> At every layer, the answer is "anyone can run their own." At every layer, almost nobody does.
And at every layer except for maybe the PLC directory, there's nothing stopping anyone from fixing that “almost nobody does” problem. The fact that such a thing is even possible, and that it's seamless to move from one to the other, gives ATproto a massive leg-up compared to even other federated systems, let alone its non-federated predecessors.
Yeah they're describing a real problem, but the cause of that problem—a seamless centralized sign-up funded by VC money—is the reason bluesky took off to begin with.
Bsky offers an on-ramp to a more decentralized experience, but most people won't pay the money and experience the friction to move take that ramp. Platforms like Mastodon are entirely decentralized, but that means the friction of decentralizing happens immediately upon sign-up. The people who don't want to self-host PDSes never signed up for Mastodon to begin with.
I try to be skeptical, but I feel like bsky (or something like it) is the best way can do re: bringing decentralization to the masses.
>And at every layer except for maybe the PLC directory, there's nothing stopping anyone from fixing that “almost nobody does” problem.
If there's nothing stopping anyone from fixing a problem, and yet nobody fixes it, then there's something is stopping them.
Might not be a technical impossibility, or a gun in their head. Could be as simple as inertia or addiction.
But saying "the problem is totally solvable" just because there's a solution available, is pretty naive. Solutions have costs themselves, and not all are created equal or equally feasible.
A relay or appview needs a ton of resources. Blacksky finally created the second ever real-world usable appview instance after 2.5 years.
Also, the open source version of the appview doesn't work at Bluesky scale. You need a proprietary database for sufficient speed.
AT Proto is completely decentralised, except for all the structural and financial points of absolute centralisation.
The relay is not that bad, the only really bad part is building an index, and most apps on the atmosphere have no need to index bluesky records, so the economics for them look very different.
The work towards permissioned data and group-shared data will make it so apps can choose their own levels of "decentralization" of "federation" on atproto primitives. For example, two diametric options
1. An app that is not open source code, but still does all the same atproto credible exit stuff. Naturally leans into winner-take-all
2. An app that is tied to community, think something like Discord, where most servers don't care about what other servers are doing. Each community could run their own version and only care about their data. This is raspberry pi hostable.
Or people don't think it's a problem!
Maybe there are a ton of people who joined Bluesky because twitter devolved into a room-temperature-IQ right-wing hell hole, not because they cared about federation or whatever.
Everything has trade-offs. Again and again people choose centralized services because they are a better product.
It's really the defaults that need to be fixed and anyone cannot change those.
Which defaults do you think need to change?
I assume the onboarding steers everyone to one PDS provider and the mobile apps only use one appview server.
I feel it enters now in the territory of being more confusing for users and having less adoption. It's tricky to create a decentralized network for the masses.
How would they fix it?
I don't think “they” have a whole lot to fix. It's more a matter of people needing to fix their own laziness.
I'll be the first to admit I'm guilty of this, too, and still haven't gotten around to moving my main account to a self-hosted PDS (though I've at least taken the steps to backup my CAR and set my own rotation keys, such that if my PDS goes offline or hostile I can still migrate away from it).
I explained in another comment you also replied to. It's not broken, it works as intended, the plan is for improvements and de-risking.
Is there something missing from my answer about what the plan is for the PLC?
Yeah I’m the guy quoted in the opening of the article.
Yes. Be wary of Bluesky. That’s our whole point. Run the infrastructure on your own. Build separate companies.
Most of the complaints here are just about the cost of scale. You are able to fetch the whole network and its history, and that costs time and money. The only structural centralization is PLC, which is being factored into an independent org.
I'd like to encourage anyone who is wary of Bluesky to check out Paul (and Dominic's) back-in-the-day project Secure-Scuttlebot which solved most of the issues that Bluesky suffers from by using content addressable storage and signing key cryptography correctly.
The actual SSB codebase has been kind of broken since 2020, but I have a fork on my own Github that works and comes with a basic client that you can vibe/claw on top of: https://github.com/evbogue/ssbc
I'm happy to supply pub invites to anyone who wants to play around with the old sbot with me as we work towards making social media distributed again.
> Secure-Scuttlebot which solved most of the issues that Bluesky suffers from
I've heard Paul speak about this the other way around, that the experience from SSB informed the design of ATProto. I.e. ATProto solves most of the issues in SSB
For clarity, ATProto is the protocol, Bluesky is one dozens of apps, obv the biggest and most well known outside of the ATmosphere.
Bluesky does solve a lot of SSBs problems. Both projects can learn from each other. The past can become the future and the present inform the past.
This isn't just on Paul, Jay has publically stated that she doesn't believe users (even powerusers) can be trusted with keypairs.
