Technical details and the installer are in the GitHub repo https://github.com/bluesky-social/pds
And we're on Discord available to help: https://discord.com/invite/UWS6FFdhMe
[1]https://www.emilydamstra.com/please-enough-dead-butterflies/
Are you joking? This is private enterprise we're talking about. We'll all die before this company or anything similar is built on "scientific rigor" unless it directly relates to their profit margins.
I didn't know this (as most of us I'd guess). It was an interesting read though, thanks.
Edit: now it has one! Thanks!
The on-demand TLS certificates with an "ask" endpoint is especially useful for the PDS use-case. Because there's generally a wildcard DNS name that is used to give each new user a domain handle (@alice.example.com) but we don't want to be vulnerable to a TLS certificate DoS/rate limit situation.
I'd imagine this use case is quite common for self hosters. If it can't operate alongside an existing, say, nginx on this port, are there recommended alternate practices?
I'm excited at separating identity from hosting, of which self hosting identity gets us closer.
Does the AT Protocol only optimize for Twitter-like flows, or does it allow for other types of social applications to be built like Activitypub? For example a reddit-like social media.
Part of the change today is that the PDS and Relay[1] now support non-app.bsky record types. This is quite new, so there could be issues, but we're prepared to fix any issues that crop up.
1. https://bsky.social/about/blog/5-5-2023-federation-architect...
Yes, it's totally up to a PDS operator to decide how they create user accounts. It's also not required on the Bluesky PDS service any longer, in most cases.
By default the self-hosted PDS requires an invite code, to prevent random people from creating an account. Later other options will exist, including OAuth support which is coming soon.
There is a Docker compose file in the repo, and advanced users shouldn't have any problems running the code on another distribution or even without Docker if they prefer.
Advanced users can just view the installer script as documentation.
There's an (incomplete) list here: https://docs.bsky.app/showcase
And the protocol is documented here: https://atproto.com
I use BSD, and all I see is a installer for Debian/Ubuntu.
No guide in sight for bare metal nor telling you what services/software are required.
Also, services like Twitter started off with a developer friendly open API, and then it got closed off when the business needed to make money off the platform. What's the difference with Bluesky?
It's MIT/Apache 2.0 licensed, so yes. However, because it's also an open protocol, even if it wasn't, you could write your own under whatever license you want.
> What's the difference with Bluesky?
BlueSky is built off of an open protocol, called AT. https://atproto.com/ BlueSky is a particular app built on the protocol. As such, there's no way to "turn off the API," as BlueSky itself is a participant in the open protocol.
They could like, re-write everything to be a central service, port the user data over to it, and then pull out from the network, but then two things would happen:
1. stuff would break, as it's no longer part of the network.
2. since there is true account portability, users could simply swap to a different PDS and client, and re-route around the damage.
Also given that it's against their entire stated mission and goals, it would be social suicide.
I'm working on a client and there's a specific scenario where I want to be able to show a feed like "Top 20 - Past 3 Hours" before a user has logged in to their Bluesky account.
Any chance the team could create a Home Assistant add-on for this? https://www.home-assistant.io/addons/
I think the Home Assistant community would go WILD for being able to self-host their Bluesky data straight from home with just a few clicks.
It's a pretty big crowd of people. https://analytics.home-assistant.io/ 327k willing to opt-in to analytics.
I know if there's one thing I'm eager to do it's to host even more stuff in that clunky piece of shit that has half a dozen main menu items for nonsense and buries everything of interest or value under "Settings"
I think the reason my friends did not join Bluesky despite me inviting them is that it just isn't as good of a product as Twitter. You can't post videos or DM.
I am not a tech executive and have no idea about corporate strategy, but it seems like Bluesky should focus less on technical differentiators and more on building killer features that have mass appeal and a community that people want to join.
IMHO this milestone, while cool, means absolutely nothing to people outside of the hacker news crowd.
I'm rooting for Bluesky, but it seems to me it will die without a critical mass of users.
Again, I'm kinda dumb, so this may all be wrong.
If the end result is politically unbiased, it's due to their conscious decisions, not some magic algorithm.
