Børge
How come people don't seem to have any issues with selecting an e-mail provider, but selecting a #fediverse provider is really hard?
I feel like one of the answers might be that e-mail providers are companies, which might seem more professional and detached from what you do specifically, while fediverse providers seems more like individuals, often referred to as chieftains/local kings in Norway at least, which seems less stable and feels like they might be more up in your business. Thought?
Børge
Also consider how you're met when you are checking out potential e-mail providers. These are the front pages of a few you can choose from:
Børge
Compare that to what you see when you're considering fediverse providers:
Børge
Although, to be fair, we do also have pages like this, of course! These are pretty great.
Børge
@kdund Yes, this is a very good point! This is also an issue if you're linked to one specific post, instead of a front page, but still, in those instances, it's hard to see how all instances could look meaningfully different, but still cohesive. Maybe one solution is that you always have to write your full username to log in, and that will be used to see if you're trying to log in on the right page, and if not will send you to see that same post trough your actual instance?
Knut Morå
@forteller the latter is in itself a huge problem-- they look the same! How can you tell if they are different instances? People who have been here a few months will see it quick, but how do you tell new people that only _one_ of these similar looking pages (that you might get to clicking on a link from your friend!) is the one you should log into?
Børge
@kdund Store the login, you mean both your username and password? It seems like it's becoming more and more normal for login pages to first ask for your username and then for your password. Not sure why, but for us it might be useful, as you could fill in your full username first, and only be asked for your password after being redirected (if needed). Of course this relies on the page actually redirecting you, not just pretending to, hoping the victim don't notice that the URL didn't change…
Knut Morå
@forteller that works only to the extent you trust other instances to not store that login, I guess-- I still consider it a strong antipattern at best.
Børge
@kdund Yeah… I agree… Fuckit, why does everything have to be so hard!?
Knut Morå
@forteller right, unmalicious servers are not malicious, but the whole concept is training users to be more susceptible to be spoofed (you get used to dozens of pages looking like yours, you get used to being redirected to the home server of the user etc etc)
It is inherently not a safe thing, and I do not know what can be done to make it less so (training or blaming the users is not it)
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.