Email or username:

Password:

Forgot your password?
Anil Dash

Really clear to me that the new web of fediverse + wasm + tailscale is moving very quickly towards something pretty amazing. As much promise as all the hype of “Web3”, but open, interoperable, and no ties to crypto scams. A lot of incredible things are going to be built across this surface area in the next few years.

92 comments
Jonathan Glick

@anildash Agreed. My only concern is that we find ways to bring in the kids.

Jonathan Glick

@peterbutler On their damn tiktoks and twitches and whatnot. :)

Jesse Kawell (he/him)

@anildash Feels more like Web 1.0 (or Web 0.1) more than Web 3.0, and that's a good thing.

emily

@anildash i saw the Web 2.0/Semantic Web/etc shipwreck itself upon the shoals of empty hype and corporate interference back in the 2000s, so i Want To Believe but cannot :<

CN=MFA_Everywhere,OU=BLM

@est @anildash it's a view of web 3.0 that I can actually get behind. One that is not just about the next monitization model.

Anil Dash

@est oh I totally understand, and have had my heart broken many times before. But I think we have a unique balance here of both geek compatibility and potential business value.

emily

@anildash maybe we can find the CEO of some influential web tech company to champion this sorta thing

Simon Willison

@anildash I don't think enough people have realized how incredibly valuable the robust universal sandboxing provided by WASM is going to be

I genuinely don't want to run code written by other people that's NOT in a sandbox at this point: even if I trust them, do I also trust them not to have written any bugs?

WASM to me represents the freedom to run code on my machines again!

Anil Dash

@simon and the other extraordinary thing is it enables the consistency and reliability of environments that’s one of the biggest advantages of the native mobile platforms (or even gaming consoles) without the negatives of the App Store model. There’s just so much potential there.

Simon Willison

@anildash absolutely, it really does deliver on Write Once Run Anywhere

🇺🇦 Maksim Lin 💙

@simon @anildash But we already have that with the current Web+JS. What's missing is actually access to all the APIs that only "native" apps via app stores are allowed to use and Apples recalcitrant bevahiour with Safari on iOS is just helping maintain their walled garden.

stephen judkins

@anildash @simon it's one of those things that's not completely original, given that sandboxing and portable bytecode have existed in various guises for me years, so that people are going to bash it as hype-driven or valueless. But it's the combination of features, standardization, and broad adoption that's going to be its selling point

Anil Dash

@stephenjudkins @simon yeah, all of this stuff is the kind of wonderful tech that sort of slowly gestates for a half decade or so, being dismissed as too early, or too familiar, or not “enterprise” enough or whatever. And then suddenly it’s everywhere.

Earthperson Ryan :lvtbq2:‌

@stephenjudkins @anildash @simon I started using WASM for something at work recently and it's freaking wild. I am so ready

Mike Garuccio

@stephenjudkins @anildash @simon this was the refrain about docker too, particularly from the BSD community. But it nailed those three aspects and so adoption skyrocketed whether the haters thought it worthwhile or not. I’m really just becoming aware of wasm, particularly outside the browser, but it certainly feels like it’s got the same energy/momentum.

stephen judkins

@mgaruccio @anildash @simon yes. It was the standard that made it important, not the constituent technologies, which had been in Linux for quite awhile. I'm actually pretty annoyed that docker/OCI was the standard that took off, I think it could have been done a lot differently and better

Mike Garuccio

@stephenjudkins @anildash @simon yea it’s frankly a little weird that underneath all the declarative and immutable tooling that got built on top we have this imperative image build process that gets captured in a tarball with networking and storage defined at runtime.

But, that also made it easy to start using, and flexible for many use-cases. Which really drove the adoption piece of the puzzle (and nature of FOSS meant features followed that adoption)

Nicholas Weaver

@simon @anildash

I must admit I don't quite understand what WASM sandbox does right but JVM did not. It wasn't JUST the Java API was too insanely large, but there were plenty of JVM exploits as well. Is there a guide someplace why WASM hasn't repeated the fate of the JVM?

Simon Willison

@ncweaver @anildash I don't have a great solid answer for that, but the impression I've got is that WASM was helped by twenty years of lessons from the JVM and from browser development in general

Browser developers are really, really good at understanding the challenges involved in executing code from untrusted sources!

Nicholas Weaver

@simon @anildash

I think that may be it. The JavaScript JITs are insane, and that they aren't subject to more OMG breakages, and the browsers these days split the rendering engine per origin into a separate process (with all the process isolation on top), the browser folks have a lot of experience.

