#xmpp | Explore Tumblr posts and blogs

mostlysignssomeportents · 4 months ago

Text

Defense (of the internet) (from billionaires) in depth

Picks and Shovels is a new, standalone technothriller starring Marty Hench, my two-fisted, hard-fighting, tech-scam-busting forensic accountant. You can pre-order it on my latest Kickstarter, which features a brilliant audiobook read by Wil Wheaton.

The only way to truly billionaire-proof the internet is to a) abolish billionaires and b) abolish the system that allows people to become billionaires. Short of that, any levees we build will need constant tending, reinforcement, and re-evaluation.

That's normal. No security measure (including billionaire-proofing the internet) is a "set and forget" affair. Any time you want something and someone else wants the opposite, you are stuck in an endless game of attack and defense. The measures that block your adversary today will only work until your adversary changes tactics to circumvent your defenses.

For example, mining all the links on the internet to find non-spam sites worked brilliantly for Google, because until Pagerank, there were zero reasons for spammers to get links to point to their sites. Once Google became the dominant way of finding things on the internet, spammers invented the linkfarm. This principle can be summed up as "Show me a ten-foot wall and I'll show you an eleven-foot ladder."

Security designers address this with something called "defense in depth": that's a series of overlapping defenses that are meant to correct for one another's weaknesses. Your bank might use a password, a 2FA code, and – for extremely high-stakes transactions – a series of biographical questions posed by a human customer service over a telephone line.

I've written extensively about defending a new, good internet from billionaire enshittifiers. For example, in this post, I described how Bluesky could be made enshittification-resistant with the use of "Ulysses Pacts" – self-imposed, binding restrictions on enshittification:

https://pluralistic.net/2024/11/02/ulysses-pact/#tie-yourself-to-a-federated-mast

A classic example of a Ulysses Pact is "throwing away the Oreos when you go on a diet." Now, it doesn't take a lot of work to devise a countermeasure your future, Oreo-craving self can take to defeat this measure: just drive to the grocery store and buy more Oreos. This even works at 2AM, provided you live within driving distance of an all-night grocer.

That doesn't mean you shouldn't throw away those Oreos. Depending on how strong your Oreo craving is, even a little friction can help you resist the temptation to ruin your diet. We often do bad things because of momentary impulses that fade quickly, and simply airgapping the connection between thought and deed works surprisingly well in many instances.

This is why places with fewer guns have fewer suicides of all kinds: there are plenty of ways to kill yourself, but none are quite so quick and reliable as a gun. People in the grips of a suicidal impulse who don't have guns have more chances to let the impulse pass (this is also why gun control leads to fewer all-cause homicides). So just because a measure is imperfect, that doesn't make it worthless.

If you're trying to give up drinking, you throw away all your booze, but you also go to meetings, and you get a sponsor who can help you out with a 2AM phone call. You might even put a breathalyzer on your car's ignition system. None of these are impossible to defeat (you can get an Uber to the liquor store, after all), but they all create friction between the thing you want, and the thing your adversary (your addiction) is trying to get. They strengthen the hand of you as defender of the sober status quo, against the attacker who wants you to relapse.

Critically, all these defensive measures also buy you space and time that you can use to organize and deploy more defenses. Maybe the long Uber ride to the liquor store gives you enough time to think about your actions so you call your sponsor from the parking lot. Defense is useful even when it only slows your adversary, rather than stopping your adversary in their tracks.

Scaling up from personal defense to societal-scale security considerations, it's useful to think of this as a battle with four fronts: code (what is technically im/possible?), law (what is il/legal?), norms (what is socially un/acceptable?) and markets (what is un/profitable?). This framework was first raised a quarter-century ago, in Larry Lessig's Code and Other Laws of Cyberspace:

https://commons.wikimedia.org/wiki/File:Code_And_Other_Laws_of_Cyberspace_Version_2_0.pdf

Lessig laid out these four forces as four angles of attack that challengers to the status quo should plan their strategy around. If you want to liberalize copyright, you can try norms (the "Free Mickey" campaign), laws (the Eldred v. Ashcroft Supreme Court case), code (machine-readable Creative Commons licenses) and markets (open access/free software businesses). Each one of these helps the other – for example, if lots of people believe in copyright reform (norms), more of them will back a Humble Bundle for open access materials (markets), and more lawmakers will be interested in changing copyright statutes (law), and more hackers will see reason to do cool things with CC licenses, like search engines (code).

