- cross-posted to:
- fediverse@lemmy.world
- cross-posted to:
- fediverse@lemmy.world
You must log in or register to comment.
The problem is that it’s “too complicated“ by presenting choices before knowing what they mean. It’s a decision tree without knowing the outcomes.
I’m new to Lemmy and it wasn’t as easy to sign up and use as Reddit or other social networks.
First I had to choose a server. To do that I had learn the consequences of choosing a server. Once I decided .ml had a sign up process where I had to be approved.
Then I wanted to choose a community, I think it’s called, and found there were multiple communities with the same name. Once again I had to make a choose without knowing the difference.
It all reminded me of the Paradox of Choice TED talk, https://www.ted.com/talks/barry_schwartz_the_paradox_of_choice .
Finally I had to choose an app, as there is no official one. Now I’m in Mlem, but I don’t know if it’s better or worse than the others.
Choice is great but for easier onboarding a first stop for server and app would be great. Like browser, you’re given one when you start and if you want better, and you’re ready too look for one, you can go looking.
What’s Mlem? Can’t find it on the Play Store. I’m using Sync which is pretty good…
probably because it’s an iOS app
As someone new here, what do you think would have really helped you without changing the fundamental principles of the fediverse? Like a website with clear information, or something else?
I think we need simple, non technical content that gets people who haven’t used the fediverse stoked to find out more and try to get involved. That’s what I’m trying to do with articles like this - add momentum and tap into a big potential audience who are primed for this. But I also do want to put together a Getting Started landing page that helps people kick off.
I really do think we need to get people pumped enough to want to be educated about it all.
This article was great! Thank you so much for writing it.
Any thoughts on
I haven’t really used it since I wanted to populate my Mastodon timeline. Now it’s happening a little bit more naturally, through boosts and hashtags.
The problem is information, there is simply too much. I decided to join social network other than reddit. From that to posting on lemmy should be a one step process. 1 signup page 1 app recommendation
Really I should of just written Lemmy.com instead of being distracted by the whole concept of fediverse and looking into it before signing up.
I really like how voyager does the onboarding, maybe we should promote going trough that.
Anyone want to clue him in on who runs .ml? I feel like it’s going to break his heart. But also, I kinda feel like he should know…
Please tell us! I personally have no idea
The lead developers of Lemmy. They also develop the mobile Lemmy app Jerboa (personally, not my first choice).
What’s wrong with Jerboa? Probably the only app I’d use for Lemmy.
There’s some accusations of bias / pro CCP moderation on .ml
There’s some stuff about it here: https://news.ycombinator.com/item?id=36255366
But I haven’t directly experienced any of this myself so I can’t speak to the truth of it. Idk.
The ml stands for Marxism-Leninism. They are tankies.
This is completely untrue and I don’t know why people keep repeating this.
Lemmy.ml used to be the biggest instance and absolutely full of pro-russia people and shit (Lemmy was in general, lemmygrad was the second biggest instance behind ml) so it wouldn’t suprise me
Because people with the @lemmy.ml tag are constantly saying the dumbest tankie shit ever.
When I see someone say Ukraine in 2014 was a CIA backed coup against the democratically elected pro russian government - it comes from that server, every time
Lemmygrad is worse actually, but most instances defederate from them
ml is the Internet country code top-level domain(ccTLD) for Mali.
Well the folks over at .ml aren’t from Mali or host their server there.
I registered using Mlem and it was way better than trying to do it via the Web. An onboarding like that would be much better than the current process.
Finally I had to choose an app, as there is no official one. Now I’m in Mlem, but I don’t know if it’s better or worse than the others.
I’m just here from Reddit after the Boost app finally stopped working. So now I’m running “Boost for Lemmy”, would definitely recommend it. It was one of the best 3rd party Reddit clients.
I did always think that a shared (somehow) login would be great; but how do you federate that? Do you? What if the original server goes down? How does moderation work?
