Natanael
@Natanael@infosec.pub
- Comment on Our fediverse conversations are gonna have the context they have been missing! 4 days ago:
The post you replied to comes from a different instance than your own, so does my answer. When you’re logging into your instance, the view of their and mine posts are both remote to you.
Sometimes in Mastodon you’ll only see the specific post that you’re opening a link to directly, not other posts before or after. This tries to fix that.
- Comment on UK government trial of Microsoft's M365 Copilot finds no clear productivity boost 1 week ago:
Not if you’re defying safety regulations.
- Comment on UK government trial of Microsoft's M365 Copilot finds no clear productivity boost 1 week ago:
Tools that decrease accuracy should not be provided to government employees
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
A discoverable non-banned account. Not from “ghost accounts”. If a server creates a massive amount of accounts to use them to vote, you can see that a small server has a disproportionate amount of registered accounts too, which probably will be otherwise inactive. Then you can reject votes from that server.
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
The very very short TLDR is that anonymization is very hard, but there’s auditable cryptographic voting schemes which preserves anonymity by using anonymous cryptographic commitments and one of a bunch of different techniques to count encrypted votes (homomorphic encryption, threshold encryption, etc).
You could set it up so you know which server each set of votes comes from but not which users on the server. You could also make it prove each vote comes from one real account and that no account voted twice. You could even make use of commitments plus ZKP to prove banned accounts can’t vote!
It sounds complicated because it is complicated. And somewhat inefficient. But it’s possible. And it would be fully encrypted and anonymous voting.
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
They’re implementing E2E encrypted social stuff. Voting privacy and encryption is linked.
Especially when you have users across multiple servers and both want voting privacy AND being able to deal with vote manipulation. You need stuff like pseudonymous commitments per account attested to by the hosting instance, etc. The only thing that’s simpler but still private is having instances just digitally sign a total vote tally, which also means you can’t detect vote manipulation on other servers at all.
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
It’s doable with E2E encryption, but lots of social stuff in large groups requires coordination which is incredibly hard to with a server that has no knowledge of what the data is because it can’t index anything, etc.
- Comment on Big Surprise—Nobody Wants 8K TVs 1 week ago:
The same argument goes for audio too.
6K and 8K is great for editing, just like how 96 KHz 32+ bit and above is great for editing. But it’s meaningless for watching and listening (especially for audio, you can’t hear the difference above 44khz 16 bit). When editing you’ll often stack up small artifacts, which can be audible or visible if editing at the final resolution but easy to smooth over if you’re editing at higher resolutions.
- Comment on Say hello to Bary 1 week ago:
The volume of Jupiter is mostly gas. If you increase the mass enough, at some point the higher gravity and thus higher pressure at the center causes a phase change of enough mass (from gas to liquid or liquid to solid) that the lost volume from the phase change exceeds the original volume of the added mass.
It’s like pushing a bunch of origami paper into a box until a bunch of them collapse and fall flat instead of filling the volume.
- Comment on Say hello to Bary 1 week ago:
en.wikipedia.org/wiki/Gettier_problem
Unjustified true belief
- Comment on Leaked images of soon to be released Cyber Plane 1 week ago:
My native language doesn’t have separate words for the two, we just specify “penna” (pen) or “bläckpenna” (ink pen)
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
Currently Lemmy is leaking likes via the API even if they only should be available to the user’s host and community host server
- Comment on Leaked images of soon to be released Cyber Plane 1 week ago:
The pens are also very consistent with each other, despite different angles. Probably Photoshop
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
On Mastodon, your instance doesn’t receive posts until somebody on your instance interacts with the account posting it (following the poster, browsing directly to the post, etc).
Feeds with recommendations requires fetching stuff in advance to not be slow and janky. Basically the feed service would need a bot account on your instance and retrieving all popular posts, given the current architecture. Having thousands of these bots across every instance do this would cause a significant performance hit on smaller Mastodon instances when one of their users posts something popular. So you need something different, like a server plugin where the bot fetches the content once and tells all participating Mastodon servers about their cached copy, so they don’t all have to hit the hosting instance. But that’s a security risk with the Mastodon design.
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
Doing it this way is why small instances gets hammered when a user’s post goes viral.
And as for moderation bluesky also carries information with the top post from the post author and allows hiding replies too, etc. This gets enforced on the appview side, so the posting user’s PDS is unscathed if it goes viral.
Bluesky is built to assume a handful of big relay (remember that a relay can merge in contents of another) and a bunch of appview and a ton of PDS servers, feed generators, moderation labelers, etc.
Realistically, the relay network will likely end up voluntarily adopting a tree topology - hobbyist communities would run small relays bundling all activity from members’ PDS servers, then a larger relay in front gathers everything from a ton of smaller relays and makes it available to appviews
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
Zeppelin.social is 3rd party appview and you can host your own
whtwnd.com/bnewbold.net/3lo7a2a4qxg2l
A Full-Network Relay for $34 a Month
Add using DID:Web and you’re now fully self hosted
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
No it doesn’t. If other people on bluesky servers want to see your content then obviously it will go through bluesky servers, but if you connect to a 3rd party relay and use a separate appview like zeppelin.social and use DID:Web for account ID then nothing involving the bluesky servers was used and it still behaves like native
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
They fixed the large cache needed to validate all traffic on your own relay. Now the cost is mostly bandwidth and whatever CPU power you want to spend on indexing
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
whtwnd.com/bnewbold.net/3lo7a2a4qxg2l
A Full-Network Relay for $34 a Month
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
The PLC registry is the only such thing, and also it’s not a blocker because you can use the DID:Web scheme to manage your own account identity
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
Content addressing means you can make your instance pull from both their relay and the bluesky relay and trivially merge threads and views without consistency issues, so that’s solvable.
The bigger issue is all those other regular users who doesn’t, and still get confused (unless they manage to pick a client app that does it for them)
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
It’s doable on Mastodon but significantly more complicated.
You need crawlers to index posts across the Fediverse (and avoid getting them blocked), personalized recommendation models per user, and you need pre-emptive caching on the user’s instance for anything recommended (ideally the crawler would make a cache on behalf of each of the opted-in users’ instances, but without content addressing this is a security risk). You also need to poll for edits / deletions.
- Comment on How decentralized Bluesky is compared to the Fediverse. 1 week ago:
Private posts is planned, but it’s not trivial. Mastodon can’t exactly brag about their nonintuitive technically just not broadcasted posts, where multiple implementations keep making private messages publicly discoverable due to bugs.
- Comment on Taco Bell rethinks AI drive-through after man orders 18,000 waters 2 weeks ago:
It’s the same ordering system, but different queues for drive-through, tills, and kiosk. Usually there’s some priority order, but tills and kiosk shouldn’t be different
- Comment on OpenAI Says It's Scanning Users' ChatGPT Conversations and Reporting Content to the Police 2 weeks ago:
There’s a reason dangerous tools are required to have guards and safety features. It’s not enough that it’s known to be dangerous, that doesn’t stop accidents.
- Comment on An alien invasion 2 weeks ago:
And in fact, killing all the hyper-authoritarians (or at least all of that kind of authoritarian-the irredeemable monster kind) and dismantling everything they built is the best way to stop that.
In theory yes, the problem is you can’t identify them all ahead of time
- Comment on how do you slice it?? 2 weeks ago:
Just the left half
- Comment on 7 years later, Valve's Proton has been an incredible game-changer for Linux 3 weeks ago:
“the official license isn’t evidence, and I’m a clown”
- Comment on 7 years later, Valve's Proton has been an incredible game-changer for Linux 3 weeks ago:
Just give up already