[HN Gopher] Private and Public Mastodon
___________________________________________________________________
Private and Public Mastodon
Author : AndrewDucker
Score : 74 points
Date : 2023-01-02 18:43 UTC (4 hours ago)
(HTM) web link (www.tbray.org)
(TXT) w3m dump (www.tbray.org)
| mattlondon wrote:
| Clearly the solution involves web 3.0 Blockchain to provide
| irrefutable evidence of ownership of each post, with an off-chain
| oracle providing per-post licenses in machine-readable formats.
| </sarcasm>
|
| ...or you know don't say stuff in public if you don't want it to
| be seen by others. This is - and always has been - Internet 101
| stuff: assume that the internet never forgets, and don't say
| anything publicly if you'd rather not see it on the front page of
| a newspaper.
|
| I guess each new generation needs to learn that there are bad
| people out there, and computers make finding a needle in a
| haystack trivial.
| invig wrote:
| I think it's kind of worse than that. It's not an education
| problem. People are intentionally using this stuff to talk
| publicly about an issue. They just don't like the consequences
| of that.
| NotYourLawyer wrote:
| > People should be able to converse without their every word
| landing on a permanent global un-erasable indexed public record.
| Call me crazy.
|
| Sure, and they should use Signal instead of publishing their
| conversations and then getting mad when they turn out to be
| publicly available.
| jrm4 wrote:
| This article echoes what strikes me as a _really_ silly sentiment
| that I also see on Mastodon because it strikes me as antithetical
| to Mastodon.
|
| The point of the service is to "spread the things you say most
| everywhere." That is the design. It's literally designed to do
| what the opposite of "privacy" is.
|
| And yet, here we are.
|
| I'm sorry, but these kind of discussions to me sound like "What
| if we could have email, except your posts don't go to any other
| person, you just read them yourself?"
|
| I mean, you _could_ use gmail to do this. It would technically
| work. But it 's not what it's designed for, and much better ways
| to do this already exist.
| swyx wrote:
| yeah I did not know about this community policy and this was
| the first time I was significantly discouraged from using
| Mastodon.
|
| I use search to do research on links all the time
| (https://www.swyx.io/twitter-metacommentary). If I read
| something good, usually plonking it into HN search or Twitter
| search yields a dozen more related points and rabbit holes I
| can go down. I can even engage with the author or find their
| thread of thinking or responses to a question I had that may
| already have been asked (or better, questions I didnt think to
| ask)
|
| Without Mastodon search all these metaconversations about
| topics are lost.
| m-p-3 wrote:
| But on the other hand you have a popular platform, with a lot
| of people who can help, and with which some people are already
| used to, that you could deploy internally and use as some sort
| of internal messageboard that can be easily used from anywhere,
| with an official and third-party mobile apps already available.
| [deleted]
| nightpool wrote:
| I think it's more like "What if you could have email, but your
| posts only go to the people you want them to?" I think that's
| pretty easy with Gmail, for the most part, but with Mastodon
| it's harder because it inverts that control--anyone can follow
| you (or send a follow request), and it's harder to police every
| follower individually. This is combined with the fact that most
| accounts are available anonymously on the web, but it's not
| really necessary (many are not, for instance, and even the ones
| that are aren't really convenient to access that way--for bad-
| faith actors, it's more convenient to sign up for an account on
| mastodon.social or some other "well known" server and then find
| posts that way by browsing timelines).
| foobarbecue wrote:
| This idea that you create privacy by leaving the search feature
| out of the software is silly. Yes, to some extent security
| through obscurity does work, and trying to maintain an anti-
| sharing culture might reduce the spread of your information. But
| is that really what you want to rely on?
|
| The other bad pseudo-privacy idea is time-limited posts
| ("stories" or snapchat or whatever).
|
| In both cases, you're crippling the software to add an illusory
| safeguard, which doesn't actually stop bad actors from having
| access to your posts and hence the ability to record and
| rebroadcast them.
|
| You know who got the system right? Facebook. Private by default,
| but the user can decide exactly who can see each of their digital
| objects. It's easy to define groups of friends, allow sharing to
| friends-of-friends, one person, the whole world, whatever. The
| concept of friends (bilateral agreement to share information)
| makes way more sense than this "follow" thing.
|
| I want my open-source, federated, Facebook already.
