• Jhex@lemmy.world
    link
    fedilink
    English
    arrow-up
    41
    arrow-down
    5
    ·
    7 days ago

    As predicted… And people piled on me here when I question why they were falling head over heels over bluesky when it was yet another techo bro platform

      • Jhex@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        7 days ago

        This was more a Twitter vs BlueSky comparison… not against Lemmy, not sure I understand your comment

        • Chakravanti@monero.town
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 days ago

          They’re against themselves. Lemmy is the closest thing. I heard there might be a similar choice being built but I don’t give too much of a shit because I never used any of that twatter shit.

    • LiveLM@lemmy.zip
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      6 days ago

      I noped out the second I heard Dorsey was involved. Don’t care he isn’t anymore, it got the Techbro ick! Eurgh 🤢

  • TCGM@lemmy.world
    link
    fedilink
    English
    arrow-up
    37
    arrow-down
    7
    ·
    7 days ago

    This is not enshittification. Many other knowledgeable users who actually know what they’re talking about have explained why.

    • Polderviking@feddit.nl
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      2
      ·
      edit-2
      7 days ago

      I’m very curious what these knowledgeable users say.

      Rule 1 of the internet is “check the link before you click” and these man in the middle forwarding systems make that impossible.

      I have a different association with “enshittification” but I definitely don’t support this change because it’s a security problem, you’re totally dependent on their moderation to keep you from clicking sketchy links.

          • spoopy@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            1
            ·
            7 days ago

            It’s not for bsky to log clicks…??? They can already do that without doing this bounce link because you’re using their app??? Like folks are we really doing this?

            It’s for external websites to know that the click came from bsky. (E.g. if you click the link from the bsky app, without this trick it would like you just typed the URL in, since apps don’t provide a referral header)

      • Pup Biru@aussie.zone
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        7 days ago

        “check the link before you click” and these man in the middle forwarding systems make that impossible.

        generally not true… the link href (the thing the browser shows to the user) would be the original link… bsky hijacks the link with an onclick (or similar) handler so you can see where you’ll be taken before clicking

    • orcrist@lemm.ee
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      3
      ·
      7 days ago

      It’s not exactly enshittification yet. The service still mostly works. But it is an attempt to build a wall around the garden.

      Fuck walled gardens. That shit got old years ago. At least with FB you could pretend you didn’t expect it. Maybe. If you’re oblivious, at least.

  • Squizzy@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    ·
    7 days ago

    What is wrong wth a fucking discount code to show where you hot the referral.

    I refuse all cookies everywhere and the internet works just fine.

  • JokeDeity@lemm.ee
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    7 days ago

    I’ve given up trying to save people from obvious traps. They refuse to listen and they refuse all data.

  • ThomasCrappersGhost@feddit.uk
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    2
    ·
    7 days ago

    Bluesky has been doing enshitification since it didn’t mind having that transphobic man on their platform, as far as I’m concerned.

        • trashgirlfriend@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          7 days ago

          Ideally people funded.

          Honestly not much of a functional difference between modern states and corporations.

          States just do their best to pretend to be democratic while also being mechanisms of control and furthering the siphoning of all material wealth to the rich.

          Yes even the social democratic states work like that, and it’ll get way more obvious soon.

          • Sauerkraut@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            6 days ago

            The state is publicly funded, but yeah, it is better if the public can solve a problem without the state or without oligarchs like Elon involved.

  • chapien@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    7
    ·
    6 days ago

    Yeah, this is why BlueSky’s openness is always only to a point. I will say it’s probably not as bad as some are making it out to be, but it’s definitely not something you want to see from a platform purporting to be open. Fortunately this is only a BlueSky thing and not the entire AT Protocol… but at this point, the AT Protocol and BlueSky are inseperable. I mean, are there even any other AT Protocol sites?

  • tteok@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    3
    ·
    7 days ago

    As someone who ran a popular link shortening platform let me tell you how difficult it is to curtail spam links.

    This is likely a way to warn users before being forwarded to fraudulent websites that a link has been marked as spam.

    There are many other use cases for this redirect as well but this is the most obvious for user safety.

  • hikaru755@lemmy.world
    link
    fedilink
    English
    arrow-up
    129
    arrow-down
    5
    ·
    8 days ago

    This has absolutely nothing to do with enshittification. Bluesky doesn’t need that redirect to know what you’re clicking on. You’re already on their platform, they can already track every single click that you do while on Bluesky including navigating to outbound links. I’m a bit shocked that nobody here is calling that out to be honest

    • tauren@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      7 days ago

      A centralized platform did something? Must be bad. The post title primes that reaction.

    • Lena@gregtech.eu
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      3
      ·
      7 days ago

      I don’t think that is true, iirc you can’t track simple clicks on HTML a elements.

