Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
pfraze 8 hours ago

Yeah I’m the guy quoted in the opening of the article.

Yes. Be wary of Bluesky. That’s our whole point. Run the infrastructure on your own. Build separate companies.

Most of the complaints here are just about the cost of scale. You are able to fetch the whole network and its history, and that costs time and money. The only structural centralization is PLC, which is being factored into an independent org.

evbogue 3 hours ago | parent | next [-]

I'd like to encourage anyone who is wary of Bluesky to check out Paul (and Dominic's) back-in-the-day project Secure-Scuttlebot which solved most of the issues that Bluesky suffers from by using content addressable storage and signing key cryptography correctly.

The actual SSB codebase has been kind of broken since 2020, but I have a fork on my own Github that works and comes with a basic client that you can vibe/claw on top of: https://github.com/evbogue/ssbc

I'm happy to supply pub invites to anyone who wants to play around with the old sbot with me as we work towards making social media distributed again.

verdverm 2 hours ago | parent [-]

> Secure-Scuttlebot which solved most of the issues that Bluesky suffers from

I've heard Paul speak about this the other way around, that the experience from SSB informed the design of ATProto. I.e. ATProto solves most of the issues in SSB

For clarity, ATProto is the protocol, Bluesky is one dozens of apps, obv the biggest and most well known outside of the ATmosphere.

evbogue 2 hours ago | parent [-]

Bluesky does solve a lot of SSBs problems. Both projects can learn from each other. The past can become the future and the present inform the past.

This isn't just on Paul, Jay has publically stated that she doesn't believe users (even powerusers) can be trusted with keypairs.

yellowapple 2 hours ago | parent [-]

Jay's unfortunately not wrong about that. Hitting that balance between “so secure even I can't access it anymore” v. “so convenient that cybercriminals can access it, too” is less trivial than a lot of the “just use keypairs” crowd likes to admit — even for those of us with many years of experience working with SSH and PGP keys, let alone people who haven't the slightest idea what a “keypair” even is.

bjoli 3 hours ago | parent | prev | next [-]

Considering how hard it has been, and to some extent still is, to run your own Bluesky instance, the main problem is that it automatically becomes centralised in a way that no open protocol will solve.

If 97% of your users are on one instance it is not a distributed platform. Applying this to mastodon, I am pretty sure most people would consider it a problem if mastodon.social started getting more than 40% of active users (currently at about 15 iirc).

kevinak an hour ago | parent | prev | next [-]

Moving the PLC to an independent org doesn't make it decentralized.

3 hours ago | parent | prev [-]
[deleted]