|
| Edit: Although, I did just have a flashback to when Facebook
| announced Graph Search... which lasted about a week until
| searches that actually worked were deemed creepy and they
| backpedaled into the stone age. It's so frustrating how these
| technologies succeed or fail based on fashion rather than
| technical merit.
| invig wrote:
| You can't really make that either though. Facebook itself can
| see everything. As soon as you federate that all the admins can
| see everything and nothing is private.
|
| You could try and encrypt it down to the user level but a
| person added to a group would only see the content added from
| that point forward (the ability to decrypt would be defined at
| the time of the post, and new people could never read it).
|
| The only way around that would be centralised key management
| which defeats the whole point.
|
| This is one of those problems where it's probably better to
| just use Facebook.
| foobarbecue wrote:
| Oh. Good point about the admins. I somehow missed that.
| LamaOfRuin wrote:
| I believe that option 2, where it relies on individual
| encryption at the cost of reading history, is how matrix does
| it (or can do it if chosen).
| NikolaNovak wrote:
| Interestingly, I find Facebook friend groups a complete dark
| pattern ever since the days of Google plus. G+ circle were
| super easy to create, maintain, split, divide, merge,
| manipulate, and - and this was brilliant - share. FB groups by
| comparison seem hidden, obfuscated and unmaintainable. Creating
| a new list or updating an old one is a complete pain with poor
| screen usage, poor or non existent gestures, control, actions,
| searches, let alone regexes etc.
|
| They exist... But it feels FB has gone out of its way to hide
| and obfuscate them.
|
| Is my experience weird?
| Groxx wrote:
| FB is very clearly _deeply_ invested in convincing people to
| over-share by accident or habit, yeah. It makes their network
| more addictive, and they know it, so they press that button
| as hard as possible while building things that technically
| satisfy niches.
|
| ---
|
| I quite liked G+'s focus on choosing your audience. Because
| you have sub-groups even within small, tightly-knit friend
| groups; when you raise that number into the hundreds it's
| only more true, not less. It was a mostly-effective UX for
| embracing that, and it led to my feed being _dramatically_
| more relevant.
|
| Mastodon is filling a similar purpose for me, lately. The
| server you join has a pretty powerful impact on your local
| timeline - join a couple, use them as targeted sharing /
| browsing groups, and it's working much better for me than any
| algorithmic sorting ever did.
| foobarbecue wrote:
| I don't think that's true about FB convincing people to
| over-share. That may have been true years ago (Bob's
| relationship status has changed to single!) but these days
| I get warnings and stuff whenever I set anything to public,
| and all the defaults are friends only.
| invig wrote:
| G+'s implementation kind of broke communities though?
|
| Each individual having their own personal view of their
| circles meant that you couldn't reliably know which of your
| friends had seen the stuff your reading.
|
| That makes it really hard to talk about (Hey did you see
| X?, no what's X? Oh... oops?).
|
| I like the theory of being able to organise my
| relationships into nice little buckets, but that's
| absolutely not how social things work.
| NikolaNovak wrote:
| Circles were trivially shareable though. It made it super
| easy to create... Well, circles of friends :). These are
| the 15 of us into computers, 12 of us into photography, 6
| of us into dnd, whatever.
|
| And then the best feature of all, Sharing of curated
| circles. A kind of competitive marketplace of topic
| related circles emerged so you could find these amazing
| circles of photographers or musicians etc. Best of all
| you ingested and then owned that (instance of) circle.
| Groxx wrote:
| Somewhat, yeah. Personally I'd like to let people define
| their own publishing "topics" and let people select which
| ones they want to follow.[1]
|
| "Did you see X" is largely killed by algorithmic feeds
| though IMO, which makes it somewhat irrelevant for any
| full-scale heavily-used network. Facebook is a prime
| example - important updates _frequently_ are not seen by
| many close friends, because Facebook chose to not show
| them. Assuming nobody knows anything specific has kinda
| become the norm, sadly.
|
| [1]: Obviously many will not, but that's fine. By
| following them you just get an unfiltered stream. But
| many of my friends couldn't care less about what
| programming language of the week I'm looking at (because
| they're not techy), or what nearby events I'm going to
| (because they're 1000 miles away) and I'm very much the
| sort of person who will categorize that for them so they
| aren't flooded with things they won't be able to join in
| on.
