this post was submitted on 05 Jul 2023
1222 points (95.3% liked)

Showerthoughts

30035 readers
678 users here now

A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. A showerthought should offer a unique perspective on an ordinary part of life.

Rules

  1. All posts must be showerthoughts
  2. The entire showerthought must be in the title
  3. Avoid politics
    • 3.1) NEW RULE as of 5 Nov 2024, trying it out
    • 3.2) Political posts often end up being circle jerks (not offering unique perspective) or enflaming (too much work for mods).
    • 3.3) Try c/politicaldiscussion, volunteer as a mod here, or start your own community.
  4. Posts must be original/unique
  5. Adhere to Lemmy's Code of Conduct

founded 2 years ago
MODERATORS
 

If the descentralization of social networks continue, we will have to prepare for the eventual rise of the instances wars, where people will start to fight about which instance is better and which one is weird to be in and so on, but that's for the future of us all.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 31 points 1 year ago (8 children)

This will likely follow a similar pattern to email, since it's starting from a very similar position.

At some point people will begin to assign identities to instances and imagine (rightly or wrongly) that being on an instance says something about a person. People do that with cars, shoes, and yes, even email domains.

From a technical perspective, right now Lemmy is as anonymous as can be — I've yet to see an instance that requires ANY kind of verification. I didn't need to provide an email address, phone number, or any other identifying information to sign up. Didn't even need to solve a captcha. I just choose a name and set a password and BOOM! I was in.

Once upon a time, email worked this way, too. Then came the spammers, scammers, and other bad actors, and this was deemed untenable. Nowadays, any email provider that allows anonymous signup is likely to be blocked by most of the email-using world. You won't be able to use them to sign up for other services, and you might not even have your mail accepted by other providers.

This will definitely become a problem as Lemmy becomes popular, and instance admins will need to crack down, lest they be overrun and defederated by the rest of the world.

I'm not sure what the answer is. This is a problem that has not been adequately solved, IMHO. A few bad apples spoil the bunch. That's been true since long before the Internet.

[–] [email protected] 4 points 1 year ago

even email domains.

No joke. During my interview for a bell company my email came up for whatever reason and thier response was "oh! You use Gmail!". Like I was hired on the spot because of it. It was very strange.

[–] [email protected] 4 points 1 year ago (2 children)

From a technical perspective, right now Lemmy is as anonymous as can be — I've yet to see an instance that requires ANY kind of verification. I didn't need to provide an email address, phone number, or any other identifying information to sign up. Didn't even need to solve a captcha. I just choose a name and set a password and BOOM! I was in.

Sopuli made me write a little paragraph about myself before they let me in

[–] [email protected] 3 points 1 year ago

lemm.ee asked for an email and then sent me a confirmation email to click. But that's it.

[–] [email protected] 1 points 1 year ago

same as feddit.de did when I made this account

[–] [email protected] 3 points 1 year ago

At some point people will begin to assign identities to instances and imagine (rightly or wrongly) that being on an instance says something about a person.

*Cough

[–] jerdle_lemmy 3 points 1 year ago

Might be true on sdf, but on lemmy.world and sh.itjust.works, there are captchas and email addresses.

[–] fluke 3 points 1 year ago (2 children)

I had to verify with email to sign up for this?

Actually tbh I'm not even sure what anyone here is even talking about...federations and instances? I thought this was just a new Reddit but with a different back end.

[–] [email protected] 4 points 1 year ago

Okay, it makes sense that some instances are doing that already. I signed up for a few and none of them did, but I'm not on lemmy.world. I'm on lemmy.sdf.org (and a couple others, but this is my main one).

u/[email protected] already gave a great explanation. So here we are, three different people using three different servers, all talking in the same thread and generally not even noticing the difference. Neat, isn't it!

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Lemmy is a federated link aggregator and forum. Kind of like a hybrid between email and Reddit. I'm a member of Lemmy.zip, but I'm posting on another Lemmy instance (I forget where this post is, Lemmy.world, right?). Lemmy.zip and lemmy.world are "federated", which means if users on one instance interact with users on another, both servers will sync this activity. Lemmy.world will accept lemmy.zip user posts.

And user names are only unique for a server. Just like "[email protected]" is a different email than "[email protected]".

Community searching shows the community name and the server where it's hosted. Even though I only have an account on Lemmy.zip, I can subscribe, comment, and post on communities from other instances, as long as lemmy.zip is federated with them.

Recently, Beehaw de-federated from much of the fedi-verse. This means their software works the same, but prevents their users from interacting with the rest of the community, and the rest of the community from interacting with their communities and users.

It's complicated and annoying, but necessary to be federated to prevent the fate of Digg and Reddit.

Also, one instance could require email and 2FA to be safe, and choose to de-federate from an instance that has no verification and becomes full of spammers. Or, someone could create a Lemmy instance that requires verification of identity (like AMA used to do, or the old Twitter checkmark), so if John.Oliver from the "Lemmy.OnePercent" instance posts, you know it's the real John Oliver. There's benefits and complications from federation.