But the four forces aren't just for attackers seeking to disrupt the status quo – they're just as important for defenders looking to create and sustain a new status quo. Figuring out how to "lock a system open" is very different from figuring out how to "force a system open." But they're both campaigns waged with code, law, norms and markets.

We're living through a key moment in enshittification history. Millions of people have become dissatisfied with legacy social media companies run by despicable, fascism-friendly billionaires like Elon Musk and Mark Zuckerberg and are ready to leave, despite the costs (losing contact with friends who stay behind). While many of them are moving to group chats and private Discord servers,tens of millions have moved to new social media platforms that advertise (though they don't necessarily deliver) decentralization: Mastodon (and the fediverse) and Bluesky (and the atmosphere).

Decentralization is itself a defensive countermeasure (code). When a service has diffuse power, it's harder for any one person to take it over. Federation adds another defensive layer, because users who don't like the way one server is run can move to another server, with varying degrees of data- and identity-portability. That makes it harder for server owners to squeeze users to make money (markets), and gives them an out if server owners try it anyway.

Federation with decentralization is my favorite anti-enshittification defense. It's powerful as hell. It's the main reason I endorse Free Our Feeds, an effort to (among other things) build more Bluesky servers to decrease the centralization and give users dissatisfied with Bluesky management an alternative:

https://pluralistic.net/2025/01/20/capitalist-unrealism/#praxis

That said, decentralization and federation are not perfect, set-and-forget defenses. Take email – the oldest, most successful federated system of them all. Email is nominally decentralized, but most email traffic goes through a handful of extremely large servers run by a cartel of companies (Google, Apple, Microsoft, and a few ISPs). These companies collude (or, more charitably, coordinate) to block email from non-cartel companies, in the name of fighting spam. This makes running your own mail server so hard that it is nearly impossible (that is, if you care about people actually receiving the email you send them):

https://pluralistic.net/2021/10/10/dead-letters/

What's interesting about enshittified email is that it didn't start with corporate takeover: it started with volunteer-maintained blocklists of untrustworthy servers that most email operators subscribed to, defederating from any server that appeared on the list. These blocklists of bad servers were opaque (often, their maintainers would operate anonymously, citing the threat of retaliation from criminal scammers whose servers appeared on the list). They had little or no appeal process, and few or no objective criteria for inclusion (you could be blocklisted for how your email server was configured, even if no one was using it to send spam). All of this set up the conditions to favor large email servers, and also had the effect of immunizing these large servers from appearing on blocklists. I mean, once three quarters of the internet is on Gmail, no one is going to block email from Gmail, even if a ton of spam is sent using its servers.

The lesson of email doesn't mean email is bad, nor does it mean decentralization and federation are useless. It doesn't even mean that blocklists of bad servers are evil. It just means that federation and decentralization are imperfect and insufficient defenses against enshittification, and that blocklists are useful, but very dangerous. It means that we should strive to keep our systems federated and decentralized, and watch our blocklists very carefully, and not rely on any of this as the only defense against enshittification.

Likewise, both Mastodon and Bluesky are built on free/open code and standards. That means that anyone can fork them, fix them or mod them. What's more, the licenses involved are irrevocable, making them very effective Ulysses Pacts. No one – not a CEO, not a VC investor, not a court or a blackmailer – can order someone to make their GPL code proprietary. The license is perpetual and irrevocable, and that's that.

Free/open licenses are excellent Ulysses Pacts and great code-related defenses against enshittification, but they, too, are imperfect and insufficient. Google, Facebook, Amazon, Apple and Microsoft have all figured out how to enshittify services that are built on free/open code:

https://mako.cc/copyrighteous/libreplanet-2018-keynote

And then there are all the companies that use free/open code and defeat the freedom and openness by simply violating the license, on the grounds that a decentralized, federated development community can't figure out who has standing to sue, and also can't afford to pay for the lawyers to do so:

https://sfconservancy.org/news/2022/may/16/vizio-remand-win/

That's not to say that code-based antienshittification measures are pointless – only to say that they need other measures to backstop them, as defense in depth. Let's talk about law, then. Both Mastodon and Bluesky are governed by legal entities that are, nominally, organized by charters that oblige them to eschew enshittification and be responsive to their users (Bluesky is a B-corp, Mastodon's code is overseen by a US nonprofit).

