> Also, focusing on protocol only makes one miss the rest of Gemini, which is the ecosystem and people who are having a great time using it. Sometimes, it feels to me like someone is at a party ranting about the music not being good enough while there is a smiling crowd dancing and having fun.
This is the biggest point, imo. We don't all have to like the same things, we don't have to all use the same tools, we don't have to belong to the same communities. There's room on the web for all of us.
Gemini appeals to me as someone who appreciates well designed constraints. The fact that HTTP+HTML can accomplish the same things is not only missing the point but is actively against the point.
> We don't all have to like the same things, we don't have to all use the same tools, we don't have to belong to the same communities.
This is one the main reasons I have a hobby computer just for playing around with openBSD. There's something really refreshing (and fun!) about a project that's just trying to do it's own thing without pleasing everyone and their mother.
"This is the biggest point, imo. We don't all have to like the same things, we don't have to all use the same tools, we don't have to belong to the same communities. There's room on the web for all of us."
Exactly right.
Tech companies that rely directly or indirectly on the survival and expansion of web advertising, i.e., most of them, prefer a world where web users do not think independently.
It is easier to advertise on (and manipulate) a web where every participant likes the same things, uses the same tools, and belongs to the same communities.
The problem isn't Gemini, the problem is Gemini marketing.
Gemini enthusiasts (or, at least the ones I've seen posts from, most notably ddevault) market Gemini as a replacement (edit: in whole or part, it doesn't matter, the argument is the same) for "the web".
Then, when you point out that Gemini has basically none of the features of "the web" (and is incapable of supporting the vast majority of its content, and even the vast majority of its good content), they then say that "oh, you don't need those features, inline images are an anti-pattern!" Or something.
The problem isn't that Gemini has no features, the problem is that it's being marketed as a replacement (edit: in whole or in non-trivial part, it doesn't matter) for the web, which is it clearly unsuited for.
Gemini is bad at conveying almost any content except text, which also means that it's unsuitable for scientific papers, education, browser games, social media (even for less "social" social media, like Reddit and HN, where you could be exchanging purely technical information), web services, web applications (disclaimer: I think that web applications are generally slow and dumb, but I'd much rather use HN from my browser than download a dedicated .deb just for it), wikis and encyclopedias, Stack Overflow, search engines, and various other web things that your life would be significantly less great without.
So, by all means, use Gemini. Just don't say that it's a "replacement" for the web (edit: not even part of it - Gemini does so little that the comparison is entirely invalid), or "better" than the web (or associated technology). It is its own thing with its own community that is entirely complementary to the web, and nothing more.
If you want to go back to the internet dark ages without Wikipedia, Google, Stack Overflow, Compiler Explorer, and Shadertoy, have fun - just don't drag me down with you.
This is probably the most annoying straw man argument against Gemini. One of the first things you see in their official page is:
"Gemini is a new internet protocol which:
Is heavier than gopher
Is lighter than the web
Will not replace either"
And if you hang out and talk to people using it you find out that most, if not all, of them are well aware that Gemini will not and can not replace the Web.
Even Drew Devault has said this about Gemini:
"Gemini does not solve all of the web’s problems, but it addresses a subset of its use-cases better than the web does, and that excites me. I want to discard the parts of the web that Gemini does better, and explore other solutions for anything that’s left of the web which is worth keeping". And don't think anyone here in good faith will say that this is "marketing Gemini as a Web replacement". You are imagining these marketers and arguing against them
> "I want to discard the parts of the web that Gemini does better, and explore other solutions for anything that’s left of the web which is worth keeping"
You conveniently left off the next part of that sentence: "(hint: much of it is not)" It's pretty clear that ddevault thinks that Gemini can replace a large fraction of the web (which is the issue under dispute).
The difference between "Gemini can replace the whole web", "Gemini can replace a large fraction of the web", and "Gemini can replace anything more than a vanishingly tiny sliver of the web" is largely irrelevant, as all of them are false, and my argument reads the same if you substitute either of those other two phrases in.
It really sounds like you've misunderstood Gemini and what people like about it, and are now working backwards to demonstrate that your gut feeling ("Gemini <<< Web") is correct.
While in reality, most people using Gemini are using it to blissfully ignore parts of the Web that they are tired of. Gemini was intentionally designed to discourage complex experiments and additional functionality.
Sometimes, I just want to ride a bike, not an airplane. That doesn't mean cyclists believe that bikes can replace air travel.
Also, replace is maybe not the best word here since a lot Gemini enthusiasts believe some things that are possible on the Web don't need a replacement because we would be better off if they didn't even exist.
I also disagree that Gemini is a web replacement as in "everything the Web does Gemini can also do", when read "replace" this is what I think and this is clearly not true. To me it's more like "Some things the Web can do, Gemini also can and the things it can't do aren't really desirable anyway because they can be abused to do things I think is bad and evil"
My point is that most people using Gemini agrees with this: "It is its own thing with its own community that is entirely complementary to the web, and nothing more" even if they think some parts of the Web can be replaced by Gemini (which it can. Text only web pages with simple markup is a thing)
>It's pretty clear that ddevault thinks that Gemini can replace a large fraction of the web (which is the issue under dispute).
