Hacker News new | past | comments | ask | show | jobs | submit login
Mastodon: Add end-to-end encryption API (github.com)
303 points by sohkamyung 79 days ago | hide | past | favorite | 178 comments

This work-in-progress feature is meant to replace the current DM system. The Olm library is being used in production by Matrix, although I believe app developers could use the libsignal library in their apps all the same. Please mind that neither Olm nor libsignal are actually included in the PR or used server-side in any way. The API is just key exchange and passing encrypted blobs.

Message franking is a technique used by Facebook in their own E2EE chats that allows them to trust user reports about E2EE messages, otherwise someone could claim they received something abusive and there would be no way to know it's true. Believe it or not, "just block the sender" is not a sufficient solution because while it works for the individual, when a spammer is allowed to run rampant and thousands of users receive spam messages from different spammers regularly it brings the quality of user experience for the whole platform down significantly.

From the Mastodon creator:

>For once am not happy about Mastodon being on the HN frontpage. Someone submitted a work-in-progress pull request there. Half the comments are circlejerking about free speech as always, the other half gives opinions without understanding the context of the feature (which is not surprising given that it's a work-in-progress pull request on GitHub and not a goddamn press release).


Funny to see this thread to be complete opposite with a lot of praises, e2e discussions and mastodon onboarding.

I feel that Mr. Gargron has been his own worst enemy at times. Mastodon.social instance is notoriously bad, overmoderated and often down-right abusive. While Mastodon itself in many ways a brilliant project with great dev team and direction it's that just they seem somewhat socially inept/extreme at times.

I agree, Pleroma is better though. Just use that.

Gargron has shown that they do not care much for the community or the greater fediverse at large.

Pleroma also is cleaner code-wise so there's that, more active dev and lightweight relative to mastadon.

not paid by Pleroma btw, i just use it daily and I love it wayyy more then Mastadon

Agree entirely, I've managed several Pleroma servers in the past. Incredibly easy to set up and configure.

And you have the guarantee that the dev will actually keep working and refining instead of all the drama mastodon finds themselves in

Pleroma does what Mastodon’t

What does this E2EE API achieve with something that is public publishing? Is it for private messages? Private reporting to the mods? I saw something in the description about moderation.

Looking at the linked issue, it's for PMs: https://github.com/tootsuite/mastodon/issues/1093

> specifically the Olm implementation developed by Matrix -- but it should be roughly the same as libsignal

I'm all for "many eyes make bugs shallow", but this is somewhat-widely deployed software, and I have approximately 0% confidence (based on my previous experiences with Mastodon releases and code quality) that this will be strong and safe for its first public release. (Happy to be proven wrong, mind you.)

Perhaps this could be done in an official testing fork, and merged back in when actual cryptographers are more confident about it?

The idea of shipping this in the standard Mastodon release cycle is terrifying, and I really hope they don't intend to do that.

Ultimately, from a design perspective, I'd much rather see ActivityPub implementations support good profile deep linking to existing (read: safe) messengers rather than trying to graft e2e onto a federated messaging protocol that happens to support DMs-do one thing and do it well, and all that. (Also: backwards-compatibility downgrade attacks, anyone?) We all know how well previous attempts at e2e encryption of federated protocols went (spoiler: they didn't).

The modern day version of Zawinski's Law of Software Envelopment seems to be that apps will always attempt to expand until they can send and receive DMs. The consequence of this should not be that every app bundles key generation, key encipherment, key backup, secure key distribution, federated key authentication, and a message cryptosystem simply to support e2e DMs. That's (dangerous) madness.

At the heart of the issue in the complexity of these protocols is that we want to both broadcast widely and address someone specifically. This is a quandary intrinsic to discussion forums, chat rooms and social media.

And the default is to mash both of them together and make it public. Unsurprisingly, it's a source of toxicity and needs intensive moderation, because a broadcasted address is mostly employed in a narrative sense, with the person at the other end reduced to a character in the story. A timeline creates a space, but in a shared timeline, whether it's a Twitter hashtag or a comments section on a small blog, the space is made by spamming your narrative more often.

With a decentralized, privacy-enabled solution like ActivityPub, there are many tools to reshape the extent of the narrative so that you always own your own space, but the tools themselves are quite complex and pressure our engineering and UX capabilities.

And yet - broadcast by itself is not hard, if done in pull-orientation like RSS. And secure messaging is challenging but mostly solved. I have some unfinished thoughts that perhaps simpler is possible by changing the system's orientation further, because I don't think the current designs are quite it.

> A timeline creates a space, but in a shared timeline, whether it's a Twitter hashtag or a comments section on a small blog, the space is made by spamming your narrative more often.

Why isn't this solved fairly easily via a digest metaphor? One can imagine many different implementations, but something as simple as "your recent updates appear in a group and that group can't be bumped to the top of people's feeds more than twice a day" already seems better than the barrage of puke hiccups that is Twitter today.

I agree that any implementation of a new, intended-to-be-secure feature should go through rigorous testing and security review, and that the easiest way to do so is to allow integration with software that already has. However, if you're implementing a Twitter replacement, people expect you to be capable of direct private messaging, with all of the UX considerations that imply—a unified account system, the ability to message everyone already on the platform, having the same look & feel as the original application, etc.

The main benefit of integrated messaging for most users is leveraging the the network effects that come from having a built-in way to message others. This goes away entirely if you have to have every user download a different app and link it and hope that the people they want to talk to will do the same. And the fact of the matter is that "many apps that each do one thing well" is only a good user experience for hackers that can spend a lot of time learning and understanding the quirks of many individual apps, or already have preferences on which apps do what best.

> and I have approximately 0% confidence (based on my previous experiences with Mastodon releases and code quality)

Could you elaborate more on what these problems were? We've had security bugs in the past, but not many more then any other large, complicated app, and to my knowledge we've always fixed them very quickly after they were discovered. We also have a pretty good track record in encouraging adoption of critical security fixes across a large and diverse ecosystem.

> I'd much rather see ActivityPub implementations support good profile deep linking to existing (read: safe) messengers

This is something myself and a few others are interested in pursuing.

Everything for this is in place. No changes or features outside of AP are needed.

Mastodon even has a simple key-value table that any profile can enable and fill with details such as "website: example.com", "twitter: @jack" and so on.

This feature already has "verifications". Meaning that you can add proof that example.com, keybase etc are really yours.

This could easily[1] be expanded to verify ownership of SMS, or messenger apps. Provided those apps have some form or authentication/proof in place.

I have this on our roadmap for our "fediverse linkedin" project (another story for another time) so would gladly offer help here; keybase with my contact details in my hn profile.

-- [1] It would be easy after a refactoring. The code handling this in Mastodon is not ugly persé, but rather unfortunate. Tightly coupled to the God-Model "User" (which seems to happen with every rails project at some point) and spread over some json-store, model and unrelated controllers.

Oops, I think I misunderstood what I was replying to. I see what you mean.

I'm more interested in exploring getting the entire AP ecosystem be encrypted by default, using Chris' work.

I don't think I care that much about profile deep-linking to other apps. I would rather obsolete that need.

