Be wary of Bluesky

> At every layer, the answer is "anyone can run their own." At every layer, almost nobody does.

And at every layer except for maybe the PLC directory, there's nothing stopping anyone from fixing that “almost nobody does” problem. The fact that such a thing is even possible, and that it's seamless to move from one to the other, gives ATproto a massive leg-up compared to even other federated systems, let alone its non-federated predecessors.

Yeah I’m the guy quoted in the opening of the article.

Yes. Be wary of Bluesky. That’s our whole point. Run the infrastructure on your own. Build separate companies.

Most of the complaints here are just about the cost of scale. You are able to fetch the whole network and its history, and that costs time and money. The only structural centralization is PLC, which is being factored into an independent org.

When reading any essay about the perils & merits of Bluesky's architecture, save yourself some time by searching for "Blacksky" in the post. If they don't address Blacksky, more than likely the author's understanding of the space has major gaps.

(Blacksky is the/one of the furthest along in building competing versions of each part of the AT proto stack.)

> That's the same argument people made about Twitter. "If it goes bad, we'll just leave." We know how that played out.

Yeah, it played out with my whole social circle leaving, as evidenced by the fact that all my friends link me to the bluesky post whenever there's something happening now.

I might be misunderstanding something about atproto, but isn't it always possible to export data from bluesky because all it takes is reading your data, which is done by any app interacting with your pds anyway? If they block that, they're blocking atproto functionality entirely, no?

It’s easy to get caught up in the excitement of a fresh social graph, especially when the migration feels so organic. However, the author makes a poignant point about the inherent tension in building a protocol while simultaneously acting as its primary, VC-backed gatekeeper.

The real test for the AT Protocol will be whether it can truly decouple from Bluesky PBC before the pressures of monetization or an exit strategy kick in. Right now, we’re benefiting from the "honeymoon phase" of a platform that needs growth more than revenue, but history suggests that the bridge to true decentralization needs to be fully built before that dynamic inevitably shifts.

> At every layer, the answer is "anyone can run their own." At every layer, almost nobody does.

But people do and it is reportedly fairly easy so the majority of people are on Bluesky's layers while all is well. But also I don't understand why any of this is a reason to be "wary", it's a great place to be with some unique technical properties - it is way more "open" than any other platform of similar scale.

"Find me online Nostr Twitter YouTube"

Sounds like he was worried so much he left Bluesky already.

> Email is an open, federated protocol. Anyone can run a mail server. In practice, running your own mail server is painful.

Wizards can be difficult to develop and maintain. Writing a working, useful, functional, robust, informative, environment-agnostic, and re-entrant script (or GUI/TUI) can take scads of effort. Now that LLMs abound, much of that grind is quickly solved. For example, here's a vibe-coded script that to get dovecot, postfix, and virtual users set up on my new server with mailboxes copied from an old server:

https://autonoma.ca/mail-setup.txt

To vibe code it, the prompt included content from:

https://xtreamsolution.net/complete-email-server-setup-tutor...

After a few kicks at the can (run script, capture errors, feed errors to LLM, repeat), it finally configured a working system. Reviewing the script, yes, it's beyond painful. It doesn't have to be, though; the authors of complex software could produce similar guided installers.

Site is down at this moment.

Archived: https://archive.ph/PsTrp

Bluesky is architected so you can export your data and follows and followers to your own or someone else's infrastructure at any time. There are some groups that have taken that offer and moved off of Bluesky's infrastructure (see Blacksky). The fact that most people aren't doing that is a sign that people are happy with how Bluesky-the-company is running things. What's the issue?

>> You can self-host a PDS. Almost nobody does.

Who would've thought true decentralization means everyone hosting their own server? Yes, each user would have to pay and maintain it, but that's the cost of decentralization. ATProto at least makes it easy to jump ship if shit hits the fan and not have to start from scratch. Try doing that with Twitter/Instagram/Etc.

"That's the same argument people made about Twitter. 'If it goes bad, we'll just leave.' We know how that played out."

Yeah, I left.

(And in fact I am wary of all social media.)

> That's the same argument people made about Twitter. "If it goes bad, we'll just leave." We know how that played out.

But they migrated to Bluesky, right? So it played out fine?

Bluesky's behavior here isn't surprising.

They already ban signups using email aliases, and apparently block alias emails to their unban support address too.

Official Bluesky is the worst online echo-chamber I've ever seen.

There are specific steps Bluesky could take to decentralize the network. These are going to sound extreme but I agree with the article that it will never decentralize on its own. (Nothing will ever decentralize on its own so this isn't a criticism of Bluesky specifically.)