Replacing a large fraction is EXTREMELY different than replacing the web which is how you originally phrased it.
"Large fraction" is also extremely vague. Unless they've stated a quantitative amount of the web which they think this can replace then this argument is pointless.
You're making quite the fallacy here - that if a quantitative amount is not given, then you can't make arguments about the statement. That's false.
ddevault (and other gemini enthusiasts) use this kind of qualitative marketing speak to portray Gemini as something that is comparable to the web, while avoiding making quantitative claims, and that is part of my grievance, as stated in my original comment.
You have quite the nerve pointing out other people's alleged fallacies, while you yourself are doing everything in your power to interpret the statements of the Gemini community in a very onesided way. IIRC, the etiquette of this very place says:
> Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith.
Since this whole discussion has left constructive territory a long time ago and arguably violates these guidelines already, I will refrain from replying to this part of the discussion.
Did ddevault specifically say that Gemini should be regarded as a replacement for the web? I never read him that way. As far as I can tell, people are constantly stressing the converse, namely that Gemini is not supposed to be the next web. It's even in the FAQ [1] -- if that's not part of the "marketing material", then I don't know what is. It would be very kind if you could provide specific citations to substantiate your claim about Gemini marketing.
Right in that FAQ is the phrase "You may think of Gemini as "the web, stripped right back to its essence"". To a technical person, "foo, stripped right down to its essence" means that this thing is directly competing with foo - or, at the very least, that it exists in the same realm as foo. Gemini does not exist in the same realm as the web, nor is it at all similar to "the web, stripped right back to its essence".
The fact that occasionally fans might disclaim that it's only meant to replace "part of" the web is materially irrelevant - Gemini isn't capable of replacing any nontrivial fraction of it. (its fans claim it is, though - "I want to discard the parts of the web that Gemini does better, and explore other solutions for anything that’s left of the web which is worth keeping (hint: much of it is not).")[1]
I will concede that Gemini folk sometimes have a rather narrow definition of what the "essence" of the web is, namely, that the web is basically just a medium for hypertext. In the early days of Tim Berners-Lee this was true, though. And I still think that hypertext (as opposed to "web applications") represents a nontrivial fraction of the web (see Wikipedia and, to a lesser degree, blogs).
Drew Devault makes a very valid point: that the web today is at the mercy of Google, because it depends on browser technology that has become so complex that only Google (and maybe a foundation entirely dependent on Google) can deliver it. An ad company! So we (as humanity) have to find ways to replace the web, step by step. And Drew says it right there: "Gemini [...] addresses a subset of its use-cases better than the web does." And for the other use-cases (i.e., besides hypertext), other replacements have to be found.
So I still think that the marketing is way more nuanced than you are saying.
>Drew Devault makes a very valid point: that the web today is at the mercy of Google, because it depends on browser technology that has become so complex that only Google (and maybe a foundation entirely dependent on Google) can deliver it.
Except all of that browser technology is open source. So none of it is actually at the mercy of Google.
It's weird how a forum full of technologists, free software believers and millionaire entrepreneurs have decided that browser technology is so hard and complex that it would literally be more feasible to rebuild the entire web from scratch on completely different protocols, yet we'll have warp drives, self-driving cars and VR beamed directly into our brains by the end of the decade, and come hell or high water we'll put a blockchain on everything.
It's not that hard because it's actually that hard, it's that hard because we want an excuse to abandon the web and browsers as a lost cause, because we're tired of it and its normality, and would rather look for still-green pastures elsewhere.
> It's weird how a forum full of technologists, free software believers and millionaire entrepreneurs have decided that browser technology is so hard and complex that it would literally be more feasible to rebuild the entire web
Have you built a web browser? I have. It quickly became useless as the web moved on. I've also been involved in other web browser projects (including a small webkit based browser as well as Firefox).
My experience is that the web is 1) broken beyond repair 2) building a new browser is virtually impossible 3) for all the effort, building a good browser [such as one that pleases Gemini users] is literally impossible because the web standards themselves require you to implement hostile functionality without which your browser is broken and not actually a web browser, and with which you lose control and enable all kinds of malicious and user-hostile behavior.
Ostensibly open standards and open source technology does not help you when said technology enables the other end to run a bunch of code on your client, and decline service because it doesn't approve of your client.
>My experience is that the web is 1) broken beyond repair 2) building a new browser is virtually impossible 3) for all the effort, building a good browser [such as one that pleases Gemini users] is literally impossible because the web standards themselves require you to implement hostile functionality without which your browser is broken and not actually a web browser, and with which you lose control and enable all kinds of malicious and user-hostile behavior.
Your first item has nothing to do with browsers, it's a purely subjective opinion (albeit one so strongly held by so many here I'm not going to bother trying to disabuse anyone of it anymore.)
Your second item implies that it's too difficult for a hobbyist to build a modern browser in their free time, but the unstated assumption that any new browser must be simple enough to be built by a single person, entirely from scratch, is an arbitrary technical limit based on political ideals. Obviously it isn't actually impossible and, given the number of Firefox forks in the wild, doesn't even require billions of dollars in resources.
And your final item dismisses the entire premise of modern browsers as user-hostile and "not actually web browsers." Which again, has nothing at all to do with the actual technical difficulty of browser implementation but is essentially a declaration that "it sucks any way so why bother?"
