Fedi Meta
Want to know why we are making an alternative to mastodon ?
Here is what we have in mind https://parast.at
Fedi Meta
@Frinkeldoodle awesome!
We welcome interested people with open arms :)
I think the community is mainly on discord for now.
It would be rad to have you there, even if you mainly lurk.
*another* one? oof.
@impiaaa "at least this one is pretty"
@impiaaa "also we're making up our own new protocol" i see no issues with that, especially when the people doing that have no experience building that kind of thing afaik
@er1n @impiaaa I've found the blog post that gives a few more details than the landing page:
https://parast.at/blog/2020/01/03/what-is-parastat.html
From the sound of it, they just mean something like LitePub, a version of ActivityPub with some added semantics. Not sure what the progress is on that protocol, though.
The blog post mentions that some of our mod tools "waste time", I'd be curious to hear the specifics and what alternatives they come up with...
@Gargron @er1n @impiaaa "ActivityPub is insecure" is a statement about as truthful as "computer is insecure"
ActivityPub is basically just email with more structured data and less caked-on layers of legacy support.
I'm interpreting this to mean one of two things: either they're designing something with blockchain because they heard that word once and are excited about all the nonsense orbiting around it, or they've got no ideas at all and the project is going to be cancelled when they realize that.
@ben @er1n @impiaaa I don't know all the people mentioned in the project but from what I know I highly doubt a blockchain would be involved. It sounds like the "security" part means OCAPs, which is how e.g. kaniini, who develops LitePub, has been framing it. Personally I am skeptical of what practical benefits OCAPs give, considering that you're still relying on the other server cooperating with the procedure. Which, if that's what you consider insecure...
@gargron @ben @er1n @impiaaa Hello... I think I'm the one that started introducing ocap discourse into the fediverse, though maybe at this point Kaniini has the most attention in terms of the suggested application. Kaniini and I at this point semi-agree on some things: that bearcaps are a viable way to move forward, for instance. However I had objections to the writeup of how litepub suggested using ocaps as not actually being ocap discipline, but we agreed to leave it as an open discussion
@gargron @ben @er1n @impiaaa My main objection, iirc, was that ocaps were framed in such a way as "we'll use this as a way to prevent delegation / sharing of information", whereas one of the ocap tenets has really been that you *can't* mathematically prevent such a thing... so I think that's been a pretty confusing misuse of "ocaps" there. http://www.erights.org/elib/capability/delegations.html
Nonetheless ocaps *are* useful in terms of actual things: providing an authority model in terms of "what actions can be taken".
@gargron @ben @er1n @impiaaa That *is* a security model, and we can do things with it, eg having the authority to view a post or update a post or curate a collection or have the "parent post" publish your reply to the original recipients, etc. Those *are* security concerns, and one of the main complaints about ActivityPub (rightly so) is that "it doesn't specify an authorization model".
ocaps are a way to do that, but what they can't do (bc nothing can) is prohibit sharing information you have
@gargron @ben @er1n @impiaaa Sorry, and by prohibit I should say prevent.
You can prohibit sharing information (as in, request that it not be done, and if you have evidence that it is done, there are consequences) but you can't prevent the act itself. So I don't agree with the use of "ocaps" to describe such a suggestion, because ocap literature strictly states that that's impossible/wrong.
@mike a bit of off-topic: I received this post on my server (because I follow Eugen) and got a bunch of errors in my log because of a remote JSON-LD context URI that my server doesn't know about.
Is there a good reason to use instance-relative context URIs? I don't want to do any networking in my JSON-LD processor for performance reasons so I match URIs against a set of known ones and use a predefined context from cache. This fails miserably in such cases.
This work was done long before Mastodon started using inline contexts. I suppose we could do that, but I still recommend a context file cache. We had a long debate about this at the time as even the core ActivityStreams context can change and signatures will fail if that change isn't backward compatible. A pointer to dated contexts was recommended but this failed when using with Mastodon and I've never investigated the reason. LD signatures is a disaster, but we've all tried to find a way through the major land mines. This was our way.