Encrypting data meant to be public to the whole web doesn’t make much sense to me.

Have you actually looked at the PR? It's not large and there is very little that actually needs to be done on the server-side. The heavy lifting is offloaded to the client, which will probably further offload its heavy lifting with one of the well-known crypto libraries.

An import 500 modules in the process.

I think you might be exaggerating.

agreed. on random side note, heck there is still no way to delete cached headers, leaving instance storage unbound unless you manually take care of it

Is there a mastodon server that doesn't require email for signup? Throw away providers did not work for me, free email providers require a phone number. It's like signal, the benefits are contrasted against metadata exposure.

I'm not aware of one. Unfortunately any server not requiring e-mail confirmation for sign-up would be overrun by spammers (we don't want to add CAPTCHAs because 1) they are unpleasant for real humans and 2) they require loading external resources which is minus points for the user's privacy).

You are lying. I have ran many Pleroma servers that do not require email to sign up, and have used Pleroma servers that do not require email to signup. None of them are overran by spammers.

You have forgotten your origins, James, and it bums me out. Email sucks. Requiring email to join a site sucks. Let's cite a popular essay from our old community:


* Registration keeps out good posters. Imagine someone with an involving job related to your forum comes across it. This person is an expert in her field, and therefore would be a great source of knowledge for your forum; but if a registration, complete with e-mail and password, is necessary before posting, she might just give up on posting and do something more important. People with lives will tend to ignore forums with a registration process.

* Registration lets in bad posters. On the other hand, people with no lives will thrive on your forum. Children and Internet addicts tend to have free time to go register an account and check their e-mail for the confirmation message. They will generally make your forum a waste of bandwidth.

* Registration attracts trolls. If someone is interested in destroying a forum, a registration process only adds to the excitement of a challenge. One might argue that a lack of registration will just let "anyone" post, but in reality anyone can post on old-type forum software; registration is merely a useless hassle.

I prefer captchas or even arbitrary btc donations. Matrix.org Riot does this just fine. Since it is just for registration, it's easy for me to register in a privacy preserving conditon (vpn, private mode,noscript,etc...)

I used Tutanota just a few weeks ago for this and they didn't require a phone number. I also found that trying a few providers, sooner or later a throwaway address would work.

But I also think asking for at least an email is not that unreasonable. Sure, I value my privacy, but I also value a good community and keeping the worst spammers out often helps. Talking smaller instances here, obviously, but I think that's where the value is with something like mastodon. Tight knit communities with the option to reach out to others.

Perhaps they do that when I used a VPN. You can police your community without spying on them or collecting sensitive information. Reddit and HN did it since the start!

This seems a bit harsh to me in response to asking for a valid email address for proof of realness and to be contacted when necessary. Reddit surely requires one. Can't remember if hn did, but don't know how they keep out spam.

I also like the idea of using BTC you mentioned in another post to state good intentions, but acquiring BTC to use in the first place seems like much more hassle, registrations and sharing of data is required.

Reddit did not mandate email as of about a year or so ago. I only use HN because no email (well I might have signed up with email anyways but I certainly never provided one). Look at all the dead posts under new on HN, they get spam and do a good job of managing it.

You can get btc with cash, if you already have it,it's a nice option.

"If it can be abused,it will be abused".

Captchas and small btc payments can't easily be abused against the user but email and phone number can. Email and phone number are also not costly to an attacker to spoof or churn out at a high rate. Captchas and small payments have accumulating prohibitive cost for an attacker.

IfI create a gmail just to sign up,it certainly is much more of a hassle. Even temporary inbox services are a hassle these days compared to a 20sec captcha.

HN must do more to block spam than to filter it out by hand. The dead links are far from the kind and number of automated spam you see elsewhere.

That Email is a hassle but not a big one is exactly the point why sites ask for one.

And Captcha? You talked about spying before and this is exactly what captcha does these days. Its massively invasive, plus it was always annoying and never really worked well for its intended purpose.

I have to say, it seems a bit like your argument is stuck a few decades ago. While I quite like the thought experiment of how the internet could work with essentially anonymous and frictionless participation, I don't think it ever has or at least not for decades. And examples like hn and reddit are interesting, but every other blogs open comments section show that this working is rather the exception than the norm.

I consider myself privacy conscious, and from the options captcha, email and BTC, email for me strikes the right balance of ease of use, anonymity and effectiveness. More options would always be welcome though. Conecpts like Indieauth for example, look promising, but let's not kid ourselves, privacy wise, they require more of me than providing a fake address to get an email. And just like the BTC solution, it would probably keep many more people out if it were the only option.

I run the server busshi.moe, if you sign up there I can manually confirm your account if you use a fake email. Mastodon has no option to disable requiring an email, but Pleroma does.

I am not aware of any mastodon server like that but there are quite a few pleroma servers that accept fake emails.

I just wanna note that there is a strong comorbidity between "being a Pleroma" and "being blocked by a lot of Masto instances because you're run by someone with an anime girl icon who thinks the whole internet should be an acceptable place to behave like a denizen of the bowels of 4chan".

Is being an anime fan a bad thing now? Or do you feel that putting a political label on someone just because they find a specific piece of software comfortable for them is a nice thing to do?

Anyway, in the same spirit one could say that "there is a strong comorbidity between being a harasser who jumps on random threads just to insult people as well as subscribing to racist and authoritarian idelologies and using mastodon" which (while true in my personal experience) would be unfair to the nice people that use mastodon and possibly cause these that read it to be prejudiced against mastodon users due to their software of choice.

“Wanting the Internet to be 4chan forever” is a political label? Watching anime is fine by me, I’ve enjoyed the hell out of a lot of the stuff in my time.

I run a Masto instance and I am just speaking from my experience in what shows up in the tags where us admins share block recommendations; there are bad actors using Masto too! I defederated from a Masto instance just this morning after seeing its admin aggressively escalate a conflict with well-practiced speed. One of those pops up about every six months. Pleromae where the admin encourages escalating conflicts and wears an anime girl icon are a constant feature of the block suggestion tags.

> in what shows up in the tags where us admins share block recommendations

Things like #fediblock you mean? Most of the block suggestions there are

- against instances because they federate (as in, they let their users view and reply to posts) with certain other instances (gab, kiwifarms, etc) even if indirectly <https://tabletop.social/@host/103308182908324413>

- against instances that host anyone who kyzh doesn't like

- against instances that host someone who got tagged by someone else that resides in an already blocked instance <https://toot-lab.reclaim.technology/@djsundog/10402250286634...

- against instances for no reason given at all <https://tenforward.social/@guinan/104015065073049864>

- against instances for made-up reasons

- against non-instances <https://mastodon.art/@Curator/103768019516091512>

Seeing an instance on a block tag does not mean anything other than that certain extremist elements are finding said instance to not strictly follow their party line at the first glance.

> Watching anime is fine by me, I’ve enjoyed the hell out of a lot of the stuff in my time.

What was your intention by focusing at the anime avatars then? To promote prejudice? To focus on the fact that they are introverts? To make fun of them for being unmanly and having cute avatars? There seems to be a lot of bullying directed at people just because of their avatars.