You're proving my point, as are the other commenters. This is obviously an argument driven primarily by emotion (disgust with the modern web and complexity) and politics (anti-capitalist and anti-corporatist sentiment) rather than fundamental technical limitations.
My first item has everything to do with the web technology, which browsers are intimately related to. Outdated and insecure firefox forks and their bitter users who complain about the web being broken when they browse it on their Firefox fork serve to prove the point more than to disprove it. And yes, the third point doesn't stop at merely claiming that the web is complex and hard; it just claims that even if you somehow manage to implement it all, you're still at the mercy of corporations because the very technology you implemented has built-in support for discrimination; Google, Cloudflare, et al can decide that they don't want your browser. It is broken technology and it should be thrown away.
> Outdated and insecure firefox forks and their bitter users who complain about the web being broken when they browse it on their Firefox fork serve to prove the point more than to disprove it.
Wait, most Firefox forks that I've seen (such as Pale Moon) were forked because the XUL addon model was deprecated in mainline, and they want to keep it - it had nothing to do with the complexity of the web.
Unless you're saying that "the web" is "too large and complex" (because that's the cause of those forks becoming insecure and outdated) - in which case yes, I think that you can make a case for that.
However, that doesn't have anything to do with the infeasibility of building a new web browser, so it's irrelevant.
> you're still at the mercy of corporations because the very technology you implemented has built-in support for discrimination; Google, Cloudflare, et al can decide that they don't want your browser
If by "Built-in support" you mean user agents - those are trivially spoofable. If you mean browser fingerprinting - that's not built-in, that's an attack against the technology. If you mean checking for the presence of features - that is a feature, not a bug.
> It is broken technology and it should be thrown away.
The technology isn't broken - everything else is. The reason why Google has so much control over the web is because so many people use (1) Chrome and (2) Google services. If neither of those were the case, the web could be technologically identical and yet there wouldn't be a constant feature churn. The problem is not technical, it's a market and social problem.
It's not solvable on a technological level, because (1) even if you convinced everyone to switch to Gemini, if everyone started using the Microsoft Gemini Browser (or whatever), the exact same problem would arise (embrace, extend, extinguish!) and (2) you are never going to be able to convince anything more than a tiny sliver of the population to use Gemini.
The only viable solutions are social (convince people to use Firefox/Safari/Opera and complain when it doesn't work, convince webdevs to support/prefer non-Chromium engines) and political (antitrust action against Google, more regulation).
Gemini is not a solution to this problem.
(you also conveniently didn't answer the rebuttal to your second point, so, to quote krapp: "the unstated assumption that any new browser must be simple enough to be built by a single person, entirely from scratch, is an arbitrary technical limit based on political ideals")
(also, I don't know why you're saying "should" - why "should" I throw it away? You have no authority on this matter, as far as I can tell)
What would that change? These browsers implement the same standards Chrome does, and on top they probably implement the non-standards that Chrome imposes, because people will still want to use Google Meet and stuff. So this at least means to convince people not to use Google Meet and stuff. This goes to show that indeed the web is broken.
> convince webdevs to support/prefer non-Chromium engines
> the unstated assumption that any new browser must be simple enough to be built by a single person, entirely from scratch, is an arbitrary technical limit based on political ideals
First of all, I'm not sure if anyone really said that it had to be achieved "by a single person". Second of all, I don't understand why its political nature should devalue the argument. At any rate, it has been argued that the web is at fault, the standards are problematic, etc., so let's not argue about minor details.
> Unless you're saying that "the web" is "too large and complex" (because that's the cause of those forks becoming insecure and outdated) - in which case yes, I think that you can make a case for that.
That is precisely what I'm saying.
> However, that doesn't have anything to do with the infeasibility of building a new web browser, so it's irrelevant.
I agree; it was krapp who said "Obviously it isn't actually impossible and, given the number of Firefox forks in the wild, doesn't even require billions of dollars in resources", as if those outdated forks somehow were relevant.
> If by "Built-in support" you mean user agents - those are trivially spoofable. If you mean browser fingerprinting - that's not built-in, that's an attack against the technology. If you mean checking for the presence of features - that is a feature, not a bug.
User agents are indeed trivially spoofable, that's not the issue. Fingerprinting is a bug, and one that is impossible to fix because web technology is fundamentally broken and was never designed to resist such an attack. Feature checking and finger printing kinda go hand in hand. I can't consider it a feature, I consider it an antifeature.
> The technology isn't broken - everything else is. The reason why Google has so much control over the web is because so many people use (1) Chrome and (2) Google services
I think that's another "goes hand in hand" thing. Yes, you can consider it a social problem, but it is also technological problem, because it is the technology that is used against us and it is the technology that enables it to be used that way. It's very difficult to use Gemini against you without first changing the technology to support it; if that happened, then yes, I would say that Gemini has become broken too, just like the web now is.
And whether there's a social problem and abuse of technology going on or not, one can totally consider the massive complexity and resulting bloat and loss of practical freedom to be a problem with the technology. I could not make a browser I like, and nobody else will make it for me. It goes beyond what Google does; the web on whole is today architected for a server agent, not a user agent. Even without actively hostile & malicious parties abusing technology to discriminate you / invade your privacy / sell your eyeballs, it will still have features that do not respect the user and only punish the user for trying not to play the play according to the server's script.