Jay's unfortunately not wrong about that. Hitting that balance between “so secure even I can't access it anymore” v. “so convenient that cybercriminals can access it, too” is less trivial than a lot of the “just use keypairs” crowd likes to admit — even for those of us with many years of experience working with SSH and PGP keys, let alone people who haven't the slightest idea what a “keypair” even is.
It can be both.
Considering how hard it has been, and to some extent still is, to run your own Bluesky instance, the main problem is that it automatically becomes centralised in a way that no open protocol will solve.
If 97% of your users are on one instance it is not a distributed platform. Applying this to mastodon, I am pretty sure most people would consider it a problem if mastodon.social started getting more than 40% of active users (currently at about 15 iirc).
Moving the PLC to an independent org doesn't make it decentralized.
I don't seem any claim in GP's comment that it would make it decentralized. It does seem, by looking across your comments in this thread, that
(1) You feel very strongly about what decentralized means w.r.t. social media, bluesky, and the PLC
(2) ATProto accepts that it's not planned to be as decentralized as some want, and that it is currently centralized with secondary validators.
(3) No answer or plan for the PLC is going to satisfy you. Nor is any argument you make going to change the plans for identity in ATProto for the foreseeable future.
This is all fine, people can have different perspectives and work/play in different ecosystems, no one is right or wrong. This is precisely why there are multiple protocols out there and bridges between them.
May I then ask why you keep making comments to the same effect aas those you made in the post and multiple times here ~12h ago?
When reading any essay about the perils & merits of Bluesky's architecture, save yourself some time by searching for "Blacksky" in the post. If they don't address Blacksky, more than likely the author's understanding of the space has major gaps.
(Blacksky is the/one of the furthest along in building competing versions of each part of the AT proto stack.)
I know very well what it is, it doesn’t change anything in the grand scheme of things. I wish it did!
Re-reading my reply, it is worded more harshly than I intended. My apologies.
I do think it's a critical omission to not address the main player(s?) who are working on key parts of this, and where they may yet run into problems.
Does it require people change defaults? If so then 99% will never use it.
A system or protocol is whatever the easiest user journey is. Anything outside of that will never be seen by many users unless there is some value to be gained by going there. And that value has to be something gained now, not a hypothetical like insurance against future closing of the network. People don’t like to buy insurance.
I think these are reasons that Mastodon and Nostr aren't ever going to have a critical mass of users, remaining a niche thing for people who care about the hypotheticals (which is fine). Imho, BlueSky is the only distributed social media project that has a chance of meeting users where there are with usable search, realtime discoverability, and other consequences of centralizing event-busses.
People wine about BlueSky being too centralized, but the fact is that this type of infrastructure isn't self-hostable. You can do social-media over email a la Mastodon (which admittedly is pretty great), but most people will trade that for a walled garden.
The big problem is that all this AT infra is pretty much charity, which doesn't feel sustainable. I wish it could be funded more like public libraries than ad tech.
For some context
25G < PLC postgres < 100G, depending if you want to keep all the spam operations (> 50%) and/or add extra indexes for a handle autocomplete service (like me, takes it over 100GB with everything)
Repo data (records) is in the double digit TB range (low end, without any indexing, just raw)
Blobs are in the Petabyte range.
I aim to find out current and accurate details soon.
I agree 100%
Bluesky works because people are told "Go to Bluesky" and they hide the federation. When you're told go to Mastodon and pick mastodon.social or any of the hundreds of other servers, you've lost. For some reason, the federation fans never understood this. I remember an interview with Diaspora's developers and they couldn't stop talking about how people can run their own servers.
Dude.
I have two friends who left Twitter for Bluesky. One's an HR rep and the other is a business analyst for warehouses. Does anyone think a selling point for them was that they can run their own Bluesky infrastructure?
But how is that 'decentralized' which was the entire point of Bluesky and the AT protocol to begin with? We're just back to running centralized services. Without decentralization this is just XMPP with extra steps. You might as well just run something like Movim and save yourself the hassle.
There's "decentralized" in the sense that every device runs the whole stack. In an analogy to another protocol, this would be like running SMTP and IMAP on your phone and laptop.
Then there's "decentralized" in the sense that the protocols that govern are open and anyone can plug in without permission. This is how email works in practice. Most people do not choose to run their own email servers, but they nonetheless benefit from the fact that people who are interested can do so and provide email service.
Bluesky is the second kind of decentralized.
> the entire point of Bluesky and the AT protocol
is really to find a good enough middle ground that has competitive enough UX to get people off of the fully centralized, locked in social media providers. In the broader context, ATProto to me means user choice and provenance, which ATProto does better than any other protocol. See all the parts beyond just data hosting, where the entire distributed system is plug-n-play. [1]
ATProto not being purist, preferring pragmatism, is what attracts me over alternatives like AP and Nostr.