|
| Hashtags are kinda like a crappy in-band version of this,
| and I have yet to see a system embrace them _for this
| purpose_. They 're basically always for public purposes,
| which is part of why you need to use a million near-
| identical ones to actually get good coverage.
| foobarbecue wrote:
| +1 for topics. Conceptually, pub sub. Maybe also give
| publisher to have the ability to choose an access policy
| for their topics (anybody can join, exclude some, only
| requests I accept).
| hairofadog wrote:
| Does anyone remember about 10 years ago there was an iOS AI
| chatbot that was all the rage for a few weeks, but it
| turned out that (a) even though it wasn't obvious,
| everything you said was published for all the world to see
| and (b) the thing was _flirty_. Bad news all around. If I
| can find the name of it I'll follow up.
| foobarbecue wrote:
| I agree, G+ system was more explicit, and I preferred it. FB
| has done the usual modern thing of hiding features so that
| the less technical users don't worry about them. Perhaps
| cowardly; I think even someone struggling with tech (parents,
| grandparents..) would have learned G+ if it really took off.
| jefftk wrote:
| _> I can imagine finer-grained exclusions, such as allowing full-
| text indexing but only for accounts on the same instance, or
| allowing use for search but no other applications. (No ML model
| building!)_
|
| I think it's unlikely that you can prevent ML model building with
| a carefully designed license. The most common legal position
| (though not something that has been tested in court yet) is that
| training models is sufficiently transformative to count as fair
| use, and does not require any sort of license to the data.
|
| You can see this in all the state of the art tools that are
| trained on all the publicly available data that they can scrape,
| without regard for license: translation (text), GPT-3 (text),
| Stable Diffusion etc (images), Co-Pilot (code).
|
| For preventing trolling and harassment a licensing approach is an
| even worse fit, since those are not people who care about
| respecting licenses.
| friend_and_foe wrote:
| How I see it: any and all attempts to kneecap user functionality
| is shameful, anything that you're relying on goodwill for will
| fail miserably and be exploited. If your plan for handling a full
| text search of the network is to browbeat the developer into not
| doing it your days are numbered. If your plan for keeping your
| words private is to put them publicly on the internet and then
| call people Nazis or whatever for looking at them without your
| permission you're not very bright.
| tedunangst wrote:
| Wait until you hear about how followers only posts actually work.
| An analogy would be Microsoft can't figure out how to get email
| addressing to work in Outlook, so they send every email to every
| server, and then Exchange does some magic filtering and tells
| Outlook which of the emails in your inbox should be visible. Then
| somebody writes an alternative SMTP server that allows viewing of
| these hidden messages, and Microsoft sues them.
| Ciantic wrote:
| Hmm, to my knowledge, followers only posts are ActivityPub
| feature, where you just shovel the message to inboxes of just
| followers. It is not sending it to all servers?
|
| It's also possible to send messages to part of the followers as
| well, some instances like qoto.org support circles. You make
| circles from your followers and post to just them.
|
| I wouldn't call these privacy features, but ability for sender
| to choose what it wants to say for certain group of followers.
| password4321 wrote:
| I believe followers-only posts are sent to all servers with
| at least one follower.
| Ciantic wrote:
| That is given, how else could it work?
|
| This is pub/sub, it's not pull based, so every time you
| release something it is pushed to the subscribers, your
| followers servers.
|
| I would like to have a bit of pull based things as well,
| but ActivityPub is not built for it.
|
| Even though it's pushed to a server, doesn't mean it goes
| to everyone in that server.
| kfsnd wrote:
| > _I'm a bit puzzled by that "But people are already doing it"
| argument. Yes, Mastodon traffic either is already or soon will be
| captured and filed permanently as in forever_
|
| Correct. This is something I and several others have been doing
| for some time now. We have a private search engine that covers
| most of the Mastodon fediverse (including widely defederated
| instances), and there's nothing anyone can do about it.
|
| Eventually, we'll give this data to the Internet Archive or put
| it in a torrent or something. It includes a decent amount of now-
| deleted content too.
|
| Really, it's no different to what others, e.g. Pushshift, are
| doing with other sites. Except there's no opt-out. Anything
| you've already said is almost certainly in our data set, and it's
| there permanently.