> The only viable solutions are social (convince people to use Firefox/Safari/Opera and complain when it doesn't work, convince webdevs to support/prefer non-Chromium engines) and political (antitrust action against Google, more regulation).
I believe that social and political solutions are as lacklustre, limited and prone to subversion as technical solutions. You do what you can in that space, but I believe we will never have enough (or the right kind of) legislation.
However, as a practical matter, it takes time for technology to be turned against you (and there was a time when the web was despite its flaws relatively fine). This will be especially true for any new technology that flies under the radar. Therefore technical solutions are not without merit.
> Gemini is not a solution to this problem.
It does not solve all the web's technical problems, nor will it solve all its social or political problems, and nobody is claiming it does.
But creating new technology (including Gemini) and encouraging individuals to use it is an actionable way to make a difference today. By contrast, my use and support for Firefox (for nearly two decades now) hasn't prevented the web from turning into a disaster. There's not much political or social action going around trying to fix these problems. There are a few who toot the horn and shout into the void, the rest don't give a fuck.
I cannot solve the web's problems, I cannot change the world. It is a lost cause as far as I'm concerned.
But as long as there are enough people interested in alternative technology, it's a way we as a community can help ourselves today. It will not "fix the web" but it gives us some of what we want and it won't be turned against us tomorrow. Either it never gets too popular, or it gets popular and one day the cycle starts afresh. Until then, there's something for us. Nothing is eternal, nothing is perfect.
> (you also conveniently didn't answer the rebuttal to your second point, so, to quote krapp: "the unstated assumption that any new browser must be simple enough to be built by a single person, entirely from scratch, is an arbitrary technical limit based on political ideals")
I didn't really want to, because it's putting words in my mouth and also IMHO a pointless tangent.
It's very hard to consider any technology purely objectively and without influence from "political ideals" or personal beliefs. For example, the claim that bitcoin is broken could be "rebutted" by saying that it's only broken if you have the political ideal that it's not ok to destroy the environment with excessive energy use.
The claim that DES is broken could be "rebutted" if you consider it a political ideal that you should have freedom to communicate without being spied on by corporations and nation-states with enough money to bruteforce your encryption keys.
Any opinion on technology comes with an implicit personal bias. It's not an argument nor is it a rebuttal to point it out. It's too reductionist and can be used to shut down any discussion without addressing it. If someone wants to have that discussion [whether internet technology that individuals rely on should be implementable by individual experts working in the field], then they should start that discussion and not merely shoot down a discussion about technology by saying that doo hoo not everyone agrees with your goals. What's the point? I could come up with equally reductionist "rebuttals" but it's "no u" at that point.
> (also, I don't know why you're saying "should" - why "should" I throw it away? You have no authority on this matter, as far as I can tell)
Pardon my phrasing. Of course I mean to write that I think it is broken technology and it should be thrown away (for the few people who can't otherwise discern personal opinion). You, of course, are free to do whatever the fuck you like.
Also, Gemini works for me, and it works for many other people. If the web is not to our liking, and we can't change the web, we can at least try something else (so far I'm just lurking in Gemini, I don't have a capsule of my own). I don't understand the problem with that.
As someone already said, Gemini is already in the "they fight you" phase (First they ignore you, then they ridicule you, then they fight you). It's like with veganism (no, I am not a vegan, though I sympathize).
Microsoft have literally abandoned maintaining their own browser engine. If staying independent of Google isn't affordable and worthwhile for them, who could it be affordable and worthwhile for?
Microsoft abandoned their own browser engine for business reasons. I feel like it should be obvious that what's "worthwhile" for a for-profit organization is very, very different than what's "worthwhile" for a non-profit, individual, or group of open-source developers; "affordable" isn't even in the picture.
KDE have also abandoned writing their own browser engine. Mozilla continues to produce one but they continue to attract very few outside contributors and rely largely on Google for funding. If no-one's actually doing something we should be wary of blithely assuming that it would be esay or even possible.
The fact that operating systems maintained by small organisations are more viable than web browsers maintained by small organisations should tell you something about the complexity of the web stack.
Reading this whole thread again, I want to add the following: this whole matter of whether web browsers have become too complex or not is just a tangent. The main debate revolves around the question of whether the web is broken, whatever this means, and this question is not a technical one, but a matter of taste and political attitude. Which is to be expected, because the internet is a social thing. So let's agree to disagree, maybe, but let's stop arguing about tangents the way little internet trolls do.
> Are you seriously making the claim that web browsers are not hard and complex to build?
No, I'm making the claim that web browsers are hard and complex, but not impossible and that it's weird how the tech community seems to have decided that it's impossible because it isn't simple.
What is the point though? Yes, in theory it is possible to make yet another broken implementation of broken technology. Going all pedantic on Devault and armchairing "no but acshually" isn't really contributing to the discussion at all, nor does it undermine their argument.
I don't get your polemics here. Where's the line between hard and impossible? It's no less impossible to build a web browser than it is to build pyramids, because both these things have been done before. But what does this mean? Why should we accept something that -- while theoretically not impossible -- is way harder and requires way more resources than necessary, and that is guided by the most pathological incentives (ad revenue)?