Congrats on launching! Excited to see what y'all do next.
As it is, og-embeds do work for video and audio from a few different providers.
GIF support: https://github.com/bluesky-social/social-app/issues/1047
Audio/video support: https://github.com/bluesky-social/social-app/issues/1052
If anything, my experience of Bluesky has been the inoffensive vapid thought leadering of peak Twitter alongside the playful air-headed liberal self-help that is also fairly reminiscent of peak Twitter. In one word: bland. Being able to paint over the offensive things like nazis and porn by sweeping them under your personal rug rather than blocking or banning them only adds to this impression for me.
Twitter, your breath of fresh air, on the other hand is overrun by ChatGPT spam bots and shovelware drop shipping ads worse than the crypto "giveaway" scams and paid tweets of the immediate pre-Musk days and every even moderately left-leaning political tweet is filled with replies describing the violent acts they want to do to that person in excessive detail by accounts that openly post literal neo-nazi propaganda videos of Adolf Hitler denouncing "degenerate art" as a Jewish plot to weaken the German volk and national spirit and going "I don't agree with everything he did but he had a point". Political discussions about the Middle East in turn are split evenly between right wing calls for genocide of all adults and children in Palestine and right wing defenses of Palestinians for being victims of the international Jewish conspiracy to exterminate the white race through mixed breeding with brown refugees.
We used to always call Twitter "the bad place", "hellsite" or "cesspool" before Musk but it certainly deserves those names now more than ever, arguably rivaling 4chan in its political takes although the depictions of gore are mostly limited to uncensored war footage and the porn is decidedly more tame.
The reason Twitter is called a "right-wing cesspool" is not because it's full of right-wing people (that would just make it a "pool"), it's because of the vicious explicit threats of violence and celebration of human suffering propagated by those people. For all its faults, the bland libs on Bluesky don't do much of that.
Granted, my experience of Twitter might be tainted by the fact most people I used to follow in the old days have either left or are no longer active and any time I visit the algorithmic timeline hits me at full blast. And a lot of the edgier posts (not replies) by right wing folks the avalanche of drama RTs throw my way are clearly created to farm engagement in the hope of striking it big if the bluecheck authors make the payout lottery.
I disagree. If anything now it's more balanced, every "right of Portland-liberal" is no longer hidden and shadow-banned or worse. I like it a lot more!
Now you can actually read and learn about stuff you care about.
Still though, I get like Matt Gaetz' tweets recommended to me. Does anyone like that dude? How is this happening? Why on earth would I want that? I feel like all this conservative stuff is surfaced by the application to me.
[Proof](https://ibb.co/ypHS8fN)
I got notifications, on my dang phone, for the dumbest fucking takes. I don't get them for liberal people. Possible I am just in the demographic of people they think would swing conservative so they target me.
It’s absolutely conservative cesspool. Nazis can are literally posting 14 words propaganda all day long and there are no consequences.
Interesting. I see it as the de-facto journalist platform, which to me (as a non american) make it very left leaning. But then again, I don't use X.
You'll want to read:
* "Composable Moderation," this is the core conceptual idea: https://bsky.social/about/blog/4-13-2023-moderation
* "Moderation in a Public Commons," which describes specific features that were added in pursuit of the previously-described goal https://bsky.social/about/blog/6-23-2023-moderation-proposal...
* "Bluesky 2023 Moderation Report," which discusses specifically how (what is now) the main instance was moderated last year https://bsky.social/about/blog/01-16-2024-moderation-2023
My understanding is that each host has control over what they host and can subscribe to third party content filtering services to help do so.
Then various indexes/aggregators (potentially third party) crawl hosts and provide services to find content. This is where voting or toxicity checks can be applied to manipulate reach.
This content is also tag-able via third party services (and may be used by indexes/aggregators).
The user is then able to select/configure indexes/aggregators and filter based on tags.
For clarity: I'd love to see this comment and say "I was wrong" 5 or 10 years later.
Basically, until atproto is much bigger than bsky.app, the situation is not very different.
