• 4 Posts
  • 79 Comments
Joined 2 years ago
cake
Cake day: July 2nd, 2023

help-circle



  • But if you officially operate somewhere, they can sue you, I thought that was common knowledge?

    Anyway, not complying with local laws and operating in the country can get you in some serious trouble. And the trouble will escalate until you comply or pull out of the country.

    Kim Jong Un can sue anyone. Like, they can sue Signal if they want. Sure, they have no way to enforce it, but they can sue (and win the case). It’s not like this would be a first, that happened quite a few times. Especially in dictatorship.






  • I actually like how Lemmy handles it, it warns you that it’s unencrypted and that it recommends Matrix

    It also uses an entirely separate AP type that’s not used for anything else (ChatMessage) unlike Mastodon which uses Note, which is also used for: Mastodon posts and comments, Lemmy comments, most likely others.

    ChatMessage type also has strict requirements about recipients, the chances to leak them are slimmer. Additionally, if the target app does not support the type, it’s very unlikely it will handle it at all, but Note will most likely be handled in some way.

    In conclusion, Lemmy PMs are very hard to leak accidentally (still very easy to leak intentionally).

    Sadly, Lemmy will be moving to Mastodon-style PMs.












  • I recently did a library implementing pretty much the whole ActivityPub protocol and let me tell you one thing I’ve learned: ActivityPub is a half-assed unfinished mess.

    It has so little constraints that pretty much anything is valid. You’d think that there was some logic at the core, but not really.

    For example, there’s the Like activity, the name is pretty self-explanatory. But it’s valid to like anything. You want to like another Like activity? Why not! So you can like a like that likes a like…

    Obviously, no real project implements such nonsense. But because almost everything is valid and up to interpretation of the implementer, there really is no single ActivityPub to implement that gets you running smoothly. There are many de-facto standards with various levels of compatibility with each other. Sending private messages is one such thing that many projects chose to implement in different ways.

    Fun fact: Without implementing the HTTP Signatures spec, your app will not be able to send any activities to any software, because ActivityPub allows anyone to impersonate anyone, which obviously didn’t really fly with people developing actual software that uses it.

    In conclusion, pure ActivityPub is an unusable mess in its pure form that literally won’t be able to communicate with other software implementing “ActivityPub,” so everyone is kind of implementing a similar slice/hybrid of ActivityPub and other protocols, but not exactly the same ActivityPub.