"So, by all means, use Gemini. Just don't say that it's a "replacement" for the web (edit: not even part of it - Gemini does so little that the comparison is entirely invalid), or "better" than the web (or associated technology). It is its own thing with its own community that is entirely complementary to the web, and nothing more."
1.6 Do you really think you can replace the web?
Not for a minute! Nor does anybody involved with Gemini want to destroy Gopherspace. Gemini is not intended to replace either Gopher or the web, but to co-exist peacefully alongside them as one more option which people can freely choose to use if it suits them. In the same way that some people currently serve the same content via gopher and the web, people will be able to "bihost" or "trihost" content on whichever combination of protocols they think offer the best match to their technical, philosophical and aesthetic requirements and those of their intended audience.
This is kind of a repeat of one of the straw man arguments mentioned in the article. If it's a response to how Gemini is being marketed (marketed?) then possibly the "marketers" are to blame, but I would have to see for myself, whether they're just saying "Hey here's something nifty" or going all full-blown "Hey here is the one true good right way and the solution to all problems and everything else is wrong and bad and anyone who doesn't go along is a horrifying evil person etc. and you're either with us or against us!" Sometimes the former quickly turns into the latter on the internet.
Not only is this completely irrelevant, but this isn't a throwaway account - I've been using it persistently for the past few months.
It's clear that you're not trying to make arguments, just use emotional manipulation, fallacies, and redirections to try to spread your opinion to others.
Gemini really seems like throwing the baby out with the bath water. The primary gripe seems to be that they don't like javascript and modern web tracking. But in the process they lost inline links, images, video, and a bunch of other things which are useful for reading static documents.
In 2019, I wrote about the need for a web of documents [0], where I wrote about the importance of having static documents and sketched another approach.
Gemini is a web of documents. A rudimentary one, but very content-focused – the signal-to-noise ratio is typically much higher than on WWW. You can visit any capsule in the Geminispace and have full confidence that it’ll only serve you gemtext to read.
On a technological level, the web that we have now is far better suited to being a web of documents than Gemini is or ever will be.
It's one thing to say "we're going to build our own silo of high-quality content", but another to intentionally cripple its technical capabilities, which is what happened with Gemini.
Gemini, the protocol, is extremely bad even for making a web of documents.
Gemini, the network of content, might have a higher SNR than the web - but that's no excuse for pushing a protocol that is flat-out hostile to the transfer of information and knowledge.
Images and video are significant content and while some text does just as well without it, like fiction, most text content is made better by images, video, animations, diagrams or drawings.
Because very few kinds of content benefit from purely text display. Books, documents, blog posts, news, etc all benefit massively from inline images, animations, and videos. It seems that Gemini users wanted to avoid ad tech and commercialization and lost all visual communication in the process.
Exactly - that's why I like the use of "anti-intellectual" as an adjective for Gemini - Gemini's design is anti-conducive to thought and information transfer because of the massive impact of mathematical notation, images, and animations.
The protocol itself, as far as how it conveys and interlinks information seems comparable to early HTML. Documents with very basic formatting, that can be navigated via a hyperlink, forming a web or information graph in the big picture.
It sounds a bit like you didn't enjoy the browser you used rather than the protocol? There are terminal based browsers that might seem very non-modern, but there are also full GUI browsers that aren't much different than a web browser as far as UX. Within the limitation of the defined protocol of course, meaning text only with basic formatting and no inline images.
I personally find the formatting limitations and lack of inline images leads to a richer experience of taking in the information being conveyed. It's almost like the difference between reading a book and watching a movie. Both have their place in our culture. Even today in the age of VR/AR, 3D IMAX films, etc., we still read books, and it is a pleasant experience for many to take in content that way. There are no distractions, only the content.
Gemini is uniquely enjoyable because the imposed limitations provide many of the same benefits that people enjoy about reading books vs watching movies. The modern web very rarely provides content in that form. Nearly every article is interspersed with all kinds of media to "engage" the viewer. I enjoy a lot of it, however, I think there is something to be said about just putting the text out there bare as it is.
Gemini creates a space where the content doesn't have to compete with distractions. All content is on equal footing and must stand solely on the written words themselves. No distractions. No way for one piece of content to sway you over another just because of high-budget media production. Just bare words that you must interpret yourself. It leads to an atmosphere that is engaging in some ways today's web cannot be, like a movie cannot be in place of a book. It requires a different kind of interpretation and imagination to take in, and I really appreciate that.
Sure, some books have the occasional image and are made better for including it. However, thumbing through a lot (not all) of my stack of books, I see maybe one or two images in an entire book [0]. A lot of those are simple diagrams that could be conveyed (albeit crudely) via text.
The remaining image (singular) could have easily been a URL or even a description. "A picture is worth a thousand words" works both ways. Therefore, sometimes it's better to just say a thousand words.
And none of that is to say that we shouldn't have movies or shows or newspapers and textbooks full of pictures! Books pose no threat to any of those, so it's pretty odd to see people threatened seemingly by the mere existence of Gemini. Especially when part of its introduction is that it's not a replacement for the Web!