(https://github.com/did-method-plc/did-method-plc/blob/main/R... linked from https://docs.bsky.app/blog/self-host-federation)
They have been a bit vague about other ways to generate revenue, except in one case: they will not be using advertisements to monetize.
I am unsure if I am going to run my own just yet. We'll see.
There's no algorithmic feed other than "popular" (on large instances) which shows the same 10 people posting for months in a row, daily. Hence, discovery of people and content is very hard. No content or people are recommended and search is broken. Ordinary people not belonging to some cultish niche have a very hard time compiling a good feed, if they even understand it at all.
Federation itself is broken. The boosts and comments to a post do not accurately synchronize across the network, it depends on some complicated logic regarding whom from your instance follows anybody else from the other instance. The bottom line is that you may see 3 boosts whilst the original has 12. You may not care about boosts, but it's a disaster for comments/replies. Everybody is seeing a different subset of replies to the same damn post. It drives the OP mad because there will be 20 people replying the same thing because they cannot see that others already said it.
Instances have too much power over moderation. They control whom the instance federates with server to server. You may be following somebody on another instance but your instance owner defederates and now your connection is gone. This ability to not just moderate content but heavily impact your social graph isn't seen anywhere else. And this ability is heavily used as Mastodon is a network of activists.
Combine this over-use of moderation with the idea that instances go under all the time, and the only sane thing to do for most people is to join the default instance. Here you'll have reasonable "mainstream" moderation and the biggest federation reach with other instances/services. Which kind of defeats the point of a distributed social network.
I'm still impressed by what Mastodon has accomplished given its grass root origin and shoestring budget, but it's no social media of the future.
I don't know if Bluesky is, but at least it has a better design regarding nomadic identities, a user's ability to self-moderate, content protection, etc.
Yet there are no comparisons on the site. I don't see even see a mention. This makes it difficult to evaluate relative maturity, core competencies, limitations, and risks.
Having read the post more deeply, particularly the bullet points you mentioned, it looks like there are four really high level differentiators listed:
* A focus on the global conversation
* Composable moderation
* Composable feeds
* Account portability
The term 'composable' seems almost misused when reading the extended descriptions, and is used differently between points. For example, 'composable moderation' indicates that moderation isn't done on a per-server level.
The fundamental censorship and algorithmic prioritization models for distributed social networks seems to have three layers: global (centralized), server, user.
In 'old social' the model is basically just 'global', as there are no servers and the only 'user-level' options are those determined by the global operator.
It doesn't seem like moderation would truly be 'composable' if it's only set on the global and user (and therefore global via centralized determination of client-level specs) level. It sounds like Facebook except with other people paying the data costs.
The next bullet indicates 'composable feeds', which sound like a very nice feature but really don't seem to follow a decentralized model either. The 'composition' does not combine from each global/server/user layer. They sound more like 'custom feeds' which users can define based on global content, using predefined criteria determined by a client (web app) which don't really a way to control the behavior of. Which makes this feature only truly operate on the global layer, and 'custom' rather than 'composable'.
It would be on the same level of 'old social' adding a new feature to their web app, more than a fundamental transfer of control to the network. As a result, when the dollars dry up and the feature isn't financially plausible, or a PM somewhere makes a bad decision because he read a blog post about how great it is to destroy user choice, there's risk the feature could go away.
Anyway, the question I'm still left with in the end is this. If moderation is done globally, and I can't exercise any control over the prioritization of content beyond what is granted to me by the global provider (even though there are more and better choices than 'old social'), what's the benefit of running a federated node?
I don't mean to make it sound like this is some kind of Twitter clone with an SSO login that outsources operational costs to volunteers while still keeping a fundamentally iron grip on control. I'm just honestly confused at the value proposition for volunteers. Exactly how much control is transferred to the network beyond simply hosting data which is displayed according to how the centralized portion of the system determines?
It'd be good if the trade-off in terms of time, data, and performance for running your own node was simply to remove the capability of the centralized network to collect user behavioral metrics and such. That's a great and valid reason to host your own service or use a trusted party's service. But there's no mention of this if it is the case. If you provide that already without promoting the fact, maybe bring that up with your marketing team.