@ben if it had goals it certainly did not make them known
@impiaaa they claim Mastodon takes 2GB of memory just to start up, and my instance is currently using less than 200 megabytes
they claim 64 megabytes of memory for 1000 users, which I can only assume means 1000 users who are all logged out
they've also got a screenshot of their "great design" which appears to be a nonfunctional mockup, but for some reason the posts are not in chronological order and also every single one of the mocked-up posts is more than 2 months old
@cwebber
this site is written with to much emotions throwed against others and it reads like there is nothing except the idea to get some money.
furthermore this licence is kinda strange and because of risks with possible law problems no serious domain owner will accept it for a service he is personally responsible for.
Gargron, continue your good work and try to open @Gargron @er1n @impiaaa - 1/2
For people reading this who would like to contribute to an *existing* fediverse software project that is not Mastodon, try these:
• The glitch-soc fork: https://github.com/glitch-soc/mastodon/
• Misskey: https://joinmisskey.github.io/
• microblog.pub: https://microblog.pub/
• Kibou: https://git.cybre.club/kibouproject/kibou
• Dolphin: https://github.com/syuilo/dolphin
• Rustodon: https://github.com/rustodon/rustodon
• Pleroma: https://pleroma.social/
• GNU Social: https://gnu.io/social
@impiaaa the Cambrian explosion of diversity in the ActivityPub ecosystem is an indicator of healthiness. It's nice to see *another* one.
Fedi Meta
@parastat looking forward to know more about you / it ! 
Fedi Meta
@Oz we have so much we want to share, but it will have to wait a bit more.
Looking forward for you to be part of the community :)
@parastat i'm strongly interested by both the security/moderation upgrades and the design one you're announcing.
Is there anyway i could contribute ?
@Oz I'm sure there are many, many, way you could help the project.
Development, documentation, donation, openning bugs, testing, peer review, translation, talk/write about the project, security audits, making apps etc. etc. are all healthy ways to participate.
It is not yet obvious how, but we will be in touch soon with ways to do just that :)
re: Fedi Meta
I run a Pleroma instance for our hackerspace @57n and was wondering if this might be something to consider switching to when it matures (not that Pleroma has been a problem so far) but after reading that license I nope'd right out of there.
re: Fedi Meta
I know of at least one worker co-op that pays salaries to staff, and if they do make a profit beyond what they need to put aside for emergencies or re-invest in their enterprise, they divest it to the local community.
A worker co-op that divests profit to the worker-owners is essentially a capitalist enterprise, and does not exist for the benefit of the community. Your license terms would forbid community interest enterprises from using your software.
See chapter 22 of https://blackcat.coop/wp-content/uploads/2018/03/Black-Cat-Handbook-V4.2.pdf
More generally, your license is a huge wall of text. I am not a lawyer.
When I look at your license, I see the threat of state violence being used against me in ways that I don't understand, because I'm not a lawyer. That alone makes me want to avoid your software. I'd be playing your game, but I don't understand the rules.
re: Fedi Meta
@irl thank you for going into more details.
I understand the point you make about community interest enterprises & the wall of text.
One thing that license are for generally is to enforce the threat of state violence. That's the whole idea behind copyright and licenses no?
Our goal with this license is to avoid capital to profit of our libre software, so far CNPL is the best we found.
We are not lawyer either.
re: Fedi Meta
Personally I'm not a fan of copyright. I generally release my open source projects as CC0, or 2-clause BSD license. I cannot see any situation in which I would enforce those licenses.
A community interest anarcho-syndicalist co-operative is still a business that has the potential to make surplus, the difference is what they do with the surplus. As people experiment with different models to find out which ones are good for humanity and which are not so good, fixing one particular model in your license seems short sighted.
The best protection you have for your code is to write your code to function the way you want it to, and not in ways that would be useful to surveillance capitalism and/or online advertising and/or trolls. Create an environment that is hostile to the ideas that you don't want, and that nurtures the ideas you do want.
re: Fedi Meta
@irl @parastat I will also weigh in that I think the license choice is a really bad one (even if good goals). I wouldn't touch any code that uses the CNPL with a ten foot pole and I advise that nobody else does so either. he terms in that license could very easily be turned against good parties.
Noncommercial licenses have a composition problem anyway: https://dustycloud.org/blog/noncommercial-doesnt-compose/
Please also don't call it "open source" if you use the CNPL: it doesn't meet the open source definition.
re: Fedi Meta
May I repeat my question about what you mean by "compose"?
As English is not my maternal language I don't understand clearly what you mean and I wasn't able to extract its meaning from your text either.
re: Fedi Meta
@LienRag Composition here means the ability to cleanly combine multiple things into a new thing.
re: Fedi Meta
re: Fedi Meta
@irl I love these last two paragraphs.