[1] https://atproto.com/articles/atproto-for-distsys-engineers
I mean it's a repo with 1 very active contributor (https://github.com/blacksky-algorithms/rsky/graphs/contribut...), I get that they decided to skip on that
Sorry I'm not sure I understand your point
Sorry, meant say that Blacksky is much more important than the metrics you point to, with more detail on that wiki.
They're the first alternative full stack, the first alternative AppView, and that is something that the author should have mentioned. However, it weakens the argument so they left it out.
"Number of contributors" has never meant impact. You wouldn't dismiss openssl or curl, ya know?
The racially segregated bluesky will definitely solve some problems, agreed
Anybody can sign up for Blacksky.
And yet its full of black supremacy / afrocentrism.
And plenty of people people posting racist stuff about White and Asian people.
It's no better than Twitter or 4chan at this point.
> That's the same argument people made about Twitter. "If it goes bad, we'll just leave." We know how that played out.
Yeah, it played out with my whole social circle leaving, as evidenced by the fact that all my friends link me to the bluesky post whenever there's something happening now.
I know noone on BlueSky, I do have friends on X. We liked Twitter and we like X.
same here
I salute the solidarity /s
Joking aside, I think what we see in the larger scheme is a fracturing of social media. More choice, more competition.
This is a good thing
> More choice, more competition. This is a good thing.
hopefully one day we lurk at the same protocol and type: with more federations, more choice. This is a good thing.
I might be misunderstanding something about atproto, but isn't it always possible to export data from bluesky because all it takes is reading your data, which is done by any app interacting with your pds anyway? If they block that, they're blocking atproto functionality entirely, no?
> If they block that, they're blocking atproto functionality entirely, no?
Keep in mind, twitter got rid of their API. Google got rid of XMPP federation. Bluesky breaking or defederating atproto wouldn't impact most users, so they'd probably get less outcry than those examples.
Yes, there are backup services that can help so you cannot be locked away from your data too.
Bluesky is architected so you can export your data and follows and followers to your own or someone else's infrastructure at any time. There are some groups that have taken that offer and moved off of Bluesky's infrastructure (see Blacksky). The fact that most people aren't doing that is a sign that people are happy with how Bluesky-the-company is running things. What's the issue?
Most people were happy with Twitter as well
And Bluesky is better because you're not locked in and can export your posts, follows, and followers off of their infrastructure if they start being evil or you randomly feel like it. Companies like Twitter effectively wield network effects to stop people from leaving. All of one's activity on Twitter increases the sunk cost to keep them on Twitter in a way that's not true for Bluesky.
I recognize that Bluesky is at present more open than Twitter and that all of the necessary building blocks for the infra are publicly available. That's good of course.
However I think the view you expressed there is misguided. If Bluesky locked out third party infra tomorrow presumably the vast majority of people would not move. Thus vendor lockin via network effects remains. (Ie you are always free to leave but you'd be moving from a metropolis to a backwater.)
The only scenario where this isn't true is one where no more than a few percent of the people you interact with reside on any given node. By that metric small AP nodes pass while large ones such as the flagship Mastodon node fail. Similarly Gmail and Outlook fail while any self hosted mail server passes.
It's not an easy problem to solve.
There would be a revolt if Bluesky did that and doubt they will be so self-destructive.
I'd rather be optimistic than nihilistic about it. It's still early and there are a lot of good things happening.
How are they going to pay back all the VC money?
I don't have a horse in this race, but:
> [..] machine-readable archive of information associated with your account in HTML and JSON files. [..] including your profile information, your posts, your Direct Messages, your Moments, your media ([..]), a list of your followers, a list of accounts that you are following, your address book, Lists that you’ve created, are a member of or follow, [..], and more.
(Note that I actually elided some additional things that are included in the export, for readability's sake.)
https://help.x.com/en/managing-your-account/accessing-your-x...
You can't actually use your followers and following list from X on other sites. With Bluesky, you can move your profile onto other infrastructure, continue to see posts from people you follow, and make new posts that your followers still see like nothing happened. It's like how if you own your own domain name, you can set your MX records to whatever email service you want and change it when you want without affecting anyone you're having email conversations with.
Ah, I see. Your use of the term "export" made me misunderstand. Though now that I've thought about it for a few minutes, I'm not sure what verb makes sense [to me] there. I guess "migrate?"
edit: also, thanks for clarifying!
yes, "pds migration" is a phrase you see more often
I generally liked Twitter before but not as much as now, since now it's not so heavily trolled by far left activists.
Aren't most people over there trolling? Seems it starts at the top and sets the tone for the whole site
That's a very strong statement to make.
whether you agree or not, asking "what's the issue" misses the point very badly, since the article is almost entirely about what the issue is (i.e. that most people will not change defaults and the default is to centralise on the bluesky servers)
The fact that the system is built around this escape hatch makes it miles better than almost all other social networks. An escape hatch doesn't need to be used by most people to be valuable.
