I'd like to encourage anyone who is wary of Bluesky to check out Paul (and Dominic's) back-in-the-day project Secure-Scuttlebot which solved most of the issues that Bluesky suffers from by using content addressable storage and signing key cryptography correctly.

The actual SSB codebase has been kind of broken since 2020, but I have a fork on my own Github that works and comes with a basic client that you can vibe/claw on top of: https://github.com/evbogue/ssbc

I'm happy to supply pub invites to anyone who wants to play around with the old sbot with me as we work towards making social media distributed again.

> Secure-Scuttlebot which solved most of the issues that Bluesky suffers from

I've heard Paul speak about this the other way around, that the experience from SSB informed the design of ATProto. I.e. ATProto solves most of the issues in SSB

For clarity, ATProto is the protocol, Bluesky is one dozens of apps, obv the biggest and most well known outside of the ATmosphere.

Bluesky does solve a lot of SSBs problems. Both projects can learn from each other. The past can become the future and the present inform the past.

This isn't just on Paul, Jay has publically stated that she doesn't believe users (even powerusers) can be trusted with keypairs.

Jay's unfortunately not wrong about that. Hitting that balance between “so secure even I can't access it anymore” v. “so convenient that cybercriminals can access it, too” is less trivial than a lot of the “just use keypairs” crowd likes to admit — even for those of us with many years of experience working with SSH and PGP keys, let alone people who haven't the slightest idea what a “keypair” even is.

Keypairs are fairly easy to use if you're on a reasonable unix-like OS and if you're not then frankly nothing is easy to use. Unfortunately this does mean that your statement is true for the majority of devices people use to access social media

It can be both.

Kudos, evbogue. Thank you for the hard work you've done to keep this alive.

Considering how hard it has been, and to some extent still is, to run your own Bluesky instance, the main problem is that it automatically becomes centralised in a way that no open protocol will solve.

If 97% of your users are on one instance it is not a distributed platform. Applying this to mastodon, I am pretty sure most people would consider it a problem if mastodon.social started getting more than 40% of active users (currently at about 15 iirc).

Moving the PLC to an independent org doesn't make it decentralized.

I don't seem any claim in GP's comment that it would make it decentralized. It does seem, by looking across your comments in this thread, that

(1) You feel very strongly about what decentralized means w.r.t. social media, bluesky, and the PLC

(2) ATProto accepts that it's not planned to be as decentralized as some want, and that it is currently centralized with secondary validators.

(3) No answer or plan for the PLC is going to satisfy you. Nor is any argument you make going to change the plans for identity in ATProto for the foreseeable future.

This is all fine, people can have different perspectives and work/play in different ecosystems, no one is right or wrong. This is precisely why there are multiple protocols out there and bridges between them.

May I then ask why you keep making comments to the same effect aas those you made in the post and multiple times here ~12h ago?

> This is precisely why there are multiple protocols out there and bridges between them.

Yes, that's great! What's not great is Bluesky attempting a hostile takeover on federated and decentralized social networks. It's been advertised from day 1 as an alternative to centralized silos and it's a lie. [0]

To be fair, projects like Blacksky try to decentralize it (except the identity server, as it's impossible??), and there's now a vibrant developer community around ATProto. That doesn't make the centralization and false marketing claims any less problematic.

Develop the protocol you want. Don't lure my friends into it by pretending it's something that it's not.

[0] https://arewedecentralizedyet.online/

> what reasons do your friends give?

In my (arguably not very representative) circles, unlike the big Facebook->Instagram migration, which was motivated by "i don't like that it's run by a Silicon Valley tech-bro neofascist, but that's where everyone's at", the Twitter->Bluesky migration was motivated by "finally an alternative that's not centralized so it can't be bought and controlled by american neonazis".

> Can you clarify this?

Well Bluesky's number 1 selling point was always decentralization. Just looking at a few past articles from the wikipedia page's sources:

"Twitter CEO Jack Dorsey announces a new research team, called Bluesky, to create a set of open and decentralized technical standards for social media platforms" (CNBC)

"Bluesky now operates as a “decentralized” social media platform, which means users can create their own servers on which they can store data and set their own rules" (Forbes)

To be fair, they did fit some of the bill which is now why we're complained that Bluesky is not 100% federated/decentralized. And they did improve compared to AP in terms of nomadic identity and letting users know everything on the platform is public (unlike Mastodon where people had a false sense of security).

There is not one right answer and being hostile towards atproto doesn't earn you friends or support for your ideas.

I recommend adjusting how you argue for your position, especially the tone. If you want to pay it forward, and repair some the damage to your ability to make proposals within the atmosphere, I would further recommend you write an alternative version with a leading apology and take down the antagonistic version you have published.

Does the existence of did:web make it decentralized? You don't have to use the centralized identity provider at all. And if you own a domain why would you?

In theory, yes. In practice, not really, since the vast majority of users won't care to do it.

Most people don't own a domain to do it with, but I think the custodial/management of that is the one place Bluesky has had some revenues.