Nostr solves this. You don't need to "create an account", you just generate a key pair. That is your account. On what relays you store your data is orthogonal to this. As long as an event is signed by your private key, it is your event.
I think DIDs[0] are an interesting idea for dealing with the problem of centralized registration in federated systems.
It would be great to be able to create one identity that if I want to leave an instance and bring all my data with me to a new instance I can do so without friction. That's currently a big issue I have with Matrix for example -- there's no way for me to go from @user:matrix.org to @user:myowndomain.com and have that be the same identity with the same friends list, etc.
True, but you might be able to store it/hide it away in some DHT behind a username and passphrase, even that might not be necessary. You can solve a lot of complexity in the protocol by good frontend people who understand UX.
Even Whatsapp is using PKI, its just all hidden away from the user.
They managed to sell cryptocurrencies by proxy; maybe somebody else holds your keys, and you log in using a traditional method to have that provider use the keys where they are needed or rotate and update them when you want them rotated and need to broadcast that fact. And people who can handle it themselves, handle it themselves.
Holding a private key in a way that is both usable and secure is not easy, for fundamental reasons. As such, it is impossible for this to catch on with the general public, ever.
A far mor likely outcome is for government-managed identities to become the only way to access certain kinds of services, for better and for worse. Governments already have the identity management part handled, with the legal system acting as the ultimate fall-back for any corner case. The integration is already widely used for certain services (the entire financial system relies on government-managed identities already, all around the world), so it's just a matter of extending this. It also helps solve certain less talked about problems of identity systems, such as preventing children from accessing certain kinds of content.
Ideally, instead of the current solution of every institution having access to all of your personal details so they can check your identity with the government, governments could start working for the opposite model - a government-issued and managed IdP, where only the government knows your personal details, and where enterprises get an opaque token they can use to ask the government about a set of details they need to operate their business.
> Remember, your private key is your identity in Nostr, so if it is compromised you'll lose your followers and will have to start from scratch rebuilding your identity.
This is the same gripe I have with home servers on the fediverse: home servers come and go, and private keys sometimes need rotating. Making you lose all your friends and content when that happens is not an acceptable tradeoff.
I think the solution is entirely separating "identity" from every single other concern such as security (private keys), hosting (home servers), and public identity ("display name").
>I think the solution is entirely separating "identity" from every single other concern such as security (private keys), hosting (home servers), and public identity ("display name").
I'm not sure you can separate it from security (private keys). If there's nothing stopping others from using the same identity then it's not _your_ identity.
Nostr does not solve this. There is not "one big Nostr" network because there is no consensus across the network. Your view of Nostr is whatever the peers that you connect with say it is, and they have little reason at the limit to share with each other or to be honest with you.
Nostr is just going in circles with federated networks all over again.
Yeah Nostr is cool but like others have pointed out, there's an even steeper learning curve. And besides that, Nostr claims to be censorship proof, which sounds cool on the surface but will inevitably lead to a cesspool of hate and personal attacks.
This misses two important points about moderation/censorship:
1. I don't want to trawl through garbage to reach posts I like. Even a single gore video or such is enough to ruin most people's day.
2. It's not enough for me to block content I don't like - in certain situations, I have a legitimate need to block others from seeing content I don't like. Specifically, if someone is spreading lies about me, or pornography of me, the fact that I can block that person is not going to help me, I need a way for the platform to stop showing those lies/pornography to others, or at least to automatically attach my own version of the story to those lies (of course, I should first have to somehow prove those are lies).
In a properly decentralised model you’ll be free to subscribe to privately created block lists, which include users and instances considered “unsafe.” You’d subscribe to that and go about your day.
The authoritarian approach is that you want to ensure no one else sees what you don’t like. You don’t want to give them the choice.
Ok, say I win an injunction in court against this image/movie being shared. How is the court system going to enforce this injunction on the Fediverse or Nostr or Blusky?
You don’t need to win any injunctions if the activity is illegal. It will be a criminal case, not civil. The police will handle all prosecution. They’ll go ahead and shut down any suspected illegal activity by order and/or seizure, provided they have jurisdiction. You might just be asked to testify.
The globally distributed nature of the internet complicates jurisdiction, but this has always been true of the internet. If someone uploads porn of you to 300 porn sites and 10,000 tor sites, it’s very difficult to get it all taken down. That doesn’t mean there’s something wrong with the internet. It’s accomplishing its original intent.
Edit: but perhaps that is your complaint? You believe the internet is fundamentally flawed in that there is no central authority which has the power to control all information? I understand the allure of this, but I believe this wound be ruinous for the internet and human progress.
My point is only that some amount of censorship and control of information is necessary. The particular example I gave is actually quite realistic, and happens to many people each day. While getting it off of the whole Internet is hard, getting it off Twitter/Facebook/Google/Reddit/PornHub is, thankfully, quite easy. The fact that it may linger on Tor and some less reputable porn sites or other places for a longer time is not as problematic, since few people access those.
Overall, what I'm saying is that many people who espouse the virtues of decentralized or federated social media forget or minimize some of the actual benefits of centralized social media with strong moderation [0].
While I think it's great that the internet as a whole is uncontrollable, I don't think "living" in the less controlled parts of the internet for most of your online life would be a pleasant or healthy experience.
[0] I should note that I have some serious qualms about the harm some of this content does to the moderators themselves, but I'm not sure how to grapple with that particular issue.
I don't think there is a simple answer to this. I agree that we cannot wish for a world in which nothing can ever be taken down. I guess we're just going to have to find the right balance.
But right now something very conerning is happening in western democracies that threatens to shift the balance very far in an authoritarian direction. And leaning on centralised platforms is at the centre of it.
Platforms are no longer just told "here's this revenge porn video, it's illegal, take it down!". If proposed laws are actually passed it will be more like "if people are discussing stuff on your platform, you better make sure no one comes to harm or else!"
In my view this is a sea change. Pretty soon we may no longer be able to discuss a wide range of subjects on mainstream platforms (such as psychological or health issues for instance). Kids in particular will be severely restricted in who they can talk to about what. In some cases it may prevent harm. In other cases it could be catastrophic.
If the balance moves so dramatically in one direction, I think it is ony reasonable to think about how to mitigate the effects of this to preserve some freedoms and escape hatches. The efforts I see are very very feeble anyway compared to the full force of what we are facing politically.
In my view, no control should ever be total, even if on the whole we cannot wish for a total loss of control.
Not if a decentralized platform claims to be censorship resistant, as Nostr does. But yeah I assume you could just block keys, or IP-addresses at some point.
Yeah, as far as I can tell, nostr does indeed solve the issues discussed ITT. I think it stems from the fact that nostr is a protocol, just like HTTP. So instead of federating or decentralizing on top of http, we needed a different protocol all-together
