I was struggling to wrap my head around how federated social media works until I realized that email has basically been doing the same thing for 30 years. Different email servers are like instances of a federated network. You can send emails to people from within a single server or you can send emails to people on any other mail server. Your email address is a username followed by an ‘@’ and the server address, just like on Lemmy. Email is a decentralized service I’ve been using the whole time!
I was explaining it to a friend today, and I came to the conclusion that Lemmy is a LOT like the old FIDOnet message network that was used on BBS’s.
Except it doesn’t take six days for the reply to come back. (I say this ironically, replying six days after your comment.)
The problem is, that email isn’t really decentralised/federated anymore.
It’s impossible to day to setup your own mailserver and have the email accepted by the major email providers (where most of the people are)!
Checkout this article: https://cfenollosa.com/blog/after-self-hosting-my-email-for-twenty-three-years-i-have-thrown-in-the-towel-the-oligopoly-has-won.html
It’s sad, but while email is decentralised in it’s core protocol, it’s execution has become too centralised today. Fortunately, HTML and the web standards are better as we at least still have Firefox (a non-chromium BLINK engine based browser) today. But even there, chrome takes up too much of the market share.
Doesn’t prevent me from doing it.
I send a mail to you and your shitty mail provider blocks it as spam, even though I setup my SPF and DKIM entries correctly? Well that’s your problem, complain to your provider then lmao.
Of course that cannot be applicable to every use case. Sometimes you need a mail to go through in which case I still use GMail or iCloud Mail, unfortunately.
But it became like that because we let it become like that. We should use email as it was intended to be used, and if it doesn’t work, well fuck it. It’s the recipient’s fault for choosing a shitty or “non-compliant” provider.
While I can understand your sentiment, the problem is that many people simply didn’t care, and hence they never demanded that from their providers or moved away when they added such anti-competitite policies.
For the large majority of humans, even understanding what the hell the internet is and what computers do is still a mystery. I can understand, that for most people, it was difficult enough to get used to email and cloud stuff in the first place.
But now, over the past decade, many people have often experienced the problems of corporate-owned non-decentralised services. (Twitter, EverNote, etc.)
And with these experiences, it’s much easier to convince and have people move over to alternatives.
Again. I understand why you’re ‘angry’. And I feel that too. But I also see, that many people don’t care and simply take the most comfortable options as they don’t see the risks in lock-in.
The OG federated social media was Usenet.
And… usenet messages are basically email messages with a few extra header lines. The format is otherwise the exact same.
Much like how this is just ActivityPub with a few extra metadata to thread them.
Unfortunately, what email has also shown is that platforms can develop much faster than protocols. I hope all works out for lemmy in the end, but it will be interesting.
Absolutely. Now we’re stuck using a protocol that has zero encryption because decades ago no one thought about that. All our private correspondence is readable by every ISP and government it passes. If only we could make an email 2.0…
I mean, it’s not like theres really anything stopping the big providers to implement PGP on top of Email.
They just don’t, because users don’t care. So you have to do it yourself, in a plugin or whatever.
Still works, just more cumbersome, but I wouldn’t blame the protocol… at all.Adopting a consistent way to do it that everyone agrees on is the hardest part. PGP works but you have to make it easy and integrate it with all the top email providers so that most people are using it without even noticing.
you wouldn’t even relly need to find one consistent way, just identify the way servers do it, and have a list of supported methods.
let’s say there are implenetations a,b,c, and d
if let’s say google supported b,c and d, and apple b, and hotmal c and d, only hotmail-apple traffic would be unencrypted as they can’t agree on a common method.pretty sure that’s how TLS (i.e. https) works.
It used to, but v1.3 supports only 3 ciphers now.
No, encryption was considered. It was supported from pretty early on via PGP. If you check out decent mail clients (obligatory digdeeper), you’ll find the tooling.
Email with PGP is very far from secure. No forward secrecy (one mistake and the entire thread history is revealed) and metadata is unencrypted.