[–] fluke 1 points 1 year ago (2 children)

So if I'm understanding it correctly, Lemmy is the Federation and .world is the instance? And then within that instance are it's own communuties?

[–] [email protected] 3 points 1 year ago (1 children)

Not quite. Lemmy.world is the instance. I'm from the instance lemmy.sdf.org and I also hang out on feddit.uk . The instance names are just URLs (.world, .uk, and org are all like .com).

Handwavy explanation because I'm fuzzy on details: Federation is the magical interconnection between instance lemmy.sdf.org and instance lemmy.world that allows me to see posts/threads/users on the lemmy.world instance .

[–] fluke 2 points 1 year ago (1 children)

Hmmm...I think this is the best explanation I've had so far.

I certainly don't mean this negatively, but I get the impression a lot of the people here that actually understand it are also bad at explaining it to normies like me. And people like me are very much in the minority at this stage in the growth.

[–] [email protected] 2 points 1 year ago

Aww, thank you.

It's a hazard of really knowing what you're talking about that leads to overestimating what other people know. I don't have that problem 😉. Relevant xkcd: https://xkcd.com/2501/ .

[–] [email protected] 2 points 1 year ago (2 children)
[–] [email protected] 2 points 1 year ago

@fluke in case this is not a joke, yes instances host communities, but the lemmy.world is just a domain name. Federation just means lemmy.world and another server/instance such as geddit.social can share and exchange communities, comments, and threads they host with each other. I'd be happy to answer additional questions you might have, but I'm not as expert as I don't share links in that format much.

[–] fluke 1 points 1 year ago

Is what a joke?

[–] njtrafficsignshopper 2 points 1 year ago (1 children)

Wait - what kind of proof of identity do Gmail, outlook, Yahoo, etc require to make an email address?

[–] [email protected] 1 points 1 year ago (1 children)

I'm not sure about all of them, but for Google, you can't create a new account without a valid phone number for SMS verification. If you created your account a long time ago then you're kind of grandfathered in and don't need to add a phone. They don't allow known VOIP numbers (including Google Voice) and I think you cannot use the same number for lots of accounts.

This might vary by country. My experience is with the US version of gmail.

[–] njtrafficsignshopper 2 points 1 year ago (1 children)

Hm I have made at least 3 gmail addresses and didn't have to do this. And in fact their apps support account switching pretty easily, which seems to indicate that they don't really disapprove of making multiple accounts.

In fact the only thing they asked for was a backup email address in case you get locked out or they need to send security alerts, and that was optional.

[–] [email protected] 1 points 1 year ago (1 children)

Interesting. I had to make a new account just a couple weeks ago (for Android testing as part of my job) and there was no option to continue without SMS verification. Couldn't use a landline, couldn't use VOIP, couldn't fall back to email verification or anything else.

One of my coworkers was unable to use their cell phone number because Google said it was already in use. But it let me use the same number I have associated with my personal account, so go figure.

[–] njtrafficsignshopper 2 points 1 year ago

Interesting, could be because it's something you've had to do often enough that they're trying to rate limit you

[–] [email protected] 1 points 1 year ago

It's already occurring. If you have an account on esploding head you can't set content from some places and people will reply to you in aggressive ways based on preconceived notions. I know if I see a commie or tanky making comments I view as shitty then I am already doing it too.

[–] [email protected] 0 points 1 year ago (1 children)

From a technical perspective, right now Lemmy is as anonymous as can be — I've yet to see an instance that requires ANY kind of verification. I didn't need to provide an email address, phone number, or any other identifying information to sign up

Not exactly anonymous...

Lemmy will most likely go the way of 4chan, they'll ban connections from all major VPN services and start banning users via IP.

[–] [email protected] 2 points 1 year ago (1 children)

I'm sure that it's a little more complicated than that with a federated network. Since you can host your own lemmy instance you could hide your information behind that.

[–] [email protected] 1 points 1 year ago (1 children)

I'd guess it's a mix of your post and the parent post. Lemmy instances will have a user verification policy and de-federate with instances that differ too much. So the Lemmy instances with emai verification and 2FA will eventually de-federate from an instance that wants to be anonymous and has zero requirements for creating an account.

Maybe curse me for bringing the idea up, could a Lemmy instance exclusively use Facebook's login features? So that you have to use "login with Facebook account" to create a Lemmy user on the instance?

[–] [email protected] 1 points 1 year ago (1 children)

Maybe curse me for bringing the idea up, could a Lemmy instance exclusively use Facebook’s login features? So that you have to use “login with Facebook account” to create a Lemmy user on the instance?

Oh god.

I don't think the Lemmy code base supports that yet, but adding OAuth support is a natural thing to do at some point. I guess if you were dedicated you could hack it together yourself in your own instance even now.

[–] [email protected] 1 points 1 year ago

As horrible as it is the implementation would take Facebook only a few days since lemmy is open source. The "problem" with an open system ist that basically everybody can join

Facebook will definitely hide behind a Facebook logins defederate everything that they don't like to "protect" their users.