As I said before my experience is exactly the opposite. I started making all of my statuses private because I was getting stressed every time that someone from mastodon reposted or replied to my status. There seems to be an endless supply of mastodon users willing to jump on random threads just to insult, harass, and shit-talk people behind their backs.

If you are that rare shining example of someone with a cute anime girl icon who does not regularly engage in '''ironic''' assholery straight from the bowels of 4chan and vehemently argues that their right to free speech is being impinged any time someone tells them to fuck off because they are being a jerk, then I have nothing but the best wishes for you and your friends of a similar bent. You are a lonely flame in the darkness and I wish there were far more of you, whatever your actual and/or desired gender in the fleshy world is.

I just think the fact that this association exists is fucking hilarious, it's a detail that nobody even began to get anywhere near imagining in all the sci-fi I read growing up.

> If you are that rare

Except it is not rare at all. Did you read what I posted regarding fediblock?

A simple question, do you block fedi.absturztau.be by any chance?

Nope! And a look through the local timeline, as well as the one public admin account, doesn’t show anything I’d block, either. I think this may be the first time I’ve looked at a Pleroma run by moe girls and not been smacked in the face by hate propaganda or admins encouraging trolling behavior.

(I also don’t go looking at any fediverse site besides my own unless I am investigating reports of bad behavior, tbh. So if there is a vast constellation of chill moe Pleromae I’m missing it. And quite possibly forming invalid stereotypes due to this bias in my sampling.)

Surely there's an email provider that doesn't require a phone number? Protonmail, Tutanota?

Tried both. Proton let's you donate as an alternative, but only with a card. I haven't tried cash visa/mastercard giftcards with it.

It's a recent thing they're doing. I routinely create at least half a dozen free email addresses a year, phone number did not use to be an issue. They've locked down pretty tight.

Or cock.li if you are into edgy domains.

Does Mastodon not have a way to search for instances?

Most of the ActivityPub-based networks have a "join<service>.org" index of instances --



Hopefully this is helpful!

Note that there's far more instances than https://joinmastodon.org/ suggests.

Theres a directory literally on the front page of the "main site": https://joinmastodon.org/


No one controls Mastodon -- setup an instance and you're off to the races!

The idea of preemptive banning of federating with other instances is extremely common in Mastodon-land. This means that unilateral actions by admins, invisible to their userbase, restrict what their users can read, or who can read their users.

It would be fine if the users opted into this, but it happens silently and arbitrarily by admins, oftentimes based on speculation or gossip, not even real abuse. It’s all of the worst of tribalism, polarization, guilt by association, and preemptive censorship (regardless of whether or not admins are “in the right” by censoring messages between x and y flowing through their own machines).

It’s also not easy or reliable to migrate your account between instances without losing your followers, and none of the server implementations yet support virtual hosting, so you can’t migrate hosts while keeping your own domain/handle.

There are real problems there, and casually dismissing the major censorship issues in the ecosystem doesn’t begin to solve any of them.

You can't force user's eyeballs to read the bytes you ship to their computers unless you want to go full Clockwork Orange.

Some people want to exercise the rights over their computers (pick any ideology, FOSS included) and don't want certain bytes shipped to their computers. Who cares the reason.

Some people don't have the time, energy, money, and technical experience to exercise their rights of byte-shipping in a competent manner, so they carefully delegate that power to someone they trust. And some want to join in a community that is purposefully run this way. To categorically paint this use case as "insidious" ("silently", "arbitrarily") is in denial of these peoples' real needs.

Forcing peers to accept your bytes with the assumption that they must examine it with their own eyeballs in order to overcome a zealous interpretation of "censorship" is blatantly disregarding the humanity in a peer and their real needs.

It isn't contradictory or incompatible to say that people shouldn't be forced to do anything, and also simultaneously believe that censorship, especially the silent or invisible kind, is bad.

Would a web host performing MITM on an HTTP connection to alter or redact your blog posts be bad? After all, it's their hardware...

Instance banning is neither silent nor invisible. Every Mastodon instance has an About page (no login required) listing all instance bans and reasons, anytime. I would be in agreement with you about silent/invisible censorship, but that's not what's going on here.

This is a categorically different problem than MITM.

> Every Mastodon instance has an About page (no login required) listing all instance bans and reasons

There are instances which require an account in order to see the bans (cyber.space). There are instances which do not list bans at all. There are instances with made up reasons of banning made up instances (mastodon.art). Even that flagship instance lists incorrect reasons for removing instances (claims that certain instances shared illegal content when said instances do not allow any form of illegal content).

In addition most mastodon instances do not disclose their policies via AP. See for example https://fediverse.network/mastodon.art/federation

You're right, my mistake. In some cases it is not transparent.

However, this is not a systematic censorship problem, unlike centralized services with opaque policy language and a complete boot out the door. People are free to run their own instances or have multiple accounts across different instances.

Whether you think they're correct is irrelevant to the question at hand. Freedom of speech and association means you're free to not federate/talk to those problematic instances, and maybe you'd be much happier for it. On the other hand, not being OK with it and trying to fight for transparency means you're trying to externally force these communities to be run in the way you want, which may be received well, but not always b/c forcing unwanted change is exactly the opposite point of Federation: communities will be built the way their members want to build it. Like the real world, some value transparency and some don't.

It's one thing to argue specific bans about specific instances and disagree on the other party's interpretation; it's a totally different claim to say that the entire system is corrupt with opaque censorship.

Mastodon != Fediverse

Do not put words in my mouth. I only replied to the point regarding transparency in your post. I really don't care about the rest.

I'm sorry! Based on context, I understood your post to refute mine to support sneak. And sneak and I have had heated debates about the Fediverse before, and you've stumbled into the latest one. :)

In the future, it would definitely help me and others understand your motivation better if you could even include one more sentence in your communication like "Just here for a correction: some instances are transparent..."

I will strive to be more charitable.

>claims that certain instances shared illegal content when said instances do not allow any form of illegal content

That can be a simple issue of jurisdiction. Mastodon.social is hosted in Germany (IIRC), so they have to adhere to German law. That means, for example, while hatespeech isn't strictly illegal in the US, it certainly is in Germany, it even has a fairly good legal definition. Or take the Japanese instances, which aren't well federated or have media-bans because of differences in media legality. And lastly it can also be simply the case that the instance is not moderating (ie, they write 'no illegal content' but do not care).

Both the statement that an instance shared illegal content and that the same instance was banned for illegal content can be true at the same time.

Why does anyone have a requirement to talk to your instance? What if, due to your ideological stance on issues, I don't trust that your server won't decide that mine is distasteful in some way, and that you'd cause your server to disrupt mine in some way by flooding it with messages, for instance? I have legitimately had this happen and it nearly brought down my instance. Some script-kiddie decided to fuck around and spam my account on an instance I run with about 2000 followers in the course of a few seconds. This almost killed my server entirely. Why should I have been forced to interact with their server on the grounds of free speech?

