Post ARTtwo9w4eDkJ16crI by fl0wn@in.atwistedsystem.com
 (DIR) More posts by fl0wn@in.atwistedsystem.com
 (DIR) Post #ARTlq8X38APxpYE0xc by hallam@infosec.exchange
       2023-01-09T18:06:24Z
       
       1 likes, 0 repeats
       
       I think I see a solution to the Eternal September problem.Everyone wants Mastodon to grow. But rather too many people want it to grow while being unchanged by the consequences of growth. And that is of course impossible.Mastodon today is a community defined by a particular set of cultural values, It is not just a steaming pile of technology. As the community expands, there will be people who do not share those values.This is the very problem that USENET hit in 1990, long before the Eternal September as what had been a closed community was opened up and the BBS community started joining. Some of those people did not share the values typical of US Higher Education, they were the likes of mass murderer to be Timothy McVeigh, Holocaust denier Dan Gannon, Turkish intelligence operative Hasan B-) Mutlu, etc. etc.So here is the idea, how Mastodon can grow without growing. Add groups into the Fediverse protocols and let Mastodon become one group within that system.Imagine if from a single client I can access Mastodon, Twitter and the RPF (Replica Prop Forum).
       
 (DIR) Post #ARTm742t44BMq4Bkiu by fl0wn@in.atwistedsystem.com
       2023-01-09T21:35:10.663955Z
       
       0 likes, 0 repeats
       
       @hallam ostatus, what we used before Mastodon and AP, supported them.   I wouldn't hold you breath waiting for them to be implemented.
       
 (DIR) Post #ARTmCGJgruwyLQWicS by bobwyman@mastodon.social
       2023-01-09T18:37:26Z
       
       0 likes, 0 repeats
       
       @hallam I think you do not need to "add groups into the Fediverse protocols" if those protocols include ActivityPub since that protocol already allows for a "shared inbox." (i.e. Group members would be associated with a shared-inbox. Messages sent to the group would be sent to that shared inbox.)
       
 (DIR) Post #ARTmCGgNVZ69Tn8pyy by hallam@infosec.exchange
       2023-01-09T20:35:08Z
       
       1 likes, 0 repeats
       
       @bobwyman There are two separate layers in an system of that sort.The first is what the protocol supports. On that basis, the Mesh is a vastly superior password vault than anything on the market because it guarantees a 120 bit work factor and does not allow the user to inadvertently weaken it.So yes, ActivityPub does support groups.The second level is the affordances built into the applications and that is a separate matter entirely. ActivityPub has groups but the clients, the services don't expose them in useful ways that make them equivalent to Facebook groups.Same problem with my password vault. It has all the cryptography but the only application is the command line client, there is no integration into any browser, etc. etc.What I am talking about here is designing the affordances in the client.
       
 (DIR) Post #ARTsjPCnRNhpC5UOlU by hallam@infosec.exchange
       2023-01-09T21:49:06Z
       
       1 likes, 0 repeats
       
       @fl0wn I am not in the habit of waiting for people to implement.Besides which, groups don't really mean anything without the ability to make them private which none of the existing protocols were built for.Except the Mesh.
       
 (DIR) Post #ARTtwo9w4eDkJ16crI by fl0wn@in.atwistedsystem.com
       2023-01-09T23:02:56.301945Z
       
       0 likes, 0 repeats
       
       @hallam they worked well with GNU Social, though not quite like what I think you're talking about.  A bang tag was used to post to the group.https://thomask.sdf.org/social/en/user/tags.html  I think the privacy/ scope issues are the reason it hasn't been implemented yet in AP.   The OStatus groups were also hosted by an instance and were lost if the instance went down.
       
 (DIR) Post #ARTx2HNt8vvEFvvtDM by hallam@infosec.exchange
       2023-01-09T23:29:26Z
       
       1 likes, 0 repeats
       
       @fl0wn One of the big problems with security is that folk who don't specialize in security tend to rely on it as a catch all reason to avoid thinking about things they would rather not consider.Mesh/Everything is a cryptographic framework. Nothing is visible to the host. The host doesn't even get to see user-names. Hosts can make inferences from meta-data but these are greatly limited relative to traditional approaches.
       
 (DIR) Post #ARV005iy1APiXCOsS0 by hallam@infosec.exchange
       2023-01-10T00:06:48Z
       
       1 likes, 0 repeats
       
       @fl0wn The issue of who owns a group and how they persist is an important one though and something that I think needs to be closely considered.First, forget the limitations of existing platforms. They probably don't apply. Let us decide what groups should look like.One of the things I spent some time on over the past few years was looking at how Putin's people seized control of a large number of Facebook political groups and used them to peddle Putin's propaganda.Most of the Facebook groups for US candidates ended up being created by Russian trolls who used them to push for Tulsi Gabbard in the case of the D. accounts. There are real issues of transparency and accountability there.So I think there have to be communities hosting these things and the communities need to be able to manage who owns a group because I for one got really sick of every CNC group on Facebook being run by a MAGA hatting fascist because they happened to start it. I think there has to be some community ownership and the fact someone is an admin should not make them a little Hitler who can kick folk out for pointing out Mint Press News is a Russian propaganda site or objecting to people posting CNC cut Dixie swastikas.This is a stronger set of conditions than the hosting provision issue. But I have a fi for that. Like every other Mesh account the unique identifier for a group is the fingerprint of the root signature key. Moving the group from one host to another merely requires a pointer to the new host in one of more lookup tables somewhere.A bit trickier is how to fund hosting for such a site. Especially if a success disaster ensues. The folk running Game of Thrones sites were a little surprised when HBO turbocharged everything...But that whole area is something I think we can leave to when we consider the general content funding problem. I pay Apple News $10/mo to get access to a lot of content. Perhaps we can get some similar model going for the Fediverse. The way I would see it working is that I pay my MSP $8/mo ($96 /year) and some of that goes to pay for my local storage needs and some of it goes to fund access to a wider selection of shared content.So I start a Dalek builders' group and that is hosted by my MSP with me as sponsor. Then say it becomes something bigger and we have thousands of members, my MSP continues to host but it goes into a federated tier with multiple admins.Maybe you get one or two such groups for free but if you want to get hundreds of groups, well you need to be on the premium tier and a little chunk of change goes out to each of the groups you join and that means that the MSP hosting them doesn't get slammed and have to ask their customer to pay up.And because it is easy to move groups to a new MSP, the MSPs can periodically bid to host the group at a lower cost. That is not the only business model I think we need for content but it is one of them and it is the one that probably best fits club type activities where they are primarily social and the real goal is to avoid someone becoming the stuck-ee for the costs.I think we need the Patreon/Substack model and some form of pay per article model in addition.