      • dev_null@lemmy.ml
        link
        fedilink
        English
        arrow-up
        9
        ·
        7 days ago

        With JavaScript you can track your precise mouse cursor movements. Many analytics products even offer that as an “session replay” feature to check how a user moved their mouse, or to see heatmaps of where people are pointing to.

        Tracking actual clicks is obviously much more trivial.

      • hikaru755@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 days ago

        Yes, you absolutely can, and it’s super simple. Click listeners are one of the most basic things you can do with JavaScript, and there’s nothing special about a elements that would make them not work. The only way to stop it from the user’s side is to disable JavaScript in their browser, but that comes with the downside of the majority of websites and apps just plain not working anymore.

    • sniggleboots@lemm.ee
      link
      fedilink
      English
      arrow-up
      8
      ·
      7 days ago

      I don’t know much about how any of this stuff works, so these are honest questions in good faith. But how did Bluesky know, before this change, that I clicked a link? Am I not just telling my browser to visit a website? I don’t really understand how it’s different from me copy-pasting the URL manually.

      • hikaru755@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        ·
        edit-2
        7 days ago

        Am I not just telling my browser to visit a website?

        Well yes, but actually no. You are clicking on a link, which, by default, will make the browser visit the website behind the link. But the website that shows you the link can have Javascript code in it, which runs in your browser and can, among other things, “intercept” clicks on anything and change what the clicks are doing.

        This is how this redirect is happening in the first place. The links on Bluesky still point to the correct target site, but when you click one of them, JavaScript jumps in and changes the target of the navigation to the redirect domain. This is not necessarily to deceive you, it’s actually a good thing that you can still check the website you’ll end up at before you click, and you can still do things like right-click to copy the link manually this way.

        That means that even without the redirect, JavaScript could for example not change the navigation target at all, and just send a tracking event to their servers in the background to let them know you clicked the link. This is how it works for most websites that use analytics. For the normal user this is totally invisible, and this is why I’m saying that bsky doesn’t need the redirect to track you. They could do that in a much less obvious way already. And for all we know, they probably are already doing that, as their privacy policy explicitly states that they can collect usage data like what links you click on.

        All of this is pretty standard for any commercial service on the web, btw - knowing what your visitors/users are doing makes it much easier to see where your app might be having issues, what features need to be focused on to be improved, etc. It only gets shady if that data is also used for marketing or sold to third parties. And, to be fair, bsky’s privacy policy doesn’t really prevent them from doing that as far as I can tell. It’s just that all of this was already the case before the redirect, so it’s very unlikely that this specifically is suddenly a sign of oncoming enshittification.

      • Takumidesh@lemmy.world
        link
        fedilink
        English
        arrow-up
        19
        ·
        edit-2
        7 days ago

        The same way that they know that you clicked on literally anything on their website.

        It’s foundational to how the modern internet works (more specifically JavaScript)

        For a more visual example, let’s say there is a button that makes an animation or changes color when you hover over it.

        That is happening because of code running in your browser that was written by the website that served it to you, in order for the button to know to change, the code must know where your mouse is and if the mouse is hovering over the button.

        Your browser, emits ‘events’ which the JavaScript code is able to interact with, these are things like keystrokes and mouse actions. The JavaScript running on the page can very trivially record these actions.

        Every single way you interact with a website can be tracked, here is a commercial product that specializes in complete session recording (in theory to see how your users interact with your pages to make improvements: https://mouseflow.com/platform/session-replay-tool/

    • OscarRobin@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      7 days ago

      Indeed. I have no doubt that BlueSky will eventually enshittify given that they are not truly non-commercial, but this is not an example of such a thing.

    • Ricaz@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      7 days ago

      So why?

      Facebook does the same, even in their own in-app browser to keep tracking you.

    • flamingos-cant@feddit.ukOPM
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      9
      ·
      7 days ago

      Just because they have other means of doing link tracking doesn’t mean they aren’t using this link proxying to track stuff.

      • hikaru755@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        7 days ago

        I mean… Sure? They might, or they might not. My point is that pointing to this change as a sign of enshittification doesn’t make any sense, because it’s not changing anything about how they can track and exploit you. There’s nothing there to suggest that this is related to a change for the worse regarding enshittification.

        If you want something to point to, take their privacy policy that allows them to collect your usage data and possibly use it for marketing purposes, not a random feature that likely has nothing to do with this.

  • henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    123
    arrow-down
    9
    ·
    edit-2
    8 days ago

    So much for the claims I read that it would be a more open platform. I can’t see how this possibly benefits the users.

    The product is not open source and it is mainly controlled by a company through its servers and proprietary components. They own it. Even if they use some open protocols. They are about as open as OpenAI — they are not.