These structures are very important. I've been a volunteer board member for several co-ops and nonprofits (I was even once a volunteer for a nonprofit co-op!) and I'm familiar with the role that good governance can play in defending a project from internal and external pressures to betray its mission. That means I'm also familiar with the limits of these governance measures.

Take nonprofits: nominally, nonprofits are legally bound to serve their charitable purpose, and technically, stakeholders have legal recourse if they stray from this. But you don't have to look far to find nonprofits that have violated their charter and gotten away with it. Take the Nature Conservancy, which has become a key player in the market for fake "carbon offsets" that are used to justify everything from fossil fuel extraction to SUV manufacture:

https://pluralistic.net/2020/12/12/fairy-use-tale/#greenwashing

Or think of ISOC, who get tens of millions of dollars in free money every year from their stewardship of the .ORG registry, but who decided to hand over control of the nonprofits' TLD of choice to a shadowy cabal of hedge-fund billionaires:

https://www.eff.org/deeplinks/2020/12/how-we-saved-org-2020-review

Co-ops, too, are powerful but wildly imperfect. REI is a member co-op that does lots of great things…and also busts unions:

https://prismreports.org/2024/07/17/rei-workers-unionizing-fighting-for-agreemment/

But REI is a paragon of social virtue compared to its Canadian equivalent, Mountain Equipment Coop, whose board was taken over by corrupt assholes who then sold the whole thing to a US private equity fund and change the name to "MEC":

https://pluralistic.net/2020/09/16/spike-lee-joint/#casse-le-mec

B-corps are far from perfect, too: while they are nominally required to serve a positive social purpose, in practice, they can violate that purpose with impunity, whether that through greenwashing:

https://www.bbc.com/worklife/article/20240202-has-b-corp-certification-turned-into-corporate-greenwashing

Or Kickstarter insiders taking a $100m bribe to help Andreesen-Horowitz do a crypto pump-and-dump:

https://fortune.com/crypto/2024/03/11/kickstarter-blockchain-a16z-crypto-secret-investment-chris-dixon/

None of this is to claim that B-corps, co-ops, and nonprofits are useless. Maybe we should just give up on organization altogether and have some kind of adhocracy? If you're thinking this will help, then you need to read Jo Freeman's "The Tyranny of Structurelessness" and learn how a "leaderless" group is actually led by its least scrupulous, most Machiavellian schemers:

https://www.jofreeman.com/joreen/tyranny.htm

At this point, you might be mentally designing a new corporate structure, one that's designed to correct for both the tyranny of structurelessness and the brittleness of co-ops, nonprofits and B-corps. Please don't do this. Rolling your own corporate structure is like rolling your own cryptography or your own free software license. It always ends in tears:

https://www.reuters.com/technology/artificial-intelligence/openai-remove-non-profit-control-give-sam-altman-equity-sources-say-2024-09-25/

I like co-ops, nonprofits and B-corps. They're powerful – but insufficient – weapons against enshittification. They need to be backstopped by other measures, like norms. Normative measures are very powerful! Of course, mass revolts of angry users don't always keep companies from enshittifying:

https://www.theguardian.com/technology/2023/dec/30/reddit-moderator-protest-communities-social-media

But sometimes they do. The C-suite of Unity was shown the door after enshittifying their flagship product:

https://www.theverge.com/2023/10/10/23911338/unity-ceo-steps-down-developers-react

As was the enshittifying CEO of Sonos:

https://www.theverge.com/2025/1/13/24342179/sonos-ceo-patrick-spence-resignation-reason-app

And of course, these defensive measures reinforce one another. The public outcry against the .ORG selloff (norms) led to California's Attorney General stepping in (law), and after that, we more-or-less romped to victory:

https://www.theregister.com/2020/04/17/icann_california_org_sale_delay/

Markets are the final antienshittificatory force. If a social network is designed to be surveillance-resistant, it will be (very) hard to implement behavioral surveillance advertising. If a network is designed to support a many clients, it will be easy to implement an ad-blocker. Both factors make advertising-based businesses very unattractive to individual server operators, spammers, and VCs who back companies that operate elements of a federated server.

Same goes for systems that allow users to control the recommendations and other algorithmic aspects of their feeds (including switching these off altogether). The fact that Tiktok's users overwhelmingly use an algorithmic feed that they have no way to control or even understand is an anti-Ulysses Pact, an irresistible temptation for Tiktok to enshittify itself:

https://pluralistic.net/2023/01/21/potemkin-ai/#hey-guys

By contrast, it's much harder to pull those shenanigans with services that technologically devolve control over recommendations (code), making it less profitable to even try to attempt this (markets). And of course, if users refuse to tolerate this kind of thing (norms) and can hop to other servers (code), then any system that pulls that nonsense will lose lots of users and go broke (markets).

