[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [autonomo.us] pumped
|
From: |
Kuno Woudt |
|
Subject: |
Re: [autonomo.us] pumped |
|
Date: |
Fri, 12 Jul 2013 13:47:35 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130510 Thunderbird/17.0.6 |
Hello,
On 07/12/2013 01:17 PM, MJ Ray wrote:
On 12/07/13 02:13, Mike Linksvayer wrote:
As of yesterday (2013-07-10) identi.ca is running
[pump.io](http://pump.io). Congratulations to
[Evan](http://autonomo.us/2013/06/07/3-notes-from-evan-on-mitigating-mass-spying/).
Congratulations? Why? identi.ca is now cut off from other free software
services and seems to put its users at risk of mass spying.
How does it put users at risk of mass spying any more than StatusNet did?
I was an identi.ca user. I've lost access from my clients (which I also
use for friendica) and the identi.ca web page has a "Get Started" button
which replies with a 403 error saying that registrations aren't allowed.
There's no login link.
The login link is in the top right of the page, which indeed goes to
https://identi.ca/main/login .
I've seen reports (which I've not yet confirmed for myself) from my
friendica network that pump doesn't work without allowing Google API
JavaScripts from googleapis.com permission to run: that seems like an
easy way into the mass spying net, don't you think?
The software does not require this, but the software as it has been
configured on identi.ca does. You can run your own server and disable
CDNs (it is on by default, which I think is a bad default).
I think it's also worth noting that supposedly the web interface is
"just another client". Everything the web interface can do is exposed
through the API, so someone else could come along and write a different
web interface which doesn't use any javascript.
Given what a great example identi.ca was for autonomous services, I feel
this is all really disappointing.
Given how difficult OStatus was to develop for, I feel pump is really
exciting. We have a much better chance now that other applications and
websites will integrate with pump.io. Once you get past the OAuth parts
(which is not specific to pump.io), the protocol is easy to understand
and work with.
The one thing I am disappointed about with pump.io is how incredibly
frustrating and difficult it is to deploy in a sensible manner (so
behind a webserver like nginx).
-- kuno / warp.
- [autonomo.us] pumped, Mike Linksvayer, 2013/07/11
- Re: [autonomo.us] pumped, Kuno Woudt, 2013/07/12
- Re: [autonomo.us] pumped, MJ Ray, 2013/07/12
- Re: [autonomo.us] pumped,
Kuno Woudt <=
- Re: [autonomo.us] pumped, MJ Ray, 2013/07/12
- Re: [autonomo.us] pumped, Kuno Woudt, 2013/07/12
- Re: [autonomo.us] pumped, MJ Ray, 2013/07/12
- Re: [autonomo.us] pumped, rsiddharth, 2013/07/12
- Re: [autonomo.us] pumped, MJ Ray, 2013/07/13
- Re: [autonomo.us] pumped, rsiddharth, 2013/07/14
- Re: [autonomo.us] pumped, MJ Ray, 2013/07/14
- Re: [autonomo.us] pumped, Kuno Woudt, 2013/07/14
- Re: [autonomo.us] pumped, MJ Ray, 2013/07/22
- Re: [autonomo.us] pumped, John Sullivan, 2013/07/22