Also, I think WASM started much smaller, and the only outside world is through the JavaScript framework rather than direct probably helps too.

Anil Dash

@simon @ncweaver yeah i think the fundamental win is that it started much narrower, and the tooling and stack are more defined, instead of being a sort of under-defined mess. It’s much more opinionated by convention (if not necessarily by implementation) and that makes it a lot more accessible.

Simon Willison

@ncweaver @anildash I find it very reassuring that the browser security engineering teams at Google, Apple, Mozilla and Microsoft all felt WebAssembly was a solid enough spec that they were willing to ship it - and quite a few years ago at this point

Clark W Griswold until 25-Dec

One weakness in Java was JNI because at some point you have to get data in/out of real devices. If my webcam is some janky Costco $6 special, with a buggy, vulnerable terrible driver, does WASM protect me from malicious web pages that want to tickle my vulnerable webcam driver? Or is it just orthogonal? I.e. not WASM’s circus, so not WASM’s monkeys?

@anildash @simon @ncweaver

Nicholas Weaver

@paco @anildash @simon

I think they handle that by basically EVERY bit of I/O has to go through the JavaScript, so it isn't adding to that problem space.

Simon Willison

@paco @anildash @ncweaver WASM can only access your webcam via the existing browser APIs for webcam access, through a JavaScript bridge - so it's no less safe than if you were running regular JavaScript that could access the webcam

Fabrice Desré

@simon @ncweaver @anildash

I've been playing with safe WASM plugins for resource edition in @capyloon and one super-power is that the "host" code can check which functions are imported by plugins. That makes it possible to enforce eg. privacy policies or permission models.

Bayan Rafeh

@ncweaver @simon @anildash WASM is much closer to low level assembly than JVM bytecode, not to mention the outside world APIs are locked by default and secure.

The JVM is a fantastic piece of technology, just not good for cases where you need sandboxing.

aeva

@simon @anildash is it possible to write graphical applications targeting wasm to be ran outside of a browser?

aeva

@simon @anildash ok I looked it up, it's all cloud stuff I guess

Pär Björklund

@aeva @simon @anildash I'm thinking wasm will be a common plug-in format for all sorts of tools and possibly some game engines as well. It's not very exciting tech on its own.

Jodie Cunningham

@simon @anildash

It's definitely going to take a minute to be realized, but it affords a wealth of capabilities.

choffee

@simon @anildash which is all well and good until it ask for permission to access your location, camera and wallet to work. So now you are allowing random websites access to your device with no barrier or checks. One advantage of app stores or distributions is that there can be some management of the bad apps. Now your device can run software from anywhere you are relying on the discretion of a user as the only security check.

akgerber

@anildash any suggestions for reading about what's going on with tailscale/wasm?

Michael :mastodon:

@anildash "Tailscale provides open-source software defined mesh virtual private network software" oh god what is this

Anil Dash

@mykd you can make any of your devices or servers connect to each other in an easy and secure way. That’s transformative.

Michael :mastodon:

@anildash okay I'm in, as long as it allows me to configure firewall rules for its traffic 😉

Martin Atkins

@mykd @anildash last I checked, by default it connects only the specific devices running the client together such that they appear to be all on the same private network. You can optionally run a client in a mode where it will route out into your LAN to reach hosts not running the software, but that is opt in rather than default.

Martin Atkins

@mykd @anildash (and if you do it then it's really your OS kernel doing the routing from a tun/tap to your real network interface, so all the usual routing controls and packet filtering applies)

Sarah T. Roberts, Ph.D.

@anildash @danyork Haven’t felt this much hope about the innertubes in years.

ryan

@anildash but but but what about the poor VCs? how are they supposed to afford houses in the Palo Alto Hills if we don't let them turn everything into a crypto scam?

aeva

@youfoundryan @anildash don't worry about the VCs, tailscale is VC funded

Aaron

@anildash i think SQLite should be part of this too. It’s been around a long time but the new super powers it’s has with things like Litestream and such are super compelling.

Ben Lee-Cohen

@afarnham @anildash yes! SQLite is such a workhorse, and replication via litestream seems very interesting.

Patrick Foley

@afarnham @anildash sqlite is one of humanity’s unsung achievements - eternal thanks to Mr Hipp

Jesper Andersen

@anildash I’m confused by tail scale here. what does tailscale bring to this?

🇺🇦 Maksim Lin 💙

@Jandersen @anildash yes why tailscale? I know it is built on top of WireGuard, but tailscale itself is a proprietary product, so not sure how that relates to the openness of Fediverse?