This defense-in-depth approach to decentralized social media pushes us to analyze both Mastodon and Bluesky through a tactical lens – to identify the weak parts in the defenses of each and shore them up.

Take Free Our Feeds and its attempt to stand up more Bluesky servers. This addresses one of the serious technical deficiencies in Bluesky (the lack of federation), and if lots of Bluesky users try it out, it will normalize the idea that Bluesky is a constellation of independently managed servers (norms). It also creates Bluesky alternatives with radically different commercial imperatives (markets), because the main Bluesky server is backed by venture capitalists, who are notorious for their enshittifying impulses.

But security isn't static – a tactic that works today won't work tomorrow if your adversary can figure out a way around it. Bluesky is a B-corp with an excellent board with some names I have profound trust for, but B-corps can abandon their public benefit purpose, and boards can be fired (and also even people you trust can talk themselves into doing stupid and wicked things, see .ORG).

If millions of Bluesky users flock to a rival service, one run by a nonprofit (markets), Bluesky's investors might be tempted to sever the link between Bluesky and that new server (code). That's what Facebook and Apple did to XMPP, an interoperable, federated messaging system that used to connect Apple users, Facebook users, and users of many other servers. They did this for commercial reasons (markets), to trap and lock in their users (code), and they got away with it because not enough users were outraged by this (norms) that they could get away with it.

When Bluesky's VCs fire the CEO, kick people like Mike Masnick off its board, and then defederate from Free Our Feeds' server, how do we make that more like Sonos or Unity (where the corporation capitulated to its users), and not like Reddit (where the user revolt was crushed)?

With social media, it's a numbers game. Social media grows by network effects: the more users there are in a system, the more valuable it is. It's not merely imperative to create alternative Bluesky servers, it's imperative to make them populous enough that cutting them off from the first Bluesky server will inflict more pain on the company than it inflicts on those other users. That's not a guarantee that Bluesky's future, enshittification-bent management won't go ahead and do it anyway, but it does increase the chances that if they press on, their users will take the hit to defect to free/open servers.

Bluesky has other problems besides its centralization, of course. The reason Bluesky is so centralized is that it's really expensive to run an alternative Bluesky server that provides a home for users who have left the main server (a "relay" in Bluesky-ese). Partly this is down to tooling: because no one has done it, Free Our Feeds will have to invent a lot of stuff to get that server up and running, but people who come later will benefit from whatever Free Our Feeds develops along the way.

But mostly, this isn't a tooling problem – it's an architecture problem. The way that Bluesky is structured demands a lot more of relays than Mastodon demands of "instances" (a loose Fediverse analog to relays):

https://www.techdirt.com/2025/01/21/the-technological-poison-pill-how-atprotocol-encourages-competition-resists-evil-billionaires-lock-in-enshittification/#comment-4253477

This is a code problem, and it's a hard one, but it's not insurmountable. The history of networked tools is the history of developers figuring out how to break apart large, monolithic, expensive services in cheaper, smaller, easier to develop. In other words, our defense in depth of Bluesky militates for more than one project – not just a "Free Our Feeds" but also a software development project to make it easier for anyone to free those feeds.

Which raises some important questions, the biggest being "Why bother?" After all, there's already a perfectly good Fediverse that could sure use the money and effort that Free Our Feeds is proposing to put into Bluesky. My main answer here is that the point of disenshittification is an enshittification-free internet, not a better Mastodon:

https://pluralistic.net/2025/01/20/capitalist-unrealism/#praxis

We want to set Bluesky users free because the problem with Bluesky isn't its users, it's the fact that there's no fire-exits those users can avail themselves of if Bluesky's VCs set it on fire:

https://pluralistic.net/2024/12/14/fire-exits/#graceful-failure-modes

But there's another good reason to do this, one that involves people who have no interest in using Bluesky: even if you don't want to use a better Bluesky, you likely have very good reasons to reach Bluesky users. Maybe you want them to help you organize against enshittification! Or maybe you just want to operate a real-world venue where people can gather and have a great time and support performers, and right now you're stuck advertising on Facebook and Instagram, and you don't want to end up being forced to use an enshittified, fire-exit-free Bluesky in the future:

https://www.dnalounge.com/backstage/log/2025/01/13.html

Of course, there's plenty of reasons to want to make Mastodon better. Many of Mastodon's features are absurdly primitive – the lack of threading support and quote-boosting sucks, and the supposedly opt-in system-wide search doesn't work, even if you opt in. Masto could sure use some of the money that Free Our Feeds is asking for to spruce up Bluesky.

