@bnewbold@social.coop
@bnewbold@social.coop avatar

bnewbold

@bnewbold@social.coop

dweb, cycling, free software, snow, wiki, hardware, big cities, symbolic systems. I love speculating about found objects.
Working at https://blueskyweb.xyz/ on atproto (a federated social media protocol). Formerly built https://scholar.archive.org; scientific instrumentation for observational cosmology; open hardware
#seattle

This profile is from a federated server and may be incomplete. Browse more on the original instance.

mcc, to random
@mcc@mastodon.social avatar

More rambling about problems with doing "bluesky" outside the blue sky walled garden (https://mastodon.social/@mcc/112340957577471735). Giving this one its own thread because I'm not sure I'm being fair.

So now I have a PDS working, the first thing I'm experimenting with is: Since I have my own data hosting, can I use this to make posts that are longer than 300 characters? And if I do, what happens? I want to crosspost from Mastodon; mastodon.social allows 500 characters.

So far the answer is: I cannot tell?!?

bnewbold,
@bnewbold@social.coop avatar

@boris @mcc @mackuba huh. you should be able to read and write mostly whatever you want from your own repo on any PDS, if you use the "skip lexicon validation" flag.

In terms of other software, the semantics are that they should reject the record as a post if they didn't validate against the Lexicon. so the appview won't index. same as if you put an integer in the 'text' field instead of a string

bnewbold, to random
@bnewbold@social.coop avatar

I think that when people don't like social media "algorithms", the most common thread is not wanting "automated content recommendations" from outside their network. eg, "tiktok for microblogging".

it has less to do with "one algo vs many", or even "open source vs black box", or really even "engagement maximizing vs good content"

bnewbold,
@bnewbold@social.coop avatar

so "algorithms" like "posts from quiet accounts I might have missed in the past month" are fine, and maybe "friends of friends" could be acceptable, but posts which are popular and likely relevant to interests but don't have any social connection are suspect.

wdyt?

bnewbold,
@bnewbold@social.coop avatar

perennial backgrounder on algo feeds
https://knightcolumbia.org/content/understanding-social-media-recommendation-algorithms

arcanicanis, to random
@arcanicanis@were.social avatar

I guess I successfully created a did:plc and have it published to (sorta) Bluesky's backend did:plc registry: https://plc.directory/did:plc:s2m7kbq2unki7rager5aw6sw/log

Instead of endorsing any sort of a ATProto PDS or anything, I instead have it pointing to my ActivityPub (and other) identifiers in varying forms.

I'm probably the only [non-employee] user (or at least: one of very few) on Bluesky's infrastructure that has full custody and control over their own private keys for their did:plc identity, and yet I don't even have a Bluesky account. Unless I'm just uninformed of something buried somewhere allowing you to export at least one of your rotationKeys (not the signingKey, which is just for signing posts, etc). Because without that, you don't really control your identity at all, only Bluesky exclusively does.

Meanwhile, in this endeavor, I "only" had to:

  • Write a DAG-CBOR and CIDv1 encoder
  • Write a Multibase and Multikey encoder and decoder
  • Write a base58btc encoder/decoder
  • Write a base32 encoder
  • Write functions to compress and decompress a secp256k1 public key (involves crypto maths, for decompression)
  • Write some very adhoc ASN.1 DER encoding/decoding functions (just to encode a raw secp256k1 public key into PEM encoding, to feed to OpenSSL; and then extract the r and s values from the outputted signature from OpenSSL)
  • Write a function to generate a did:plc identifier, from the genesis operation
  • Write a lot of test code

With how scarcely some topics are documented, and how scattered many tidbits of info is: I swear some of this is almost intentionally a trap to sell consultancy.

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis congrats! that is a whole lot of code to write from scratch. we would definitely recommend starting from an IPLD library (giving multiformats, CID, dag-cbor), and probably not using OpenSSL for the crypto bits. there are better or worse EC crypto libs, but encoding and low-S signature issues are common.

bluesky opened up self-control of PLC identities initially created through the app, including fully removing rotation keys. this was necessary to enable account migration.

