TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

54% Positive

Analyzed from 2626 words in the discussion.

Trending Topics

#key#don#domain#own#social#account#private#bluesky#github#pds

Discussion (74 Comments)Read Original on HackerNews

skybrianabout 2 hours ago
Most people don’t worry about it for the same reason they don’t worry about GitHub abusing their GitHub account and are even willing to use “login with GitHub” to access their other accounts. Account takeover by a third party is a bigger risk. If you’re concerned about supply chain risks, there are more important concerns than “what if GitHub itself is a bad actor.”

It’s solvable if you’re willing to self-host your PDS.

But I’m skeptical of the attempts to make a PDS an “everything account.” Why should you use the same PDS for your social media posts and your git repos and your blog posts? Seems like we need to get better at locking things down in practice before that kind of centralization?

pocksuppet4 minutes ago
The whole claimed point of ATProto is to avoid stuff like this. If centralization isn't a problem, just use GitHub, or X, because platforms that don't try to decentralize work better.
Aurornisabout 1 hour ago
> Most people don’t worry about it for the same reason they don’t worry about GitHub abusing their GitHub account

Even with GitHub we don’t hand over our private keys to the GitHub server, though.

When I commit to my repos the commits are still signed by the private key that lives on my computer. Someone could take over my GitHub account and they wouldn’t be able to sign commits with the private key on my PC.

They could technically add a new public key and sign new commits with that key, but I could cryptographically point to the change and show that the key changed at time of takeover and disavow it.

throawayonthe23 minutes ago
right but that's possible with tangled too, that's a git specific thing
NetOpWibbyabout 1 hour ago
This "social coding" thing Tangled has going on is cool but I don't want it. I hear they're figuring out private repos but for me, I don't want the same account I use for social for my code.

I'm probably in the minority though.

packetlost5 minutes ago
> I don't want the same account I use for social for my code

Then create separate accounts?

satvikpendem6 minutes ago
Check out https://radicle.dev then.
rafterydj25 minutes ago
Personally I think it should be optional, but meaningfully optional in a way that's technically sound and easier than it is now. I kind of feel like long term I'd want "professional/public" code I'd put my name on, and separate code I'd work on under a pseudonym/handle.
rbrenabout 2 hours ago
Who owns your domain name? Hint: it’s probably not you. Your hosting provider could take down your domain, or even steal traffic and direct it to their own IPs
Aurornisabout 1 hour ago
This cheap criticism of the headline doesn’t actually apply to the problems brought up in the article:

> Your PDS operator can post as you, like things as you, follow people as you, and it would be cryptographically indistinguishable from your real activity. The signatures are valid.

Your domain name owner or DNS provider cannot redirect your domain name to a different server and cryptographically impersonate you.

jacobgoldabout 1 hour ago
Your DNS provider can obtain a TLS certificate for your domain and cryptographically impersonate https://yourdomain.tld

It's not exactly the same thing but it's close.

Aurornis40 minutes ago
Still not the same thing as in the article. Server side TLS certificates are widely understood to be tied to the current owner of the domain.

In a social protocol or context, I would expect a private key to be in the private control of the individual, such as when someone uses their private key to sign an email or git commit.

The purpose of signing your emails or commits is to provide a good indicator that it actually came from you, not someone who managed to get access to your email account at the time.

handoflixueabout 1 hour ago
Can you move a DNS record AND make it look like I signed off on it?

The author's concern seems to be more focused on impersonation

PunchyHamsterabout 2 hours ago
But without private keys they can't pretend to be the same you. There is a very big difference here.
chuckadamsabout 1 hour ago
Right, if Bluesky ever does do something hinky with your PDS, the operation will be signed with their key and persisted in the operation log which they're unable to touch. You can outright remove Bluesky's key if you want, though I think that only works within some number of days of creating it.
EGregabout 1 hour ago
Yes you do own your domain, as much as you can own your house. Your hosting provider can only take down your hosting, not your domain. Seizing domain names isn't very common. And by the way, with Web3 domains, you have full ownership via your own private key, with no need to pay rent. Is it possible to lose your house that you own? Yes. It's far more rare to lose a domain you own, by it being seized.

DNSSec is used to prevent unauthorized stealing of domains. Furthermore, if someone does steal one domain you own, they don't steal all your accounts across all domains. If they take over your hosting, that's a fixable problem -- you just repoint the domain.