This is true, but also irrelevant. Mastodon is stuck at around a million active users, while Bluesky has twenty times that amount. Crowdfunding a couple dollars per user to pursue software development is a reasonable goal, but raising twenty times that much is a lot harder:

https://mastodon-analytics.com/

The money being raised for Free Our Feeds isn't money that had been earmarked for Mastodon development, nor will abandoning Free Our Feeds redirect those funds to Mastodon development.

Which isn't to say that we shouldn't chip in to fund Mastodon development. I donated to the Kickstarter for Pixelfed, a Fediverse Insta replacement that has Meta so scared that they'll suspend your account if you even mention it:

https://www.kickstarter.com/projects/pixelfed/pixelfed-foundation-2024-real-ethical-social-networks

Adding Insta-like features to Mastodon is great. Fixing search, quoting, and threading would be great, too. We probably need some kind of governance efforts to keep volunteer-run, good faith defederation blocklists from exhibiting the same dynamics that email went through during the spam wars. There's some Bluesky features I'd love to see on Mastodon, like composable moderation and user-controlled, user-tunable recommendations. We also probably need some kind of adversarial press that closely monitors the governance structure for the Mastodon codebase and reports on process in standardization (I cannot overstate how much fuckery can take place within standards bodies, under cover of a nigh-impermeable shield of boringness).

Breaking Bluesky open is a priority. Keeping Mastodon open is a priority. But neither of these are goals unto themselves. The point is to set people free, not set technology free. Willie Sutton robbed banks because "that's where the money is." Right now, I'm interested in anti-enshittification measures for Bluesky because "that's where the people are."

Check out my Kickstarter to pre-order copies of my next novel, Picks and Shovels!

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2025/01/23/defense-in-depth/#self-marginalization

Image: Mike Baird (modified) https://flickr.com/photos/mikebaird/2354116406

CC BY 2.0 https://creativecommons.org/licenses/by/2.0/

154 notes · View notes

kendime-analizler · 1 year ago

Text

Merkezi Olmayan Bir Ağ Nasıl Öldürülür

Merkezi Olmayan Bir Ağ Nasıl Öldürülür (Fediverse gibi) Ploum tarafından 2023-06-23 tarihinde İngilzice yazısından çevrilmiştir

Yıl 2023. Tüm internet GAFAM imparatorluğunun kontrolü altında. Hepsi mi? Tamamı değil. Çünkü birkaç küçük köy baskıya direniyor. Ve bu köylerden bazıları bir araya gelerek "Fediverse "i oluşturmaya başladı.

Twitter ve Reddit'teki tartışmalarla birlikte Fediverse ün ve ilgi kazanmaya başladı. İnsanlar bunu gerçekten kullanmaya başladı. İmparatorluk fark etmeye başladı.

Kapitalistler Rekabete Karşı

Facebook'un önde gelen yatırımcılarından Peter Thiel'in dediği gibi: "Rekabet kaybedenler içindir." Evet, bu sözde "piyasa her zaman haklıdır" diyen insanlar, içinde oldukları zaman bir piyasa istemezler. Onlar tekel istiyorlar. Facebook, kuruluşundan bu yana her türlü rekabeti öldürmek için çok dikkatli davrandı. Bunu yapmanın en kolay yolu, bir gün rakip olabilecek şirketleri satın almak. Instagram, WhatsApp gibi şirketler, sadece ürünleri kullanıcıları cezbettiği ve Facebook'a gölge düşürebileceği için satın alındı.

Ancak Fediverse satın alınamaz. Fediverse, bir protokol (ActivityPub) aracılığıyla tartışan gayri resmi bir sunucu grubudur. Bu sunucular farklı yazılımlar bile çalıştırabilir (Mastodon en ünlüsüdür ancak Pleroma, Pixelfed, Peertube, WriteFreely, Lemmy ve diğerleri de olabilir).

Merkezi olmayan bir ağı satın alamazsınız!

Ama başka bir yol daha var: onu alakasız hale getirmek. Google'ın XMPP ile yaptığı da tam olarak buydu.