|
| > _That's extremely hard to prevent but isn't really the problem:
| The problem would be a public search engine that Gamergaters and
| Kiwifarmers use to hunt down vulnerable targets._
|
| Also correct. A couple of KFers we know already have access to
| search the data we've collected. It points them towards
| interesting posts or accounts to archive. People say some pretty
| wild things when they think they're not being recorded for
| posterity!
| akuchling wrote:
| So, among the first people you give access to the search are
| some known harassers? Sharp thinking, there.
| zmgsabst wrote:
| I mean, look at the facts:
|
| - permanently archiving posts they know people don't want
| them to
|
| - gave early access to known trolls
|
| - is now publicly crowing about how there's nothing you can
| do about it
|
| - on a throwaway, because like most bullies they're cowards
|
| Personally, I'm left wondering if there needs to be an
| organized crime investigation into KF, for organized
| harassment campaigns which violate local stalking or other
| laws, and the role people like this account play in
| orchestrating it.
|
| I think there's be a certain irony to HN's record of this
| comment being used to prosecute an accomplice in organized
| crime.
| zirgs wrote:
| If you don't want your stuff permanently archived then
| don't post it on public websites. It's sad that people
| don't give a shit about their privacy and overshare
| everything these days.
| BryantD wrote:
| I mean, "kfsnd." KF. They're not exactly hiding who they
| are.
| zmgsabst wrote:
| Shrug.
|
| They're on a throwaway because they're too cowardly to
| admit who they are and face people like myself who want
| to hold them accountable for their bullying.
|
| I think they're exactly hiding who they are.
| dmix wrote:
| I'm amazed sometimes at the datasets KFers uses for doxxing. If
| you care enough, you just need to pay attention to leaks and
| store them all and you can make a mini NSA X-Keyscore.
|
| During the whole Cloudflare banning thing I remember coming
| across a dox that deanonymized someone via the Patreon hack
| dump [1], where a simple Twitter username match turned into a
| name + address (via credit card details stored by Patreon).
|
| Anonymity and OPSEC requires some serious effort and knowledge.
|
| [1] https://www.christianpost.com/news/patreon-hack-
| almost-14-gb...
| michaelmrose wrote:
| Child Porn is a huge image problem that can only be solved by
| governments in the relevant jurisdictions. Search makes this
| image problem drastically worse.
|
| Lots of discussion about what privacy means no discussion about
| the elephant in the room. Networks that make acceptable use a
| choose your own adventure for instance by allowing people to self
| host and set policy on their own server end up with some people
| using it for things that the rest of planet earth doesn't find
| acceptable. For instance I'm certain that common web frameworks
| and servers are used to promote things both odious and illegal
| but because that machinery is invisible to most users the blame
| accrues entirely to the criminal.
|
| With Mastodon the branding makes it possible for the blame to
| accrue to Mastodon as opposed merely the criminal because people
| are more apt to understand Mastodon as an open source twitter as
| opposed to a tool like Apache. Whereas this problem accrues to
| Mastodon the tool is in no position to dictate how users use the
| tool the relevant governments are and if prosecution becomes
| common hiding illegal porn from prying eyes will be done by the
| users themselves. If Mastodon suggests not federating with
| servers in countries that don't handle this issue eg Japan then
| search will tend to show off less negative content and indeed
| countries can be shamed into handling such issues better.
| [deleted]
| invig wrote:
| I don't understand how a license is supposed to prevent people
| from doing bad things with your content. Does the not-so-nice guy
| in Russia care that he's infringing on your license?
|
| I think Mastodon makes the correct call (everything here is
| public, because it's impossible for it not to be and still have
| the service be what it is), and the community wants a square
| circle. Yay activists.
| Ciantic wrote:
| Eugen Rochko, the developer of Mastodon had written about Search
| that if it comes it should be for the home timeline and own
| posts. It would help a little bit, at least you'd find old posts
| from people you follow.
|
| It would suit some, but since this is federated, there are
| already instances with a search like qoto.org with a full-text
| search.
|
| It's really odd that they made "no index" checkbox, but it's not
| cool to index. If they thought it is unpopular they should have
| made indexing opt-in not opt-out.
|
| Going forward this will be instance specific thing, a lot of
| people want to be able to do searches.
___________________________________________________________________
(page generated 2023-01-02 23:00 UTC)