Now, having said that, I designed the Safebox exactly to prevent these scenarios from happening, and create an actually solid foundation for decentralized social networking, AI workloads, etc. If anyone is interested, probably the best link to begin reading about it is: https://safebots.ai/about (If you do, I'd love to hear your thoughts)

tptacek40 minutes ago
In addition to the fact that almost nobody uses DNSSEC, it solves none of the problems indicated by this article.
ranger_danger40 minutes ago
Seizing domains is a lot more common than it used to be though, enough that it's a real concern for me personally, and I'm not sure there is a viable solution at the moment. There is also the concern of countries/governments or specific ISPs simply blocking access to one's domain in various ways... and the number of authoritarian regimes that have been blocking large portions of the Internet has only grown with time.

And regarding DNSSEC... if your domain is taken by the registrar (court order, ToS violation, etc.) or a government that can command the parent TLD to act, they can just revoke your old key and transfer the domain to someone else (or setup a placeholder under their own DNS) and now your protection and all concept of ownership is completely gone without your consent. This happened a few years ago with Epik seizing the soyjakparty and kiwifarms domains, including their hosting from a subsidiary company Terrahost... and KF has never even lost a lawsuit, but there are some specific people that really don't like them, and have gotten adept at claiming ToS violations via every possible company that touches them in order to try to make them go away.

nekusar31 minutes ago
> Yes you do own your domain, as much as you can own your house

Uh, no.

I can legally shoot and kill intruders due to castle doctrine and stand your ground laws in my physical home. And legal invasions require being in front of a judge and a search warrant.

A domain can be seized for 'terms of service' (aka kangaroo court) reasons. Stand your ground nor castle doctrine doesn't apply to your digital house.

iamnothere6 minutes ago
Domains typically can’t be seized for arbitrary ToS violations, as registrars who do this can lose their accreditation with ICANN (and thus their ability to host domains at all). If the registrar could “frame” you for something like DNS abuse then maybe they could justify a suspension, and if they don’t unsuspend it after you correct the issue, you’d have to file a complaint with ICANN to (hopefully) get it back. If something like this happened and became public, though, the registrar would lose tons of business, as people would develop doubts about the registrar’s reputation.
opemabout 2 hours ago
that is why you have did:plc in ATProto but that doesn't resolve the concerns raised in this article.
nekusar37 minutes ago
If its an Onion (Tor) hostname, you absolutely do own it. Sure, its not memorable being a 128 bit hash. And nobody else can impersonate nor take.

And for lower bandwidth tasks, Tor Onions can't be beat. Just make sure to use 2fa on services you offer to keep the trash out. Things like fail2ban don't work the way you intend.

jacobgoldabout 2 hours ago
One of the core features of AT is the ability to move your repo hosting provider (PDS) at any time. This is the "data portability" problem that ActivityPub never solved.

Bluesky Social, PBC runs a PDS service (bsky.social) for free, there are a number of free public alternatives, and thousands of users self-host.

Self-hosting your own PDS can be done with Raspberry Pi or $5/mo VM and requires very little work. It runs in a Docker container with SQLite.

https://github.com/bluesky-social/pds

mdasenabout 1 hour ago
You have the ability to move, as long as Bluesky Social PBC allows it.

They hold the keys for your DID. If they don't allow you to move to another PDS, you can't move. The original theory was that you'd hold the private keys, but that's something that would hugely limit adoption so they decided to hold the keys themselves.

In terms of moving your backlog of posts to a new server, part of the issue is liability (not merely legal liability, but reputational as well). When you have a user on your platform and they're posting stuff, you're moderating them in real time. If they turn out to be a horrible troll, you've get the reports. Let's say a horrible troll has been on EvilServer and EvilServer has been ignoring the reports against them. They now want to move to your GoodServer and bring all their post history with them. As an admin of GoodServer, you can't see that everyone has been reporting this troll for years. They're now moving over lots of horrible, inflammatory, potentially illegal posts to your server.

chuckadamsabout 1 hour ago
You can add your own keys to your DID, and IIRC you can even remove bsky's keys within a given timeframe (days).
jacobgoldabout 1 hour ago
You can also opt for a did:web identity using your own domain in which case did:plc is irrelevant to you.

https://atproto.com/specs/did

opemabout 1 hour ago
Except it isn't as straightforward as most people would think. The last time I checked this, I think there were some issues with Bluesky app view and it didn't show accounts from a self hosted PDS
jacobgoldabout 1 hour ago
You may have seen a temporary bug.