Anyway that's getting a bit off topic. But to the original point:
Ideally, a better comparison would be a dedicated page which coallates every feature of each platform in a grid. A row for each feature. Row cells would fill with 'has' or 'does not have' checkboxes or possibly text where there's something similar but differs sufficiently to require an explanation. Maybe with links to documentation or direct to UI on the line items where appropriate.
This feels like "thanks for offloading some of the data, but we still retain most of the useful control?"
Which is to say, neither storage nor indexing -- but moderation -- the ability to have control over that would be the most important thing.
"Usk" buys (or otherwise leverages money to be able to put his thumb on the control of ) bluesky's moderation. Data storage just gives you the ability to leave? What am I missing?
It's running with wayyyy less resources than the github suggested. I am on a shared cpu with 512mb of ram running the container.
Could be a little simpler to setup, if the docs provided a docker run example without the shell scripts. Also has some duplicate env variables.
For anyone interested, I shared it in the discord: https://discord.com/channels/1207024379549061120/12070503280...
Overall super cool. My profile page says I am using an invalid handle, but otherwise it works, and I see it requesting my server for things.
In the example I just hard code the env variables to demonstrate, but you’d want them in secrets after testing it out.
Seems intriguing regardless. Congrats on making it happen!
But we do certainly plan to make IPv6 work on all our network services.
You cannot federate behind CGNAT, and most folks can only open ports over IPv6, because they don’t live in America where everyone can get their own public IPv4 address. This is a pretty big miss IMO.
Thank you! Great to see companies taking feedback seriously.
I have my own biases so I don't want to describe it further than that, nor link to it directly so as not to cause even more disagreement, but the controversy does not seem to faze the developer, so I believe you will have your wish.
The cliques are mostly important to those who choose to make it important for themselves.
This post immediately comes to mind: https://bsky.app/profile/caseynewton.bsky.social/post/3kktr3...
Can't have anyone competing with you, after all!
It's actually "you can host yourself and your friends but anyone who doesn't know someone with a server and technical knowledge must use our platform"
It's roughly 10 posts/second, so it's trivial to process it completely locally.
>To sign up, users must pay a $5 sign-up fee, meant to prevent the creation of spam accounts. Further, users can only post a limited number of “casts” on Farcaster apps, which are tied to packages called storage units. Storage units, which go for $5 a piece, grant a user 5,000 casts, 2,500 reactions, and 2,500 links or photo posts within a one-year period.
It will quickly become a mess in the real world.
People will run pods on cheapest VPS and they will get hacked, run out of money, get bored, go broke etc.
Imagine as fractions of content goes missing for a while or is just deleted.
One guy runs a small pod with some people, kills it, 60.000 messages gone. How does that impact interconnected discussions?
If I own my own data. (good), and I can remove my data if I want (good). Then what happened to a BlueSky conversation I was having with 40 other people? some of whom belong to other pods.
Do the conversations remain with just blank lines where I used to be?
If not, if the content remains stored somehow then I dont own my data and I cant remove it?
This is true of any federated system. Once you put things out into the world, you can ask that others delete it, but that doesn't mean they will.
Even in centralized systems, things like archive.org exist.
In some sense, public statements are always immutable.
> Imagine as fractions of content goes missing for a while or is just deleted.
All of your complaints apply for the internet. Would you say the internet was a bad idea?
It may have changed since I have been user there but, I consider content on sites like Facebook or Twitter, that is not really recent, to be lost anyway. Because searching or browsing older content was hard.
Various organizations provide "archive" services. Relays and/or AppViews can utilize (or be) such a service. Removal from such a service depends on that service's systems (and possibly the legal context.)
Caching can happen at Relays or AppViews and those will presumably need to do something to avoid caching CSAM.
Mastodon has this problem and it makes it where you have to have multiple accounts if you actually want to use the platform. This might sound like not a problem, but it'll naturally lead to whatever account has access to 51% of your content being the one you use consistently, and you eventually just forget about the other 49%.
Block lists don't work at the instance level, so the answer to your question isn't just "no", but that it is impossible.