1. Strongly encourage backups.

2. Force users to migrate off the "official" PDS until it has less than, say, 40% market share.

3. Make the mobile apps use third-party relay/appview by default (could be randomized).

There doesn't seem to be a timestamp associated with this article, but it is based on outdated information.

With all the talk of LinkedIn’s problematic verification process and potential issues with Persona verification service being linked to Peter Thiel, I wonder why a social network like Bluesky couldn’t replace LinkedIn. What would it take?

True p2p is the only approach that will work, not federation. I'd go futher and make the protocol high-friction for federation.

It's true that many p2p attempts have failed, but it's also the only solution that doesn't require someone running servers for free. There's evidence of success as well: napster (and bittorrent). Both were wildly successful, and ultimately died because of legal issues. It might work when the data is yours to share.

This never-ending whining about oooh but my data ... for a service that you can use for free is nauseating.

This is a for-profit company running this service. It ain't free to operate.

If you don't like that, go elsewhere.

If there is one thing that has been a resounding success on the internet it is this: free services that you pay for with your clicks. Just look at the plethora of free services you get.

In no other economy would that be even remotely possible.

Bluesky isn't my bank records, isn't my photo archive, isn't my github, isn't my Documents folder.

I don't care if Bluesky goes away, gets bought, whatever.

Social media is disposable like a retail outlet. I'm sad if the coffee shop around the corner goes out of business, but there are 99K coffee shops in the US. I can go to another one.

As it is, I don't use Meta or X.. because they're led by despicable beings. Bluesky gets a pass for now, and has enough interesting people that I show up and have a chat. Like a coffee shop or a bar.

> If an acquirer disables exports, it doesn't matter that the tools existed yesterday.

Don't they have to give you your data upon request? And the cheapest way is to offer an export function? Wasn't this thanks to the EU (GDPR Article 20)?

If anything gets too popular too quickly, I just assume it's a PsyOp. That kind of growth requires extensive media coordination and big money. If you're not paying for a product, then you are the product. As sure as gravity.

Good points, but what's the alternative at this point?

Because of network effects, more users is generally more interesting. Blue Sky has "enough" at this point for me to be happy there. Programmers like antirez, my bike racing people like inrng, my city's mayor and one of our city councilors, and also a bunch of urbanists.

Edit: you lose some connections moving around, but I've also had friends I've known since the days of IRC. I think I'm mostly resigned to picking whatever works best in the moment and being willing to move (like abandoning Twitter) when it's not working.

I've never looked at the AT Protocol before. It seems like you could have achieved most of that with existing DNS, HTTP and RSS implementations. All they really needed was some file formats and some well known URL schems and all of this could have been far easier to implement and deploy.

For more atproto, see their recently redesigned homepage https://atproto.com/blog/new-site-2026

[dead]

[flagged]

(Throwaway account.)

Several people have mentioned that "you can just own your own data, so that's enough, right?"

Interoperating with Bluesky requires you to either 1) opt into the did:plc standard, which is a centrally controlled certificate transparency log, or 2) have all your users create did:web accounts by manually setting DNS records.

So it is not possible to build on Bluesky at all without opting into this centrally controlled layer. This original post covers this, but maybe not in enough detail to stop commenters from missing the point.

Bluesky the company controls 95%+ of PDSes in the system, which control users' private keys, and they're extending PDSes to include more functionality that prevents users from easily exiting the network, e.g. private data is being implemented in a way where Bluesky LLC can see all your activity. The protocol changes often and with limited community input.

This is being done because "there are no other ways to do it" and "our users are okay with it". The community does pretty consistently attack people who dissent (e.g. look at what happened when Mastodon leaders objected). There's a lot of cheerleading for people who do opt into the system, and there's really no incentive for informed criticisms.

It's not really decentralized or neutral infrastructure; it's a great network for a number of specific subcultures who have a nice space away from X, and I hope the team embraces that.

It's good FUD. You re-iterate their talking points. (Also, no CTA, no takeaway, just "worry!")

As others have said, the data has to be publishable to be useful. We do have data export laws. The format is known to be ready to use interoperably, not some private schema--atop the PBC commitment, which will at least have moderate legal costs if not a guarantee. It has unequivocally set a new high bar.

They seem pretty locked in to doing what they committed to. The day may come when they turn. It may come first by friction, but the turn has to be pretty complete, because the data is pretty open. What's needed to view it, use it at all, is pretty close to what's needed to host it.

"The site whose value prop is sharing your posts and data with other apps may stop sharing your posts and data with other apps." Yeah, it's possible. It's also possible they just close.