Google XMPP federasyonuna nasıl katıldı?

yüzyılın sonunda, anlık mesajlaşma programları (IM) çok popülerdi. İlk çok başarılı olanlardan biri ICQ idi, hemen ardından MSN messenger geldi. MSN Messenger zamanın Tiktok'uydu: gençlerin yetişkinler olmadan saatler ve günler geçirebileceği bir dünya.

MSN Microsoft'un bir parçası olduğu için Google rekabet etmek istedi ve 2005 yılında Gmail arayüzüne dahil ederek Google Talk'u sundu. Unutmayın ki o zamanlar akıllı telefon yoktu ve çok az web uygulaması vardı. Uygulamaların bilgisayara yüklenmesi gerekiyordu ve Gmail web arayüzü çığır açıcıydı. Hatta MSN bir noktada Microsoft Windows ile birlikte geliyordu ve onu kaldırmak gerçekten zordu. Google chat'i Gmail web arayüzüyle birlikte kurmak, müşterilere işletim sistemindeki yerleşik bir yazılımdan daha yakın olmanın bir yoluydu.

Google ve Microsoft hegemonya elde etmek için savaşırken, özgür yazılım meraklıları merkezi olmayan anlık mesajlaşma oluşturmaya çalışıyordu. E-posta gibi, XMPP de birleştirilmiş bir protokoldü: birden fazla sunucu bir protokol aracılığıyla birlikte konuşabilir ve her kullanıcı bir istemci aracılığıyla belirli bir sunucuya bağlanabilirdi. Bu kullanıcı daha sonra herhangi bir istemciyi kullanarak herhangi bir sunucudaki herhangi bir kullanıcıyla iletişim kurabilirdi. ActivityPub ve dolayısıyla Fediverse hala bu şekilde çalışmaktadır.

2006 yılında Google talk XMPP uyumlu hale geldi. Google XMPP'yi ciddi olarak düşünüyordu. 2008 yılında işteyken telefonum çaldı. Hattaki biri bana şöyle dedi: "Merhaba, biz Google ve sizi işe almak istiyoruz." Birkaç arama yaptım ve beni XMPP-dev listesi aracılığıyla buldukları ve XMPP sunucuları sistem yöneticilerini aradıkları ortaya çıktı.

Yani Google federasyonu gerçekten benimsiyordu. Bu ne kadar havalıydı? Bu, aniden her bir Gmail kullanıcısının bir XMPP kullanıcısı olması anlamına geliyordu. Bu sadece XMPP için iyi olabilirdi, değil mi? Kendimden geçmiştim.

Google XMPP'yi nasıl öldürdü?

Tabii ki gerçek biraz daha az parlaktı. Her şeyden önce, XMPP standardını geliştirmek için işbirliği yapmasına rağmen, Google kimsenin inceleyemediği kendi kapalı uygulamasını yapıyordu. Geliştirdikleri protokole her zaman saygı göstermedikleri ortaya çıktı. Her şeyi uygulamıyorlardı. Bu da XMPP gelişimini yavaşlatmaya ve uyum sağlamaya zorladı. Güzel yeni özellikler Google Talk ile uyumlu olmadıkları için XMPP istemcilerinde uygulanmadı veya kullanılmadı (avatarların XMPP'ye gelmesi çok uzun zaman aldı). Federasyon bazen bozuldu: saatlerce veya günlerce Google ve normal XMPP sunucuları arasında iletişim mümkün olmazdı. XMPP topluluğu Google sunucularının gözlemcisi ve hata ayıklayıcısı oldu, düzensizlikleri ve kesinti sürelerini yayınladı (bunu birkaç kez yaptım, muhtemelen iş teklifinin nedeni de buydu).

Ve "gerçek XMPP" kullanıcılarından çok daha fazla Google talk kullanıcısı olduğu için, "Google talk kullanıcılarını önemsememek" için çok az yer vardı. XMPP'yi yeni keşfeden ve kendileri Google talk kullanıcısı olmayanlar çok sinir bozucu bir deneyim yaşadılar çünkü bağlantılarının çoğu Google Talk kullanıcısıydı. Onlarla kolayca iletişim kurabileceklerini düşündüler, ancak bu temelde Google talk kullanırken sahip olduklarının bozulmuş bir versiyonuydu. Tipik bir XMPP kadrosu çoğunlukla Google Talk kullanıcılarından ve birkaç inekten oluşuyordu.