BLM 
re: Fedi Meta
@irl hey I'm the license author. I was already planning on revising the license further today, so I'll also look into accommodating for this. The particular phrasing here is borrowed from the CSL and PPL licenses and I'll also let them know about this.
"I see the threat of state violence being used against me in ways I don't understand"
My license has a plain-english summary page here: https://thufie.lain.haus/NPL.html
The reason why it is written like that rather than like the MIT-License is because the point is to scare off megacorporations in their own tongue and also try to cover all the edge cases which would abuse the intent of the license like the AGPL does. It was not really meant to be human-readible and I apologize for that, I should probably add a link to the above page at the license header to make the intent clear wherever the whole license text is reproduced.
Anyways, the reason why I do this is because not all good code that is open isn't unsalvageable by corporations or government organizations for their own bad purposes, so this can protect that kind of software from being used unethically. Using the same philosophy as copyleft, it turns the power of copyright against its original purpose by making works open rather than restricted, but it also aims to undermine how the exploitative aspects of Capitalism wield the copyrighted work in addition. It aims to go a bit farther. Good for projects that interface with users, especially, otherwise something else may work better, which is why I think it is a good choice for @parastat .
Hope this helped!
re: Fedi Meta
You're not scaring off megacorporations, they have lawyers that can tear your complex legalease to shreds. You're scaring off the people you would like to benefit from such a license.
In trying to cover all the edge cases, you're missing the edge cases where the users you want end up being denied access. It's akin to web censorship, you're going to have enough false positives and false negatives that it's not good for anyone.
You're also restricting the ability for OS distribution vendors to distribute software and provide packages. Can Canonical, as a commercial entity, distribute the software? What about Debian, as a non-profit but using mirrors hosted by for profit entities? Can I pay someone to help me set it up?
I don't want to say don't try because with enough work maybe you can make it happen, but it's not going to be easy and it's going to take more than a few revisions.
re: Fedi Meta
@irl @parastat I'm not saying its finished or perfect, that's why I'm taking your input and revising it further. I would appreciate **positive feedback** however, rather than screaming "oh no!! that couldn't possibly ever work!!" despite the fact that a large portion of this license has seen legal review before.
Also: If you don't think I'm scaring of mega corporations and are aware of Google's relationship with the AGPL I would point you there, because yes, it actually does work. Not only is this AGPL based, but it is far scarier. It might already be on internal blacklists.
Canonical and Debian can package things with the NPL, just not the CNPL and that is a deliberate choice on the part of the project, I would encourage you to read the page I linked you because it is explained there.
re: Fedi Meta
I think a key factor in this being successful is going to be whether you have the ability to revise the license. This was an issue with Linux where it was not possible to upgrade to GPL v3, original contributors held the copyright and getting permission from all of them is hard.
At this early stage, it should be the default that the "or any later version" part is added otherwise projects might get stuck. It should be clear that "or any later version" does also allow you, as the author, to remove all the ethical restrictions and essentially make the text read as a BSD/MIT license. That license grant essentially hands you the power to relicense any project in any way you like.
These would only be changes to the plain English explainer page, not to the license text, so wouldn't need a new revision.
(I didn't understand what is meant by the "license URI" but maybe that's another page I haven't looked at.)
re: Fedi Meta
https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ is where most of my copyright nightmares, and terminology, have come from (trying to work out if we can distribute sources, binaries, can we do automated builds, run CI, link with other libraries, ship static binaries, give the package the same name as the upstream had, etc etc)
License questions
@thufie Well, since you're in the thread I figured I'd ask a question on something the human-readable page is not clear about:
Can you define "Adaptation" and "Collection" in a human-readable way? More specifically, how this relates to a theoretical library or dependency that would use this license?
License questions
@KS an adaptation is just a modified version of the original work defined in a very general way to try covering a lot of scenarios on how something could be modified.
collection is a reproduction on the original work somewhere it is being displayed an an entry in a descriptive series, like an encyclopedia page or a top 10 listicle, and that exists in the license because in that situation the same license being applied to an entry like that doesn't make sense so it has to be exempted.
Collection never comes into play in the context of software, its there more for creative works like artistic pieces (not software) licensed under the NPL or CNPL.
Fedi Meta