this post was submitted on 31 May 2024
1950 points (98.2% liked)
Fediverse
28712 readers
42 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It weirds me out that most of the arguments for nostr I come across are around how "you can't loose your identity, it's just a private/public keypair!". Maybe I just don't get banned enough to understand the perspective, but to me the real problem is the content/discussions being lost, not usernames for some corner of the web.
I really don't care about loosing my identity on a social media website; I've found it healthier to view social media accounts on the same level as my customer account at my isp and power utility. When I change ISPs, the old account is closed down and I start up a new one at the other ISP. What's important to me is the service getting delivered, not that it remembers that I'm the same person from however many years ago. It's still the same me here in my body, interacting with the web. I know what I need from it, it doesn't always need to remember who I am (and sometimes I'd rather it forgot or never knew in the first place).
My final point is a bit of a troll, but also kinda serious: how decentralized is it when your identity is "centralized" in your key pair? Loose your keys or loose your password to the key, and your identity is similarly effectively gone. Even worse in this case, no-one can restore it for you. Which is why I don't tie my identity that much to any online service, especially ones I don't host. The only thing that truly preserves my identity is the flesh-and-blood body that I inhabit (and even that isn't fail-proof).
I've interacted with GPG signing circles before. So many people are losing access to their keys. So many more are considering some of their keys as compromised. In either case they're regularly generating wholly new keys, essentially rebooting their "identity" from scratch. When they do so, they always rely on flesh-and-blood interactions to have their new identity verified and trusted by others.
Maybe it's a question of which circles we're involved in; mine are already regularly hopping accounts, without being forced to by bans or server outages. I'm used to interpreting the tone & content to recognize "people", and ignoring usernames. On top of that so many people regularly change their display names on social media for vanity and expression purposes that I can't reliably use them anyways for recognizing accounts.
Maybe. Bots don't seem currently capable of holding a conversation beyond surface level remarks. I think I tend to engage with thought-provoking stuff.
On the off chance that I reply to a bot, it is as much for my reply to be read by other humans viewing the conversation. So I don't understand how interacting with countless bots is supposed to be such a big downside.
Plus, I don't see how public/private key pairs prevents endless "fake" identity creation/proliferation. It's not like you need a government-issued ID to generate them (which, to be clear, still wouldn't be great -just got other reasons).
To be clear, I'm talking about online identities. In which case, I would argue that if you value it so much you should not delegate it to some third party network. My IRL identity is incredibly valuable to me, which is why I don't tie it up with any online communications services, especially ones I have no control over.
...so then the app can post on my behalf without me knowing? And it'll be signed as if I had done it myself. I don't understand preferring this if you're not also self hosting.
But as I wrote in my previous message regarding gpg signing circles (a web of trust), that doesn't "solve" things. It just introduces more layers and steps to try and compensate for an inherently impossible ideal. Unless I'm misunderstanding your point here?
I just take that for granted on the internet. It's true that key-signing messages should make that effectively impossible for all but the largest third parties (FAANG & nation-states). But you still need to verify keys/identities through some out-of-band mechanism, otherwise aren't you blindly trusting the decentralized network to be providing you with the "true" keys and post, as made by the human author?
Maybe I'm not expressing myself properly; I don't see how nostr (and tools like it) effectively address that/those needs.
Sort of like how there was (arguably still is) a need for cash that governments can't just annul or reverse transactions of, yet bitcoin and all cryptocurrencies I'm aware of fail on that front by effectively allowing state actors (who have state resources) to participate in the mining network and execute 51% attacks.