It gets really complicated really fast.
If you choose the app first, and you choose Voyager, everything else - browsing, creating an account - is intuitive and just works.
Even though it’s first on the list when searching on the iOS Appstore I didn’t choose it because the icon looks… well stupid.
I tried out it and Jerboa on Android (from F-Droid) and besides for not showing user PFPs, Voyager is generally better.
For the uninitiated it’s basically a 1:1 clone of Apollo for Reddit. Hell, even the app’s name is derivative!
That said it’s still one of the best Lemmy apps for iOS and is a testament to Christian Selig’s original vision.
Yeh don’t choose that one, just sign up on desktop and use Jerboa ngl the reason techbros win is most normies do not want agency, they want to turn their brain off and scroll whatever the algorithm serves up as they do.
Technology Connections made a good video on this recently but I fear his plea will fall on deaf ears.
Just like this article, no one’s actually denying anyone the fediverse, we are literally right here.
Finally I had to choose an app, as there is no official one
It’s called Jerboa and it’s one of the worse ones, but it does exist
Jerboa
What makes it official, I didn’t come across it when I was searching for an app. I finally see why all the other apps use a rat as their logo.
Jerboa has the same lead developers and is part of the same GitHub organization as the Lemmy server and web UI.
The logo for Lemmy itself is the head of a rodent, supposedly a lemming. Most instances use that logo or a variation of it in their web UI. Jerboa and other apps in turn tend to use a rodent in the logo.
What’s the issue with Jerboa? It’s like Relay it’s probably the best one out there.
There is an issue open on Lemmy’s github about merging communities of the same name together in the ui by an “all” button, but sadly it’s been inactive for a year: #1113
That’s more a feature for a client app.
I mean, people do use the Web UI.
There’s more than one web UI.
I’m not in a rush to endorse client apps adding large, experience changing features. That will radically alter the way different users interact with the service, they might need two apps to get all the features they want, etc
Sounds like a good way to make things even MORE confusing for new users.
I’ve been on Lemmy for a while and still find the duplicate named communities on different insurances confusing. The number of users only somewhat. There are lots of communities still listed from dead instances like feddit.de.
Unique names for communities would be helpful and also support moving a community to a new instance.
Community names are unique if you account for the instance name.
This is a bit confusing as usernames follow a similar, email-address-like format.
I would enjoy there being just one community for a given topic that spans all instances, and moderators can either take actions that are instance specific or “global” (happen everywhere) but again that can get complicated fast. Who gets that global power? What if there are disagreements? Can an instance revoke a global action for just their instance? How much extra work does that create? How do instances handle backend storage for stuff like that (do you want CP deleted globally? I’d imagine so because it’s illegal to store it. Who decides to block an instance out of a community for posting offensive/illegal content; and how do you prevent all that from being abused for non-offensive content that instance mods find disagreeable?)
I wonder how moderating would work in a merged community, would mods not from instance X only be able to hide a post from that instance from the merged community, or would they have power to remove a post from another instance? I’d imagine that is one of the hiccups of a feature like this, it is a shame it has been collecting dust though
Edit: re-read the issue, now I understand it would be more of a multi Reddit than a merged community, so mods would only have the power for their own instance/community it sounds like
On the other hand, there is something to be said for having a small test before joining. I remember Usenet before and after it became accessible to AOL users.
This can be said for the internet in general. Just look at the brainwashed masses. Without easy access to the internet via smartphones, Trump, Weidel, Wilders, Meloni etc. would never stand a fucking chance.
I was reading some articles the other day, and the impression I have is that that’s really not true for at least Trump.
The Trump route was more:
-
Conservatives in the US felt that media had a liberal bias. Whether it did or didn’t doesn’t matter for this discussion — that was the perception.
-
Fox News offers a viewpoint appealing to conservatives. It becomes essentially the only mainstream conservative media outlet. Liberal viewers watch a variety of news media, but Fox News dominates among conservatives.