Perhaps that upfront clarification is what's so scary? Depending on context, "we mean you no harm" can also sound like a threat.
[0]: Though most have precisely 0. Obviously depends on author and their intent.
I don't think that books are a great comparison for Gemini.
Go read The Art of Computer Programming or Linear Algebra Done Right and tell me how easy it would be to process that information without mathematical equations.
Gemini doesn't just eschew images - it gets rid of math notation, too.
Imagine how much further we would be back if we had been unable to use mathematical notation that didn't fit the ASCII character set.
Not to mention all of the thousands of books that are massively better off with actual diagrams in them, and the fact that many books (textbooks especially) that should use images don't.
Gemini isn't even as capable as a book.
And yes, the marketing material states that it's not a replacement for the Web, but it is constantly compared with the Web - sure sounds like a wink and a nod, a subtle suggestion that it is somewhat of a replacement.
If Gemini users want to collectively go off and exclusively create content in Geminispace without bothering me, that's great. However, I'm not very amiable towards any efforts to start moving other people's stuff there, or even the possibility of getting big brains or educators onto that permanently crippled medium.
I am curious to understand why it feels like you are perceiving Gemini as some kind of existential threat? There are many mediums in this world that are technically inferior but have an important role in many people's lives. Why listen to vinyl when your digital download doesn't require unnecessary space for storage, and has the ability to skip between albums and tracks instantly? Why use Twitter with a very limited set of characters and features? Twitter existing did not kill long-form writing? Gemini existing will not kill the web somehow? Why the hostility? There is room enough for all the mediums. And they each have their place in our culture. I think the space Gemini creates is unique, and a very welcome value-add to this world of never-ending distractions.
I see, Gemini is not to make the life of content creators easier, but the life of the server and client implementers.
The need for TLS is a bit strange regarding this, especially if they encourage the use of self-signed certificates.
4 TLS
Use of TLS for Gemini transactions is mandatory.
Clients can validate TLS connections however they like (including not at all) but the strongly RECOMMENDED approach is
to implement a lightweight "TOFU" certificate-pinning system which treats self-signed certificates as first- class
citizens. This greatly reduces TLS overhead on the network (only one cert needs to be sent, not a whole chain) and
lowers the barrier to entry for setting up a Gemini site (no need to pay a CA or setup a Let's Encrypt cron job,
just make a cert and go).
My understanding of the issue as it relates to Gemini is that the Gemini community is:
1. Largely using self-signed certificates on the servers. That gets you into the protocol, but doesn't really help with trust.
2. Using "trust on first use" (TOFU) in the clients, which doesn't scale. The clients have to know whether a particular cert is valid or not, and that means the user needs to manually verify or some trusted data source has to be distributed to clients. Manual verification turns into "yeah, yeah, just let me read the page" after a while. And a trusted data source is, well, hard to keep maintained, and even harder if it wasn't in the model from the start.
So TLS gets Gemini security, of a sort, but the way it's being used makes it less effective than it should be.
The push for TOFU really only began about a year after the protocol was first designed, as it was deemed "too difficult" to obtain a real certificate, even from Let's Encrypt.
On the other hand, those that want something SSH-like for the web have something to point to as an example, as well as those that don't think SSH-like for the web is a good idea as an example.
TLS gives you protection against casual eavesdropping or tampering.
Of course, self-signed certs + TOFU theoretically allow a third party to insert itself as a MITM at the first connection. This needs a lot of tracking and preparation beforehand; no adversary of this caliber is going to be interested in Gemini content.
Adversary of what caliber? All they have to be able to do is redirect a host (for instance by poisoning a local DNS lookup); the actual exploit is trivial. They're self-signed certificates; in the absence of a "TOFU" scheme that doesn't yet meaningfully exist, they provide no security against attackers willing to spoof DNS responses.
"TOFU" is also a truly abysmal fit for any application with a mass audience (at any given time, a huge percentage of your inbounds are going to be people making their first request, all totally open to attack --- contrast that with SSH, where you make first contact with a host on a new machine fairly rarely).
That's not really true, though. Like with SSH, the first time you receive a certificate for a server you are prompted to either trust it or not. If you choose to trust it then from that point on it remains trusted unless explicitly removed from the set of known hosts. Of course, the client could just take the option away from the user and automatically trust every host the first time. But then there's even less point in having TLS here.
Even Signal's TOFU method offers a way for users to manually verify that the keys of the people they're communicating with, even though it permits communication from the start without verification.
I understand that the admonition "never roll your own crypto" (as in develop your own encryption algorithm) is distinct from "never implement crypto on your own" (as in implement an existing encryption algorithm), although it is commonly misread as the latter.
The phrase "never roll your own crypto" was originally used in the context of algorithms.
Hopefully given the description / source code of "a published, well-used, tried-and-tested algorithm", most programmers could implement it in a language with which they are familiar.
I think it even applies to "never implement crypto on your own"---are you sure you've taken into account side-channel attacks? Timing attacks? Random number generation (if it's required)? Cleaning memory after use? That memset() isn't optimized out? There's a lot to get right ...
