this post was submitted on 25 Dec 2023
320 points (88.1% liked)
Memes
45646 readers
1090 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I know it's not how Lemmy works, what I'm saying is "There's a big issue with how Lemmy works, here's how I think decentralization should be approached instead." Having terabytes of information possibly disappearing because one person gets in a car accident on their way to work isn't an improvement vs a centralized system hosted on AWS.
Communities would be moderated by their creator, server admins could decide not to host content from any communities they don't want to host, if no server admin wants to host your community then you're free to host it on your own server or to fix the problems with it.
There's illegal content on Lemmy right now, even instances that don't want to host it need to clean up their images folder because of it, so it's not as if the way it works right now is any better for that and it's not as if there's no instance admin ready to host that content.
User credentials can be stored securely. Do you think your instance admin has a text file with your password written in plain characters?
The third credential I was suggesting is just one solution so not all servers have to have a "master database" with all user info stored, split the database and let the users know they need to remember they confirm their login through database X or Y. I'm sure much more intelligent people could come up with another solution.
Again, I feel like you're making the wrong point in the wrong place. My understanding is that you came to a project designed with the ideals of federation, and you complain that it shouldn't be federated. That should probably be done as a fork of Lemmy, or an independent competitor.
It seems to me like you're in ideological conflict with Lemmy's developers, where you see no value in what Lemmy seeks to create. That's completely fine, of course, but I really feel like you're making your case in the wrong place.
Federation does not mean terabytes of information disappearing - to my understanding, posts, comments and votes are already duplicated across the instances. What would be lost is ownership of communities/posts, and accounts created on that instance, as well as things like image posts where the images are stored on one instance.
However, if images weren't stored as links in those posts, accounts could be fully migrated, and communities could be migrated or even just federated with other communities, nothing would have to be lost.
I feel like that structure wouldn't work, just looking at how much defederation is happening, server owners wouldn't want to be affiliated with certain content at all. It did also remind me of the fact that ActivityPub is not just Lemmy - you can also interact with mastodon and kbin on Lemmy, which is rooted in the federated approach.
True, I feel like the issue only gets worse as you blur the line between different instances more, but I have no data to back that up.
I feel like you failed to address my point, that with the current security standard, data leaks are still considered a threat to your password security. Even in the best case, getting access to hashed passwords means being able to brute force it without any rate limits. Maybe I'm wrong, but you'd need to either prove that password hashes leaking are not an issue at all, or figure out a way to provide trusted decentralized authentication server architecture, or figure out a way to store the passwords where leaks are not an issue... Or give up on using passwords and require a different authentication method, like public key authentication.
It's a bit hypocritical of me, since I mentioned smarter people than me working on something, but I feel like if you're strongly suggesting Lemmy should be majorly reworked in this way, there's some expectation for you to provide a solution, not just say that somebody will figure it out.
How does what I'm talking about prevents federation? Lemmy is federated with kbin and mastodon even though they don't work the same way...
I never said I see no value in what Lemmy created, I'm saying that the way they went about it might not have been the right one because now that there's a lot of users and many instances were created, we can see that one major flaw in the system is that the instance's admin can just decide they're done with Lemmy and all content hosted on their instance just vanishes.
If your instance crashed I wouldn't be able to see your messages until your instance was back online, that's why when you copy a permalink to a comment it's the address of their instance that you see, instances host the content posted by their own user no matter where it's posted, instances communicate between themselves to share that info so their users see what other instances users post, that's also why you might still see posts on communities of instances you're defederated from, they're posts by people from your own instance.
On the password thing, it's no worse than what's going with the current system, you're trusting the instance admins not to leak anything... Heck, splitting up the lists could be even more secure since it could be equally divided between hosts instead of having a couple of instances hosting what amounts to over 50% of all credentials... What happens if lemmy.world's admin leaks everything?
And I'm suggesting solutions, I don't have the expertise to implement them. Do you believe that all tech is developed by the person who came up with an idea? Because I sure would love to meet the person that developed my cars seats, computer, engine and suspension, that single person must be one hell of a genius!