It's completely straightforward and it works. Tens of thousands of users are doing it successfully.

https://blue.mackuba.eu/stats/

varun_chabout 1 hour ago
I think most people don’t need to worry about their host abusing its power to impersonate them, but the cool thing is, the people who do need to/want to worry (journalists, politicians, celebrities, activists, open source maintainers, etc etc etc) can self host a PDS and be a lot safer, and still interact with everyone else.
theamkabout 2 hours ago
Is author new at the whole web thing? Yes, people trust remote web servers. Yes, if you link multiple apps to an identity server (be it atproto, google, or self-hosted OpenID server), and your identity server is compromised, attacker will be able to impersonate you or lock you out.

This is just how the web works, and there is no easy around it without losing features people care about. Sure, you can do client-side encryption and pretend serve can't see the plaintext, but it's just a theatre, see Hushmail incident for example.

And having people export uber-key by default is pretty terrible idea. Sure, allow advanced users (like post author) to do it. But for the common person, the exported key is just another way to get account compromised, via malware or backup provider hacking. Or if they are not backing up stuff, then the key will get lost next time they upgrade.

tarpitt7 minutes ago
Are you new to the whole p2p thing? This is a terrible standard to hold new technology to. The web is broken.

https://secushare.org/broken-internet

Aurornisabout 1 hour ago
> Sure, you can do client-side encryption and pretend serve can't see the plaintext, but it's just a theatre,

Keeping a private keep on the client to sign your activity is a fundamental cryptography practice.

If you use a private key to sign your emails or git commits, it’s not security theater.

If you were to have to upload your private key to GitHub or your email provider, that would be severity theater.

> Is author new at the whole web thing?

Unnecessarily mean comment.

logifailabout 1 hour ago
> This is just how the web works, and there is no easy around it without losing features people care about [...]

Well, apart from using a separate email address for every single "provider"?

(Spoiler: there's no way I'm going to sign into your service with a shared email ... you get <youservice>@<me>.com)

ranger_danger31 minutes ago
Some services only allow signups from the big free providers like gmail/outlook/etc. because those providers are doing more consistent KYC and anti-spam measures than anyone else by far, and unfortunately it does cut down on the amount of spam by a lot. For most people nowadays you cannot even create a new gmail account without directly linking it to a mobile phone.
Muromecabout 1 hour ago
So does a CA issuing my certificate, but there is some oversight in what they do.
noname120about 1 hour ago
AI fluff
Zopieuxabout 1 hour ago
So annoying to read. Meanwhile, the key information ("backup key with higher priority") is mentioned in a sentence without any kind of elaboration or link to some follow-up/how-to.
opemabout 1 hour ago
and what makes you say that?
Zopieuxabout 1 hour ago
It has all the tells. There are websites which list them, please search "LLM tropes".
bluebarbet41 minutes ago
"This was AI" itself has all the tells of an irrational panic which typically accompanies new technology, like UFO sightings in the 1950s. If ever it is still possible to "tell" AI writing, it soon will not be. So best (IMO) just to respond to the substance of the writing and move on.
jimmydoeabout 2 hours ago
It seems most ppl who dislike X has already settled, a small amount moved to DeSo like atp or ap, most just stayed or went offline. Unless China GFW magically collapsed, there seems no reason ATProto user base will continue to grow. So, when will the monetization/enshitification phase begin?

I'm asking this not bc I like enshitification, but the app view design seems such a perfect fit for user data mining/targeting, that it's hard to believe it was not part of design consideration in day one.

opemabout 1 hour ago
Both nostr and atp sucks at key management imo. The Farcaster network does a good job here with their chain of trust model and a smart contract on etherium blockchain to recover identities in case of losing access to a private key. Ironically its also the blockchain aspect of Farcaster for which I never tried it.
skywalqerabout 1 hour ago
Why aren't the keys stored encrypted?
Noaidiabout 2 hours ago
Centralization is always a trap.