There's large class of exploits that appear despite the implementation having identical input-output behavior to a correct one -- a side-channel-free software implementation of AES is quite non-intuitive (bitslicing), and not the sort of thing I think most programmers could implement performantly. Worse than AES is RSA; there are a _ton_ of attacks that are subtle enough, that professional cryptographers' implementations end up being vulnerable (see [0]).
More recent algorithms (I'm thinking of ChaCha20 in particular, but there are quite a few others) are explicitly designed such that there shouldn't be any "more obvious" implementation than the secure one, but the programmer needs to know to implement them. I don't _think_ I've seen or heard of a vulnerable "rolled my own AES" since everyone started shipping AES in hardware, but people roll their own RSA all the time. I've had "write RSA" as a class assignment twice, and neither time was "don't use this for _anything_, you're definitely vulnerable to 20+ years of attacks" brought up.
Two things- one, as a sibling comment's mentioned, it absolutely includes implementation of cryptographic primitives too. There are quite a few subtle bugs (mostly, but not entirely, side-channels) that end up being utterly catastrophic.
Second - even using somebody else's (high-quality, trusted) implementation of (high-quality, trusted) primitives very much isn't enough to build a secure system that uses cryptography. The obvious example here is everybody and their dog going off to implement AES or something, not using a MAC ("we just care about secrecy, not integrity") or using a MAC wrong (e.g. MAC-then-encrypt), and then dying horribly to a trivial padding oracle.
Or, trying to build a secure transport protocol (i.e. a TLS-like API, where you just get "a secure socket" after doing some dance with certificates/keypairs)... you just encrypt (and MAC, this time) all the data before you send it out, and decrypt (and verify!) all data that comes in. But... wait, our API can't really handle that easily - we have to write the data out to the network in chunks. So, hm, encrypt and MAC each chunk? Oh, then chunks can be rearranged in transit, so we'll put a counter in there. What if the counter wraps around? Do you abort, or do you just reuse old counter values? Do you get a different session key for the same (client, server) pair- if not, is that an issue? Suppose you're using an AEAD mode, like GCM- how do you manage nonces? (If you reuse a nonce once in GCM, you often leak your authentication keys(!))
Hm, all of that sounds like ... a lot. So maybe we'll just sign+encrypt requests (and include our public key inside), and have the server sign+encrypt responses (to the public key we sent). Hm, but we need to tie responses to requests, though. So we'll need to put a hash of the request in the response. Ah, hmm, length extension attacks, right. Maybe GCM will save us? Hm, not sure... What if somebody wants to replay old content to us (send us an older version of a page)? Can they do that? Right, need to either include some "challenge"/nonce in requests, or at least make sure session keys are unique per-request. What about possible reflection attacks - if we send the server its own public key as our public key, does that cause any weirdness? Oh, what is a public key, anyways? If (God forbid) you're using RSA, does that include both the exponent and the modulus, or just the modulus? If you do a key exchange (e.g. for forward secrecy), who picks the parameters- are they just fixed?
Cryptography is the sort of thing that almost actively resists abstraction, and it's really tricky in a way that's hard to appreciate. It's a world where you find a claw hammer and use it to remove a nail from your floor- maybe even looking on CarpentryOverflow first to make sure a claw hammer can be used to remove nails from floors- and it works fine, so you then go to remove a nail from your wall and discover that this makes the hammer burst into flames because, yes, most people think "claw hammers can pull nails out of stuff" and that's usually true but the unstated assumption there is that you're holding the hammer with your right hand and you're actually left-handed and it's a Tuesday in the southern hemisphere so you actually should have used a completely different tool or used a higher-level misuse-resistant nail-pulling API which does almost exactly what you want, but that's what you thought the hammer did so...
> I see, Gemini is not to make the life of content creators easier, but the life of the server and client implementers.
As far as I understand, the distinction (content creator on the one hand, server and client implementers on the other) goes against the Gemini philosophy. The idea is rather that it should be reasonably easy to be both.
> Since the markup language is so simple, it lowers the barrier of entry for those wanting to produce content
I see this as one of the major problems with The Web.
It's just too technically difficult for a normal person to make a useful reliable website. That naturally drives people from the open web into closed web-replacements like facebook.
EDIT: With that said. I can't really get behind something like gemini whole-heartedly. It just feels like adding rendering support to browsers for gemini style markdown and serving them with appropriate Content-Type headers over regular HTTP would be a better way to do it.
EDIT 2: Or campaigning to add support for the protocol in common browsers. That is, after all, why URLs include the protocol and I know people here are extremely fond of bashing client implementations for not displaying the protocol part of a URL.
> It's just too technically difficult for a normal person to make a useful reliable website.
There are many hosting providers from the hostgators of the world to wix and squarespace that make this pretty easy if you want to host content.
> That naturally drives people from the open web into closed web-replacements like facebook.
The social aspect is what drives people to social networks. All of their friends are there.
Many people don't want to just host content, they want chat, video, messenger, photo storage. For those that don't need it widely accessible, group chats seemed to have filled gap between forum <-> text message/email.
That all still relates to the technical difficulty of hosting (and, to be a bit more specific, account/identity management.)
Facebook doesn't have some magic technical secret that makes chat, video, messenger, storage, etc handled by their servers somehow different than if it were handled by a server in your home.