If it is one for you, nothing stops you from using s client that supports multiple accounts.
But people banding together to not just block proven bad people (by whatever criteria) but also those who closely associate with them will happen in any federated system one way or other, because blocking at an individual level is too cumbersome.
Seriously?! Will this trend ever dies?!
I don’t want to use discord, can’t they just make a simple request form? Whenever I see “join our discord” for anything in any service I just never use that service, keep it as an option for whoever wants to hangout there just don’t make it the “only” channel of communication!
> Because the PDS distribution is not totally settled, we want to have a line of communication with PDS admins in the network, so we’re asking any developer that plans to run a PDS to join the PDS Admins Discord.
https://docs.bsky.app/blog/self-host-federation
This is much more reasonable than an actual gate on the feature.
The goal is just to help PDS operators join the network and make sure that if there's a problem we have a channel of communication open.
I am assuming a person's own posts would come along, but what about conversations with other people, or group discussions or things you have followed?
Any other features that would work / things you could see if still connected but no be available if you were federated and banned?
I think fbook has a hidden 'export your posts to WP' option somewhere, and you can download a copy of your data (if you are not banned / can still login) - but that data would not include replies in groups, marketplace, etc (? haven't checked, I'm sure other things)
I read they were turning off the groups access API and may not be offering a replacement option..
I think there is reasonable debate as to whether or not group posts and such should or should not be included in a data dump / backup..
Also not familiar with features that bluesky or mastadon or twitter do or do not have and what would break if you moved your data (would only your part of dms/chats come along? pictures others sent you or posted? )
Nothing. It is fully transparent to everyone. Your followers won't notice, and you won't notice. Everything Just Works.
.. and the only thing that happens is you can't send data to/through blusky (or receive?) any more and and new data ?
I'd like to test this, any way to get someone from blusky to ban an account to test this?
The feature I'd like to see from federated social network like this is encrypt everything to keys only held client side (in the style of keybase), so servers can't read content (only some surrounding metadata so they know which other servers to communicate with about the content).
> The AT Protocol, which Bluesky is built on, is designed to support public conversations.
Ah, ok.
IIUC the main defense is choice over your own feed + moderators on the feed you choose.
Is this why DMs are not supported? Because there wouldn't be a good spam protection mechanism?
Apparently, DMs are low priority: https://github.com/bluesky-social/social-app/issues/1114
How many of the well know personalities will abandon Mastodon for this?
Mastodon has a surprising number of famous personalities. Many popular open source developers live there. Lots of well known people in math/science (Terry Tao, etc). Lots of authors (Greg Egan, Neil Gaiman, etc). Lots of open source orgs.
Will they be willing to move networks yet again? Twitter made them unhappy. Will Mastodon be so poor (and Bluesky more superior) to get them to move again?
Live and die by network effects.
If I have my facts straight, they have gone from 2M to 5M users since they opened to the public just 17 days ago.
And btw, using Neil Gaiman as an example, he is prolific on Bluesky. He has 861 posts on Mastodon, vs 4.5k on Bsky. He seems to have already made the move to a large extent.
Once that happens we now wait for the platform that has the most sign ups.
Meta yesterday integrated Threads with Facebook allowing you to cross post and almost every week they are deepening the integration with Instagram.
They are clearly trying to broaden the user base to include the other few billion who never signed up for Twitter.
This seems like a major win for Mastodon. Bluesky is clearly spinning this as a positive, however, so what am I missing?
As a meaningful example: someone (not BlueSky themselves, I don't believe) published a "Quiet Posters" feed. I have subscribed to that. Now, in addition to "Following," and "For You," I have a "Quiet Posters" feed. This exclusively shows posts by people who don't post very often. Since subscribing to it, I have seen a lot more content from the folks who aren't as chatty as the people who fill up my timeline. That's very nice.
Can’t you just be ephemeral and delete your posts after a few days? Seems like nothing good comes from having a huge history of things you posted on a social network.
> "the protocol has an official webpage with a waitlist and a private beta?"
Both the waitlist and the private beta are gone.