Nostr doesn’t have these issues
I know when I’m using a Nostr app because its logo is an endless spinner.
At the scales these systems run at, you need large indexes. Distributing those indexes across many nodes would require a breakthrough in federated queries, and if you have one of those lying around I’d pay good money for it.
Nostr has different issues, people are where their preference for dealing with them is
It's weird to focus on that when there isn't a single thing in software that doesn't suffer from "everyone will just use the default anyway"
Nostr doesn’t have these issues
yeah I'm not saying the blog is right or wrong; I'm just saying that describing bsky's features and asking "what's the issue?" means you aren't engaging with what it's actually saying.
I’m not the previous poster, but I don’t see any cogent points in the article to engage with in any depth.
If you look at OP's comments here, I think the same sentiment will come through. They do not seem interested in good faith debate or discussion.
> At every layer, the answer is "anyone can run their own." At every layer, almost nobody does.
But people do and it is reportedly fairly easy so the majority of people are on Bluesky's layers while all is well. But also I don't understand why any of this is a reason to be "wary", it's a great place to be with some unique technical properties - it is way more "open" than any other platform of similar scale.
> But people do and it is reportedly fairly easy so the majority of people are on Bluesky's layers while all is well.
The post discusses why, when all is not well, it will be too late.
At this point I despair at anyone who doesn’t understand that the problem isn’t the specific architecture, it’s social media as a scaled up, algorithmically driven concept. Stick so many people on one social graph that can’t possibly be effectively moderated by humans and it will turn into the same pit every time.
"That's the same argument people made about Twitter. 'If it goes bad, we'll just leave.' We know how that played out."
Yeah, I left.
(And in fact I am wary of all social media.)
So it played very poorly, you lost personal data and most importantly, social connections, and acquired a weariness
Whereas if Bluesky went evil tomorrow only the “acquired a weariness” part would happen, given that it's straightforward to move to a new PDS and take the entirety of your personal data and social connections with it.
And the app view? You can take your data, can take everyone else’s that you follow?
I always wondered why people don’t adopt protocols like Nostr as much? At least with nostr you know you can use your private key on any other platform that supports it as a valid auth.
The other problem of who owns the relay where the data is stored still exists. One way to solve this is a scheduled query of your data and keeping a local dump
>> You can self-host a PDS. Almost nobody does.
Who would've thought true decentralization means everyone hosting their own server? Yes, each user would have to pay and maintain it, but that's the cost of decentralization. ATProto at least makes it easy to jump ship if shit hits the fan and not have to start from scratch. Try doing that with Twitter/Instagram/Etc.
That portability issue was a direct answer to ActivityPub
I will give AP folks credit, they have looked at the success of ATProto and found parts they also think are good ideas and are bringing them back to AP.
I'm not sure if the same can be said about Nostr, I keep my distance from that crowd. I wonder if this submission is reflective of the larger Nostr community or if it's one person who wants to write a put-down piece.
If you get rid of data portability, then isn't it basically a Mattermost server? What is the alternative without going full Nostr where you have to manage all the cryptography yourself?
Either you handle the cryptography for the user AND allow them to DIY it or your target demographic is purely crypto anarchists willing to put up with a shitty UX.
Site is down at this moment.
Archived: https://archive.ph/PsTrp
There seems to be an issue with the caching mechanism that I built.
In the meantime the article is also on Nostr if anyone wants to read it: https://habla.news/a/naddr1qvzqqqr4gupzql5ujf9w2f2ujkj9f552a...
Thanks for the heads up!
Bluesky's behavior here isn't surprising.
They already ban signups using email aliases, and apparently block alias emails to their unban support address too.
what's an email alias? (in the sense that they would know you were using one)
I believe they mean the `email+alias@domain.com` (I forget the order)
All software has trade offs. The “for you” feed is ran on a home server, this is already imho a better situation than other systems. This could be cut off. But it could also be stood up again.
It could also be like The Seed from SAO, giving rise to 1000s more
> That's the same argument people made about Twitter. "If it goes bad, we'll just leave." We know how that played out.
But they migrated to Bluesky, right? So it played out fine?
Right, but they couldn't take their social graph with them. They essentially had to start from scratch.
There are specific steps Bluesky could take to decentralize the network. These are going to sound extreme but I agree with the article that it will never decentralize on its own. (Nothing will ever decentralize on its own so this isn't a criticism of Bluesky specifically.)
1. Strongly encourage backups.
2. Force users to migrate off the "official" PDS until it has less than, say, 40% market share.
3. Make the mobile apps use third-party relay/appview by default (could be randomized).
> Strongly encourage backups
Or invert this, and make it local-first. It's your data, and publishing it to a network is a form of backup. Either that, or the client holds a local copy by default.
It's not clear to me what a local-first social network would mean. The point is for other people to see your posts.