People think technology is "too complicated" and "magic" because they don't try to understand it. That's the problem. The "secret sauce" is in configuration and knowledge of architecture, software engineering, and production engineering, which are all gradually acquirable through sweat equity.
There are plenty of cheap VPSes all over the world where someone can run just about anything live without the costs of GCP or AWS.
> It just feels like adding rendering support to browsers for gemini style markdown and serving them with appropriate Content-Type headers over regular HTTP would be a better way to do it.
One of the nice things about keeping it separate is that clicking a link is safe. Relaxing. If the linked page wants to spy on you or run a crypto miner or bug you with stupid pop-ups or try to trick you into automatically clicking "allow" on notifications, it'll first have to pop a "would you like to open this link in [web browser]?" window or something.
Yes you can cut down permissions on the web but then 90% of it doesn't work without a bunch of fiddling.
The key to understanding it is just not to expect it to have mass appeal, ever. It lowers barriers for developers and tech hobbyists. It is a nice crunchy area for developers to have fun with that doesn’t require herculean feats of programming to serve or consume. It's like ham radio.
But gopher doesn't have TLS. Yes, there are clients that attempt to make TLS connections to gopher servers and will fall back to plain TCP on failure, but that's a hack (and a pretty annoying one at that).
Suddenly you can't trust anything you're being served as there are so many endpoints you could be MITM'd at. Reading a text about some experience someone had? Snippets from that text could have been replaced if you are not using any cryptographic protocol what so ever.
One problem is the way Gemini and Mastodon (and even Twitter at one time) are often promoted:
> Once you have a client that supports it, you’re free to enter the ecosystem. Once there, you’ll notice that it is composed of many vibrant communities. There are artists creating cool experiments, writers and essayists pouring their hearts and brains out, etc. You can find a tribe for you or start a new thing.
I assume this is true for the person who wrote it, but finding people who are interesting is often a problem. There is lots of noise and I have trouble finding “vibrant” communities that are relevant to me. I’m following only two interesting people on Mastodon after several years and I found them because links to interesting things they wrote were posted to a link-sharing site.
Specific examples beat abstract arguments. The best way to promote Gemini would be to quote and link to interesting content you found on Gemini.
And that means you’re playing the same social game as everyone else, doesn’t it?
I'm really rooting for this project. Sure it's probably over-idealistic and not entirely practical, but I think that's part of the appeal - a group of folks trying to build a better web and having fun doing it.
The other end is questionable too. IMO, Gemini has too many features to be the 'low-fi chiptune' of hypertext. Every time I look at it, I come away thinking it is not in any sweet spot but perhaps the worst of both worlds: too featureful to truly foster creativity by constraint, and yet lacking entirely too many features to compete with a simple robust Markdown static site stack.
If we wanted the pixel art or low-fi chiptune of hypertext, both historically and in terms of esthetic, we'd be targeting classic textfiles: 80-col ASCII art .txt (maaaybe with the absolute bare minimum of adding a clickable link for navigation to make up for the lack of a TUI BBS interface wrapping the individual text files).
Honestly insane this post is even needed. Doubters really glance at Gemini and just make up shit on the spot. Makes you wonder what else they bullshit about.
I use Lagrange to browse Gemini blogs as a reprieve from the bloat, just gimme ideas with text. It's nice and super easy, just try it and find an aggregator like Antenna, and if you hate it uninstall it.
HTTP and Gopher both filled that role last century so I'm not certain how that's radical. Admittedly, part of Gopher's failure in the market was that someone, U of M, tried to get money out of licensing it, but that came after its initial release.
I have a lot of fun with Gemini! Since I couldn't find a good static gmi -> html converter that I liked for my website, I built my own. It works great and is pretty simple! This is one thing that people miss out on - I can actually build things on top of gemini / gemtext because it is so simple.
ELI5 why use Gemini? This post is my first hearing about it, so maybe I'm missing something, but nothing here is obviously compelling. As a user, I could care less whether Gemtext is technically easier to parse than Markdown. "We simplified some technical details and left out all modern features" seems neither like a technical feat nor a selling point.
I don't understand. What problem does it solve? Why fracture pervasive, compatible ecosystems with emperor's new clothes? It throws away decades of infrastructure interop and support. If you want to "take privacy seriously", there's onion hidden sites and tor browsers.
It appears to mix together too many concerns, but best of luck.
This was weird timing. Haven't seen a post on Gemini on here in a while, and I just started yesterday building an Express-like Gemini server framework in Go, to get more familiar with Go.
Ironically, there are two current projects competing for the Gemini name: the Winklevi's bitcoin exchange (indubitably named after their twinship) and the more-than-a-protocol for a no-frills version of the World Wide Web, which is what TFA is talking about.
>Instead of simply commenting on Hacker News like I did in previous similar posts, I thought I’d write a little blog post I could link there and in future discussions.
Because people inside Gemini ecosystem already know all the stuff I wrote in the post. That is an article for people on the Web who are talking about Gemini.
This is the biggest point, imo. We don't all have to like the same things, we don't have to all use the same tools, we don't have to belong to the same communities. There's room on the web for all of us.
Gemini appeals to me as someone who appreciates well designed constraints. The fact that HTTP+HTML can accomplish the same things is not only missing the point but is actively against the point.