this post was submitted on 12 Jun 2023
65 points (100.0% liked)
Technology
37717 readers
482 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
People are actively migrating to centralized communication platforms away from email. Pretty much every messaging application or chat service with mass adoption at the moment is centralized.
I am not suggesting anything, just saying that I don't know if email is a great example of federation without issues. I think it's important to be transparent about the downsides of federation as part of the discussion.
There is a difference between expecting something to be private on the internet, and the application you are using respecting your privacy. Archive.org is not run by Lemmy - it is a third party outside of our ability to control. Lemmy can control how it handles deleted and edited content within it's system. I don't like how Lemmy handles deleted content for example. I think a delete should be a delete - it should be gone, or anonymized within Lemmy specifically.
I have not made that argument. There is also nothing, as far as I can see, that would prevent the owner of a Lemmy instance (or a fork of the Lemmy software) from doing anything you list here. The software license allows for commercial use and doesn't seem to include any mandates for how instance maintainers interact with user data.
You're forgetting that you're comparing to reddit.
Matrix is catching on and growing rapidly for a reason. Also, email is still widely used in offices for a reason, have you ever had a job that didn't send you emails? I haven't. Have you ever had a job that didn't utilize emails heavily? I haven't.
You're right, reddit does the same thing, though. You can host your own lemmy instance, and then you'll be in control of the data. On any other platform, you have no choice beyond trusting the benevolent dictatorship.
If anything that's a reason to fight for federation, not a reason to fight against it.
Every company I've worked with in the past five years is communicating primarily through Microsoft Teams, Zoom, or Slack. Email is typically reserved for meeting invites or communication outside of the company. I run a team of software engineers and we probably use email less than once a month outside of accepting or declining meeting invites. I do hope Matrix catches on and continues to grow.
To follow along with this argument though, if companies wanted federation - wouldn't they run their own email servers internally instead of outsourcing that out to Microsoft or Google? I don't think I've worked with a company in the last decade that ran it's own mail servers.
Do you actually control your data if you host your own Lemmy instance? What's stopping another Lemmy instances from caching, storing, or using the data for it's own purposes?
Again, I'm not against federation, I'm literally on Lemmy right now. I'm on Mastodon too. I think federation has benefits. It's important to be honest and transparent about the pros and cons.
I literally have never worked with a company that didn't use their own email server, I don't know what you're talking about.
Nothing, but you not caring about that contradicts your argument of not caring about archive.org, that'd still be an external server downloading your data, it's no different.
I don't think there are any cons EXCEPT that developing a federated option is more complicated, but there are no cons for end-users, all of the cons you listed have much bigger equivalents problems for centralized services.
You've never worked with a company using Google Workspace or Office 365/Exchange Online?
How Lemmy instances interact is a function of the Lemmy software and federation. Archive.org is not federated with a Lemmy instance. It's literally scraping content and saving a local copy of it. This isn't preventable without requiring a login to view any content.
I just can't agree with this. My parents are going to understand how to use Twitter and how Twitter works much faster than they'd be able to figure out how Mastodon works. They'd also be able to figure out how Tildes or Reddit works faster than Lemmy.
https://join-lemmy.org/ for example has a distinctly technical first aesthetic. The first page talks about "selfhosted" and has a screenshot of a code example and the technology it is built with. The page appears geared towards software engineers. When you navigate to the join a server page it's got a broken page for sopuli.xyz, it lists random user counts, etc...
This isn't impossible for a non-technical user to understand, but it does have a higher hurdle for understanding compared to traditional centralized services.
The federation concepts are first and foremost in the presentation, instead of the user experience.
One of the companies i've worked for does use exchange, actually, my bad, I forgot it was exchange because it was on their domain.
If it's not preventable, why do you care if lemmy does it? Does this actually matter at all?
Why do you expect privacy on a public forum? You're assuming something that's impossible to get, reddit doesn't give you privacy, tildes doesn't give you privacy, you don't know that your content is actually being deleted their either, again, you're forgetting that you're comparing lemmy to something, not an imagined perfect choice.
https://github.com/LemmyNet/lemmy/issues/2977 also lemmy does delete your shit if you delete your account. So, this really is a non-issue.
Why do you assume they need to know how it works in order to use it?
Do they need to know how email works in order to use it? This is a wrong assumption. Yes, centralized services are easier to explain how they work fundamentally, but if you told someone lemmy was centralized, what incorrect assumptions would the end user actually make to actually impact their experience? Virtually nothing, once the issue trackers for instance-agnostic linking and automatically staying on your federated instance are resolved.
Are you really going to use the nothing to hide argument? I care because we should design software to respect privacy. What Lemmy does with user data is within the span of control of Lemmy. Lemmy should treat user data with respect and value user privacy to the extent it doesn't break the fundamental usage of the product.