The data is local-first, but it's designed so that you publish to online networks. The point is to invert the current model of putting your content into someone else's network and hoping for the best, or expecting users to remember to run some manual backup that's probably going to be a pain to do anything with.
"Find me online Nostr Twitter YouTube"
Sounds like he was worried so much he left Bluesky already.
I suspect European courts would take a dim view on preventing export through switching off an existing mechanism yielding portability.
Left usenet, left IRC, left LiveJournal, skipped MySpace, left Facebook, left the blogosphere, will leave Twitter and BlueSky. You’re either in touching distance of grass or you’re not, none of this matters.
For someone to come in and buy Bluesky and then hold everyone’s data hostage, then Bluesky would actually have to have enough value that someone would want to buy it.
VCs have put in $120 million, so someone thinks that it's worth something.
The question of whether the users are actually ready to defend is irrelevant if the attackers look at the defenses and decide that an attack isn't worth mounting. As we have learned, this is not a credible threat:
> It will be hard, but we'll self host if we have to
Bluesky offers:
> It will be easy-ish, and we'll self host if we have to
We shall see if it's credible enough to make corruption look elsewhere.
> Email is an open, federated protocol. Anyone can run a mail server. In practice, running your own mail server is painful and everyone just uses Gmail. The protocol being "open" didn't prevent centralization.
This is an odd take and hard to agree with. I have never seen anyone complaining that email is a centralised service. GMail might be among the most popular solution, but there is a number of other solutions for "regular consumers", and many institutions, governments, etc. all run their email servers.
Bluesky isn't my bank records, isn't my photo archive, isn't my github, isn't my Documents folder.
I don't care if Bluesky goes away, gets bought, whatever.
Social media is disposable like a retail outlet. I'm sad if the coffee shop around the corner goes out of business, but there are 99K coffee shops in the US. I can go to another one.
As it is, I don't use Meta or X.. because they're led by despicable beings. Bluesky gets a pass for now, and has enough interesting people that I show up and have a chat. Like a coffee shop or a bar.
This feels like the healthiest take (other than just opting out of social media entirely). I wish there wasn’t this tension between scale and freedom/diversity. I wish the dynamics of tech were a little less winner-takes-all. But such is the nature of global digital distribution. Decentralization and local-first are nice ideas but they create a pretty high barrier to entry that keeps a lot of interesting people out. If I’m going to be on social media I don’t want to be in a cesspool like Twitter but I also don’t want to be an idealogical hobbyist bubble.
> I wish the dynamics of...
This is totally what atproto offers, see my peer comment to yours, then come back and read this.
I'll add here that there are a bunch of experiments going on which aim to break down apps into features. One example is DMs. Ideally all apps can use the same DM infrastructure (MLS based) and as a users, my DMs are the same in any app as my dedicated messenger app. Many people have had the idea to build a "browser" and any app can use bits of another (leaflet blog publish creates bsky post). Some cool experiments around things that look like web components, where you can create records that express a way to render something.
Another place user vs app choice comes into play is around the graph itself. One of the early dreams of app builders was that there is this existing network and you don't have to bootstrap a social network from scratch. While this is partially true, it does turn out reaching network effect is not so easy. Around this, there is a multi-camp debate on whether apps should reuse social graphs or not, one specific example of this is should an app automatically, upon request, or not at all: start from a user's existing social graph.
I dont get why you're downvoted.
Social media should be treated as disposable. Anything that is not yours (as in, is hosted by someone else - for free) should be disposable. In fact id even argue that any media should be treated as disposable. You wouldn't hoard all the material things your accumulate in life, why would you hoard random tweets, comments and reactions forever?
If its worth it, surely you'll find a way to keep it in a way that doesnt demand a third party to do it for you for eternity, no?
"Switching costs" man... people move between countries with vastly different languages and cultures and they adapt, make new relationships, refresh ideas. Is switching from database A to database B that difficult really?
I think it's important to separate Bluesky the company from atproto & "the atmosphere", i.e the collection of apps, feeds, labellers, relays, jetstreams, and other participants in the network.
The atmosphere and the PDS are definitely trending towards a single database for all your things. All of the examples you cited are being worked on in one form or another. I'm personally working towards a Permissioned PDS which can power Google Workspace like experience on ATProto, where there is an existing understanding of how sharing, visibility, roles, and permissions work across groups of people (IAM). Permissioned data unlocks an entire (majority) of applications people want to use, but won't until they can do it without broadcasting everything. There are a number of ways this may play out, several will materialize as options, i.e. some apps need e2ee and others cannot have it for the experience they want to deliver.
The overarching ethos is user or individual choice, paired with credible exit, enables real competition. Let's go wild, build all new apps, and let the people decide what they prefer. More indie, less winner take all
This is where I'm at, but it would be nice if it had some more longevity to it, as there are costs to switching to the next thing and the thing after that.
