Federated vs Distributed Rant
Federated vs Distributed Rant
So I recently got an excuse rant about my opinions on federated tech. I think it's pretty much the best we can hope for in terms of liberating tech, with very few niches where fully distributed tech is preferable.
Needing a server places users under the power of the server administrator. Why do we bother? "No gods, no masters, no admins!' I hear you shout. Well, there's a couple reasons...
Maybe using software is just an intrinsically centralized activity. One or a few people design and code it, and an unlimited number of people can digitally replicate and use it. Sure, it may be free software that everyone can inspect and modify... but how many people will really bother? (Nevermind that most people don't even have the skills necessary.)
Okay, so we always kind of rely on a central-ish dev team when we use tech. Why rely on admins on top of that? I believe the vast vast majority of people doesn't have the skills and time to operate a truly independent node of a fully distributed tech. Let's take Jami as an example:
"With the default name server (ns.jami.net), the usernames are registered on an Ethereum blockchain."
So a feature of Jami is (for most users) implemented as a centralized service. Yikes. You could build and run your own name server (with less embarrassing tech choices hopefully), but who will really bother?
But say you bothered, wouldn't it be nice if your friends could use that name server too, and gain a little independence? That sounds a lot like decentralized/federated tech.
Keeping a decent service online is a pain in the butt. Installing SW updates, managing backups, paying for hardware and name services... nevermind just the general bothering to understand all that mess. And moderation, don't forget moderation. I'm saying it's not for everyone (and we should appreciate the fuck out of [local admin]).
I believe that servers and admins are our best bet for actual non-centralized tech. A tech-literate person tending a service for a small- to medium-size community is much more feasible than every person running their independent node (which will probably still depend on something centralized).
And maybe that's just the way we bring good ol' division of labour to the Internet. You have your shoemaker, your baker, your social media admin. A respectable and useful position in society. And they lived happily ever after.
yeah, decentralisation is something weird people like us want, but for almost all purposes it's an antifeature for usability.
I like the idea of small communities, but a major issue (possibly the biggest issue) as demonstrated by many mastodon servers over the years is longevity. What happens when your admin gets bored/burns out/dies/goes fash/is replaced with an asshole/is unable or unwilling to moderate effectively?
I don’t particularly like the big mastodon hosts (eg. mastodon.social) but they’re probably still going to be here tomorrow, unlike eg. octodon.social who are winding down because adminning was too much (after 8 years, which was a pretty good run!) and they didn’t have any plans or processes in place to handle this eventuality.
Between that sort of thing and stuff like matrix cryptography being full of holes and large matrix room management being a nightmare and email really being gmail, I’m slowly coming round to the idea that federation is too hard to do well and that if we could just manage a decentralised identity service and decent client software then it wouldn’t matter if servers didn’t talk to each other because we’d still have 90% of what people wanted from federation in the first place. Just a simple matter of engineering, I’m sure.
I like the idea of small communities, but a major issue (possibly the biggest issue) as demonstrated by many mastodon servers over the years is longevity. What happens when your admin gets bored/burns out/dies/goes fash/is replaced with an asshole/is unable or unwilling to moderate effectively?
this is something I’ve been thinking on quite a lot myself — how do we (being a small web service without effectively unlimited VC money to burn on cloud credits or an entrenched corporate infrastructure) have continuity in case anything happens? and as an established community, that continuity has to encompass our infrastructure, our data, and the understanding and expectations that make moderation work.
- for infrastructure, we’re somewhat ok — our deployment code is open, and there’s just enough docs that a replacement admin can spin up an identical cluster with a bit of work
- data’s a lot harder. I’d love to regularly publish a dump of our database with the sensitive details redacted to as many places as is practical (there’s a bunch of archive sites for this), but that would open us to a number of garden-variety and lemmy-specific attacks (and I won’t be describing those in public for obvious reasons, but established posters can inquire in DMs). most likely in the short term this’ll involve rsyncing full database and image storage dumps to trusted parties on a regular basis, though I’m open to any better ideas.
- the problem of guaranteeing continuity of moderation is unsolved. the only idea I have in this direction is effectively a guild or co-op model that’d exist to teach and certify moderators and admins how to maintain communities like ours. I haven’t taken any steps in this direction, and there’s a lot to the idea that’s still effectively magic (how should certification work? what systems should be in place in case of bad actors? should this thing itself be a mostly technical solution or a mostly social one?), but it could potentially guarantee moderator continuity for federated systems other than ours too.
