So I briefly touched on this in the blog post, but to expand a little... ATProto provides significantly more "batteries included" than ActivityPub in my view - if you use ATProto, it can handle both authentication and identity management, and effectively act as your back-end and CRUD operations (eg, oauth with your PDS, and then write/read from the network for your object creation based on your Lexicon).

ActivityPub, based on my understanding, really doesn't work like that - while you an oauth with your mastodon account, the expectation is you'll be handling identity and back-end bits, and then sharing events across the network (happy to be corrected).

Part of what kicked this off is seeing ATProto's new devrel person at a meetup and finding their vision pretty compelling.

But yes, ActivityPub is more "robust" and decentralised (hence also jankier)

https://andreasthinks.me/posts/octosphere/octosphere.html

It's for more than publishing, it's for science, which involves people collaborating and communicating

One of the biggest reasons I still prefer to root my phone is to use acc https://github.com/VR-25/acc. It's criminal that you have to root to run code that reduces charging speed or shuts the phone down automatically. I have it shut down at 20% and charge to 80% except when I know I will need to be out for an extended period without a charger.

Despite the opt in limitation, I wonder if this interop capability will allow a bridge that doesn't require you to install whatsapp apk on a real device (unfortunately signal has the same problem). I fortunately kept an old android whose sole purpose is to keep these 2 apps installed. Not ideal, but works well.

Even better if we could ditch the phone number requirement. Many have said to me things like "I use whatsapp not SMS because I am not American", but of course everyone on WhatsApp uses SMS. To stay logged into WhatsApp you necessessarily must have an SMS enabled non-VOIP phone number that you are regularly paying a telecom provider for to receive auth codes.

If this is true, why not make all data of any kind public? Let's level the playing field.

Apple of course does an emormous amount of b2b.

What you cited is for data on a device that was turned off. Not daily internet connected usage. No one is saying you have no protection at all with Apple, it is just very limited compared to what it should be by modern security best practices, and much worse than what can be achieved on android and linux.

> much worse than what can be achieved on android and linux.

* Certain types of Android

Mullvad is nothing like Apple. For apple devices: - need real email and real phone number to even boot the device - cannot disable telemetry - app store apps only, even though many key privacy preserving apps are not available - /etc/hosts are not your own, DNS control in general is extremely weak - VPN apps on idevices have artificial holes - can't change push notification provider - can only use webkit for browsers, which lacks many important privacy preserving capabilities - need to use an app you don't trust but want to sandbox it from your real information? Too bad, no way to do so. - the source code is closed so Apple can claim X but do Y, you have no proof that you are secure or private - without control of your OS you are subject to Apple complying with the government and pushing updates to serve them not you, which they are happy to do to make a buck

Mullvad requires nothing but an envelope with cash in it and a hash code and stores nothing. Apple owns you.

This comment confuses privacy with anonymity.

Anonymity is an inherent measure to preserve ones individual privacy. What value did you intent to add with your remark?

Anonymity is a critical aspect of privacy. If you cannot prevent your name being associated with your data, you do not have real privacy.

Not for all points. And not being anonymous means your identity is not private...

Agreed on most points but you can setup a pretty solid device wide DNS provider using configuration profiles. Similar to how iOS can be enrolled in work corporate MDM - but under your control.

Works great for me with NextDNS.

Orion browser - while also based on WebKit - is also awesome and has great built in Adblock and supposedly privacy respecting ideals.

There are a million legitimate reasons to root a phone (e.g. preserving the battery to minimize e-waste, blocking malicious trackers often allowed by Apple and Google, innovating on the UI, etc.). Apple/Google/Microsoft are run by uninspired, uncreative, and immoral people, and there is a world of innovation and forward thinking we lose out on by letting them rule our tech.

The bank thing is a much rarer problem than people make it out to be. We should challenge and boycott any problematic banks as much as we can https://community.e.foundation/t/list-banking-apps-on-e-os/3...

Ok so now we’re not only boycotting Apple, we’re boycotting banks as well! Seriously, Apple can and should fix this issue without having to retort to misery for everyone.

Apple could release a statement reassuring people that no one will be locked out of their account for redeeming any gift card going forward. We have collectively forgotten that companies have stopped talking this way. That’s what we need to change.

I mean, yes, absolutely. I don't have a count limit on my boycott list. I won't be holding my breath for empty promises from corporate. We need to build systems that assert user sovereignty and prevent abuse, not wait around for evil people to do good things.

Any libraries you recommend? Do you host a dedicated relay for your own apps?

I've tried some of the libraries for Java, didn't like the way the author programmed them so just ended up using the most relevant part which was the NPUB/NSEC key pair generation and the function to verify signatures on the JSON messages.

The rest of the protocol isn't difficult since you basically just need to send JSON back and forth. The advanced options are complex but they're basically exotic cases for the most part.

I've enjoyed NOSTR a lot but feel that the definition of "relay" has been lost in recent times and NOSTR relays are today a set of huge servers that host data and act as databases, rather than the original goal of just connecting people in P2P style.

For my apps I'm developing a platform where relays go back to the original definition of "relay" and devices connect to each relay as a connecting bridge to engage in P2P between themselves using webRTC and bluetooth.