If anything in this thread has you interested in atproto, there is a conference in Vancouver, BC at the end of March
True p2p is the only approach that will work, not federation. I'd go futher and make the protocol high-friction for federation.
It's true that many p2p attempts have failed, but it's also the only solution that doesn't require someone running servers for free. There's evidence of success as well: napster (and bittorrent). Both were wildly successful, and ultimately died because of legal issues. It might work when the data is yours to share.
I can't imagine a world where a p2p social network is practical. Not when each node is an unreliable mobile phone that's maybe on cellular. Even with something like ipfs you have pinning services, bittorrent has seed boxes, because pure p2p is impractical.
You can have your other devices and friends replicating.
That uses a lot of bandwidth and battery. I'd rather find a better way to pay for servers than try to avoid them.
I sort of agree, but federation is good. It's funny that you use bittorrent as an example because it involves every single user running servers for free.
If people can both be an origin for content and a relay for content, and modulate the extent to which they want to do either of those things, there's not really much of a difference between "federation" and "true" p2p. Some people will be all relay, and some people will be all content. Some content people might be paying relays, and some relays might be paying content people. Some relays will be private and some relays will be public. Some people will maintain all of their own content locally, and some people will leave it all on a specialized remote server as a service and not even care about holding a local copy.
Also, browsing would either have to be done through a commercial or public service (federation again), or through specialized software (no one will ever use this and operating systems will intentionally lock it out if they see it as a competitor.)
The problem with wishing this all into existence, though, is that bittorent (not dead) exists and is completely stagnant. There is often a lot of talk about improving the protocol, and the various software dealing with it, and none of it gets done. If bittorrent would just allow torrents to be updated (content added or removed), you could almost piggyback social media on it immediately. It's not getting done. Nobody is doing it, just writing specs that everybody ignores for decades.
So I guess my belief is that "true p2p" is a meaningless term and target when it comes to creating recognizable social media. "True p2p" would be within a private circle of friends, on specialized software. Might as well be a fancy e.g. XMPP group chat; it's already available for anyone who wants it. Almost nobody wants it. Telegram, Whatsapp, and imessage are already good enough for that. They may not be totally private, but they're private enough for 99.9999% of people's purposes, and people are very suspicious of the 0.0001% who want something stronger.
I actually think you're using "true p2p" here to sort of handwave a business model into existence (trying to imply mutuality, or barter, or something.) Whereas I think the business model is the part that needs to be engineered carefully and the tech is easy.
This never-ending whining about oooh but my data ... for a service that you can use for free is nauseating.
This is a for-profit company running this service. It ain't free to operate.
If you don't like that, go elsewhere.
If there is one thing that has been a resounding success on the internet it is this: free services that you pay for with your clicks. Just look at the plethora of free services you get.
In no other economy would that be even remotely possible.
I do advocate for using other networks (specifically Nostr) that are not designed like this, but the network effect is big and most of my friends are on Blue Sky because they have been lured into a false sense of “it’s decentralised, I can just move! If something bad happens”.
What reasons do your friends give for choosing Bluesky over Nostr. I cannot imagine they would give the same reason you are projecting onto them.
There doesn't seem to be a timestamp associated with this article, but it is based on outdated information.
How so?
I should add a time stamp to the blog.
> If an acquirer disables exports, it doesn't matter that the tools existed yesterday.
Don't they have to give you your data upon request? And the cheapest way is to offer an export function? Wasn't this thanks to the EU (GDPR Article 20)?
They can give it to you in the least useful way imaginable and will. What we want and expect is an export that can be easily imported to some other provider and that's where the "good guys" can differentiate.
I can export decades of web browsing history, bookmarks, logins, etc. and import into any other browser with almost no trouble at all. Try to export your mainstream social network (facebook, twitter, insta, tiktok, etc.) content and connections and import it into another social network and let me know how that goes.
Also, at best this says not to host your data on someone else's computer and keep control of it, which is a thing Bluesky explicitly supports and encourages.
Will normal people do it, no. But you can.
With all the talk of LinkedIn’s problematic verification process and potential issues with Persona verification service being linked to Peter Thiel, I wonder why a social network like Bluesky couldn’t replace LinkedIn. What would it take?
Good points, but what's the alternative at this point?
Because of network effects, more users is generally more interesting. Blue Sky has "enough" at this point for me to be happy there. Programmers like antirez, my bike racing people like inrng, my city's mayor and one of our city councilors, and also a bunch of urbanists.
Edit: you lose some connections moving around, but I've also had friends I've known since the days of IRC. I think I'm mostly resigned to picking whatever works best in the moment and being willing to move (like abandoning Twitter) when it's not working.
which is not opposed to you being on Bluesky or Instagram or LinkedIn or wherever.
That's just not practical for most people (the publishing part). And in relation to microblogging, are you going to publish every 140-character, out-of-context thought on your personal website?
