Recently, I’ve been learning more about this subject. Today I came across the Decentralization Scoring System and it slapped me across the face.
Everyone that thinks self hosting E-Mail is easy, I urge you to run your own mailserver and see how many mails actually reach their targets.
Your mailserver won’t be trusted by anyone, which makes your email always be delivered as spam, if they don’t get blocked outright.
Otherwise this scoring system seems to be quite alright. Even though it could use some more detail and citing some sources for the numbers would be great.
Nobody thinks self hosting email is easy. Wtf.
Realistically, more people need to self-host, or at the very least we need more mon-and-pop style datacenters. The foundational protocols of the Internet inherently make the web decentralized, but most would rather offload hardware costs and, more importantly, security, to those more knowledgeable. Not that I blame them, as running one’s own hardware is extremely time intensive, nevermind power and equipment costs, but it’s no wonder that conglomerates have stepped up to fill that role (nevermind economies of scale). Yet, this is how we’ve fallen into the situation we are in now.
Risk is also a factor re: self hosting.
- You’re exposing potential attack vectors, which is particularly concerning if self hosting = home hosting.
- Also with home hosting, it’s probably against your ISP’s TOS. It is for mine (I actually read it!). Will they do anything? Probably not. But it’s a risk.
- You could face legal issues if someone posts illegal content, since you’re hosting it. Even unwittingly.
Those concerns are what stop me. Because I otherwise think I’d enjoy hosting a little corner in the fediverse.
Valid points. Also too, the cost associated with a business class data plan that actually allows hosting. If you think about it, it really is an arbitrary restriction put in place by ISPs to goad those who want to leverage the internet’s potential into more expensive plans.
more people need to self-host, or at the very least we need more mon-and-pop style datacenters.
most would rather offload hardware costs and, more importantly, security, to those more knowledgeable.
running one’s own hardware is extremely time intensive, nevermind power and equipment costs
These three points that you’ve made are NOT accurate. I could go into great detail as to why this is but I won’t waste our time nor embarrass you.
The problem, unfortunately, always comes down to money.
This isn’t a technological problem.
All of the popular widely used corporate platforms gain more users because they have the money in which to market/advertise themselves.
That’s not contradictory. Most would rather offload hardware and security costs, running one’s own hardware is time intensive nevermind power and equipment costs, and you can indeed add advertising and awareness costs to that list. But you do also need the resource investments for a service to start with before advertising it.
Please look at the big picture here. The Fediverse exists only because of a very niche user base that are technologically exposed to it.
The general public HAVE NO FUCKING CLUE that the Fediverse exists.
Therefore, it would take either an enormous amount of incredibly generous people to market/advertise the Fediverse OR a fuck-ton of money to pay people to market/advertise the Fediverse.
Apologies for butting in here, but this brings up an IMHO very important point:
The general public HAVE NO FUCKING CLUE that the Fediverse exists.
If I may be so bold as to add: …and they like it that way.
When it comes to online stuff, most people are lazy, very very ignorant and anywhere inbetween politely indifferent and openly hostile towards any attempt to educate them. They want to look at cat videos and pr0n, collect likes for their food pics and chat with their grandkids. The technology behind all that is a nuisance, not a tool.
By and large, I think those people can’t be helped, because they’re happy with the status quo. If anything, you’re the enemy for wanting to take away their beloved Tiktok and WhatsApp.That means our largest efforts - self-hosting, the Fediverse, … will probably always be a bit of a parallel universe to the Internet at large.
This is sad for humanity in general, but it makes enshittification of those services both technically more difficult and (due to its small size and enshittification-resistant populace) less commercially viable.
And small doesn’t equal insignificant.So what I’m saying is, we shouldn’t see the Fediverse etc. as a replacement for everything, but as a safe space for refugees. And that’s what it excels at.
Yes, promotion and awareness of a service is necessary for its continuation. I’ve agreed with that. But again, without the technological resources and money, there is no service to promote and nothing to continue because it hadn’t even started.
Wtf??
What the hell are you even smoking???