> "The “protocol” is just a description of whatever the Bluesky app and servers do, it can and does change anytime the Bluesky developers decide they want to change it"
1. atproto is well documented and the plan and desire is to make it a proper internet standard.
2. There are hundreds of independent projects relying on the protocol to create alternative clients and custom feeds (algorithms).
3. The protocol includes namespaced schemas so that different apps can evolve without breaking each other e.g. the "app.bsky" namespace is for the Bluesky microblogging app.
> "The “DID Placeholder” method..."
There is already support for did:web and plans to support other DID methods, including potentially (non-POW) blockchain methods.
> "All posts go through the Bluesky central server..."
All posts go through any Relay that anyone cares to operate. It's also possible to fetch posts directly form the origin PDS host, it's just slower and results in more load on the PDS.
> "And you, as a reader, doesn’t have any control of what you’re reading from either..."
Apps are in full control over where they get posts from. An app can enable users to select a Relay/AppView or fetch posts directly from the origin PDS.
> "But I fail to see why even more than one network provider will exist,..."
People may want to operate their own Relay/AppView services so they have more control for their specific application, for higher performance (latency/throughput) reasons, or for geographic/jurisdictional reasons, to name a few.
And the compute/network requirements are not beyond the capabilities of small startups, non-profits, coops, or public services and likely never will be.
BlueSky is PDS + relays + clients.
If you look at the history of Nostr and try to really understand the protocol, where it came from and what it was trying to solve, Nostr was also meant to work on a PDS + relay model, except it degenerated to the point where most Nostr app developers are simply writing Javascript browser apps that use relays as a "poor man's cloud", sort of, without any consideration for achieving self-sovereignty of the user.
"I save the data in the 6 most popular Nostr relays and done." is what 99% of the so called "Nostr apps" do. Sounds good in theory, until it is not. Relays were really meant to be treated as ephemeral actors, that come and go, and data was meant to be stored somewhere the user was in control of, but instead, relays are treated as some sort of reincarnation of IPFS, where you save your data and have it safe forever.
Bluesky seems to solve this by introducing the concept of PDS. It's not like PDSes cannot be built for Nostr - there are indeed some Nostr apps that work using the PDS model - save the data in a place the user has complete control of, and then propagate it to relays. The benefit of Bluesky seems to me that it formalizes the concept of PDSes, so that app developers don't have to think about it and cannot mistake the relays for PDSes.
There is no escape...
(To me! others feel the exact opposite. Diversity is good here.)
And don’t say “lets defederate with said bad actors” since they would still exist and anyone can join said bad actors instances.
It’s akin to telling antelopes surrounded by lions to close their eyes and the lions are ‘gone’ yet the lions still exist around them.
> Moderation on Bluesky is not tied to your server, like it is on Mastodon. Defederation, a way of addressing moderation issues in Mastodon by disconnecting servers, is not as relevant on Bluesky because there are other layers to the system. Server operators can set rules for what content they will host, but tools like blocklists and moderation services are what help communities self-organize around moderation preferences. We’ve already integrated block and mute lists, and the tooling for independent moderation services is coming soon.
The whole point is to decentralize moderation so that users aren't stuck with only the moderation provided by their host.
Decentralized moderation and the tools needed to support it are not solved problems but are instead ongoing projects. Block and mute lists clearly won't be sufficient to enable robust decentralized moderation so it will he interesting to see how support for third party content filters get implemented.
Er... fine, and who cares? If everyone defederates (slightly more a nuclear option on Bluesky than Mastodon but still I think possible?), then, well, the bad instance is its own problem.
Or are you saying that even an unfederated instance with bad people would be bad? Like, the only solution there is to ban all open-source social networking software.
Nostr worked to some extent despite existence of Mastodon because Mastodon bodged that part. Mastodon took off because Twitter broke its community. Bluesky's successes is really making me feel that the first S of the abbreviation S.N.S. do stand for what it stands.
There's tons of alternate social media out there. Forums, Subreddits, Tildes, Discourse, Matrix, IRC, Mastodon, Lemmy, Usenet, and on and on. The truth is the S in SNS is always what social networks have been about.