There's other syndication models, although POSSE gets talked about most.
If you don't want to get your own domain and run a server (not practical for most people) you can still protect yourself from being stuck in a single silo by broadcasting to many social media sites.
And the atproto is pesetas right? You publish to bluesky or whatever and the content is replicated to your pds. I recognize the minor difference, but if you have the energy and wherewithal to orchestrate pesetas across silos, surely you can setup a pds elsewhere.
I think of PESETAS as more defensive than what a single protocol can handle. Imagine posting to Bluesky and using automation to syndicate the post to Twitter, Facebook, Mastodon, Threads, and more. If Bluesky goes evil, or you otherwise decide to ditch it, you've mitigated the network effect as you have followers on other platforms already. People can still find you and your content isn't lost.
Imagine if Bluesky decides to ban you, and continues to ban accounts you create elsewhere. Atproto ensures non-Bluesky PDS can see you, but you've lost 99% of the userbase.
Ok yea that makes sense.
There's an ATProto project the main blog sites are working together on around distribution and syndication. It also has places for the off-protocol sites people post or publish.
Isn't Mastodon an alternative?
Not in terms of having a critical mass of users for many topics or being very accessible for a lot of people.
I can’t comment on the “critical mass”, since I haven’t got the numbers. But what exactly does “accessibility” mean in this context? What are the challenges of opening an account in mastodon.social?
It's the same challenge as picking an email server, which is why no one does that.
...
Seriously, joining Mastodon is not particularly difficult; people just freaked out a few years ago at being asked to pick a server to join. The joinmastodon.org website has gotten a lot better at explaining what that means and just directing people to mastodon.social if they don't want to pick something more specific, but the "oooh, this extra step makes Mastodon super super scary, if you pick wrong YOU ARE DAMNED FOREVERRRRRRRR" vibe persists.
The first challenge most people have when starting AP / Mastodon is that they are presented with a choice "pick a server" before anything else. That's what I hear most often anyway.
The other challenge that AP has as an ecosystem is that they have been hostile to anyone wanting to build an index or business. People need to eat and they turned off a lot of developers who'd love to make their living building social media tech outside of the corporate oligarchy.
ATProto welcomes all, even if there is the occasional drama or hostility.
If you're concerned about critical mass, Bluesky is also a dead end.
I mean, I explained in my original comment exactly why it is not a dead end for me. It has 'enough' of the things I'm interested in to make it worthwhile.
Nostr - it has none of the problems mentioned in the article.
But does it have a critical mass of people?
The Wikipedia page says "Nostr is primarily popular with cryptocurrency users, primarily Bitcoin users."
That's not my crowd.
I hear you but if you think about it who else has an incentive and skills to create something like Nostr? Who are the people interested in free speech, signatures and decentralization and with the skills to pull it up?
And since you mentioned primarily Bitcoin users those are the crypto folks that seem to be very against the idea of tokenizing everything.
From what I understand by posting something on Nostr you are posting signed events to a list of dumb relays. These events can be of many types and include hints of discoverability. There is no blockchain and no token and the thing they call zap is just a link to a lightning address that is up to the client to show.
Your account is your key pair so you are not at the whims of a power tripping administrator.
It seems like the perfect nesting ground for non corporate user content and pocket islands of communities. Nothing prevents someone from implementing a relay or community that bans any talk about Bitcoin or crypto. I for one would love to see closed content focused relays in Nostr.
> Your account is your key pair so you are not at the whims of a power tripping administrator.
But you are right back to the same UX issue that prevented crypto mass adoption, i.e. lose your keys, lose everything
Very few want to own that risk.
Last I looked its how to sign on page said "first create a keypair". That's certainly a good way to avoid the problems of success ...
Go outside
I've never looked at the AT Protocol before. It seems like you could have achieved most of that with existing DNS, HTTP and RSS implementations. All they really needed was some file formats and some well known URL schems and all of this could have been far easier to implement and deploy.
This is a good article [1] to get an overview of the "backend" of the protocol, it's very plug-n-play. One question I have about the setup you describe, how does moderation work? ATProto has the best moderation scheme I know of, "stacked." [2]
[1] https://atproto.com/articles/atproto-for-distsys-engineers
[2] https://bsky.social/about/blog/03-12-2024-stackable-moderati...
It's very much a Not Invented Here of Mastodon and the Fediverse.
Bluesky is a good user experience insofar as it's centralised.
Mastodon is a bad user experience insofar as you're forced to be aware of the decentralisation.
If you want successful decentralisation, Mastodon has that out of the box. You can stand up a Mastodon, Akkoma, GotoSocial etc on a $5/mo VM and you're an equal participant immediately. Or you can join someone else's server.
ActivityPub is underspecified and Mastodon just ignored a lot of it and so the actual protocol is an unholy mishmash of the two. It mostly works though, by the process of people beating on it until it works.