Lemmy is open source. Tildes is open source. I know what both of them do, in theory, when I click the delete button. I know that Lemmy doesn't actually delete the post. Reddit is closed source - I edit and then delete my posts there. You are correct, I don't know what happens after that. I'm not arguing in favor of Reddit.
I don't expect privacy, but I want privacy. I use Signal for messaging for privacy. I use a smaller third party email provider for privacy. If Lemmy can be more verifiably respectful of privacy I think that will draw more users into the platform over time.
I don't even know how to respond to this. Why does someone need to know how something works to use it?
Here is the flow for Reddit:
< 5 clicks
Here is the flow for Lemmy:
This process forces the user to make more choices (probably uninformed choices) and requires more navigation.
The join-lemmy page should probably be centered around non-technical users with an emphasis on joining and instance (not hosting one). Hosting an instance should be towards the bottom of the page. It should explain the benefits in plain and easy to understand text.
No, because lemmy ISN'T PRIVATE FUNDAMENTALLY, it's a PUBLIC FORUM I do not know what else needs to be said, don't post public things if you want privacy.
You have no way of knowing what tildes actually does, you just know what the code on github says it does, unless you're running tildes yourself, you have no way of knowing.
https://docs.tildes.net/policies/privacy-policy
"If you delete a post, it is marked for deletion and hidden from the site, but the contents are not deleted immediately. The content of deleted posts is removed from our databases 30 days after deletion."
This is not a fundamental issue, this is a growing pain, and it's solved by just linking somebody to an instance instead of explaining all of that, this is opt-in complexity, not a fundamental problem.
Yeah, that would be better, or you can just link non-technical users instances and explain none of that.
A public form doesn't mean it can't respect privacy. Why even allow delete at all in Lemmy if this is your argument? Make comments immutable. It would be easier to code.
Lemmy is also aware of your IP address - should it make that information available since it's a public form? Of course not, that would be absurd. When I click delete the post should be deleted because that aligns with what the user would expect to happen.
Yep, but that's also true for pretty much all Lemmy instances including the one you use - right? You have to place some level of trust in the maintainers and administrators.
I think the way Tildes handles deleted posts (removed 30 days later) is a benefit when compared to how Lemmy handles deleted posts. I'm fine if the delete isn't instant.
I agree that it isn't a fundamental issue, but it does seem to be a reoccurring issue in federated software. The process for getting people onto the software tends to be focused on tech savvy people. That's why a lot of these platforms end up dominated by IT/software developers.
That requires 'recruiting' someone to a specific instance instead of them finding it on their own. That's not an organic process. Nobody recruited me into Reddit - I found it myself.
If I Google Lemmy my top three links are:
None of these are specific instance someone could join. There isn't a single instance in the first page of results. There are some variations of words that I can use that direct me to lemmy.ml first, but the signup page for that instance literally asks you to go to joinlemmy before signing up.
We need to improve this process if we want people to continue migrating to federated services.
It respects your privacy just as much as the alternative, which again, is reddit.
If you edit your post, the previous version isn't saved.
You are posting on a public website, you can't expect that level of privacy, nothing ever gets deleted on the internet.
The alternative isn't Reddit. It's Tildes, Lobste.rs, Lemmy forks, etc...
News aggregation isn't a binary choice with Reddit on one side. I think if you are saying your software/platform "respects privacy as much as Reddit" that should really be a red or yellow flag. The way Reddit treats user data shouldn't really be an aspiration.
I haven't dived into how Lemmy handles edits specifically yet, but my understanding is that a version of the edit is saved into a log. This also brings up the point - if I can edit my post with a period to "delete" it, why doesn't the delete work that way too?
I didn't say I expected it. I said I wanted it. Just because Twitter is terrible for privacy doesn't mean Lemmy can't aspire to better than Reddit or Twitter for privacy.
You can do that, and delete doesn't work that way in case you want to restore your post.
You can also, again, delete your account, and that will remove all of your posts.
This respects privacy, and is convenient.
https://github.com/LemmyNet/lemmy/issues/2977 I recommend actually checking the issue tracker for that.
I just disagree. Let me restore my post for a limited amount of time before hard deleting it. Make the policy around that data transparent.
I have checked the issue tracker. Privacy concerns are coming up pretty regularly there. Other people seem to value it too. Lemmy has an opportunity to set a new standard around user privacy in this space and I hope we can take that opportunity.
Post it to the issue tracker, it seems like it just hasn't been updated with that functionality yet, not that they won't do it.
My intention is to be a contributor. Rust is my second favorite language. Thank you for the discussion.
I can't imagine they'd reject a pull request for such a thing.