2013 yılında Google, XMPP etkileşimlerinin çoğunun zaten Google Talk kullanıcıları arasında olduğunu fark etti. Kontrolün %100 kendilerinde olmadığı bir protokole saygı duymak umurlarında değildi. Bu yüzden fişi çektiler ve artık federe olmayacaklarını duyurdular. Ve Hangout ile başlayan uzun bir mesajlaşma programı yaratma arayışı başladı (bunu Allo, Duo takip etti. Ondan sonra saymayı bıraktım).

Beklendiği gibi, hiçbir Google kullanıcısı gözünü kırpmadı. Aslında, hiçbiri fark etmedi. En kötü ihtimalle, bazı bağlantıları çevrimdışı oldu. Hepsi bu kadar. Ancak XMPP federasyonu için, kullanıcıların çoğunluğu aniden ortadan kaybolmuş gibiydi. Hizmetçiniz gibi XMPP fanatikleri bile arkadaşlarıyla iletişimlerini sürdürebilmek için Google hesapları oluşturmak zorunda kaldı. Unutmayın: onlar için biz sadece ��evrimdışıydık. Bu bizim hatamızdı.

XMPP hala var olsa ve çok aktif bir topluluk olsa da, bu darbeden asla kurtulamadı. Google'ın benimsemesiyle ilgili çok yüksek beklentiler büyük bir hayal kırıklığına ve sessiz bir unutuluşa yol açtı. XMPP bir niş haline geldi. O kadar niş bir hale geldi ki grup sohbetleri (Slack, Discord) moda olduğunda, özgür yazılım topluluğu XMPP ile grup sohbetleri zaten mümkünken rekabet etmek için onu (Matrix) yeniden icat etti. (Feragatname: Matrix protokolünü hiç incelemedim, bu nedenle XMPP ile teknik olarak nasıl karşılaştırılacağı konusunda hiçbir fikrim yok. Sadece aynı sorunu çözdüğüne ve XMPP ile aynı alanda rekabet ettiğine inanıyorum).

Google hiç katılmasaydı ya da bir parçası olarak düşünülmeseydi XMPP bugün farklı olur muydu? Bunu kimse söyleyemez. Ancak ben daha yavaş ve belki de daha sağlıklı büyüyeceğine inanıyorum. Bugün olduğundan daha büyük ve daha önemli olurdu. Varsayılan merkezi olmayan iletişim platformu olurdu. Kesin olan bir şey var: Google katılmamış olsaydı, XMPP bugün olduğundan daha kötü olmazdı.

Bu ilk değildi: Microsoft Playbook

Google'ın XMPP'ye yaptığı şey yeni değildi. Aslında 1998 yılında Microsoft mühendisi Vinod Vallopllil açıkça "OSS saldırılarını engellemek" başlıklı bir metin yazmış ve burada "protokolleri ve uygulamaları meta olmaktan çıkarmayı […]" önermişti. Bu protokolleri genişleterek ve yeni protokoller geliştirerek OSS projelerinin pazara girişini engelleyebiliriz."

Microsoft bu teoriyi Kerberos güvenlik protokolü için destek sunan Windows 2000'in piyasaya sürülmesiyle uygulamaya koydu. Ancak bu protokol genişletilmişti. Bu uzantıların spesifikasyonları serbestçe indirilebiliyordu ancak bu uzantıları uygulamanızı yasaklayan bir lisansı kabul etmeniz gerekiyordu. "Tamam "a tıkladığınız anda Kerberos'un açık kaynak kodlu hiçbir sürümü üzerinde çalışamazdınız. Amaç açıkça Samba gibi rakip ağ projelerini öldürmekti.

Glyn Moody'nin "Rebel Code" adlı kitabında anlattığı bu anekdot, açık kaynak ve merkezi olmayan projeleri öldürmenin gerçekten bilinçli hedefler olduğunu göstermektedir. Bu asla rastgele gerçekleşmez ve asla kötü şanstan kaynaklanmaz.

Microsoft, tescilli formatlar kullanarak Microsoft Office ile ofis pazarında hakimiyet sağlamak için benzer bir taktik kullandı (bir dosya formatı veri alışverişi için bir protokol olarak görülebilir). Alternatifler (OpenOffice ve ardından LibreOffice) doc/xls/ppt formatlarını açmada yeterince iyi hale geldiğinde, Microsoft "açık ve standartlaştırılmış" olarak adlandırdığı yeni bir format yayınladı. Bu format kasıtlı olarak çok karmaşık (20.000 sayfa spesifikasyon!) ve en önemlisi yanlıştı. Evet, spesifikasyonda bazı hatalar vardı, bu da OOXML formatının tamamını uygulayan bir yazılımın Microsoft Office'ten farklı davranacağı anlamına geliyordu.