With Bluesky, you have a centralised service and a lot of people saying "decentralised!"
AT Proto is theoretically decentralised in the fabulous future and points of absolute and financial centralisation keep turning up.
I spend all day posting to both, fwiw. They each do a particular job. But the "decentralisation" in Bluesky is fake. Or at best, simply not feasiblly true.
For more atproto, see their recently redesigned homepage https://atproto.com/blog/new-site-2026
If anything gets too popular too quickly, I just assume it's a PsyOp. That kind of growth requires extensive media coordination and big money. If you're not paying for a product, then you are the product. As sure as gravity.
Bluesky growth spurts are always when Musk or (less frequently) Zuckerberg step on their dicks again and more people come over from their services. In between are slow declines.
Growth was negative for about a year, it has started growing again this year.
https://bskycharts.edavis.dev/edavis.dev/bskycharts.edavis.d...
It's good FUD. You re-iterate their talking points. (Also, no CTA, no takeaway, just "worry!")
As others have said, the data has to be publishable to be useful. We do have data export laws. The format is known to be ready to use interoperably, not some private schema--atop the PBC commitment, which will at least have moderate legal costs if not a guarantee. It has unequivocally set a new high bar.
They seem pretty locked in to doing what they committed to. The day may come when they turn. It may come first by friction, but the turn has to be pretty complete, because the data is pretty open. What's needed to view it, use it at all, is pretty close to what's needed to host it.
"The site whose value prop is sharing your posts and data with other apps may stop sharing your posts and data with other apps." Yeah, it's possible. It's also possible they just close.
(Throwaway account.)
Several people have mentioned that "you can just own your own data, so that's enough, right?"
Interoperating with Bluesky requires you to either 1) opt into the did:plc standard, which is a centrally controlled certificate transparency log, or 2) have all your users create did:web accounts by manually setting DNS records.
So it is not possible to build on Bluesky at all without opting into this centrally controlled layer. This original post covers this, but maybe not in enough detail to stop commenters from missing the point.
Bluesky the company controls 95%+ of PDSes in the system, which control users' private keys, and they're extending PDSes to include more functionality that prevents users from easily exiting the network, e.g. private data is being implemented in a way where Bluesky LLC can see all your activity. The protocol changes often and with limited community input.
This is being done because "there are no other ways to do it" and "our users are okay with it". The community does pretty consistently attack people who dissent (e.g. look at what happened when Mastodon leaders objected). There's a lot of cheerleading for people who do opt into the system, and there's really no incentive for informed criticisms.
It's not really decentralized or neutral infrastructure; it's a great network for a number of specific subcultures who have a nice space away from X, and I hope the team embraces that.
The work to make the PLC not centralized has already begun
1. Non-profit (separate entity from Bluesky)
2. Moving to Switzerland (get the f' out of the US)
3. Consortium control (proof-of-authority)
A PLC read-only mirror implementation was released the last week. I've been running one for a almost a year, redoing my hardware right now, so it's currently down. There are others out there.
This is still centralized.
It's still good enough for most people
you don't have to like it, that's fine, you have Nostr as an alternative
but when Nostr people come around bad mouthing everyone else, especially with outdated and misleading claims, you make people want to use Nostr less
Which specific claims are "outdated"?
Your answers have all been that it'll be solved in the fabulous future. Quite possibly! But until it happens, it hasn't happened.
the work is currently happening, which I have mentioned in other comments, since you indicated you have read them
Official Bluesky is the worst online echo-chamber I've ever seen.
> Email is an open, federated protocol. Anyone can run a mail server. In practice, running your own mail server is painful.
Wizards can be difficult to develop and maintain. Writing a working, useful, functional, robust, informative, environment-agnostic, and re-entrant script (or GUI/TUI) can take scads of effort. Now that LLMs abound, much of that grind is quickly solved. For example, here's a vibe-coded script that to get dovecot, postfix, and virtual users set up on my new server with mailboxes copied from an old server:
https://autonoma.ca/mail-setup.txt
To vibe code it, the prompt included content from:
https://xtreamsolution.net/complete-email-server-setup-tutor...
After a few kicks at the can (run script, capture errors, feed errors to LLM, repeat), it finally configured a working system. Reviewing the script, yes, it's beyond painful. It doesn't have to be, though; the authors of complex software could produce similar guided installers.
Writing code isn't the hard part of running an email server. Getting your server not marked as spam is essentially impossible, not a coding problem, and why everyone gives up on this.
> Writing code isn't the hard part of running an email server. Getting your server not marked as spam is essentially impossible
I've run my own since the 1990's, it is certainly possible, there are many others who have done the same. I have no issues with email deliverability.
> everyone gives up on this.
Not everyone gives up on it, some do, some don't.
Have you tried setting up a new one, though?