I tend to agree. "No gods, no masters, no admins!" should never mean no assembly and no organization around constraints. Admins jobs isn't just to be capricious. Admins are there to set a tone and maintain it. There are places for random group chats of noise but honestly, pruning, as in gardening, is how you maintain organization. It doesn't feel great to be on the end of pruning but like seriously it should rarely be taken personally when we're talking about something like social media.
Is "No gods, no masters, no admins" a slogan that people were seriously using? Frankly, I was just taking the piss with that bit.
A certain class of idealists definitely feel this way, and it's why many decentralized efforts are fragile and fall apart. Because they can't meaningfully construct something without centralization or owners, they end up just hiding these things under a blanket rather than acknowledging them as design elements that require an intentional specification.
I’m probably gonna show my age by saying this, but in my opinion we already had the near-perfect federated discussion platform over 40 years ago, and that was Usenet.
On a philosophical level it’s not too different from what the Fediverse is trying to achieve. However, because it is a protocol and not a software, you aren’t bound to specific implementations. Everyone can implement the NNTP protocol because it operates on the same principle idea as email. And just as not one organization “owns” email or HTTP, no organization can own Usenet.
It’s also more of a “verse” than the Fediverse because it’s really fundamentally a different thing than the internet (as in the HTTP internet), and not a software layer on top of it. By that virtue, you don’t even have to bother with shit like tracking, advertising, or even large-scale data scraping because the protocol just doesn’t allow for it. (Doesn’t mean it couldn’t, of course. I’m sure a Google would come up with NNTP2 and enshittify it if it gained enough traction, but hey.)
In terms of moderation, on Usenet a mod is really someone who pre-reads messages and either approves them or not. You can implement the same tech that powers email junk filtering for that, and it works generally pretty well. It’s way more hands-off than anything Reddit or Lemmy or forums offer. Sure, for large enough groups this becomes a chore too, but I’d still rather work through a bunch of what basically amounts to emails than some convoluted mod interface on a website.
The only downside is that it’s not as easy to use, at least not for people who’re used to modern apps. On the other hand, everyone who’s ever written an email im Outlook or Thunderbird shouldn’t have a problem, and I’m sure someone could cook up a pretty smartphone app, too.
Mentioning that Usenet is free from advertising is rich seeing as that's where spam as a concept originated:
https://en.wikipedia.org/wiki/Laurence_Canter_and_Martha_Siegel
People who remember Usenet fondly either only hung out in the good parts (heavily moderated technical newsgroups) or are perfectly fine with defining online discourse as being text-only and gated by access. I wrote a bit about this in a draft comment about Gemini in another forum:
What rubs me the wrong way about all these pseudo-retrospectives about how wonderful the Internet was before the Web is how much current users of the our global community are effectively erased. If you weren't student or faculty on a Western university (generally of a technical nature) you did not have Internet access. So you were young-ish, male, and wrote English. (This certainly describes, I entered a technical university in Sweden in 1992).
I know that the motivation for Gemini is expressly to get away from the current ad-tech-driven surveillance economy of the Internet, but like a lot of Internet people, there's a huge blind spot about how to do this.
Companies are not hoovering up tons of personal info with the help of JS-infected websites because JS exists, they're doing it because it's legal and easy and basically the only way to monetize content on the internet right now.
The solution isn't to cripple content so that JS cannot be used with it, the solution is to take a long hard look at the legal frameworks around privacy and how companies are allowed to use people's online behavior to make money. But (US) internet culture is conditioned to believe that this is literally impossible - that the political system in the US is so utterly broken that it's not feasible to work through it.
I think it's worth emphasizing that the biggest change between that idealized Internet and today's adware hell wasn't any technological change but a massive shift in who was using the internet, how, and why. The technological changes that led off of that were largely attempts to meet the needs of this new audience, and they largely did not have the technical skills to do their own administrative work and didn't have any interest in doing so anyways. That user base effectively requires some level of centralization, and since those centralized entities are explicitly about offloading the technical work of being online they are (in our current economic system) going to end up being primarily profit-driven as a way of ensuring the people who do that work are compensated. From there the advertising model of monetization has the distinct advantage of not making those users pay you anything because even though they're the product rather than the buyer it's really easy to sell something that's free. Social media completes the loop by giving those users tools not just to consume information without having to think about how it's done to letting them create their own online spaces and share their own work with each other, meaning that you no longer need to know even HTML or what a "server" is in order to fully take advantage of the internet.