Why does it matter if any instance decides they don't want to associate with you? It doesn't affect your ability to use the service beyond not being able to interact with folks who probably don't want to talk to you anyway.

Forcing someone to make their server software talk to yours is just as much of a "Free Speech" infringement, if not moreso.

> Why does it matter if any instance decides they don't want to associate with you? It doesn't affect your ability to use the service beyond not being able to interact with folks who probably don't want to talk to you anyway.

It prevents people on that instance who explicitly want to follow me from doing so.

It also prevents me from following people on that server from my primary account on my homeserver, even if those people explicitly want the whole world to be able to read their public messages.

Both of those are undesirable interference between mutually-desired communication by Alice and Bob, by Mallory.

Then they, and you, can find another instance where you can mutually talk with each other. You are, in fact, allowed to have multiple fediverse accounts for different purposes/groups of people.

This doesn't address my point at all that you cannot argue that my server is somehow obligated to process bytes from your server.

Tools that disobey their end users are unfit for purpose. They're bad tools, and should be replaced with useful ones.

Your peers' routers are allowed to drop your packets, but nobody is arguing that that's good or beneficial. There is a difference between "within rights" and "good".

While I don't agree with you, there is an interesting discussion to be had here about digital "commons" (something like the "public utility" concept in the US), I think.

If a company with a near-monopolistic network effect (Google, FB, etc.) censors speech or who-can-talk-to-who/see-what on their platform, it seems that most folks agree that this is bad, whether or not they're willing to do anything about it.

So, instead, we have decentralized services (and semi-decentralized ones, like Mastodon). At what point does a Mastodon community operator's decision to censor speech or who-can-talk-to-who/see-what on their platform become problematic? When a community achieves a large size? If new community members aren't made aware of the censorship? Is the difference between these communities and an ultra-ubiquitous one like "having a Google account" or "being connected to friends on Facebook" a difference of degree, or a qualitative one?

It's simple to argue an extremist position of "all speech between any set of parties must not be suppressed for any reason, even by the parties themselves", but I don't think most people want to live in that world. Similarly, it's pretty hard to isolate a line past which an operator of a community-service should be held to a different standard of conduct because of how ubiquitous/depended-on their community is, but a lot of people seem to think that this line exists.

The federated Mastodon, the one people generally are talking about, is controlled, by a 'democracy' of sorts of the server owners.

The technology itself is of course open, but if your content is not approved by the main Mastodon federation, then users will have to be signed into multiple Mastodon federations (if that's what they wish), one to see the main Mastodon federation, and one to see the one that got banned. Because of this extra hurdle, a ban from the main Mastodon federation does shut out a large portion of the Mastodon users.

Mastodon is often presented as this 'free speech social network', in reality it's just a decentralized social network, with all the censorship that comes with being a modern social network.

The definition of "free speech" many people in this thread use puzzles me greatly. If you come to my house and starts yelling things that offend me and I kick you out, I'm not infringing on your freedom of speech.

Based on what principles should server owners be forced to federate with third party servers if they don't want to? How is not wanting to federate with anybody "censorship"?

I've just setup a mastodon instance on a VPS to give it a try. For less than $5 per month you can have your own instance where you can invite like minded people and find people to federate with.

And if you can't find anybody to join you server or federate with you... Maybe you should think about what that says about you instead of screaming that you're being censored?

Main-instance Mastodon (run by the main dev) has made moderation choices that people disagree with. It means conversations here always brings out this same group group of people that disagreed with all these decisions and somehow believe their speech (their bytes) must physically be shipped to everyone else in some network, and must be examined by everyone on the network so that others can decide for themselves whether to listen. I've literally had conversations on the Fediverse where people expected and wanted blockchain-like replicas of their content onto everyone else's computer. And for everyone else to read it.

This group of people have shifted to this position because they no longer have the "de-platform/systemic-censorship" argument that arises when someone is banned from a centralized service, resulting in a total loss of access to the entire platform. Conversely, on the Fediverse they're still there but simply can't talk to some % of users. And that can easily be rectified by being a part of multiple communities and abiding by their rules.

I've tried to write about how ActivityPub (which Mastodon uses) is not a censorship-resistant network and that the point of Federation is to build lots of custom communities and have them politely talk to each other, or ignore the ones that violate community's expectations [0]. Feedback I literally got from here on HN was "I'm disappointed in you", when I think it's an accurate and realistic view. Especially when standing in the shadow of FreeNet.

The same liberty of free-speech and free-association that lets a far-left community thrive, and a far-right community thrive, also lets them block each other (which is a good thing -- it would be ugly otherwise).


the point of Federation is to build lots of custom communities and have them politely talk to each other, or ignore the ones that violate community's expectations

Vehement agreement from a Masto admin who works to keep her instance a nice quiet chill place for people like her, with some connections to other nice quiet chill parts of the Fediverse, if you want to argue then go to Twitter or go to a "free speech" instance - and accept that you will probably be cut off from the chill places unless you make a second account and abide by the chill rules.

> I've literally had conversations on the Fediverse where people expected and wanted blockchain-like replicas of their content onto everyone else's computer. And for everyone else to read it.

I honestly doubt that. Are you sure that you are not straw-manning them? In my experience they usually complain about how admins strip the ability to read their posts from the users registered in said instances.

I am 100% not straw manning them. I couldn't believe the conversation I was having. It's very few people that have this crazy of a hardline stance, but they're out there.

The main Mastodon federation has a list of servers you must ban on your end to join the federation. So even if you only disagree with a subsection of them, if you want your server to be in the popular federation, you have to ban the entire list.

>If you come to my house and starts yelling things that offend me and I kick you out, I'm not infringing on your freedom of speech.

It'd be more like be your neighbor being offended and therefore kicking out the person yelling things that offends him. If you don't want to be kicked out of the apartment complex, you are required to share the same views as everyone else.

If let's say Stormfront.org wanted to create their own Mastodon instance spreading their thoughts, they'd be free to do so. I'm sure the Mastodon creators wouldn't like it, but they'd have to ideologically support the very idea of allowing them this, as it comes down to free speech.

This is not what free speech is about. Freedom of speech means they are free to publish their opinions, but it doesn't mean that you, or anyone, have to let them publish their opinions on your platform/paper/channel.

From the mastodon wikipage:

Gab, a controversial social network with a far-right user base, changed its software platform to a fork of Mastodon and became the largest Mastodon node in July 2019.[37] Gab's adoption of Mastodon allowed Gab to be accessed from third-party Mastodon applications, although four of them blocked Gab shortly after the change.[38] In response, Mastodon stated that it was "completely opposed to Gab’s project and philosophy", and criticized Gab for attempting "to monetize and platform racist content while hiding behind the banner of free speech" and for "paywalling basic features that are freely available on Mastodon".[39]

> This is not what free speech is about. Freedom of speech means they are free to publish their opinions, but it doesn't mean that you, or anyone, have to let them publish their opinions on your platform/paper/channel.

In the case of Mastodon, they've deliberately avoided putting themselves in the shoes of a platform/paper/platform owner in the interest of a system where no central authority fully controls its use.

