How to Kill a Decentralised Network (such as the Fediverse) écrit par Ploum, Lionel Dricot, ingénieur, écrivain de science-fiction, développeur de logiciels libres.
A warning and a perspective from an insider who has been through this before.
The Fediverse is bound to come to the attention of big corporations, and if it becomes big enough they will view it as competition and try to crush it. I doubt it can outcompete them in terms of popularity. The best hope has to be coexistence, in which the Fediverse doesn’t try to win the most users, but defends its integrity against large corporations entering the space to sabotage it.
The comparison with XMPP may not be conclusive: XMPP is purely a communication protocol, so if not many people use it, not many people can be reached through it and it becomes less useful. Something like Lemmy, by contrast, is not intended to get you in touch with everyone in the world. It can function as long as it has enough users to make it interesting, enough money to pay for servers (so easy ways for users to fund it), and enough skilled developers willing to work on it. It doesn’t need huge numbers of users, and it doesn’t need to outcompete Reddit or any other corporate platform.
I hope Lemmy can equip itself with good tools for managing trolls and other kinds of attack, including corporate-led sabotage, because those things are likely to come soon. There has been an explosion in bot accounts recently, which are ominously dormant for the time being. If those all get switched on at once, there will be a huge amount of noise and a big increase in traffic. Lemmy needs to prioritize equipping itself to withstand this.
But if Meta enters the space and siphons off a bunch of users, there’s no reason the rest of us can’t continue here as before, without it. It may be a relatively small community but it can still function.
there’s no reason the rest of us can’t continue here as before, without it.
That’s OP’s point. They won’t just siphon users. They will profit off of our content, while providing nothing in return, and intentionally breaking things to ensure the network never grows larger than a certain amount.
Offers for help should be treated the same as offers from a country you are actively at war with. No instances should federate with any Meta own/operated/controlled system. To do otherwise is suicide for the fediverse.
We should also avoid building on technologies they control. Even if OSS, they can knowingly introduce bugs in updates that only break fediverse tech and not meta tech. Which is exactly what the examples in the posted article did. Microsoft did exactly this, to ensure dominance in document file formats.
It seems really stupid from our perspective. Maliciously petty, but our paychecks don’t depend on the success of the fediverse, while theirs does depend on it’s failure.
These are not compatible communities, due to the owners of one.
I think the best outcome is for Fediverse to succeed at proving the model is better for users than mega corps. Then grow and last long enough until the EU takes notice, such that if any bad actors try to ruin it they’d want to protect it. We’re probably talking far into the future, but I think if handled well it can get to that point.
If the Fediverse takes off, it would be fair to expect that new mega corps would arise out of that success. At one point, Reddit was a scrappy startup. Before that, Facebook, Google, and even Microsoft were small companies that were going to change the world. Who knows which high user, high uptime instances will end up requiring full time staff, or which software tools will be used for interfacing with the Fediverse (or analyzing stats within the Fediverse), or otherwise make a profit out of all the activity that would be going on here?
Yes, and if it becomes really big, then every federated instance would find itself coping with large amounts of traffic passed to and from the big instances, and it will become difficult to run a small operation cheaply. At that point, only the big players with big money will be able to run sites in the Fediverse and it could end up mirroring what has happened to the rest of the internet.
On balance I think it’s best if existing Fediverse instances don’t federate with the big corporations. But there are still other ways the corporations could sabotage this place, so the developers and the site admins need to be ready.
if it becomes really big, then every federated instance would find itself coping with large amounts of traffic passed to and from the big instances, and it will become difficult to run a small operation cheaply
I think that’ where the biggest threat lies. How is a small operator going to keep up with the demands of a corporate server cluster with millions of users. A small operator would have to defederate. That puts us back to the crux of the original question, should corpos be allowed on the Fediverse. Why not save everyone the circle jerk and blacklist them from the start.
A secondary threat is corporate sabotage of the ActivityPub protocol. They already have a track record of doing that to free and open standards.
I wouldn’t assume the EU would necessarily be interested in protecting the Fediverse. Legislation like the GDPR is very much oriented towards working with corporate entities and the open Fediverse model is generally at odds with the right to be forgotten (since it’s effectively impossible to ensure all copies of a user’s data are deleted - I don’t even think it’s possible to determine which nodes may have a copy of a year old post).
The right to be forgotten can be argued as being even stronger in the fediverse.