JamesGecko

@maks @Jandersen @anildash The Tailscale clients are open source, and they’ve been coordinating with Headscale, an open source reimplementation of their closed source coordination server. You can use Tailscale as an entirely self-hosted stack, if you want.

etorreborre

@jamesgecko @maks @Jandersen @anildash what do you all think of using ockam.io instead of Tailscale to build secure connections?

Trees

@anildash There's so many developers writing inspired code because they're no longer living in the dark ages with work was always at risk of getting destroyed by a profit obsessed corporation changing their API to eliminate all their hard work. Imagine that? Hard work actually matters again? Kinda ironic how this all started when Elon was foolish enough to say he only wanted employees who were "hardcore" workers.

Martin Kelly

@anildash genuinely excited about the whole shebang

joy larkin 🌺

@anildash *Ahem* Personally, I can’t wait to see what people build with @zerotier in this new exciting space.

Keir Rice ⬢

@anildash what is tailscale bringing to the party?

(Genuine question asked from a place of curiosity)

KS

@anildash Nah-- I hate this platform most of the people I know not devs hate this platform -- web 3 is not going to happen has way too much friction.

Golda

@anildash is there a good white paper kind of thing to share on the architecture?

We've been playing with wasm evaluators but not with fediverse, curious what are the key use cases you are seeing?

Jimmy Hoke :tardis:

@anildash I agree, except I don't really see how Tailscale fits into this. I mean it is cool but not really a web technology right?

aethervision :ziltoid:

@anildash @atomicpoet Like watching someone with a pile of DMT and a Crispr unit hack evolutionary biology.

AlgoCompSynth by znmeb

@anildash I was just talking to an audio developer about that. From the perspective of a developer, the dominance of Chrome and Edge is a problem. There really aren't viable alternatives any more since Microsoft and Google started sharing resources. A modest example:

developer.mozilla.org/en-US/do

AlgoCompSynth by znmeb

@anildash The web is only as good as the user's browser, and developer time is finite. So if it doesn't work on Edge and Chrome nobody will use it.

Andrew F

@anildash I kind of see how those three things fit together but I'm flailing a bit. Long form post coming soon?

Andrew F

@anildash I guess ... browser-based multiplayer StarCraft with the centralized Battle.net being replaced by a federation of clans willing to play with each other? Is that the sort of thing we're talking about?

Ian Brown :verified:

Definitely agree on the importance/impact/potential of the fediverse as part of "Web++" but would love to hear more about why WASM and Tailscale are part of the puzzle. WASM for a more universal runtime or better interop? I can sort of see that...but don't know enough of about #tailscale to see the big picture here. Is there sort of a peer to peer angle with VPNs?

Greg Bray :kubernetes:

@igb youtu.be/phodPLY8zNE is a pretty good overview of WASM and WASI's recent and future roadmap, and how it could bring some interesting changes up and down the traditional tech stack.

And Tailscale has also done some great work at improving the status quo and providing new options on how services are accessed and secured (acl/sharing, magic ssh, tsnet, funnel, web based SSH Console and WebVM, ...)

zeruch

@anildash scams will find their way in, but, if relegated to mostly trash island instances in the fediverse archipelago, hopefully sufficiently mitigated against. I do think the growing pains will depend on the growth curve.

Pär Björklund

@anildash nothing bad to say about tailscale but it's a company with a centralized product so I don't see how it fits with fediverse and wasm

nerkles 🪫

@Paxxi
isn’t tailscale just a commercial wrapper around WireGuard?
@anildash

Nire Bryce

@anildash never thought about tailnet-only mastodon clusters...

isaacs

@anildash I have a similar feeling, but I don't think those are the technologies that'll get us (all the way) there. The (as yet, entirely undelivered) promise of web3.0 is applications running on a ubiquitous robust peer to peer network, without centralized servers or other mechanisms for corporate consolidation and rent seeking. Wasm, tailscale, and fediverse, as innovative and interesting as they are, aren't really paradigm shifting in that way, tough they each hint at it in a way.

DesignDamon

@anildash I remember a fair few years back reading about The Web morphing into a thing they called The Flow(?) and it feels a bit like that.

We Want EVERYTHING! 🌹

@anildash

There's nothing stopping a big #Mastodon server from being sold to some horrible #billionaire. There's nothing stopping #corporate marketers from creating a bunch of bot accounts and making some lame hashtag trend.

The ability to change #servers is great tho

fs111

@anildash why include a proprietary product like tailscale?

Kristoffer

@anildash the key to success will ve to keep VC dollars as far away as possible

Go Up