-
Fox News — already somewhat opinion-based from the start — starts to veer off into conspiracy land. Because so many conservatives watch Fox News, this has a major impact.
There’s some back and forth here. It’s not that Fox just pushed ideas that were out there, but that they’re willing to show material based on what people will watch, and they gained more viewers than they lost if they ran bonkers stuff.
https://www.cnn.com/2021/06/08/media/fox-news-hoax-paperback-book/index.html
Section
When Donald Trump lost the presidency last November, Fox News lost too. But unlike Trump, Fox was never in denial about its loss. The network’s executives and multi-million-dollar stars stared the ratings in the face every day and saw that their pro-Trump audience was reacting to the prospect of President Biden by switching channels or turning off the TV.
“We’re bleeding eyeballs,” a Fox producer remarked in December. “And we’re scared.”
To fix the problem, Fox ran even further to the right. And here’s the thing: It worked. It was toxic for the American political system, but it was profitable for Rupert and Lachlan Murdoch.
“Fox is a really different place than it was pre-election,” a commentator said to me, with regret, after Biden took office.
The post-election changes at Fox happened one day at a time, one show at a time, but when viewed in totality, they are unmistakable and stark. Practically every change was about having less news on the air and more opinions-about-the-news. It was like serving dessert without dinner, when the dessert consisted of screaming about how awful the dinner was, and warning that the meal might be a socialist plot, and hey, while we’re at it, why are chefs so corrupt?
And because Fox News is the primary trusted source of information for millions of Americans, including Republican elected officials and party activists, the changes affect everyone.
Trump’s loss was a pivot point.
‘We denied the pandemic and now we’re denying the election outcome.’
Fox’s ratings declined in the immediate aftermath of Mitt Romney’s loss in 2012, so the slump after the networks projected Biden as president-elect was no surprise. But the precipitousness was a shock. Fox’s afternoon and evening hours fell off by 20, 25, 30 percent, even though the news cycle was nothing short of epic. For people at Fox who were used to winning for years, this was disorienting, and for some downright terrifying.
“Our audience hates this,” one executive said to me in a moment of candor. “This” was Biden as president-elect and Kamala Harris as VP-elect. “They’re pissed,” said a second source. “Seething,” said another.
I granted anonymity to these sources because they weren’t allowed to speak with outside reporters on the record, and because I wanted them to freely offer blunt assessments of the situation.
Fox’s problem was that the audience suddenly had somewhere else to go. On the up-and- coming channel Newsmax, Biden wasn’t called president-elect right away. In other words, Trump wasn’t a loser yet. Newsmax’s 7 p.m. host Greg Kelly kept saying that he believed Trump could stay in office for four more years. “IT ISN’T OVER YET,” Newsmax’s banners proclaimed. While Fox only dabbled in election denialism at first, Newsmax went all-in.
There wasn’t really any major center-right mainstream news source other than Fox News, so if Fox shifts into conspiracy-land, so does the conservative public.
I dunno. Maybe the answer is something like a news source somewhere between CNN and Fox News. Something that a conservative audience is comfortable watching, but doesn’t fly off the handle to the degree that Fox has. It maybe can’t capture an audience that’s as large, but it only needs enough to be viable.
I mean, there are center-right media sources like the Wall Street Journal, but those are kinda not aimed at mass audiences.
The best center-right news sources are behind a paywall. The crazy ones, those are free.
In Germany it’s definitely true. You can witness this process in real-time. I already know the “arguments” the brainwashed masses come up with and if there’s some new hot take, I usually go to one of the fact checking sites and immediately find said hot take there. It’s crazy how easy it is to manipulate the masses via social media. There has never been anything more efficient than this shit.
Is fox news “social media” though?
I was talking about my personal observation in Germany. We don’t give a shit about Fox. We have BILD and Nius instead. Also state media keeps inviting Nazis to talk shows. But social media is the main driver here.
