Gregory's ServerReally clear to me that the new web of fediverse + wasm + tailscale is moving very quickly towards something pretty amazing. As much promise as all the hype of “Web3”, but open, interoperable, and no ties to crypto scams. A lot of incredible things are going to be built across this surface area in the next few years.
 92 comments
  @anildash Feels more like Web 1.0 (or Web 0.1) more than Web 3.0, and that's a good thing.   @anildash I don't think enough people have realized how incredibly valuable the robust universal sandboxing provided by WASM is going to be I genuinely don't want to run code written by other people that's NOT in a sandbox at this point: even if I trust them, do I also trust them not to have written any bugs? WASM to me represents the freedom to run code on my machines again! @anildash @simon it's one of those things that's not completely original, given that sandboxing and portable bytecode have existed in various guises for me years, so that people are going to bash it as hype-driven or valueless. But it's the combination of features, standardization, and broad adoption that's going to be its selling point @stephenjudkins @simon yeah, all of this stuff is the kind of wonderful tech that sort of slowly gestates for a half decade or so, being dismissed as too early, or too familiar, or not “enterprise” enough or whatever. And then suddenly it’s everywhere. @stephenjudkins @anildash @simon I started using WASM for something at work recently and it's freaking wild. I am so ready @stephenjudkins @anildash @simon this was the refrain about docker too, particularly from the BSD community. But it nailed those three aspects and so adoption skyrocketed whether the haters thought it worthwhile or not. I’m really just becoming aware of wasm, particularly outside the browser, but it certainly feels like it’s got the same energy/momentum. @mgaruccio @anildash @simon yes. It was the standard that made it important, not the constituent technologies, which had been in Linux for quite awhile. I'm actually pretty annoyed that docker/OCI was the standard that took off, I think it could have been done a lot differently and better @stephenjudkins @anildash @simon yea it’s frankly a little weird that underneath all the declarative and immutable tooling that got built on top we have this imperative image build process that gets captured in a tarball with networking and storage defined at runtime. But, that also made it easy to start using, and flexible for many use-cases. Which really drove the adoption piece of the puzzle (and nature of FOSS meant features followed that adoption) I must admit I don't quite understand what WASM sandbox does right but JVM did not. It wasn't JUST the Java API was too insanely large, but there were plenty of JVM exploits as well. Is there a guide someplace why WASM hasn't repeated the fate of the JVM? @ncweaver @anildash I don't have a great solid answer for that, but the impression I've got is that WASM was helped by twenty years of lessons from the JVM and from browser development in general Browser developers are really, really good at understanding the challenges involved in executing code from untrusted sources! I think that may be it. The JavaScript JITs are insane, and that they aren't subject to more OMG breakages, and the browsers these days split the rendering engine per origin into a separate process (with all the process isolation on top), the browser folks have a lot of experience. Also, I think WASM started much smaller, and the only outside world is through the JavaScript framework rather than direct probably helps too.  One weakness in Java was JNI because at some point you have to get data in/out of real devices. If my webcam is some janky Costco $6 special, with a buggy, vulnerable terrible driver, does WASM protect me from malicious web pages that want to tickle my vulnerable webcam driver? Or is it just orthogonal? I.e. not WASM’s circus, so not WASM’s monkeys? I think they handle that by basically EVERY bit of I/O has to go through the JavaScript, so it isn't adding to that problem space. I've been playing with safe WASM plugins for resource edition in @capyloon and one super-power is that the "host" code can check which functions are imported by plugins. That makes it possible to enforce eg. privacy policies or permission models.   It's definitely going to take a minute to be realized, but it affords a wealth of capabilities. @simon @anildash which is all well and good until it ask for permission to access your location, camera and wallet to work. So now you are allowing random websites access to your device with no barrier or checks. One advantage of app stores or distributions is that there can be some management of the bad apps. Now your device can run software from anywhere you are relying on the discretion of a user as the only security check. @anildash i scrolled down my tl & this popped up https://mastodon.social/@kstewart@hachyderm.io/109718996166179844   @anildash "Tailscale provides open-source software defined mesh virtual private network software" oh god what is this @anildash okay I'm in, as long as it allows me to configure firewall rules for its traffic 😉 @mykd @anildash last I checked, by default it connects only the specific devices running the client together such that they appear to be all on the same private network. You can optionally run a client in a mode where it will route out into your LAN to reach hosts not running the software, but that is opt in rather than default. @afarnham@mastodon.social @anildash@me.dm it will always be there behind the scenes. Now that SQLite wasm release is official @Jandersen @anildash yes why tailscale? I know it is built on top of WireGuard, but tailscale itself is a proprietary product, so not sure how that relates to the openness of Fediverse?  @maks @Jandersen @anildash The Tailscale clients are open source, and they’ve been coordinating with Headscale, an open source reimplementation of their closed source coordination server. You can use Tailscale as an entirely self-hosted stack, if you want. @jamesgecko @maks @Jandersen @anildash what do you all think of using http://ockam.io instead of Tailscale to build secure connections? @anildash There's so many developers writing inspired code because they're no longer living in the dark ages with work was always at risk of getting destroyed by a profit obsessed corporation changing their API to eliminate all their hard work. Imagine that? Hard work actually matters again? Kinda ironic how this all started when Elon was foolish enough to say he only wanted employees who were "hardcore" workers.  @anildash what is tailscale bringing to the party? (Genuine question asked from a place of curiosity)  @anildash I agree, except I don't really see how Tailscale fits into this. I mean it is cool but not really a web technology right? @anildash @atomicpoet Like watching someone with a pile of DMT and a Crispr unit hack evolutionary biology.  @anildash I was just talking to an audio developer about that. From the perspective of a developer, the dominance of Chrome and Edge is a problem. There really aren't viable alternatives any more since Microsoft and Google started sharing resources. A modest example: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy/midi @anildash The web is only as good as the user's browser, and developer time is finite. So if it doesn't work on Edge and Chrome nobody will use it. Definitely agree on the importance/impact/potential of the fediverse as part of "Web++" but would love to hear more about why WASM and Tailscale are part of the puzzle. WASM for a more universal runtime or better interop? I can sort of see that...but don't know enough of about #tailscale to see the big picture here. Is there sort of a peer to peer angle with VPNs? @igb https://youtu.be/phodPLY8zNE is a pretty good overview of WASM and WASI's recent and future roadmap, and how it could bring some interesting changes up and down the traditional tech stack. And Tailscale has also done some great work at improving the status quo and providing new options on how services are accessed and secured (acl/sharing, magic ssh, tsnet, funnel, web based SSH Console and WebVM, ...)  @anildash nothing bad to say about tailscale but it's a company with a centralized product so I don't see how it fits with fediverse and wasm @anildash I have a similar feeling, but I don't think those are the technologies that'll get us (all the way) there. The (as yet, entirely undelivered) promise of web3.0 is applications running on a ubiquitous robust peer to peer network, without centralized servers or other mechanisms for corporate consolidation and rent seeking. Wasm, tailscale, and fediverse, as innovative and interesting as they are, aren't really paradigm shifting in that way, tough they each hint at it in a way. @anildash I remember a fair few years back reading about The Web morphing into a thing they called The Flow(?) and it feels a bit like that.  There's nothing stopping a big #Mastodon server from being sold to some horrible #billionaire. There's nothing stopping #corporate marketers from creating a bunch of bot accounts and making some lame hashtag trend. The ability to change #servers is great tho |
@anildash Agreed. My only concern is that we find ways to bring in the kids.