    • vaguerant@fedia.io
      link
      fedilink
      arrow-up
      63
      arrow-down
      2
      ·
      8 days ago

      This is technically incorrect (the best kind of incorrect?). Bluesky is open source, with the exception of the discover feed algorithm, which they claim must remain secret to prevent it being manipulated. There are open-source replacements for that feed available, so it’s open enough that it is theoretically possible to spin up a Bluesky replacement, albeit impossibly expensive.

      Coming at it from another angle though, the product in any commercial social media product is you, so in that sense you’re right: the product is not open source. Either way, open source code is not some panacea that erases all risk of commodifying its users. Bluesky is a great example because while it is open source, that in absolutely no way prevents them from tracking their users.

        • vaguerant@fedia.io
          link
          fedilink
          arrow-up
          25
          ·
          8 days ago

          It’s kind of complicated. Bluesky doesn’t do anything the way the fediverse does, so a PDS isn’t a full instance, it’s just the way that your personal account interacts with the Bluesky service.

          An analogy I used in another thread about Bluesky got way too complicated, but my starting point was that if Bluesky is a swimming pool, then hosting a PDS is bringing your own personal bucket of water from home. Ultimately, you’re still feeding it all into the one big pool that Bluesky owns, at least until somebody else builds another swimming pool (puts up the money to host a fully-fledged Bluesky replacement service) and you take your bucket over there.

          On its own, the PDS doesn’t really do anything without the rest of the infrastructure behind it. You can’t go swimming in a bucket.

          • LeninsOvaries@lemmy.cafe
            link
            fedilink
            English
            arrow-up
            14
            ·
            8 days ago

            Bluesky is a trailer park. A PDS is a trailer. You can take it somewhere else, but you need somewhere to park it at night, and right now the only option is Bluesky.

          • Kichae@lemmy.ca
            link
            fedilink
            English
            arrow-up
            8
            ·
            8 days ago

            Yeah. Bluesky works way more like how people seem to imagine the fediverse does, with PDSes being glorified dumb terminals accessing a (functionally, if not forever technically) centealized pool of content. Hosting a PDS is just shouldering some of the cost of BS’s last mile.

          • Sl00k@programming.dev
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            2
            ·
            8 days ago

            This isn’t necessarily a bad thing though, it removed the complexity behind instances and federation which is primarily the reason mastodon didn’t see mass adoption.

            • Arcka@midwest.social
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              1
              ·
              8 days ago

              It isn’t federation, since not all nodes in the system have equal power (control). There is still a central authority that controls what the inferior nodes can do.

              Contrast that with email servers where you can send a message from one server to another without a more authoritative node as a required middleman.

              • Sl00k@programming.dev
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                2
                ·
                8 days ago

                Claiming it’s a central authority when anyone can run a relay is a little disingenuous.

                • Arcka@midwest.social
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  arrow-down
                  1
                  ·
                  7 days ago

                  Is there a list of all the relays and appview servers run by other people for the community to use? I looked for one, but could find no evidence that others have actually hosted instances of these components for real use.

        • irelephant [he/him]🍭@lemm.ee
          link
          fedilink
          English
          arrow-up
          10
          ·
          8 days ago

          A pds can do a lot more than people suggest, but its not very effective.

          Essentially, atproto has three distinct parts:

          • A PDS, stores your posts, user, and handles authentication
          • A relay, crawls every pds, and creates a “firehose” of data to build stuff with
          • An AppView, an app built with data from the relay. bsky.app is an appview, flushes.app is another. whtwnd.com is a blogging appview

          The relay is the main “centralised” part of the network, but its possible to use the network without it. whtwnd, for example, crawls PDSs directly, without a relay.

          There’s more to it, but thats the basics.

      • jaybone@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        ·
        8 days ago

        There’s nothing to prevent someone from spinning up a lemmy or mastodon instance and tracking users either.

          • jaybone@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            8 days ago

            Most likely. That’s if people knew about. You could do it secretly.

            Though I wonder if you were open about it, if people would accept it. Just say “hey, this instance doesn’t ask for donations, but we track and sell your info.” Maybe some users would be okay with that.

            • irelephant [he/him]🍭@lemm.ee
              link
              fedilink
              English
              arrow-up
              6
              ·
              8 days ago

              they can’t sell your info (from remote instances) without you agreeing to a privacy policy. Now, that most likely wouldn’t stop them, but it makes it harder legally.

              • jaybone@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                ·
                8 days ago

                Remote instances won’t have your IP or email, and other usage trend data. So that info could only be obtained by this hypothetical tracking instance. As for any remote content on other instances, that can just be scraped by anyone. You wouldn’t even need an account or instance to get that data.

