a lot to work out, but I think it's a better starting point than pleading with a billion-dollar enterprise to police the content in the way you think is right.

If you post on your own anything-goes instance, you will probably be defederated from your friends who are posting on normie instances. You don't have a choice but to go to a normie instance yourself and adjust your content and following to suit the instance's rules.
If you wish to participate in society, you have to abide by the rules of the society. This is a feature, not a bug.
But it's not society setting the rules it's a small subset of earlier admins who created some of the first popular servers. They are in no way representative of society.
Nobody should be forced to publish my garbage if they don't want to. OTOH when people think their instances are moderating too heavily, they can move to mine.
Some of these arguments start on really odd premises:

> Imagine you're a rather small server and suddenly Eli Lilly and Company joins your instance. Today they have around 140K followers on Twitter and they are a publicly traded company. First of all with an account that large, every one of their posts will cause a lot of load on your infrastructure. Secondly though, they are a very interesting target to attack.

Why would Eli Lilly join some small instance? Why wouldn't they make their own instance? They have their own email and website after all. why be lilly@someoneelse.social when they could just be their own thing?

If they set up @social@lilly.com this solves the blue checkmark dilemmas too. It verifies their identity without implying status/endorsement/$8 flex.
Sorta? There's nothing stopping a spammer from registering and running their own instance+user of @social@elilillypad.com, or any other variation that brandsight hasn't thought to register.
Yeah, domains as a UI element have flaws, but for better or worse they are the technological foundation of identity on the Internet.
> Why wouldn't they make their own instance?

Because it's not worth the effort. If anything, there are going to a commercial providers that run servers for companies in a bundled way where all of their clients use their servers. But more likely, they won't bother at all with this, because it's not an important part of their business.

And then the big public instance decides it's not worth even federating with small folks because if you block them they will come to your instance because you have "content" - a bunch of big names that use it - and also display their site's ads to them.

...aaaand we're back to Twitter in all but name

> On decentralized systems in particular I encourage you to read Moxie's take on web3 which outlines the challenges of this much better than I ever could

I am sad that the crypto/defi/web3 crowd hijacked the term "decentralized" and now people who should know better equate the two.

Web is decentralized. E-mail is decentralized. The internet is decentralized.

> Mastodon encourages not just decentralization, but federation. [...] I will make the point that this is the root of the issue here.

Ok, so we're actually talking about federation being bad, not decentralization as such.

> I used to host a pastebin for a few years. It was Open Source and with that others also hosted it. I had to shut it down after it became (by a small percentage of users) used to host illegal content. [...] I really hard a hard few weeks when I first discovered what my software ended up being used for.

We take that risk every time we open source something or run an internet service. I would not be surprised if some criminals somewhere used Flask for nefarious purposes. That doesn't mean Flask and his other software is not, on net, a huge benfit for society. This issue is orthogonal with (de)centralization, tho.

> Imagine you're a rather small server and suddenly Eli Lilly and Company joins your instance.

Let me rephrase that to show what a straw man this is: Imagine you're a rather small email server and suddenly Eli Lilly and Company starts hosting their mail on your instance

The chance of that happening is precisely zero. WTH would they do that (and why would you let'em)? The same argument goes for Mastodon.

Turning to the title of the post, Scaling Mastodon is Impossible, I agree with the author (to the extent that I know about Mastodon, anyways). Maybe Mastodon isn't up to the task, maybe ActivityPub as a protocol is inadequate, but those are technical challenges to overcome. I don't believe this dooms the entire "decentralized federated network" concept.

> Wikipedia for all it's faults shows quite well that a centralized thing can exist with the right model behind it. [...] A “Not Twitter Foundation” that runs an installation of an Open Source implementation of a scalable micro blogging platform

This is an interesting proposal. I worry that the cost structure - in terms of hard work, not server capacity - is way different. For all its edit wars, the basic principle on Wikipedia that someone (or a group) authors an article and thousands or millions people read it. Once the article is written, it is (for the most part) static. "NotTwitter" is the opposite - you have constant stream of new content that needs to be policed (if you don't want your town square to descend into madness). Reddit's army of moderators shows how difficult that task can be.

[Meta: was the article flagged? It's got a fair number of points but is way down in the list of articles]

Quite interesting that a lot of comments mentioning the technical side of scaling, when the bulk of the post was about the more social side of things.

While I don’t agree that decentralization itself is a dubious goal, the argument that moderation, the legal side of things, etc… is not scalable (moderation especially in its current form where the entire fediverse can report anything) seems quite true? We can’t rely on generous people hosting instances, taking legal risks and spending time for it if the fediverse wants to grow bigger than what it currently is.

Mastodon might not scale that well due to it being overly heavy but Activitypub scales just fine unless by scaling you mean something which makes it possible to exert control over the whole constellation by some centralised authority. I'm running a host of Activitypub services - 3 Peertube instances, 1 Pixelfed instance, 1 Pleroma instance - on a single server without any problems, mostly for experimenting with the things but the Peertube instances are used regularly.

Decentralisation is not, as this piece states, 'a Questionable Goal'. It is the essence of a thriving internet, it is what makes the difference between a world-wide inTRAnet and an inTERnet. It makes it possible to pick and choose your own services or host them yourself while still being able to interoperate - the 'inter' in internet - with others. It may not be a good fit for someone's business plan but to that I can but sing a song while playing the world's smallest violin: Nae kings! Nae quins! Nae lairds! Nae masters! We willna' be fooled again!