-
I love Lemmy and Voyager and the Fediverse. That said, if it were to become mainstream I forsee some problems. The fact that the login relies on only passwords is pretty terrible. Also, this makes the service vulnerable to bots, sock puppet accounts, brigading, etc.
What would you propose replace passwords to not be susceptible to those things?
I personally like how secure and non intrusive passwords are, especially when using a self hosted password manager synced with git.
It is hard to do well which is why I worry. Google probably has the best overall account security, you could fo worse than modeling after them.
The short answer to your question is Passkeys. But you need a whole system of account recovery around them.
Oh, you can easily bypass passkeys with automation. Don’t even need an image recognition model, just a QR-code scanner like
zbarimg.But i never tried googles passkey feature since it never seemed as secure as a 48 char computer generated password. So I’m not sure exactly how it works.
That’s a pretty wild claim. It almost sounds like you don’t know what a passkey is. Explain.
Oh I don’t know what it is, sorry I thought I made that clear. But a quick search on the internet said it was basically 2fa with a qr code and since the issue was how it would protect Lemmy from bots I just thought it wouldn’t be hard for a bot to read a qr code.
Bruh that’s gotta be one of the worst trains of thought I’ve seen recently ngl. I don’t even know how passkeys work and I know that. Based on your understanding, you could log into someone’s account just by reading a QR code. Which of these is more likely:
-
The entire cybersecurity community mysteriously and completely forgot that machines can read QR codes (which is, by the way, literally the entire purpose of a QR code)
-
You don’t understand how passkeys work
How arrogant do you have to be?
Well again, the claim was that somehow passkeys would stop Lemmy from being flooded by bots.
So in that situation, we aren’t talking about hacking. We are simply talking about if a login could be triggered programmatically. So if Lemmy required passkeys to be used instead of passwords. And if the passkeys required scanning a QR code to sign in. I imagine It would provide minimal disruption to an automated login.
Now if the passkeys somehow enforced a real human to do something that only a human could do, then yes it would stop an automated registration/login. However if it’s possible to automate then it wouldn’t stop bots.
-
Go read the FIDO threat model if you want to understand how it protects against specific attacks. It is pretty secure.
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html
Passkeys are much better. Unlike what FAANG companies want you to believe, they do not have to be tied to a device. Use a password manager that supports them (BitWarden) and pretty much never get hacked again because of a password. Website doesn’t need to store anything that an attacker can use. No downside.
Any recommended reading for pass keys to get me up to speed? I use Bitwarden and have been happy enough with just passwords via that for a long time now. Only time I’ve seen pass keys mentioned really was Google trying to push it on me but I don’t use their password manager.
A passkey is a public/private key pair used instead of a password. You store the private key, and the website stores the public key. Data encrypted with the public key can only be decrypted by the private key, and vice-versa.
This means you can share the public key freely with the website, and even if they get hacked and the public keys are stolen, they’re useless.
When you log in, they send you a challenge encrypted with the public key, and since you hold the private key, you can decrypt it, create a response to it, re-encrypt it with the private key, and send the response to the website; which then decrypts it with the public key to verify it.
The initial spec was that each device would have its own passkey and store it in a TPM (that thing Microsoft requires your computer to have for Windows 11), which is a secure memory storage location that only the kernel can access.
However BitWarden is also able to store them and make them portable. (I think the standard was loosened to allow for this? But don’t quote me on that.) So, now you can have one passkey for the site and it works anywhere you can use BitWarden’a browser extension.
TLDR: more secure than a password, nothing to forget, stops passwords being stolen.
2FA support would be better
Lemmy does support 2fa
oh. Nevermind then. I think this should be enough. maybe OpenID Connect support would be nice
Lemmy supports 2FA lol.
(At least on the web UI it does)
I just saw this on Reddit yesterday and now I’m here again.
Using phtn.app and Voyager.
Lost futures we finally created.