    • Pup Biru@aussie.zone
      link
      fedilink
      English
      arrow-up
      23
      arrow-down
      1
      ·
      edit-2
      8 days ago

      you’re right that this is likely to be used for tracking crap, but i wouldn’t write off the concept as only for that

      for example, home assistant has https://my.home-assistant.io/ where you can set your home assistant URL and doc links (etc) link there, and then that site in turn automatically redirects to the correct place on your local home assistant

      this could be used similarly by the fediverse: imagine my.join-lemmy.org where lemmy instances you’re not logged into redirected you to, which then in turn redirects to your home instance… that way, links across the web to lemmy would automatically redirect to your home instance

      perhaps it’s not something that’s worth the trade off - centralising in some ways - but in federated platforms on the web it’s far from a write-off

    • UnderpantsWeevil@lemmy.world
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      1
      ·
      8 days ago

      So much for the claims I read that it would be a more open platform.

      There’s no profit in an open platform. You only build these things to mine data.

      • FauxLiving@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        8 days ago

        Exactly.

        It’s a for-profit company.

        They care about your privacy like McDonald’s cares about your health: if you have any left then they’re not squeezing cash from you hard enough.

        Talk to friends on Signal, invite your favorite The Atlantic reporter, use self-hosted or federated social networks.

        Expecting privacy on corporate owned social media is like expecting to become a royal because you went to Disney World.

        Don’t confuse the facade (social space for you and your friends/magical kingdom) with the reality (privacy stealing monetization factory/tourist juicer).

      • bishbosh@lemm.ee
        link
        fedilink
        English
        arrow-up
        6
        ·
        8 days ago

        This is further supported by the fact that story that they made more money selling their “fuck zuck” shirts or whatever, than they did in their actual money making strategies of selling unique domains.

        No VC investor is going to be okay with a merchandise company growth curve.

  • The_Decryptor@aussie.zone
    link
    fedilink
    English
    arrow-up
    99
    arrow-down
    1
    ·
    8 days ago

    They already know your IP address, you’re using their website/app.

    It’s either to track outbound clicks (And potentially block them if they’re harmful, YouTube and Steam do that), or a much more unlikely option is to hide the referrer from the target site (Since browsers have better ways to handle that now, but old ones don’t)

    • 4am@lemm.ee
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      2
      ·
      8 days ago

      Wouldn’t it be easier to just scan the original post for harmful links?

      • The_Decryptor@aussie.zone
        link
        fedilink
        English
        arrow-up
        36
        ·
        8 days ago

        Then you have to scan every single existing known post every time a new link is blocked, if you redirect it through a bouncer it’s a single endpoint to block any link, regardless of the source of the post (since bluesky is in theory decentralized)

        • Komodo Rodeo@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          8 days ago

          Interesting idea. Is that what devs & mods have commented about the system setup in update notes (if any?)? I’m not in web development, and not at all sure about what’s considered standard practice or new. Others seem to be commenting in a way that sounds as though they feel put out or deceived, but you’re saying it’s just a minor security protocol?

          • LeninsOvaries@lemmy.cafe
            link
            fedilink
            English
            arrow-up
            10
            ·
            8 days ago

            Could be that.

            Could be big data. If you click a link to furaffinity on Bluesky, this change means they know your account visited that website, and they know you’re a furry. So they sell that data to Fursuits-R-Us. Then Fursuits-R-Us buys some feed priority with furry users, and now you’re seeing a lot of posts about Fursuits-R-Us. Ta-da, that’s the magic of feed-integrated personalised advertising. You get marketed to, and you don’t even know it.

            You might think advertising fursuits is harmless. But what if The Heritage Foundation buy that data and that feed priority instead? Or what if a right-wing Twitch streamer just started a playthrough of Red Dead Redemption, so they pay Bluesky to promote their content to all accounts that are marked as politically naive Red Dead fans?

            This is how elections are bought and sold.

            • Komodo Rodeo@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              8 days ago

              No such thing as a free lunch, amirite? At least with the realization that your data is getting harvested like tuna by pirate fishing, you can purposely feed it bullshit to skew the metrics over time. If you want to get on the inside track of cheese sales, setup a program to search for cheese 1-3 hours/day during your time away from the terminal, and see how many sales of delicious brie/roquefort/edam/camembert/cheddar/emmentaler you get. Might as well get ads for delicious cheese wheels while you’re at it.

    • jmcs@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      4
      ·
      8 days ago

      So either they are solving problems the most common browsers are solving or they are tracking clicks to sell user data. Somehow the latter sounds more likely, especially since they have no reliable source of income yet.

      • The_Decryptor@aussie.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 days ago

        True, but at the same time it’s their app. They already know what profiles you’re looking at, what posts you’re viewing, and the images you view, knowing what links you’re clicking on is just another event handler.

    • brbposting@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      5
      ·
      8 days ago

      track outbound clicks (And potentially block them if they’re harmful, YouTube and Steam do that)

      Google & Meta & Discord doing the same?