Bu hatalar, siyasi lobi faaliyetleriyle birlikte, Münih kentini Linux'a geçişi geri almaya iten nedenlerden biriydi. Yani evet, strateji iyi çalışıyor. Bugün, docx, xlsx ve pptx hala bu yüzden normlar. Kaynak: Ben oradaydım, dolaylı olarak Münih şehri tarafından LibreOffice OOXML'nin şartnamelere uymak yerine Microsoft'unkine daha yakın hale getirilmesi için ödeme yapıldı.

GÜNCELLEME: Bu taktiğin bir Wikipedia sayfası bile var

Meta ve Fediverse

Tarihi bilmeyen insanlar onu tekrar etmeye mahkumdur. Meta ve Fediverse'de olan da tam olarak bu.

Meta'nın "Fediverse uyumlu" hale geleceğine dair söylentiler var. Mastodon hesabınızdan Instagram'daki insanları takip edebilirsiniz.

Bu söylentilerin doğruluk payı var mı, Meta'nın bunu düşünmesi mümkün mü bilmiyorum. Ancak XMPP ve OOXML ile ilgili kendi deneyimlerimin bana öğrettiği bir şey var: Meta Fediverse'e katılırsa, kazanan sadece Meta olacaktır. Aslında, tepkiler zaten onların kazandığını gösteriyor: Fediverse Meta'yı engellemek ya da engellememek arasında bölünmüş durumda. Bu gerçekleşirse, yeni gelenler için çok az çekiciliği olan parçalanmış, sinir bozucu iki katmanlı bir fediverse anlamına gelecektir.

GÜNCELLEME: Bu söylentiler, fosstodon.org'dan en az bir Mastodon yöneticisi olan kev'in Meta ile kayıt dışı bir toplantıda yer alması için temasa geçmesiyle doğrulandı. Olabilecek en iyi tepkiyi verdi: kibarca reddetti ve en önemlisi, kullanıcılarına karşı şeffaf olmak için e-postayı yayınladı. Teşekkürler Kev!

Meta'dan Kev'e, Fosstodon'dan gelen posta ve yanıt

Hepimizin tüm arkadaşlarımızın ve ailemizin Fediverse'de olmasını hayal ettiğimizi biliyorum, böylece özel ağlardan tamamen kurtulabiliriz. Ancak Fediverse pazar hakimiyeti ya da kar peşinde değil. Fediverse büyüme peşinde değil. Özgürlük için bir yer sunuyor. Fediverse'e katılan insanlar özgürlük arayanlardır. Eğer insanlar hazır değillerse veya özgürlük aramıyorlarsa, sorun değil. Tescilli platformlarda kalma hakları vardır. Onları Fediverse'e girmeye zorlamamalıyız. Her ne pahasına olursa olsun olabildiğince çok insanı dahil etmeye çalışmamalıyız. Dürüst olmalı ve insanların Fediverse'e arkasındaki bazı değerleri paylaştıkları için katıldıklarından emin olmalıyız.

Her ne pahasına olursa olsun beyinsiz büyüme ideolojisinde Meta'ya karşı yarışarak kaybedeceğimiz kesin. Onlar bu oyunun ustası. Herkesi kendi alanlarına çekmeye, sattıkları silahları kullanarak insanları kendilerine karşı yarıştırmaya çalışıyorlar.

Fediverse sadece zeminini koruyarak, özgürlük, ahlak, etik ve değerler hakkında konuşarak kazanabilir. Açık, ticari olmayan ve spekülasyon içermeyen tartışmalar başlatarak. Amacın kazanmak olmadığını kabul ederek. Kucaklamak değil. Amaç bir araç olarak kalmaktır. Birbirine bağlı insanlar için bir özgürlük alanı sunmaya adanmış bir araç. Hiçbir ticari kuruluşun sunamayacağı bir şey.

Resim David Revoy tarafından Nicolas Vivant tarafından Fransızcaya çevrildi İspanyolca Matii Çevirisi Deutsche Übersetzung von Janet und anderen Traduzione italiana di Nilocram

#fediverse #threads #mastodon #xmpp #google #microsoft #winter

0 notes