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis key mgmt can be risky and PLC updates mostly dev-oriented and disclaimed/scary; not very friendly or accessible yet.

curious if you have feedback, requests, or ideas! there might be small changes/additions to make the system more general purpose, or holes in docs/specs

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis definitely some valid points in there!

the IPFS/IPLD/DAG-CBOR ecosystem is definitely a bit sprawling. I definitely prefer it to JSON canonicalization/signing schemes, but that may be a subjective matter of taste at this point. when we take atproto to IETF, will need to decide whether to try to get all that standardized, or just define the subsets we use.

"what is an atproto implementation" has been a moving target, things are starting to stabilize

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis another resource that I hope will help will be more inter-operation test vectors and at least a partial compliance tests.

have an extremely small start on that here:
https://github.com/bluesky-social/atproto/tree/main/interop-test-files

and we have had a typescript+golang implementation of most things from early days, which helps ensure we build to spec, not just "behavior of main implementation is the de facto standard"

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis one thing we really focused on was developer ergonomics when doing a simple bot, integration, or client.

In those cases, it is just boring JSON over HTTP, with machine-readable schemas (which can be translated to OpenAPI etc). shouldn't need to touch cryptography or binary encoding.

bnewbold,
@bnewbold@social.coop avatar

@PurpCat @arcanicanis there is definitely a gap between "enabling" things like federation and account migration, and having it be mature and legible. there is also a large existing user base who mostly doesn't care about the plumbing. when releasing these new capabilities and milestones we definitely leaned towards starting small and slow.

silverpill, to random
@silverpill@mitra.social avatar

Decentralized identifiers (DIDs) can be divided into 3 categories, depending on where the authority resides:

With a derived from a secret key you can truly own your identity. Unfortunately, key rotation is not supported, and if you lose your key, you lose everything. This can be partially mitigated with distributed key generation techniques that make key recovery possible if only M of N shards are available, but they are complicated.

Servers can rotate keys, but they can also suddenly disappear, and again you lose everything.

Blockchain-based systems support key rotation and don't have a single point of failure (if done right). Sometimes they are called "servers with superpowers". However, popular ones are not suitable for the job because writing to them is very expensive and their clients need powerful computing devices and a lot of storage.

Is there a way around that? Yes. Blockchains can be very lightweight and they don't actually need a cryptocurrency, miners or stakers in order to work. There is a simple consensus algorithm known as Proof of authority, and one of the Fediverse competitors, Bluesky, seems to be planning to build such system:

https://github.com/did-method-plc/did-method-plc

>We are actively hoping to replace it with or evolve it into something less centralized - likely a permissioned DID consortium.

They are afraid to say the B-word, but "permissioned consortium" is exactly what it is. Of course, their identity doesn't have to be the only one in existence. I think in the future we might see quite a lot of "identity cooperatives" of different shapes and sizes. Perhaps even a universal client, curl for identity, can be developed.

bnewbold,
@bnewbold@social.coop avatar

@silverpill @erlend @cmdrmoto PLC today works with centralized servers for convenience, but it doesn't have to stay that way. the core of the method is self-certifying identities, and that info could be distributed any number of ways.

I gave a talk recently about PLC and ways to de-centralize it more while staying backwards compatible (video, transcript, slides):
https://fission.codes/blog/fission-tech-talks-bluesky-and-plc/

bnewbold, to random
@bnewbold@social.coop avatar

anybody in the Fediverse, IndieWeb, or other non-platform space working on Community Notes?

curious if there are other re-implementations of the Birdwatch open source codebase in non-Twitter contexts; if researchers would recommend doing anything different in the future; or if there are collaborators generally in this space

jonny, to RSS
@jonny@neuromatch.social avatar

I guess this is turning into a real project so putting this out there if anyones interested:

We're making a very lightweight tool to create RSS feeds for journals from crossref metadata (with room for other sources). If ya dont know, many publishers are shutting down their RSS feeds to drive people onto their surveillance platforms, and every enshittification leaves behind an opening for adversarial interop.