That the creators of Mastodon are "completely opposed to Gab’s project and philosophy" is in no way a departure from that ideology. They're criticizing Gab's use of free speech using their own free speech but have deliberately relinquished their right to exert any more authority than that on an ideological basis. That they can't control it themselves it their unique selling point.

Yes, I think we largely see it the same way, but GP stated:

> I'm sure the Mastodon creators wouldn't like it, but they'd have to ideologically support the very idea of allowing them this, as it comes down to free speech.

And I argued that it does not come down to free speech, and that whether "Mastodon ideologically support the very idea of allowing them this" is unclear at best.

You can fork Mastodon. That's what gab did.

Are you referring to the reporting feature in this PR, or something else?

Twitter had some drama few years back, Japanese non-tech users rushed into Mastodon and completely obliterated the federation, something like 3/4 of global DAU and volume at peak? That forced quite a progress for Mastodon project and left substantial pain for two cultures so there's a bit of Cold War between people taking Western or Japanese sides

> completely obliterated the federation

The developer decided to implement instance blocking, not the other way around.

Reminds me of the EFNet (eris free net)/A-net (anarchy net) split.


Wasn't that weeks-months after the initial in-rush? I think few instances crashed, born, transferred before devs split.

Yes, but I think the implementation of the block is what caused the schism (or simply isolation).

It was sad, to have witnessed such a bright future unfold, interesting discussions on language, on tech, on culture. And then to have half of the world just cut off.

The fediverse was the future...

You conveniently omit that mastodon.social operates from Germany and thus simply cannot legally federate with many of the Japanese instances.

If you know about this, you should consider that mastodon.social acts as an example instance. This effectively made blocking Pawoo and a few other instances the norm.

There was a block-list circulating around, and if you do not block every instance on the list, your instance is misogynist, pedophile and far-right.

That's simply untrue, speaking as the admin of a smaller instance. There are blocklists but they are entirely up to yourself to implement. I myself only implement rules to completely block far-right instances or "free speech" instances, those tend to cover almost 99% of content that would be frankly illegal for me to federate. The rest is a few japanese and sex-positive instances, which are only media-blocked, so they still federate but I don't allow their media on my server, which I think is an acceptable compromise completely blocking it. And from talking to other people running instances, this is pretty much the norm for the fediverse, regardless of what the far-right instances want you to believe.

Sounds reasonable.

It just feel very weird to me that the word "fediverse" is thrown around like a universe, except it is a balance of not getting thrown out by not being the norm. Perhaps it is just me that has this fantasy of everyone being in one place, at least on the Internet, but jerks are jerks.

String phone in one hand, scissors in another.

The Fediverse is simply a term for all of the instances. It's not entirely fragmented, there is certainly shared hosts between bubbles in the fediverse. Though I don't think this is an issue really; our own universe functions on the bubble principle as well and it makes fediverse a place that you can find an instance to be on without having to worry that your instance moderator will allow nazis to vent their garbage into your feed.

Which one is your instance?

It's a fandom based instance hosted in germany, I have about 3000 unique weekly visits according to my backend analytics and around 30 or so MAU.


No, but I will not disclose it directly either way, people might try to either doxx me or harass my instance. I've had that experience in the past.

Ah, fair enough. It was not my intention to make you feel uneasy, apologies.

> There was a block-list circulating around, and if you do not block every instance on the list, your instance is misogynist, pedophile and far-right.

I must have missed the memo, because I run a medium-sized instance, don't follow any blocklist, and no one ever complained about it.

Are you blocking instances, and on what conditions? I wonder how often you get complaints about wanting an instance blocked, and how you manage them.

> Are you blocking instances, and on what conditions?

I block instances when they either flood or I find I don't want to have anything to do with them (I do tolerate opinions I disagree with, of course; but not patent bigotry).

And only based on evidence I gather myself, I don't trust screenshots or copy-pastes (but I understand some mod teams do, and that's ok if that's what their users want).

> I wonder how often you get complaints about wanting an instance blocked, and how you manage them.

As I said, I never got complaints. I also never got instance requests personnally; although I do sometimes see other instance admins saying they blocked a given instance. When it happens, I take a look at that instance's public pages. Usually, that's enough to make my mind, eg. because their public timeline is overrun by literal nazis and/or lolicon.

(I was looking for examples as I was writing this, and it turns out most of the nazi instances I blocked don't exist anymore. Oh well.)

The hardest part is dealing with big instances with many "well-behaved" users, but also a very lax moderation policy that tolerates trolls. So far I only banned individual trolls in this case, but it requires work, and I understand not all moderators want to spend so much time.

Thanks for the insight, sounds like a very nice instance to be in!

As someone who actually administers a Mastodon instance, this is absolutely not the case and is a complete exaggeration.

I was referring to toot.cafe's block list, which I saw a lot of instances blindly followed. (I had my own instance)

"Blindly followed"? Or "Trusted the administration decsisions of those with similar views, and decided to follow their lead"?

My bad, I shouldn't have assumed ignorance.

I was just so frustrated when the instance cut me off from people I follow, sorry for the language.

Look good

e2e encryption isn't something you add as an "optional feature", but rather, something that should be in the design from day one, for all communications (mandatory).

I feel like this is the goal, but as unfortunate as it is now - that's not the case, and adding E2E encryption of any sort should be celebrated to perpetuate the idea that it's not an option, but a need just like adding authentication isn't an optional feature.

>just like adding authentication isn't an optional feature.

As an added note, authentication can be and should, for most cases, be done on a session basis, when establishing the session key (which should also, by the way, be generated with care to provide forward secrecy).

The idea is that if individual messages aren't signed, there's the advantage of plausible deniability to third parties. You know who you're talking to, but you can't take a message go to a third party and claim "hey, this person has said this. See? This message is signed by his key.".

This is the level of privacy generally expected in a conversation conducted within the same room in meatspace, and most people would be uncomfortable with any less than that.

Could it be why mstdn.jp is shutting down? Official reason is lack of resource to handle anticipated legal requests but that sounded weird.

I think not. Japanese politicians are preparing for a crackdown on cyberbullying after a wrestler killed herself. mstdn.jp states that it won't likely have the operational capability to deal with the anticipated legal changes, whatever that might be.


Shows how much society cares about anyone that's not popular. There are many people who are suicidal - no named hanging out on mstdn or other internet holes. There are many who get bullied everyday in real life and it's worse because you don't have a block button. Why is everyone so focused on cyberbullying these days? They couldn't solve bullying in school. Only made it worse by putting responsibility on management.

I wonder what legal changes they would come up. I am not optimistic.

It is true that celebrities suffering brings attention and can be the catalyst for change.

Bullying has always been a problem. Sometimes its physical, but its always mental. The child who is ostracized is bullied too.

Now, in the virtual world, children find it follows them home too. Even if a child is offline after school, they hear all about what was said about them when they get back to school in the morning.

Where I live, there are good speakers who pass through all the schools, talking separately to the children and to the parents. Their descriptions and explanations made me realise that my mental model of what bullying is or how it works was inaccurate.