PGP email has nothing to do with the email protocol. All your message metadata and headers are still not encrypted/can’t be encrypted. You can only encrypt some payload with a PGP key, and it’s up to the receiver to figure out whether or not they want to trust any of the message metadata. The entire envelope is still plaintext everywhere. PGP email is just email, but you’re sending some random encrypted text in it.
Why didn’t it ever become the norm?
Encryption was illegal back in those days, especially for export. Google “crypto wars”.
Furthermore it was quite computationally expensive. Modern CPUs have special instructions to work with AES and other algorithms, but back then it had to be done with individual instructions and with slow clock speeds.
Also, DNS, and routing protocols. The Internet was designed for it. Walled gardens are an affectation of capital used to create the artificial scarcities it then exploits.
deleted by creator
In the old days, when you wanted to do something new on the Internet, you designed a protocol and published an RFC. Perhaps you provide a reference implementations, but maybe you didn’t. Anyone who wanted to could implement clients and servers for that protocol. People created things just to empower each other.
Today, capital dominates development on the Internet. When capital wants to provide a new service, it encapsulates it in an app. Users may only interact with the service as an access-controlled black box. Capital creates things to parasitically multiply itself.
The old Internet never went away. It never really even stopped growing in absolute terms. It just got out-competed by the wild malignant growth of the commercial Internet. But, the old one is still there, and today it’s like it was in the 1980s, early 90s all over again; people who live on the old Internet are once again finding ourselves alienated from mainstream culture.
Now that debt isn’t free and unlimited anymore, things might change. I hope the old, free, distributed, democratic Internet has a revival. Everyone who doesn’t find us or can’t unplug from the matrix is going to get terribly exploited.
I don’t disagree, but I think it’s a bit of an oversimplification to attribute it all to capital. There is a failure in how the original internet (and traditional FOSS for that matter) envisioned the world.
The original vision was that everything will be distributed. There are protocols, there are implementations, and there are “users”. Where the term “user” encapsulated everyone from the person developing/contributing/maintaining the code, the person deploying and operating it, all the way to the grandparent or child or otherwise absolutely non-technical end user.
The idea was sound. You are a technical user, you could run email server for a set of people you know. Others could do the same. Small companies could start offering paid services, etc.
But the devil is always in the details. Who is maintaining it? Who is keeping everything secure and updated? How does it scale? How frequently do you need to migrate everything because the operator is going out of business or has come down with health issues, or has died. How much trust do you have to put in every operator? People don’t want downtime. People don’t want frequent migrations. People don’t want to have to trust hundreds of small providers and have churn all the time in services they rely on for their day to day.
The rise of a centralized, large, and popular operators of each type of service is inevitable in that case. A couple of large email providers were always distant to happen. Same with storage, messaging, etc. It’s difficult to selfhost everything yourself, and it’s incredibly burdensome to do it for free for a large number of people.
Yep. Sometimes, the old ways are best.
I’ve seen people scoffing at the idea that federated services can become popular due to how hard it is to understand, but it’s actually quite easy when you think of it using this analogy.
Yes, but the sign up prices can be annoying. I tried signing up at a bunch of different instances and it never went through. I’m addition finding communities is a little painful. But all in in a big fan of it.
Finding communities can be painful indeed, and there are a few other wrinkles that I hope will be ironed out over time, like having the ability to hard delete posts and comments and having a setting to disable autorefresh.
There needs to be a directory that is universal.
Its a reasonable analogy, but were not there yet. While mastodon instances will talk to mastodon instances, and pixelfed instances will talk to pixelfed instances, and kbin instances will talk to kbin instances, at the moment the intercommunication between apps is a real issue. Imagine postfix wouldn’t reliably talk to exchange servers, that would be a real barrier to adoption. I’m hopeful this will get sorted, but were on the bleeding edge at the moment.
deleted by creator
Surprisingly I’ve heard that the email analogy is not very useful for explaining federation. But I guess not that surprising with people <=18. They’ve probably never even had an email address outside of school provisions or whatever.
Could you elaborate on that?
Because they use fone number to register for things instead