This opens some interesting possibilities like creating feeds for keywords indexed across journals to start breaking down journals as the major organizational scheme of scholarly lit - papers have metadata keywords, but they mostly arent used, so lets use them!

Eventually wed like to write a FastAPI plugin similar to activitypub-express so we can make all feeds available on the fedi as well, and that would be a really nice set of tools to build for smaller AP projects that dont necessarily want to be full instances.

This is designed to be extremely deployable so you can run your own feed generator, but we'll also host a reference instance here at feeds.neuromatch.social once we get it running.

Just getting started, help wanted and welcome from anyone who loves and reading papers ♥

Repo: https://github.com/sneakers-the-rat/journal-rss

Cc @lili and @roaldarboel

Stems from this thread: https://neuromatch.social/@jonny/111668885237921256

bnewbold,
@bnewbold@social.coop avatar

@zackbatist @jonny came here to plug this! IA scholar is FastAPI for the search API to boot: https://scholar.archive.org/api/redoc

would :+1: to building on a catalog like @OpenAlex (or fatcat) which aggregates from a bunch of sources in addition to Crossref; that aggregation/normalization is a bunch of work over multiple protocols/standards, and it is great to de-dupe the interop work

hrefna, to fediverse
@hrefna@hachyderm.io avatar

While I don't want to get into until some questions on governance are answered (and I'd rather something like AP), there is a lot to like here and a lot of things I think we'd be extremely foolish not to use as concepts as we look to the future of .

Going into some of the specific things I like a lot here that are simply not possible* in AP today…

(* yes yes it is possible to conceive of how to do it in AP in a completely non-interoperable way, you're very smart)

1/

bnewbold,
@bnewbold@social.coop avatar

@hrefna w/r/t governance, the current plan is to bring the core protocol to the IETF this year. they won't necessarily take it (would probably be a WG-level effort), but timing is tricky and I don't think we've waited too long so far.

the Lexicon namespacing system provides flexible governance over application Lexicons; that should be flexible to many governance patterns.

how com.atproto.* will work is vague. and there are some details around extensions of 3rd party lexicons to dig in to.

rwg, to bluesky
@rwg@aoir.social avatar

It''s time for me to dig into , specifically the

I'm studying the docs, and I have a question for those who might know better:

The big thing AT is promising is better portability across instances (when such instances appear). My understanding of the docs (https://atproto.com/guides/overview#account-portability) is that this is made possible, in part, by having a copy of my data on my client.

So, I do have a bsky.app account. Where is my local data? I don't see any anywhere. Is that not implemented yet?

bnewbold,
@bnewbold@social.coop avatar

@cragsand @rolle @rwg most of the moderation primitives in atproto/bluesky hook on the the account's persistent identifier (DID), which does not change across migrations.

it is, of course, possible to create an entirely new account (new DID), and import old posts in to that, but all social graph links are broken in that case (reply threads, follows, etc)

timbray, to random
@timbray@cosocial.ca avatar

Feeling emotionally bruised - trying to figure out why the loss of Lahaina has hit me so hard: https://www.newyorker.com/news/news-desk/living-through-mauis-unimaginable-wildfires

I realized it’s the first place where I have direct lived experience that has been demolished as a consequence of our poor environmental stewardship.

Lots more well-loved places are going to go, lots more people are going to be feeling these feelings.

At what point do we wake up and say stop?

bnewbold,
@bnewbold@social.coop avatar

@timbray @boris places like Hoh Rainforest in Washington have a scary amount of material when they dry out. a few years back they had, effectively, huge sprinklers running to keep it damp when there were fires nearby. doesn't work with seawater though.

sabret00the, to bluesky
@sabret00the@mas.to avatar

I keep seeing people mentioning like it's not a subsidiary. Twitter was an investor and incubator. Also remember that a prominent board member of Blue Sky Social, the founder and former CEO of Twitter, was very vocal in saying that was the man to safeguard Twitter... He can clearly be trusted. I'd recommend filling both hands with fecal matter and giving yourself a round of applause before going anywhere near there.

bnewbold,
@bnewbold@social.coop avatar

@sabret00the this is not true.