No idea why people have such a hard time joining and supporting the Fediverse.

sheoabout 2 hours ago
Because there is no single "default instance that is always a good choice and wouldn't go down randomly because of lack of funding". That's both a strong and a weak side of fedi
ftfish12 minutes ago
mastodon.social has been around for a decade now, seems stable enough.
webdevladderabout 2 hours ago
Higher friction and fragmentation are Fediverse features (not bugs) that give it a different grain. ATProto has different tradeoffs that lead to a different form of social media. I'm glad both exist, and bridging efforts are worth paying attention to for anyone frustrated with the distinctions.
iandabout 1 hour ago
How is the fediverse different. Can't the owner of an instance post as you? Can they read all your data stored on their instance and pass it to anyone they want to?
Advertisement
triyambakamabout 2 hours ago
What's the evidence for this? I'd be very keen to understand. This looks Claude written which is fine but adds an extra layer of skepticism for me.
verdvermabout 2 hours ago
Probably doesn't matter for the "40M+ users", most of them have churned at this point and growth is negative. This is good critique for the next iteration of open social protocols, but fundamentally atproto did not fail because of technical reasons. The next iteration should make privacy the default and core to protocol, and be very mindful of how the leadership / social dynamics played out.
singpolyma3about 2 hours ago
Based on all the traffic and development activity I'm not sure on what basis one would say "failed"
ftfishabout 2 hours ago
Source?

What I see here doesn't look good.

https://bluefacts.app/bluesky-user-growth

Never mind the pivot to reddit.

https://www.cnbc.com/2026/06/04/bluesky-twitter-rival-reddit...

adithyassekharabout 2 hours ago
What’s the definition of success here? Instagram like user counts?
pessimizerabout 2 hours ago
https://bsky.jazco.dev/stats
jacobgoldabout 2 hours ago
Bluesky / AT is the most successful open social network in history and the only one to become culturally significant. It has been adopted by presidents, celebrities, journalists, and mainstream users.

Bluesky has almost 50M registered users, sustained 1M+ daily active users, and 3M+ monthly active users for roughly two years. There's no reason to believe it will fall substantially below this level.

It is also in the process of adding (decentralized) subcommunities, which I expect to be really cool and have a large impact on growth.

tptacek39 minutes ago
"Registered users" is a meaningless statistic. Daily active users has consistently declined.
jacobgold28 minutes ago
I'd be the last person to downplay the fact that the Bluesky app has a serious retention problem. But it has "broken through" in an incredible way and DAUs/MAUs are quite stable.

Registered users is not at all meaningless. Bluesky has those user's email addresses, the mobile app is still installed on many of their devices, they have accounts, and they can potentially be reactivated.

For example, if Bluesky announced a feature exciting enough, like subcommunities, it could email those 50M users and possibly bootstrap a serious open network competitor to Reddit.

scyclowabout 2 hours ago
This is where non-financial use of blockchain could really shine, IMO. Self-sovereign identity management with a smart contract-based process for recovering ids if keys get lost or hacked. Blockchains are pretty out of favor these days, but I really don't see a better solution for decentralized identity management.
SkiFire13about 2 hours ago
> smart contract-based process for recovering ids if keys get lost or hacked

How would that even work?

TheDongabout 1 hour ago
If someone's account gets lost or hacked, the person with the most incentive to own that account is usually the original owner, so just give it to whoever is willing to pay the most, problem solved. We can call it "proof of stake", where you always stake a certain amount to keep owning your account, and when contested, whoever stakes the most gets it.

Poor people don't deserve rights on the blockchain anyway, it's not like they can afford the transaction fees, if they didn't want their account stolen they should have tried being rich, or buying into nearer the top of the pyramid.

Don't worry about people who pass away or lose internet for an extended period, we'll deal with that in v2, when we get "proof of death" and "proof of internet disconnectivity" on the blockchain somehow.

/s if it's necessary

AndrewStephensabout 2 hours ago
What is the incentive for an individual to participate in a non-financial blockchain?

Bitcoin-style blockchains “work” because everyone gets the possibility of a little reward for all the hassle and non-negligible CPU time of being a node.

majorchord22 minutes ago
For me the incentive is being able to own an identity that nobody can take away from me. And the assumption is that services will support this type of identity, so I don't have to make accounts on other systems that people can take away and now I've lost all access to any data I had.
vidabout 2 hours ago
What's the incentive for people to participate in file sharing networks? To some degree it's access to a world of free media (same as access to a world of decentralized identities), but to a large degree it's an interesting hobby/excuse to be interested in tech. Some people have racks of hard drives dedicated to hobbies like this, just because it's interesting and is worthy.