this post was submitted on 26 Jan 2024
15 points (72.7% liked)

Fediverse

17735 readers
35 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
 

Is decentralised federated social media over engineered?

Can't get this brain fart out of my head.

What would the simplest, FOSS, alternative look like and would it be worth it?

Quick thoughts:

* FOSS platforms intended to be big single servers, but dedicated to ...
* Shared/Single Sign On
* Easy cross posting
* Enabling and building universal Multi-platform clients.
* Unlike email, supporting small servers

No duplication/federation/protocol required, just software.

#fediverse
@fediverse

you are viewing a single comment's thread
view the rest of the comments
[–] mindlight@lemm.ee 9 points 9 months ago (11 children)

Single Sign On doesn't mean that "American BigTech Servers" have to be used.

Essentially, for the users, it means that an account for site A can be used to login on site B because site A and site B trust each other.

A concept to Google if one wants to know more is "federated login".

[–] maegul@lemmy.ml 2 points 9 months ago (10 children)

Yea this is exactly what I was thinking about.

The idea being that there would be circles of trusted platforms and once you have an account with one you have an account on all of them. Which, I imagine, would allow easy/quick cross posting from one platform to another when desired and make it easier to build and maintain an aggregating client that allows you to view all the platforms within such a "circle of trust" that you're interested in through a unified interface.

[–] Aatube@kbin.social 3 points 9 months ago (9 children)

@maegul How would servers share accounts and passwords? Allowing any server to know what a user’s password should be is not very good for security.

@fediverse @maegul @1984 @mindlight

[–] Sean@liberal.city 3 points 9 months ago (1 children)

@Aatube @maegul@hachyderm.io @1984 @mindlight @maegul@lemmy.ml
Couldn't it be like public-private keys such PGP protocols, where the users have the private key and the platforms have the public key? It's seems quite good privacy, some would even say it's "pretty good privacy".

[–] Aatube@kbin.social 1 points 9 months ago (1 children)

@Sean Nice pun :D

I don’t think requiring users to use a really long and virtually unmemorizable password (the private key) would be a pretty good idea for a social network either.

@fediverse @maegul @1984 @mindlight @maegul

[–] Sean@liberal.city 2 points 9 months ago (1 children)

@Aatube @maegul@hachyderm.io @1984 @mindlight @maegul@lemmy.ml
The private key doesn't need to be memorized, it stays saved on the device that the client software is on, allowing the user to integrate mobile device's biometric reader (fingerprint/face/iris/whatever) to confirm identity, or use security key, there are already different ways to implement it that doesn't require pw memorization.

I've got a long unmemorizable string for Firefox sync, Brave, Proton Mail/Pass, it's still more secure than pw memorized

[–] Aatube@kbin.social 1 points 9 months ago

@Sean Not all devices support passkeys.

Unmemorizable passwords are not the kind I like to use. I'd rather be able to login on some random incognito guest computer.

@fediverse @maegul @1984 @mindlight @maegul

load more comments (7 replies)
load more comments (7 replies)
load more comments (7 replies)