But censoring won't stop the bullying in any case. Neither will throwing responsibility around. We have tried both approach. Everytime, something ridiculous come up. All the good guys will go away while the ones willing to bend the law or spirit will stay. They will stay despite being in the grey or illegal because they accumulate enough funds or traction to do so.

Enforcement doesn't happen linearly. And if you stop the bullies from letting others discover them at all, there's no hope to changing them. They will still be able to bully someone but it won't be a celebrity, I guess because they are public.

Society censors majority of suicides. Normal social status doesn't come with followings that will eventually figure out the person died of suicide.

People say the censoring is to keep others from committing suicide. I think it's simply wrong to censor a person that died from taking their own life. Outrage would be more prevalent if things weren't censored like today. I can rightfully assume not all family members are even informed how someone died in a suicide and contrary if someone in the family is lost to cancer or any other illness that results in death. It's easy to realize why certain illnesses get more funding. More people are aware of it.

A lot of positives could come from everyone understanding not all people enjoy living because of whatever reason they suffer that leads to suicide. Progress comes with understanding. I don't think the mental health field is doing a good job at innovating like we see in the tech industry every few years.

If you don't put responsibility for bullying on management, who do you put it on?

IME, bullying was protected by the school because the rule was always "Anyone involved in a fight is punished, even if they didn't start it."

That meant that if someone hit you, you got punished for it. So you couldn't report it or you'd be punished, which basically meant that the majority of conflicts went unreported.

Nobody was holding the school responsible for it, and so they did nothing because it was easiest for them.

However, unlike in-person bullying, cyberbullying is always recorded. (Well, unless you're on voice chat or snapchat or something, I guess.) There's a paper trail for people to follow and determine what really happened.

Perhaps ultimately it shouldn't be the website that's responsible for that, but I know if I were running the website I'd feel ethically that I had to do something.

> I wonder what legal changes they would come up. I am not optimistic.

This. The sad reality, IMO, is that government policing of cyberbullying is never going to work out in practice due to its sheer scale. On the other hand, any legal framework that's going to be introduced would likely be abused by bad actors to suppress speech. So it's either going to be pointless at best, and outright harmful otherwise.

I was assuming it was due to the sheer volume of loli being posted on that instance. Most instances block / mute it for this reason.

Anything that isn’t photography is freedom of speech in Japan except genitals so not really

It's an issue outside japan; if I federate with an instance that allows this content, Mastodon will mirror that media. While in Japan certain images might be legal, in my country they are very much a greyzone I don't want to risk as administrator.

> Anything that isn’t photography is freedom of speech in Japan

There was a lot of censorship during the Fukushima nuclear disaster by the government.

Never heard of such conspiracy theory before...

So the real question is, if Mastodon was easily replicable as advertised, are all the contents mirrored to other instances?

The whole blocking situation turns me away from Mastodon. Short of maintaining my own instance, there's no way to be sure I can follow anyone I'd like to, or communicate with them. There's no way to find out from the outside if an instance is defederated.

Have you seen the "About" page on instances? It lists exactly what you want: what instances are defederated by the instance. Here's the page for the instance I reside in:


Yes, I forgot about this feature (is this opt-in or default on by the instance owner?) This addresses my last point.

But admins can still choose to block instances in the future that I might have interest interacting with. It is like a gamble choosing an instance.

Making an instance is tedious, and once someone in charge finds out who you hangout with, your domain name gets blocked. Such is socializing.

> But admins can still choose to block instances in the future that I might have interest interacting with. It is like a gamble choosing an instance.

Then have multiple accounts and abide by each instances' rules.

> Making an instance is tedious, and once someone in charge finds out who you hangout with, your domain name gets blocked. Such is socializing.

You can still hang out with the folks you were hanging out with. They blocking you has no bearing over who you hang out with, unless you let them get under your skin.

Based on your responses here and elsewhere it sounds like you have a bone to pick with Mastodon because you can't find a solution where you get to be heard by everyone all the time, from the far-left to the far-right. That's not a right and that's not "free speech", that's trampling on others' freedom of association and their right to build communities as they see fit: Not every person is welcome in every community. Who are you and I to dictate what a "correct, healthy community" is?

Please don't put words in my mouth, personally I don't have anything worthy of being heard.

I really wanted Mastodon to be where I can find everyone. To be free of censorship, ads and algorithm-induced bubbles. I am lucky to have the "right" mentality (in regard to the tech industry), so I am not often suppressed, but everyone is different.

I don't want to impose on someone a "correct, healthy community". Blocking an instance seems to do so.

Sorry, didn't mean to put words in your mouth.

However, it's very presumptuous to say:

"I really wanted Mastodon to be where I can find everyone."

That's Facebook and Twitter. And even then you can't find everyone.

People go to the Fediverse to build the community they want, not be subjected to "everyone". It's this clash of collective rights vs individualism that seems to drive so many of these ridiculous arguments. It's no different (or, in fact, it may be better now) than getting banned from one of the many phpBB forums of 20 years ago. Those communities thrived and the banned didn't even have an instance leftover to call a home: everything was gone when they got banned.

Just because you want to find everyone, doesn't mean everyone wants you to find them.

Hmm, maybe I should see the fediverse as multiple loosely-connected Twitter clones, rather than one place maybe? I seemed to have a malformed expectation regarding Mastodon. Thanks for clarifying that for me.

"Mastodon is a decentralized network! Remember, regardless of server choice you can talk to and follow anyone on Mastodon!" -- mastodon.social

I was perhaps misreading the developer's intentions.

Mastodon is just one ActivityPub software. PeerTube and Pixelfed let your loosely-connected Twitter clones also be loosely connected to Instagram clones. It's a big world.

So I wouldn't get too hung up on one developer (me included).

It is too bad that mastodon is less RSS / Email and more IRC chatroom networks, but that's what it is.

Yeah, gnusocial and family felt like glorified RSS readers + feeds to me. That's what attracted me to the network initially. My own Mastodon/Pleroma client is built entirely around the concept of "feeds" (whether it be user, hashtag, conversation thread) and simple combinations of feeds (eg grouping together multiple hashtags to form a "topic" or multiple users to form a "group").

Mastodon should be the exact opposite of IRC imo. Hashtags or message threads can act as a simulated chatroom but generally speaking, the power of feed-based social networks is that they invert the traditional power structure, thus yielding more interesting content.

I left Mastodon because the big "traditional"/sanctioned instances started banning other instances they didn't like, specifically Gab (instance full of right-wing people that allows basically anything that isn't illegal).

I had high hopes for Mastodon but whatever, this whole social network thing isn't worth the trouble. Now HN and Youtube are the only websites I visit for entertainment.

I don't understand this mindset at all. It's not so much "I want to be able to say whatever I want", it's "I want everybody to listen to whatever I say". Go post edgy xenophobic stuff in your dedicated online community if you like it so much but stop acting surprised when other communities want nothing to do with you.

I believe that the issue discussed is more about mods having that control instead of the user itself. Not about the fact that everybody should listen to everything.

I understand that the question is: should the mod define who “the community” the community can connect with, or not?

