this post was submitted on 06 Feb 2024
208 points (96.8% liked)
Asklemmy
43908 readers
1007 users here now
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Uhh, let's see...
After a search, it seems like they actually just copy the settings from your Mastodon account. It's still a separate account. I'll keep checking in case I missed something.
It doesn't even sound like they securely bring over the password, which presents a little bit of a phishing threat if people are re-entering their Mastodon password into third party apps like this one.
Edit: Yup, here's a video/gif. I'd do a federated link but I'm not sure Lemmy supports that yet.
You could totally copy someone else's Mastodon this way, so that's fun.
alright, well that's not great, but my point is more that we could update the protocol to allow this to be done securely and conveniently.
It would still be a separate account, but yes, seamless migration to a new instance could be a thing. There's scripts for it already. OPs suggestion that you can just move between instances with the same account isn't how the fediverse works.
If you just want to been on Pixelfed and Mastodon, your instance giving access to both would be the cleanest, best way.
I'm OP.
I'm not sure why you're speaking in the present tense about a suggestion I am making for the future.
Ah, sorry. Didn't notice, there's a few people talking to me.
Yes, it's not a thing that could work. If you had some centralised way to handle accounts it wouldn't be federated anymore. It would be another (semi-)walled garden or some kind of blockchain-ish thing, but either way it wouldn't be ActivityPub-complient.
So why can't you have some federated way to handle accounts?
Unless you changed activitypub, right?
What does that mean? When you post, who's server's outbox do you post from? Inboxes and outboxes by server are a central part of the standard.
You can copy over a user, and make another similar account (like pixelfed), or you can do stuff on that server from another federated server, but at the end of the day you're not on the same account on different servers.
Sure. It'd be a pretty huge departure, though. To a weird degree, like Coca-Cola leaving the beverage business becoming a tire company.
If you wanted to make a new protocol, you could go beyond federation and have a fully decentralised system where everything happens on arbitrarily many servers in parallel, but that would be a lot of work and probably data-heavy before any users walk through the door.
The server my account is stored on.
or any other, I don't give a shit, I'm not sure why this would make a difference, but that seems like the obvious answer to me.
I don't know why the current pixelfed app needs to make a separate account.
I gather it finds that solution most convenient, as it means the fewest interactions with the Mastodon server, and there's currently no straightforward for the current pixelfed app to establish a secure long-term session with a non-pixelfed server. I understand that it currently does make a separate account.
I don't understand why it is inconceivable for the activitypub protocol to support such communication. eMail has multiple standards that let me log into Thunderbird from non-Thunderbird email servers.
I feel like you're describing something I'm not calling for. I'm not calling for accounts to be mirrored to multiple servers. I'm calling for a system where client applications can access different servers without copying accounts to a more familiar server.
And I feel like I've explained in as much depth as I can quickly what the problem is. I'll pass the ball over into your court now. Propose an architecture that can do this, prove me wrong.
Like, if you have specific questions I'm here, but it would be a waste of both our time to go "no, you can't; yes you can" back and forth.
I'm not saying "yes, you currently can do this with the activitypub protocol as it is," I'm saying this feature could be added to activitypub, and I've made specific references to protocols like POP and IMAP that handle logging into email servers from various client applications. I'm not going to code it myself, I'm an attorney, but I do know enough about computer science to know that there is no computabilty issue with my proposal, and that you dislike it primarily because you don't currently have an idea for implementing it, which is not my concern at all.
It's not just computability, networks are involved. If this was all on one machine, you're right, there's no reason you couldn't change it, but there's delays and information losses and even bad actors involved. To deal with this, ActivityPub assumes users are confined to servers at the very core of it's concept.
I'm not an attorney, but I know enough about the law - or at least policy - to attempt an analogy. It's like a legislator trying to add a requirement that all corporations are fiduciaries to their clients. Fiduciaries exist, and work. They couldn't work like that, though, because a market economy assumes a certain amount of pursuit of self-interest. How the hell would a corporation handle all the conflicts of interest that would arise? What happens when they inevitably misunderstand what the interest of a client is? What about when there's multiple parties fulfilling different functions in the same project, but who may have competing interests?
You could try and make a non-market system where production is handled by fiduciaries, and you could even call it "capitalism 2.0", but it wouldn't really be capitalism anymore - that would be the blockchain thing. I don't know what the Pixelfed approach would be equivalent to, but it's basically mimicking the functionality of the feature (fiduciary duties) without actually implementing them. Maybe just really strong consumer protection regulations.
To be clear, market principles are ActivityPub here. If I'm imposing funny ideas about law, no offense, but we're even. The takeaway is that decentralisation makes things a lot more nuanced than they ever are on a machine you fully control.