Google and Facebook aren't the product of a sinister conspiracy trying to control the internet in order to push a woke ideology down the throats of an unwilling populace. Instead, they created services that streamline and moderate user's access to online information and nobody appears to have realized how much actual power that gave them over people's access to information (and by information I increasingly mean "the whole world") until they had already become economically dependent on selling that influence machine to the highest bidder in the form of advertising. All the technologies that enable the modern intermet and the associated problems and centralization on problematic platforms and companies were created in an attempt to meet the needs of users without any consideration for the kinds of social and economic structures that were embedded in those technological structures.
Zuckerberg and friends aren't evil geniuses who need to be stopped by a plucky band of good guys, they're a bunch of amoral idiots who have gained incredible personal wealth by stepping into a powerful role that was made systemically necessary without any consideration for who was going to fill it, and now we need to solve the problems of both how that power should be used by who and of how that power can be wrested from the hands of the people who have proven themselves categorically incapable or unwilling to use it responsibly but are making too much money to let go voluntarily.
Fair points, I guess. When I speak of advertising, I meant specifically that "ad-tech-driven surveillance economy", not the ability to post (or spam) your product down any given channel. I should have said targeted advertising specifically.
People who remember Usenet fondly either only hung out in the good parts (heavily moderated technical newsgroups) or are perfectly fine with defining online discourse as being text-only and gated by access.
I guess I am in that bubble, yes. I remember Usenet mostly as being rather heavily moderated as I mostly stayed away from the scary parts of the alt. hierarchy (esp. alt.binaries), and most of my interactions were with creative communities in the form of writing and fan-fiction on rec, as well as what I perceived as early safe spaces for discussions of LGBTQ issues on soc (especially SSYGLB). There were also some groups in my native language that catered to both of these interests in some of the language hierarchies outside of the Big 8.
But I suppose it's the same romanticized idea that Gemini follows and only appeals to me because I have somewhat positive memories. Idk, I guess I'm just kinda fed up with the modern internet, especially because I also see a lot of that ad-tech crap at work which doesn't leave me with a lot of hope that it won't get worse.
There are plenty of community managed lists that are kept up for various things, with multiple sources of truth to choose from. As an example, adblockers do it. You can manually adjust as necessary, and the provider has a list, but there are also plenty of other blacklists /whitelists you can use in addition to or in place of theirs.
While I don't think serverless is necessary, I think genuinely P2P services are possible using similar approaches. The "primary" developer can provide and maintain default lists for moderation, but any other source can provide their own, moderated or curated to different standards. You make the default distribution automatically subscribe to reasonable defaults, other distributions can do their own, and end users can adjust as desired.
If you allow these white/blacklists to keep you from storing/redistributing content as well, the worst concerns of bad actors abusing your network to do genuinely fucked up shit are reasonably mitigated.
I think a better solution is to truly emulate what really happens in the real world via peer to peer networking, and appointing / trusting certain individual as an admin/moderator for the node. That way a node can choose to become independent or have a quorum system or fully trust a single other node. That is my idea anyway, I haven't dug much deeper into this idea.
Like a co-op where management is just a hired position?
Edit:
my Y Combinator pitch: Patreon, but for professional moderators on the distributed web.
The notion of “professional moderator” should perhaps ring some alarm bells. Sure, some people will be good at that sort of things, but:
- being a moderator can be stressful or even traumatic, depending on the sorts of stuff your site is subjected to. Mods must take breaks from time to time, and modding several sites at once to pay rent seems like a route to a mental health disaster.
- mods opinions should broadly reflect the ethos of the site and at least some portion of its user base. Selecting mods from that user base is one way to do this… finding non-users who don’t need time to get up to speed with the local situation seems challenging, unless you’re running a very generic bland corporate platform.
- ACAB. People who seek out mod powers should be given a good deal of side eye. Assholes lurrrve positions of power and authority, asshole mods wreck communities, and finding non-assholes in good mental health who have the time and are prepared do the often unpleasant task of moderating your community seems challenging.
treehouse.systems had a nice thread recently about their modding arrangement, but I can’t find a handy link to it right now.
I don't know what a co-op is, but I see the moderation system at BlueSky and think if that can be generalized then maybe that is the answer to a lot of centralization problems. So a node representing a peer can do basically anything that node operator/peer wishes including delegating his node operation to another node or a quorum of node. And if the peer wishes so, they could also take their node back anytime. For example in communication, we already have decentralized web of trust from PGP or other Public Key Infrastructure.