Yes, you can’t delete the content that you created, but you can delete the account associated with them, edit them, etc. with far more control than any corporate system gives you.
No there isn’t a button to just “delete all things related to me” as some people want, but that wasn’t what the right to be forgotten was about.
People knew the technical limitations of it from the start, the problem was that when users would take actions they thought deleted their content, private code would very much not delete it.
I assume the parent commenter referred to the EU because they seem to be the only governing body on the planet with enough influence and an actual desire to actually stand up to major corporations. The US sure ain’t going to be doing it, and the list of other options is essentially zero, so that’s the only hope we have in terms of legal protections or regulations.
Couldn’t the protocol be updated to be more compliant with the right to be forgotten? Something like, when a user deletes a comment it gets deleted from the DB of every federated instance. Sure enough, admins might have made backups and that would theoretically go against the GDPR but still… you can only apply these laws to a certain extent. It’s the same as you posting a picture on Facebook, me downloading it and you deleting it afterwards. Even if you were to make a GDPR request to Meta you still couldn’t get the picture on my PC. But that’s not Meta’s fault, they can’t do much about that.
But if Meta enters the space and siphons off a bunch of users, there’s no reason the rest of us can’t continue here as before, without it. It may be a relatively small community but it can still function.
It could lead to fracturing. If, for example, different forks of the software showed it with varying degrees of giving into Metas direction, that could fracture the community. Or simply the question of how to cope with the new imbalance.
You cant have a curve ball being thrown into traffic and expect your car comes out fine just because you are closing your eyes.
Have you actually read the article? That is literally how it first started for XMPP.
And because there were far more Google talk users than “true XMPP” users, there was little room for “not caring about Google talk users”. Newcomers discovering XMPP and not being Google talk users themselves had very frustrating experience because most of their contact were Google Talk users. They thought they could communicate easily with them but it was basically a degraded version of what they had while using Google talk itself. A typical XMPP roster was mainly composed of Google Talk users with a few geeks.
And once google separated completely,
As expected, no Google user bated an eye. In fact, none of them realised. At worst, some of their contacts became offline. That was all. But for the XMPP federation, it was like the majority of users suddenly disappeared. Even XMPP die hard fanatics, like your servitor, had to create Google accounts to keep contact with friends. Remember: for them, we were simply offline. It was our fault.
The big difference is that the Fediverse, like Reddit and Digg before it, are not communication platforms between individual that know each other IRL… They are content sharing and discussion platforms. The content that mainstream Meta or Twitter users are interested in and generating is largely not what I am interested in, so how is it a bad thing if most of them disappear from my platform?
Plenty of us have already gone through the most painful part of the transition and are now focused on building something new. If we can do that once, we can do it again, but it’ll be even easier to divorce from Meta if I don’t care about what I’m “losing” in the split.
The Fediverse is bound to come to the attention of big corporations, and if it becomes big enough they will view it as competition and try to crush it. I doubt it can outcompete them in terms of popularity. The best hope has to be coexistence, in which the Fediverse doesn’t try to win the most users, but defends its integrity against large corporations entering the space to sabotage it.
The comparison with XMPP may not be conclusive: XMPP is purely a communication protocol, so if not many people use it, not many people can be reached through it and it becomes less useful. Something like Lemmy, by contrast, is not intended to get you in touch with everyone in the world. It can function as long as it has enough users to make it interesting, enough money to pay for servers (so easy ways for users to fund it), and enough skilled developers willing to work on it. It doesn’t need huge numbers of users, and it doesn’t need to outcompete Reddit or any other corporate platform.
I hope Lemmy can equip itself with good tools for managing trolls and other kinds of attack, including corporate-led sabotage, because those things are likely to come soon. There has been an explosion in bot accounts recently, which are ominously dormant for the time being. If those all get switched on at once, there will be a huge amount of noise and a big increase in traffic. Lemmy needs to prioritize equipping itself to withstand this.
But if Meta enters the space and siphons off a bunch of users, there’s no reason the rest of us can’t continue here as before, without it. It may be a relatively small community but it can still function.
That’s OP’s point. They won’t just siphon users. They will profit off of our content, while providing nothing in return, and intentionally breaking things to ensure the network never grows larger than a certain amount.
Offers for help should be treated the same as offers from a country you are actively at war with. No instances should federate with any Meta own/operated/controlled system. To do otherwise is suicide for the fediverse.
