Hacker News new | ask | show | jobs
by jacobgold 3 hours ago
One of the core features of AT is the ability to move your repo hosting provider (PDS) at any time. This is the "data portability" problem that ActivityPub never solved.

Bluesky Social, PBC runs a PDS service (bsky.social) for free, there are a number of free public alternatives, and thousands of users self-host.

Self-hosting your own PDS can be done with Raspberry Pi or $5/mo VM and requires very little work. It runs in a Docker container with SQLite.

https://github.com/bluesky-social/pds
3 comments
ascorbic 59 minutes ago
You can host it for free on Cloudflare using my Cirrus PDS: https://cirrus.earth/
link
mdasen 3 hours ago
You have the ability to move, as long as Bluesky Social PBC allows it.

They hold the keys for your DID. If they don't allow you to move to another PDS, you can't move. The original theory was that you'd hold the private keys, but that's something that would hugely limit adoption so they decided to hold the keys themselves.

In terms of moving your backlog of posts to a new server, part of the issue is liability (not merely legal liability, but reputational as well). When you have a user on your platform and they're posting stuff, you're moderating them in real time. If they turn out to be a horrible troll, you've get the reports. Let's say a horrible troll has been on EvilServer and EvilServer has been ignoring the reports against them. They now want to move to your GoodServer and bring all their post history with them. As an admin of GoodServer, you can't see that everyone has been reporting this troll for years. They're now moving over lots of horrible, inflammatory, potentially illegal posts to your server.

link
quasigod 43 minutes ago
You can register a recovery key which allows overriding the signing key. This allows users to move from an adversarial PDS. I do think Bluesky should push for more users to add a recovery key, but I also understand why they haven't.

Moderation tools arent limited to specific PDS's, labels are public. If an account has received many reports it will have been labelled by Bluesky's moderation account and other independent labellers. A PDS can check against these before allowing an account to migrate if they choose to. I'm not sure any are currently doing this, but this is something that can absolutely be improved in current implementations, not an inherent limitation of the architecture.

link
verdverm just now
How to adversarial migrate: https://www.da.vidbuchanan.co.uk/blog/adversarial-pds-migrat...

*requires your own PLC key, which the vast majority of users do not have, protonmail has good prior art here (imo)

link
chuckadams 2 hours ago
You can add your own keys to your DID, and IIRC you can even remove bsky's keys within a given timeframe (days).
link
jacobgold 2 hours ago
You can also opt for a did:web identity using your own domain in which case did:plc is irrelevant to you.

https://atproto.com/specs/did

link
opem 3 hours ago
Except it isn't as straightforward as most people would think. The last time I checked this, I think there were some issues with Bluesky app view and it didn't show accounts from a self hosted PDS
link
jacobgold 2 hours ago
You may have seen a temporary bug.

It's completely straightforward and it works. Tens of thousands of users are doing it successfully.

https://blue.mackuba.eu/stats/

link
quasigod 1 hour ago
When was the last time you checked that? That is definitely not currently true and hasnt been for as long as I've used Bluesky.
link