Twitter gave Bluesky money via an R&D contract, which has now ended, and Twitter the company has no equity, ownership, or relationship to Bluesky.

Jack is not the CEO, Jay. Jack is on the board but has no other role at Bluesky.

Bluesky is not hosted on Twitter infrastructure, they are having load issues b/c of many Twitter folks using old invite codes all at once, on a weekend.

bnewbold,
@bnewbold@social.coop avatar

@sabret00the there are plenty of valid critiques to make of Bluesky!

micahflee, to random

My first article about Bluesky! I answer questions like: "What prevents another Elon Musk from buying Bluesky PBLLC and destroying it 10 years down the line?" https://theintercept.com/2023/06/01/bluesky-owner-twitter-elon-musk/

bnewbold,
@bnewbold@social.coop avatar

@jbenjamint @micahflee the $13m from Twitter is cash has been in the bank for some time now, no strings. I found this "too good to be true" at first as well, but that is the facts of it.

not sure what your specific question is about equity, but pretty common for startup companies to have an employee pool of equity for non-founder staff compensation. the exact details are not usually broadcast, but Bluesky is not doing anything special or unique in that regard

bnewbold,
@bnewbold@social.coop avatar

@jbenjamint the context of the cash was a two-part contract. Bluesky PBLLC was set up as an R&D shop to develop a proto that Twitter could realistically use (yes, hah, unlikely). the first $13m was to develop public spec, then a later $13m follow-on to help Twitter actually adopt proto. separate org for credible neutrality of proto.

since early 2022, clear that second check/contract not coming, and Bluesky shifted from just R&D to also building a service in parallel

cwebber, to random

christine what do you think about bluesky christine what do you think about it

bnewbold,
@bnewbold@social.coop avatar

@ehashman @cwebber @lathamgreen sucks if it feels like you have to align with one side or another.
I suspect at a technical level all of these projects are going to be borrowing and learning from each other. I'm not sure if the same will be true of social dynamics: maybe everything merges in to a one happy blob. but maybe the values and vibes will reify and amplify a with-us/against-us dynamic. I hope not!

bnewbold,
@bnewbold@social.coop avatar

@cwebber @lathamgreen strong agree, Jay is amazing!

timing and opportunity has been a big part of the story, but she has seized the moment and threaded the needle so effectively

bnewbold,
@bnewbold@social.coop avatar

@cwebber @ehashman @lathamgreen I think we are not handling activitypub/bluesky communication well.

part of this is that many of us on the team see ourselves as coming from a different lineage, that of scuttlebutt and dat://. merkel-dag-verse, not W3C-verse. which is a much smaller community, granted, but a pretty thoughtful and values-driven. it feels like we are stemming from that work closer towards activitypub; and that we will all inevitably be sythensized together by a future successor

bnewbold,
@bnewbold@social.coop avatar

@ehashman @cwebber @lathamgreen
I think of this @ftrain quote every day:

> They fix bicycles, then they talk about fixing bicycles, then they show their friend, who just came over for no reason, how they fixed their bicycle, and their friend says, “Wow, good job,” and they make tea.

I love that, "it me", it is so mastodon, and so not (current) bluesky.

https://www.wired.com/story/god-did-us-a-favor-by-destroying-twitter/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • cubers
  • DreamBathrooms
  • ngwrru68w68
  • Durango
  • osvaldo12
  • magazineikmin
  • mdbf
  • Youngstown
  • slotface
  • rosin
  • everett
  • kavyap
  • anitta
  • normalnudes
  • thenastyranch
  • khanakhh
  • cisconetworking
  • modclub
  • GTA5RPClips
  • InstantRegret
  • tacticalgear
  • provamag3
  • ethstaker
  • tester
  • Leos
  • megavids
  • lostlight
  • All magazines
    •