We should also avoid building on technologies they control. Even if OSS, they can knowingly introduce bugs in updates that only break fediverse tech and not meta tech. Which is exactly what the examples in the posted article did. Microsoft did exactly this, to ensure dominance in document file formats.
It seems really stupid from our perspective. Maliciously petty, but our paychecks don’t depend on the success of the fediverse, while theirs does depend on it’s failure.
These are not compatible communities, due to the owners of one.
I think the best outcome is for Fediverse to succeed at proving the model is better for users than mega corps. Then grow and last long enough until the EU takes notice, such that if any bad actors try to ruin it they’d want to protect it. We’re probably talking far into the future, but I think if handled well it can get to that point.
If the Fediverse takes off, it would be fair to expect that new mega corps would arise out of that success. At one point, Reddit was a scrappy startup. Before that, Facebook, Google, and even Microsoft were small companies that were going to change the world. Who knows which high user, high uptime instances will end up requiring full time staff, or which software tools will be used for interfacing with the Fediverse (or analyzing stats within the Fediverse), or otherwise make a profit out of all the activity that would be going on here?
Yes, and if it becomes really big, then every federated instance would find itself coping with large amounts of traffic passed to and from the big instances, and it will become difficult to run a small operation cheaply. At that point, only the big players with big money will be able to run sites in the Fediverse and it could end up mirroring what has happened to the rest of the internet.
On balance I think it’s best if existing Fediverse instances don’t federate with the big corporations. But there are still other ways the corporations could sabotage this place, so the developers and the site admins need to be ready.
I think that’ where the biggest threat lies. How is a small operator going to keep up with the demands of a corporate server cluster with millions of users. A small operator would have to defederate. That puts us back to the crux of the original question, should corpos be allowed on the Fediverse. Why not save everyone the circle jerk and blacklist them from the start.
A secondary threat is corporate sabotage of the ActivityPub protocol. They already have a track record of doing that to free and open standards.
I wouldn’t assume the EU would necessarily be interested in protecting the Fediverse. Legislation like the GDPR is very much oriented towards working with corporate entities and the open Fediverse model is generally at odds with the right to be forgotten (since it’s effectively impossible to ensure all copies of a user’s data are deleted - I don’t even think it’s possible to determine which nodes may have a copy of a year old post).
The right to be forgotten can be argued as being even stronger in the fediverse.
Yes, you can’t delete the content that you created, but you can delete the account associated with them, edit them, etc. with far more control than any corporate system gives you.
No there isn’t a button to just “delete all things related to me” as some people want, but that wasn’t what the right to be forgotten was about.
People knew the technical limitations of it from the start, the problem was that when users would take actions they thought deleted their content, private code would very much not delete it.
There is no such illusion here on the fediverse
I assume the parent commenter referred to the EU because they seem to be the only governing body on the planet with enough influence and an actual desire to actually stand up to major corporations. The US sure ain’t going to be doing it, and the list of other options is essentially zero, so that’s the only hope we have in terms of legal protections or regulations.
Couldn’t the protocol be updated to be more compliant with the right to be forgotten? Something like, when a user deletes a comment it gets deleted from the DB of every federated instance. Sure enough, admins might have made backups and that would theoretically go against the GDPR but still… you can only apply these laws to a certain extent. It’s the same as you posting a picture on Facebook, me downloading it and you deleting it afterwards. Even if you were to make a GDPR request to Meta you still couldn’t get the picture on my PC. But that’s not Meta’s fault, they can’t do much about that.
It could lead to fracturing. If, for example, different forks of the software showed it with varying degrees of giving into Metas direction, that could fracture the community. Or simply the question of how to cope with the new imbalance.
You cant have a curve ball being thrown into traffic and expect your car comes out fine just because you are closing your eyes.
But fracturing is not necessarily a death sentence. I don’t necessarily want a billion users part of my echo chamber.
Have you actually read the article? That is literally how it first started for XMPP.
And once google separated completely,
The big difference is that the Fediverse, like Reddit and Digg before it, are not communication platforms between individual that know each other IRL… They are content sharing and discussion platforms. The content that mainstream Meta or Twitter users are interested in and generating is largely not what I am interested in, so how is it a bad thing if most of them disappear from my platform?
Plenty of us have already gone through the most painful part of the transition and are now focused on building something new. If we can do that once, we can do it again, but it’ll be even easier to divorce from Meta if I don’t care about what I’m “losing” in the split.