this post was submitted on 31 May 2024
1950 points (98.1% liked)
Fediverse
28380 readers
1672 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You may also interact with countless bots without ever knowing, because creating fake identities is free.
Fair, some people value their identity.
For average people nothing changes, the app can hold their key for them and even offer email recovery.
That's something having signatures and a web of trust solves.
Besides, you fail to see another problem: Whichever centralized, federated site you use can manipulate anything you read and publish.
Anyway, if you don't see a need for tools like nostr you don't need them.
Maybe. Bots don't seem currently capable of holding a conversation beyond surface level remarks. I think I tend to engage with thought-provoking stuff.
On the off chance that I reply to a bot, it is as much for my reply to be read by other humans viewing the conversation. So I don't understand how interacting with countless bots is supposed to be such a big downside.
Plus, I don't see how public/private key pairs prevents endless "fake" identity creation/proliferation. It's not like you need a government-issued ID to generate them (which, to be clear, still wouldn't be great -just got other reasons).
To be clear, I'm talking about online identities. In which case, I would argue that if you value it so much you should not delegate it to some third party network. My IRL identity is incredibly valuable to me, which is why I don't tie it up with any online communications services, especially ones I have no control over.
...so then the app can post on my behalf without me knowing? And it'll be signed as if I had done it myself. I don't understand preferring this if you're not also self hosting.
But as I wrote in my previous message regarding gpg signing circles (a web of trust), that doesn't "solve" things. It just introduces more layers and steps to try and compensate for an inherently impossible ideal. Unless I'm misunderstanding your point here?
I just take that for granted on the internet. It's true that key-signing messages should make that effectively impossible for all but the largest third parties (FAANG & nation-states). But you still need to verify keys/identities through some out-of-band mechanism, otherwise aren't you blindly trusting the decentralized network to be providing you with the "true" keys and post, as made by the human author?
Maybe I'm not expressing myself properly; I don't see how nostr (and tools like it) effectively address that/those needs.
Sort of like how there was (arguably still is) a need for cash that governments can't just annul or reverse transactions of, yet bitcoin and all cryptocurrencies I'm aware of fail on that front by effectively allowing state actors (who have state resources) to participate in the mining network and execute 51% attacks.