I do agree with one tiny little bit of your list, though, and that’s the fact that your rebuttal would, in fact, be a waste of time.
I’ll second the mom-and-pop thing. It’s a lot more realistic than the average Joe having to configure and manage things, but still will kill monopolies and associated fuckery dead. That’s kind of how Lemmy instances work, although I only know for sure my own is on a private box.
It’s a bit harder for heavy things like streaming, though.
Indeed, I think the entire idea that needs focus is distributing away from a handful of large corps, although I don’t see streaming going in that direction largely due to IP rights for content, not necessarily bandwidth and resources. Many streaming platforms as I understand already have their content distributed through CDNs that are geographically dispersed as to ease network load, though they retain control over that hardware. I’m proposing providing more options for your average joe website than on something controlled by the likes of Amazon and Microsoft.
Self-Hosting: Server: Easy (Leverage email hosting services) → Score: 18/20
Is it really self-hosting if someone else controls the data and software?
I run my own mail server since sometime late last century, and it’s gotten progressively more difficult over the years. Not setting up the server, that part is easy. Hardening it is a bit more work. But what’s making it nearly impossible is the big players’ anti-spam (or should that be in quotes) measures.
My mail server checks all the boxes it should - TLS, SPF, DomainKeys, DMARC, a domain name that’s been around for decades, same hostname and IP address for years, never been on any block list, … yet still e-mails relayed by it are tagged as spam for increasingly ridiculous reasons: it’s a residential IP (actually it’s not), the PTR record doesn’t match the A/AAA record (yes, that server has multiple jobs and multiple host names - not that unusual), the domain name is suspicious (same owner and tech-c for decades, same IP and SPF records for years), … if I didn’t know better, I’d suspect that MS, Google etc. just use their spam filters to make life difficult for anyone outside their oligopoly. But that’s probably just beause I’m a cynic.
It’s a buzzword like AI but for lefties
I think this scoring system is missing Language Support as an important aspect of decentralization.
Centralization happens not just through commercial hosting (centralization of ownership), but even through self-hosters being in relatively centralized locations, limited jurisdictions, etc: an app with 300 self-hosted instances all located in one city (or even just all within 5 Eyes countries) is much easier to shut down than an app with those 300 spread across the globe, and language support is important to help facilitate that level of decentralization.
If we’re talking takedown-resistance, we may need to enter the dark web realm:
- Tor hidden sites are inherently hard to pinpoint
- ZeroNet was an interesting project, seems to be abandoned
- I2P is like Tor on steroids, can publish all sorts of services
- IPFS is a decentralized P2P storage system (best/worst known for NFTs)
FreeNetHyphanet is a 25+ years old distributed content system with limited support for services- FreeNet is… honestly, haven’t seen a working example, but it sounds interesting?
- Matrix… if they manage to get things under control
- Nostr is a censorship-resistant distributed messaging system
Hosting distribution and localization varies, but they all have features to make it hard to pinpoint host and/or client locations.
Takedown resistance is a natural consequence of decentralization, but it’s not decentralization itself.
Technical means to evade takedown like you’re describing also tend to add complexity which reduces usability, whereas language support reduces complexity for speakers of the supported languages.
I think this scoring system is a little haphazard, and should probably be divided into multiple separate, parallel scores. Takedown resistance needs its own score, based on ability to integrate with anonymization tools, ownership of codebase, accessibility and security of dependencies, etc.
What is this shady, unsubstantiated, posted yesterday ass random github repo trying to encourage people to compromise their email security and why is it worth posting?
It’s meant to explain what decentralization is and is not. That’s all.
Technical ease of running your own backend. Full points for Docker/simple setup with good docs.
Oof, they neef a column for security to mark back down all the services that use docker.
Since when can you self host bluesky?!?
Edit: I dont see any mention of how to install a bluesky instance in their documentation https://docs.bsky.app/
https://github.com/bluesky-social/pds
Also, it isn’t ‘decentralization’ in the strictest technical sense. That’s what the Decentralization Scoring System is trying to show.
It shouldn’t be on the list if it isnt decentralized