Very few people actually want to filter through the unadulterated garbage of the internet on their own. What you want to do on social media is like, read the news, talk to friends, or promote your work. You probably don't want to spend every minute of your online presence blocking new spammers, new trolls, death threats, conspiracy theories, and the like, just to make your feed somewhat usable. So you delegate this task to moderators. On a centralized platform like Twitter or Facebook, you don't get to choose moderators. Facebook decides it doesn't belong on its platform? It's gone. You have no recourse. With Mastodon, you get to a) pick a server with policies that you like in the first place b) you can switch to another server if you're unhappy with the original one.

Server blocks are just an extension of that function. If a spammer creates a new server under their own control and creates a million accounts to send spam from, do you expect moderators from other servers to just click "block" a million times? No, that's why the bulk option exists. There's no way it couldn't.

Exactly. Maybe some heuristics or even deep learning could help retaining control. But then we would succumb once again to the Eldritch Algorithm gods...

More or less “I’m not going to pay for your freedom with my privileges”.

De-federation and Gab blocking are mostly for instance operators and app developers to avoid hosting illegal content and avoid being seen as sympathetic to extremists respectively.

What people fear is either could be used as grounds to charge them as child molester or colluding terrorists or to revoke your Apple/Play Store developer accounts for life.

The mindset is "I want to choose who I listen to. I don't want the Mastodon instance to decide for me"

If you don't like listening to some people, that's fine, don't follow them, block them, whatever, but I won't join an instance where I can't listen to other people because the moderator doesn't like their message.

I had a quick look at mastodon a while ago and saw a few more problems with the model, but I wasn't aware instances could block each other. Maybe some day there will be an even more decentralized alternative (Looking at you, indieweb) where it is up to the user whom they block. I'm also not a huge fan of how mastodon is an implementation, more than a protocol.

I, as a user, am still going to demand that I can join a community where of likeminded people and moderation so I don't have to deal with the overwhelming spam of the internet myself. That's the bit that a number of decentralisation projects don't get - I don't want to have messages by anyone on the whole internet forced into my view (because have you seen how much that sucks?). I want moderation if the day-to-day use of the tool involves coming across a largely random group of people - otherwise it's just a platform for harassment and spamming people with child porn, a la Matrix - and I don't want to perform that moderation 100% by myself.

"where it is up to the user whom they block" does not imply that you have to manually select who to block, rather it could as well mean that you are free to select block-lists (with the ability to fork them if you so wish) of your own choice rather than have the admin of your network force them on you.

This changes nothing, one blocklist will get a lot of users, end up as a "recommended" setting, then all those hurt that their bigoted views aren't more popular will moaning about "free speech" again.

I'm happy let those who want to run a community that has similar values to mine block obnoxious content for me. Far better that than Facebook or Google being the sole arbiters.

> This changes nothing

The change is that it empowers the users.

> one blocklist will get a lot of users, end up as a "recommended" setting

This is fine as long as the users select said list out of their own will.

> then all those hurt that their bigoted views aren't more popular will moaning about "free speech" again.

Have you considered the possibility that a lot of non-bigoted views are currently blocked due to trigger-happy admins?

> Have you considered the possibility that a lot of non-bigoted views are currently blocked due to trigger-happy admins?

Exactly who is on Gab who I want to listen to? If they're not a bigot and not ok with bigotry, why are they on there?

I am not talking about Gab. I am talking about the other instances that were silenced in their crusade.

Then what is the point of federation? You just described a centralized forum/microblogging server.

I can pick and choose who my community and moderation team is - that's why I am on the fediverse and not Twitter. I am strongly opposed to having extreme right-wing views (along the lines of "you should be dead for who you are") forced into my conversations? I can pick an instance/moderation team which proactively blocks other instances which refuse to moderate their users according to such basic social norms.

Fact of the matter is that I don't really want to talk to most people on the internet, and I don't want to see what they have to say about me every time I want to see what my friends are up to. I want to talk to my friends, maybe have our wider communities able to chime in, and occasionally discover new people through that. It's not my job to convince random assholes on the internet that I deserve to exist, and it's not useful in any way to see their messages. Blocking extremist free speech instances which promote harassment as a normal part of their operation is... a feature, not a bug.

That is a fair point, but what happens when the moderation team deviates from your beliefs? What happens if your instance is declared not-safe? You're effectively exiled from the fediverse, people you follow will never see your toots again.

Then I move instance (probably well before my instance is declared not safe, tbh). It's a feature in Mastodon, assuming my moderation team hasn't decided to disable it - basically, I send a protocol message to my followers saying "I'm over here" and they automatically follow me over there. In a future p2p protocol that's designed by people who actually realise that people exist who don't want everyone on the internet to have a direct line to their inbox (aka none of the current ones), I could simply move moderation team and keep my identity.

It's incredibly unlikely that tomorrow, my instance pushes the needle so far that everyone blocks it immediately. More likely a series of changes in the moderation team gradually pushes things that way and I can change instance before things get bad enough that anyone would block it - and I'd do that because it wouldn't be a community I want to be part of any more, rather than any particular fear about being blocked.

I had no idea account migration landed. Your description actually sounds quite reasonable. I guess I was too shocked and burnt by the instance blocking incident. Maybe I should give Mastodon another try.

Just need to find an instance that doesn't block...

Finding an instance that doesn't block other instances, but also actually moderates its users and thus doesn't get blocked, is going to be pretty hard - and also a rather harassment-filled experience unless you fit in with the Gab crowd, I imagine. You could always run your own instance.

Note that the majority of instances that are "blocked" are actually soft-blocked by most instances, meaning you can still talk to people on them if you follow them, you're just not going to find posts from their users otherwise.

You can move to another instance.

The point is flexibility and no lock-in. If you buy into the Twitter platform and eventually you're not happy with the way it goes, moving away has a huge cost. If a federated architecture peers can come and go relatively easily.

See email for instance: if you're unhappy with your current provider you can move to a different one or even roll out a new server and you can still interact with the other users.

Simply interacting, yes, but email and messaging cannot replace Twitter. What makes Mastodon viable is the identity, multicast and backlog of toots(tweets?), which does not transfer as easily between instances.

So long as instances are serving content from other instances (pretty much required for a social network), there will be demand to be able to block other instances. Of course, people could just host their own instance, which is possible with Mastodon, and is indeed what a lot of people already do.

Mastodon uses the ActivityPub protocol, and there are other implementations that use this protocol (Pleroma, for example).

That was a feature added later, mostly to address instance operators' fear for police intervention for enabling access to Japanese content(they say loli but even Japanese in 30s to 40s are legit mistaken even in court as underage, so not much to do with age, IMO more of specific makeup style or lack thereof)

There's also pawoo.net, which was operated by Pixiv (switched hands).

Pawoo is the go-to instance for (lolicon) artists banned from Twitter, and despite being the largest Mastodon instance is blocked by almost all instances.

The fear came from some European laws forbidding under-aged illustrations (typing this makes me die inside), so instances serving pictures from Pawoo may get into trouble.


