this post was submitted on 26 Aug 2023
464 points (100.0% liked)
Technology
37800 readers
186 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Is there another OAuth identity provider they should use? I agree that it's ludicrous that advertising companies are the primary identity providers we use, but I have no issue with GitHub / Microsoft as an identity provider.
At the end of the day they could create their own account system and take on the liability of storing passwords, but why? That's not what their software is about and as instance admins it will take away their time and focus.
At the end of the day I think what you're chafing against is not their fault but a fundamental problem with open source software at the moment, we have no system of decentralized identity verification, and identity verification is basically a necessary part of ensuring your system isn't abused.
I'd personally prefer they didn't implement any KYC-style identity verification at all in the first place, but it's not my service or project and I'm not a paying customer, so my preference is largely irrelevant to them. But that said, I didn't intend the comment to be damning, or even a particularly harsh criticism, just thought it wad an odd choice.
If what you are saying is accurate, and there aren't better options, I at least understand that choice a bit more. If they feel they need an identity provider for whatever reason, they should obviously choose the one they feel best fits that need. And as others have noted, different servers and instances can be spun up or utilized. Users can choose to utlize whichever fits their needs best, or none if none of them fit.
Your other point is well taken though that it may be a gap in the marketplace. Sounds to me like a need waiting to be filled. I recall reading about some decentralized blockchain solutions for this sometime back, but do not recall the specifics. I haven't followed along because it didn't seem relevant to my personal or business needs at the time.
If anyone else knows of alternative options that may be better or more privacy friendly, I'd certainly be interested to hear about them. And would chip in funding for any good FOSS projects that might seek to solve this problem.