Yeah I’m the guy quoted in the opening of the article.
Yes. Be wary of Bluesky. That’s our whole point. Run the infrastructure on your own. Build separate companies.
Most of the complaints here are just about the cost of scale. You are able to fetch the whole network and its history, and that costs time and money. The only structural centralization is PLC, which is being factored into an independent org.
I'd like to encourage anyone who is wary of Bluesky to check out Paul (and Dominic's) back-in-the-day project Secure-Scuttlebot which solved most of the issues that Bluesky suffers from by using content addressable storage and signing key cryptography correctly.
The actual SSB codebase has been kind of broken since 2020, but I have a fork on my own Github that works and comes with a basic client that you can vibe/claw on top of: https://github.com/evbogue/ssbc
I'm happy to supply pub invites to anyone who wants to play around with the old sbot with me as we work towards making social media distributed again.
> Secure-Scuttlebot which solved most of the issues that Bluesky suffers from
I've heard Paul speak about this the other way around, that the experience from SSB informed the design of ATProto. I.e. ATProto solves most of the issues in SSB
For clarity, ATProto is the protocol, Bluesky is one dozens of apps, obv the biggest and most well known outside of the ATmosphere.
Bluesky does solve a lot of SSBs problems. Both projects can learn from each other. The past can become the future and the present inform the past.
This isn't just on Paul, Jay has publically stated that she doesn't believe users (even powerusers) can be trusted with keypairs.
Jay's unfortunately not wrong about that. Hitting that balance between “so secure even I can't access it anymore” v. “so convenient that cybercriminals can access it, too” is less trivial than a lot of the “just use keypairs” crowd likes to admit — even for those of us with many years of experience working with SSH and PGP keys, let alone people who haven't the slightest idea what a “keypair” even is.
It can be both.
Considering how hard it has been, and to some extent still is, to run your own Bluesky instance, the main problem is that it automatically becomes centralised in a way that no open protocol will solve.
If 97% of your users are on one instance it is not a distributed platform. Applying this to mastodon, I am pretty sure most people would consider it a problem if mastodon.social started getting more than 40% of active users (currently at about 15 iirc).
Moving the PLC to an independent org doesn't make it decentralized.
I don't seem any claim in GP's comment that it would make it decentralized. It does seem, by looking across your comments in this thread, that
(1) You feel very strongly about what decentralized means w.r.t. social media, bluesky, and the PLC
(2) ATProto accepts that it's not planned to be as decentralized as some want, and that it is currently centralized with secondary validators.
(3) No answer or plan for the PLC is going to satisfy you. Nor is any argument you make going to change the plans for identity in ATProto for the foreseeable future.
This is all fine, people can have different perspectives and work/play in different ecosystems, no one is right or wrong. This is precisely why there are multiple protocols out there and bridges between them.
May I then ask why you keep making comments to the same effect aas those you made in the post and multiple times here ~12h ago?