I kind of don't like how "lolicon" is being used -- because pedophilistic orientation don't seem to correlate all that well to how likely people is banned from Twitter. There's a real pedo guy on it, who I've seen public about how arts don't substitute stuffs, who posts his... arts a bit jagged, and doing it for years, then on the other hands there are artists getting banned nth times this year posting an abstracted person with clean and continuous lines.

My theory is there's a set of curve parameters that evaluate to "legality" in a sigmoid response that has less to do with ages or even if it's depicting a human or an animal or not, like a picture of desert hills looks pornographic sometimes or how sumo wrestlers charging evoke no sexual emotion. That human curve scoring yet to be discovered is, to me, looks like how legality is determined worldwide on and off internet, so calling those drawings as loli or people doing those curves as lolicon is inaccurate in my opinion.

Have you looked into ActivityStreams? It might be the protocol you're looking for!


ActivityStreams is a data format, not a protocol. ActivityPub is the protocol that Mastodon, Pleroma, etc use which shares ActivityStreams data.

Actually It's better than traditional centralized system like Twitter. If it's centralized , you can't do anything after banned. On decentralized SNS, you can join the problematic instance or start a your own instance that not banning.

Pleroma does what mastodon't

Last I checked Pleroma doesn't even have moderation tools, let alone message franking.

This is incorrect. AdminFE exist.

It has command line and web moderation tools.

I wrote a proprietary tool that provides a Pleroma client as filesystem called Polearm

Was it wise to start this project in Elixir? Note - I have no idea what this project does, it may be a tremendous success, I just think it's a pretty wide gamble to start it in a language that has such a tiny user base and steep learning curve.

Elixir is, more or less, a thin shell on top of Erlang. As long as Erlang is maintained, Elixir can be pretty easily carried along with, as far as maintaince goes.

How many web developers know Erlang though? this project is mostly web based no?

There’s an entire web framework for Elixir called Phoenix.

You’re painting Elixir as this obscure language that no one knows and while it’s undeniable that it may not be as widespread as JS, PHP or Python, it is not so marginal.

I live in a European city that’s not a tech capital and a couple major startups use it, and I’ve seen it used in major apps across the web.

Never used it myself but read how it excels at concurrency and messaging so why not use it for this?

It is pretty much obscure, I don't think a couple of major startups is gonna cut it. Elixir never got the kind of adoption that will last for years and years after the hype is gone. Instead it had a nice spike a couple of years ago and i's declining already. Ruby can live for another 20 years based on the 10 good years it had, Elixir never had those years it seems. Yes, it got tremendous attention on hackernews and blogs, but actual adoption? Seems like startups are more conservative than one might guess. Even worse, it's functional. So if a PHP/Ruby/Python dev wanna work on this cool OSS project, when it's in Elixir that's just another big hurdle. See for yourself https://insights.stackoverflow.com/trends?tags=elixir

Ruby and PHP are also declining (well, relative to Stackoverflow questions), but Ruby still gets 10x more questions than Elixir and PHP 100X(!) more. Now sure, lots of PHP questions are from noobs who don't work in the industry. But if we start looking at jobs we're gonna see pretty similar results.

P.S when we look at frameworks it's about 60x more adoption for Rails vs Phoenix https://insights.stackoverflow.com/trends?tags=phoenix-frame...

Some examples of companies using Elixir / Erlang in production: Discord, WhatsApp, WeChat, Bet365, Pinterest (notification system).

This is hardly "obscure" - these are applications used by billions of users all over the world.

Potential developer market for your business or OS project is a factor in engineering, sure. But it's certainly not the only one, and there's a utility threshold for how useful a large developer base can be - maybe I don't care that there are only 10,000 good Elixir in my region if I only need 3 or 4, and I can entice them with good conditions (salary, or a prestigious OS project)

World-class CTOs and engineers choose Erlang and Elixir for their working characteristics as programming languages, a point which you've chosen to completely ignore.

> Even worse, it's functional

I wouldn't consider myself a functional programmer (although if a language offers FP facilities I often use the hell out of them over imperative and OO constructs) but if I built something in FP because I thought it was be the best-suited paradigm for the task at hand, I'd happily weed out people who can't be arsed to learn the rudiments.

We'll have to agree to disagree. I think the numbers clearly show Elixir is obscure and declining fast and that in general that can't be good for OSS projects, you seem to think otherwise and that's OK.

>An additional layer on top of it is so-called message franking, which allows encrypted messages to be reported to content moderators without compromising keys or message contents ahead of time while also preventing fake reports.

That sounds like the encryption isn't deniable. Personally I would prefer deniable encryption to ability to report wrongthink.

It sounds like you have never worked on a platform frequented by mobs of abusers (situations where abuse is targeted and high-volume enough that the "victim should just block" alternative is untenable for the victim).

Or a platform used by children.

The alternative, which you're welcome to use, is a fully decentralized/unmoderated platform. That alternative doesn't work for a lot of people. For them, the ability to report is often critical, quite literally, for their physical safety.

I get your point, but words like "wrongthink" are poisonous to a conversation. It's a privileged position to not routinely receive death and rape threats (c.f. women and trans on twitter) so please don't minimize the other side of the debate.

> Personally I would prefer deniable encryption

May I ask why? If you are not willing to stand behind something that you said then do not say it at all. Anyway, I do not think that deniable encryption is useful at all, after all potentially edited screenshots are taken as truth all the time. At least if you are using a non-deniable communication method you will be able to ask for proof that you wrote the post which they claim that you wrote.

What about spam and legitimate abuse? Do you think these things should be allowed to run rampant just because you believe that an admin's decision to not communicate with you is that terrible?

>What about spam and legitimate abuse?

You can block the spammer yourself. I'm not sure if the feature is about only private communication between two users or in channel, but if it's in channel, there can be bot logging messages. That way the bot's owner still knows who posted what and can ban/moderate as needed.

>Do you think these things should be allowed to run rampant just because you believe that an admin's decision to not communicate with you is that terrible?

I have no idea what are you talking about. Are you reacting to what I wrote or to your own projections about my beliefs?

If the spammer spams thousands of people, it's a better use of everyone's time if an admin bans it once and for all.

Spamming thousands of people can be detected without knowing the content. And if you accept messages from other people than those you are following, you have to accept you will inevitably get some spam. It's like getting PGP encrypted email - you can't expect server spam filter to catch it based on its content and if you report it as a spam, server spam filter doesn't see the content.

There are other solutions to this problem that don't require 3rd party intervention. For example, users could follow each other's block lists.

If Bob spams thousands of accounts he'd quickly get on multiple block lists.

Is Bob a verified, known identity, or does he simply create unlimited accounts and continue the spamming or abuse?

Mastodon is federated, so you already get to choose who your content moderators will be when you pick a server. Blocklists are just an informal and spammy-by-default version of that.

>You can block the spammer yourself.

This is nonsense. Do you really think everyone should have to deal with spam themselves? Do you disable spam filters on your email and deal with all of that on your own? Do you think, on a site like HN, we should have to filter spam ourselves too?

The internet would be completely unusable if it was expected that everyone deal with spam themselves. This is ludicrous.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact