[HN Gopher] Private and Public Mastodon ___________________________________________________________________ Private and Public Mastodon Author : AndrewDucker Score : 74 points Date : 2023-01-02 18:43 UTC (4 hours ago) (HTM) web link (www.tbray.org) (TXT) w3m dump (www.tbray.org) | mattlondon wrote: | Clearly the solution involves web 3.0 Blockchain to provide | irrefutable evidence of ownership of each post, with an off-chain | oracle providing per-post licenses in machine-readable formats. | </sarcasm> | | ...or you know don't say stuff in public if you don't want it to | be seen by others. This is - and always has been - Internet 101 | stuff: assume that the internet never forgets, and don't say | anything publicly if you'd rather not see it on the front page of | a newspaper. | | I guess each new generation needs to learn that there are bad | people out there, and computers make finding a needle in a | haystack trivial. | invig wrote: | I think it's kind of worse than that. It's not an education | problem. People are intentionally using this stuff to talk | publicly about an issue. They just don't like the consequences | of that. | NotYourLawyer wrote: | > People should be able to converse without their every word | landing on a permanent global un-erasable indexed public record. | Call me crazy. | | Sure, and they should use Signal instead of publishing their | conversations and then getting mad when they turn out to be | publicly available. | jrm4 wrote: | This article echoes what strikes me as a _really_ silly sentiment | that I also see on Mastodon because it strikes me as antithetical | to Mastodon. | | The point of the service is to "spread the things you say most | everywhere." That is the design. It's literally designed to do | what the opposite of "privacy" is. | | And yet, here we are. | | I'm sorry, but these kind of discussions to me sound like "What | if we could have email, except your posts don't go to any other | person, you just read them yourself?" | | I mean, you _could_ use gmail to do this. It would technically | work. But it 's not what it's designed for, and much better ways | to do this already exist. | swyx wrote: | yeah I did not know about this community policy and this was | the first time I was significantly discouraged from using | Mastodon. | | I use search to do research on links all the time | (https://www.swyx.io/twitter-metacommentary). If I read | something good, usually plonking it into HN search or Twitter | search yields a dozen more related points and rabbit holes I | can go down. I can even engage with the author or find their | thread of thinking or responses to a question I had that may | already have been asked (or better, questions I didnt think to | ask) | | Without Mastodon search all these metaconversations about | topics are lost. | m-p-3 wrote: | But on the other hand you have a popular platform, with a lot | of people who can help, and with which some people are already | used to, that you could deploy internally and use as some sort | of internal messageboard that can be easily used from anywhere, | with an official and third-party mobile apps already available. | [deleted] | nightpool wrote: | I think it's more like "What if you could have email, but your | posts only go to the people you want them to?" I think that's | pretty easy with Gmail, for the most part, but with Mastodon | it's harder because it inverts that control--anyone can follow | you (or send a follow request), and it's harder to police every | follower individually. This is combined with the fact that most | accounts are available anonymously on the web, but it's not | really necessary (many are not, for instance, and even the ones | that are aren't really convenient to access that way--for bad- | faith actors, it's more convenient to sign up for an account on | mastodon.social or some other "well known" server and then find | posts that way by browsing timelines). | foobarbecue wrote: | This idea that you create privacy by leaving the search feature | out of the software is silly. Yes, to some extent security | through obscurity does work, and trying to maintain an anti- | sharing culture might reduce the spread of your information. But | is that really what you want to rely on? | | The other bad pseudo-privacy idea is time-limited posts | ("stories" or snapchat or whatever). | | In both cases, you're crippling the software to add an illusory | safeguard, which doesn't actually stop bad actors from having | access to your posts and hence the ability to record and | rebroadcast them. | | You know who got the system right? Facebook. Private by default, | but the user can decide exactly who can see each of their digital | objects. It's easy to define groups of friends, allow sharing to | friends-of-friends, one person, the whole world, whatever. The | concept of friends (bilateral agreement to share information) | makes way more sense than this "follow" thing. | | I want my open-source, federated, Facebook already. | | Edit: Although, I did just have a flashback to when Facebook | announced Graph Search... which lasted about a week until | searches that actually worked were deemed creepy and they | backpedaled into the stone age. It's so frustrating how these | technologies succeed or fail based on fashion rather than | technical merit. | invig wrote: | You can't really make that either though. Facebook itself can | see everything. As soon as you federate that all the admins can | see everything and nothing is private. | | You could try and encrypt it down to the user level but a | person added to a group would only see the content added from | that point forward (the ability to decrypt would be defined at | the time of the post, and new people could never read it). | | The only way around that would be centralised key management | which defeats the whole point. | | This is one of those problems where it's probably better to | just use Facebook. | foobarbecue wrote: | Oh. Good point about the admins. I somehow missed that. | LamaOfRuin wrote: | I believe that option 2, where it relies on individual | encryption at the cost of reading history, is how matrix does | it (or can do it if chosen). | NikolaNovak wrote: | Interestingly, I find Facebook friend groups a complete dark | pattern ever since the days of Google plus. G+ circle were | super easy to create, maintain, split, divide, merge, | manipulate, and - and this was brilliant - share. FB groups by | comparison seem hidden, obfuscated and unmaintainable. Creating | a new list or updating an old one is a complete pain with poor | screen usage, poor or non existent gestures, control, actions, | searches, let alone regexes etc. | | They exist... But it feels FB has gone out of its way to hide | and obfuscate them. | | Is my experience weird? | Groxx wrote: | FB is very clearly _deeply_ invested in convincing people to | over-share by accident or habit, yeah. It makes their network | more addictive, and they know it, so they press that button | as hard as possible while building things that technically | satisfy niches. | | --- | | I quite liked G+'s focus on choosing your audience. Because | you have sub-groups even within small, tightly-knit friend | groups; when you raise that number into the hundreds it's | only more true, not less. It was a mostly-effective UX for | embracing that, and it led to my feed being _dramatically_ | more relevant. | | Mastodon is filling a similar purpose for me, lately. The | server you join has a pretty powerful impact on your local | timeline - join a couple, use them as targeted sharing / | browsing groups, and it's working much better for me than any | algorithmic sorting ever did. | foobarbecue wrote: | I don't think that's true about FB convincing people to | over-share. That may have been true years ago (Bob's | relationship status has changed to single!) but these days | I get warnings and stuff whenever I set anything to public, | and all the defaults are friends only. | invig wrote: | G+'s implementation kind of broke communities though? | | Each individual having their own personal view of their | circles meant that you couldn't reliably know which of your | friends had seen the stuff your reading. | | That makes it really hard to talk about (Hey did you see | X?, no what's X? Oh... oops?). | | I like the theory of being able to organise my | relationships into nice little buckets, but that's | absolutely not how social things work. | NikolaNovak wrote: | Circles were trivially shareable though. It made it super | easy to create... Well, circles of friends :). These are | the 15 of us into computers, 12 of us into photography, 6 | of us into dnd, whatever. | | And then the best feature of all, Sharing of curated | circles. A kind of competitive marketplace of topic | related circles emerged so you could find these amazing | circles of photographers or musicians etc. Best of all | you ingested and then owned that (instance of) circle. | Groxx wrote: | Somewhat, yeah. Personally I'd like to let people define | their own publishing "topics" and let people select which | ones they want to follow.[1] | | "Did you see X" is largely killed by algorithmic feeds | though IMO, which makes it somewhat irrelevant for any | full-scale heavily-used network. Facebook is a prime | example - important updates _frequently_ are not seen by | many close friends, because Facebook chose to not show | them. Assuming nobody knows anything specific has kinda | become the norm, sadly. | | [1]: Obviously many will not, but that's fine. By | following them you just get an unfiltered stream. But | many of my friends couldn't care less about what | programming language of the week I'm looking at (because | they're not techy), or what nearby events I'm going to | (because they're 1000 miles away) and I'm very much the | sort of person who will categorize that for them so they | aren't flooded with things they won't be able to join in | on. | | Hashtags are kinda like a crappy in-band version of this, | and I have yet to see a system embrace them _for this | purpose_. They 're basically always for public purposes, | which is part of why you need to use a million near- | identical ones to actually get good coverage. | foobarbecue wrote: | +1 for topics. Conceptually, pub sub. Maybe also give | publisher to have the ability to choose an access policy | for their topics (anybody can join, exclude some, only | requests I accept). | hairofadog wrote: | Does anyone remember about 10 years ago there was an iOS AI | chatbot that was all the rage for a few weeks, but it | turned out that (a) even though it wasn't obvious, | everything you said was published for all the world to see | and (b) the thing was _flirty_. Bad news all around. If I | can find the name of it I'll follow up. | foobarbecue wrote: | I agree, G+ system was more explicit, and I preferred it. FB | has done the usual modern thing of hiding features so that | the less technical users don't worry about them. Perhaps | cowardly; I think even someone struggling with tech (parents, | grandparents..) would have learned G+ if it really took off. | jefftk wrote: | _> I can imagine finer-grained exclusions, such as allowing full- | text indexing but only for accounts on the same instance, or | allowing use for search but no other applications. (No ML model | building!)_ | | I think it's unlikely that you can prevent ML model building with | a carefully designed license. The most common legal position | (though not something that has been tested in court yet) is that | training models is sufficiently transformative to count as fair | use, and does not require any sort of license to the data. | | You can see this in all the state of the art tools that are | trained on all the publicly available data that they can scrape, | without regard for license: translation (text), GPT-3 (text), | Stable Diffusion etc (images), Co-Pilot (code). | | For preventing trolling and harassment a licensing approach is an | even worse fit, since those are not people who care about | respecting licenses. | friend_and_foe wrote: | How I see it: any and all attempts to kneecap user functionality | is shameful, anything that you're relying on goodwill for will | fail miserably and be exploited. If your plan for handling a full | text search of the network is to browbeat the developer into not | doing it your days are numbered. If your plan for keeping your | words private is to put them publicly on the internet and then | call people Nazis or whatever for looking at them without your | permission you're not very bright. | tedunangst wrote: | Wait until you hear about how followers only posts actually work. | An analogy would be Microsoft can't figure out how to get email | addressing to work in Outlook, so they send every email to every | server, and then Exchange does some magic filtering and tells | Outlook which of the emails in your inbox should be visible. Then | somebody writes an alternative SMTP server that allows viewing of | these hidden messages, and Microsoft sues them. | Ciantic wrote: | Hmm, to my knowledge, followers only posts are ActivityPub | feature, where you just shovel the message to inboxes of just | followers. It is not sending it to all servers? | | It's also possible to send messages to part of the followers as | well, some instances like qoto.org support circles. You make | circles from your followers and post to just them. | | I wouldn't call these privacy features, but ability for sender | to choose what it wants to say for certain group of followers. | password4321 wrote: | I believe followers-only posts are sent to all servers with | at least one follower. | Ciantic wrote: | That is given, how else could it work? | | This is pub/sub, it's not pull based, so every time you | release something it is pushed to the subscribers, your | followers servers. | | I would like to have a bit of pull based things as well, | but ActivityPub is not built for it. | | Even though it's pushed to a server, doesn't mean it goes | to everyone in that server. | kfsnd wrote: | > _I'm a bit puzzled by that "But people are already doing it" | argument. Yes, Mastodon traffic either is already or soon will be | captured and filed permanently as in forever_ | | Correct. This is something I and several others have been doing | for some time now. We have a private search engine that covers | most of the Mastodon fediverse (including widely defederated | instances), and there's nothing anyone can do about it. | | Eventually, we'll give this data to the Internet Archive or put | it in a torrent or something. It includes a decent amount of now- | deleted content too. | | Really, it's no different to what others, e.g. Pushshift, are | doing with other sites. Except there's no opt-out. Anything | you've already said is almost certainly in our data set, and it's | there permanently. | | > _That's extremely hard to prevent but isn't really the problem: | The problem would be a public search engine that Gamergaters and | Kiwifarmers use to hunt down vulnerable targets._ | | Also correct. A couple of KFers we know already have access to | search the data we've collected. It points them towards | interesting posts or accounts to archive. People say some pretty | wild things when they think they're not being recorded for | posterity! | akuchling wrote: | So, among the first people you give access to the search are | some known harassers? Sharp thinking, there. | zmgsabst wrote: | I mean, look at the facts: | | - permanently archiving posts they know people don't want | them to | | - gave early access to known trolls | | - is now publicly crowing about how there's nothing you can | do about it | | - on a throwaway, because like most bullies they're cowards | | Personally, I'm left wondering if there needs to be an | organized crime investigation into KF, for organized | harassment campaigns which violate local stalking or other | laws, and the role people like this account play in | orchestrating it. | | I think there's be a certain irony to HN's record of this | comment being used to prosecute an accomplice in organized | crime. | zirgs wrote: | If you don't want your stuff permanently archived then | don't post it on public websites. It's sad that people | don't give a shit about their privacy and overshare | everything these days. | BryantD wrote: | I mean, "kfsnd." KF. They're not exactly hiding who they | are. | zmgsabst wrote: | Shrug. | | They're on a throwaway because they're too cowardly to | admit who they are and face people like myself who want | to hold them accountable for their bullying. | | I think they're exactly hiding who they are. | dmix wrote: | I'm amazed sometimes at the datasets KFers uses for doxxing. If | you care enough, you just need to pay attention to leaks and | store them all and you can make a mini NSA X-Keyscore. | | During the whole Cloudflare banning thing I remember coming | across a dox that deanonymized someone via the Patreon hack | dump [1], where a simple Twitter username match turned into a | name + address (via credit card details stored by Patreon). | | Anonymity and OPSEC requires some serious effort and knowledge. | | [1] https://www.christianpost.com/news/patreon-hack- | almost-14-gb... | michaelmrose wrote: | Child Porn is a huge image problem that can only be solved by | governments in the relevant jurisdictions. Search makes this | image problem drastically worse. | | Lots of discussion about what privacy means no discussion about | the elephant in the room. Networks that make acceptable use a | choose your own adventure for instance by allowing people to self | host and set policy on their own server end up with some people | using it for things that the rest of planet earth doesn't find | acceptable. For instance I'm certain that common web frameworks | and servers are used to promote things both odious and illegal | but because that machinery is invisible to most users the blame | accrues entirely to the criminal. | | With Mastodon the branding makes it possible for the blame to | accrue to Mastodon as opposed merely the criminal because people | are more apt to understand Mastodon as an open source twitter as | opposed to a tool like Apache. Whereas this problem accrues to | Mastodon the tool is in no position to dictate how users use the | tool the relevant governments are and if prosecution becomes | common hiding illegal porn from prying eyes will be done by the | users themselves. If Mastodon suggests not federating with | servers in countries that don't handle this issue eg Japan then | search will tend to show off less negative content and indeed | countries can be shamed into handling such issues better. | [deleted] | invig wrote: | I don't understand how a license is supposed to prevent people | from doing bad things with your content. Does the not-so-nice guy | in Russia care that he's infringing on your license? | | I think Mastodon makes the correct call (everything here is | public, because it's impossible for it not to be and still have | the service be what it is), and the community wants a square | circle. Yay activists. | Ciantic wrote: | Eugen Rochko, the developer of Mastodon had written about Search | that if it comes it should be for the home timeline and own | posts. It would help a little bit, at least you'd find old posts | from people you follow. | | It would suit some, but since this is federated, there are | already instances with a search like qoto.org with a full-text | search. | | It's really odd that they made "no index" checkbox, but it's not | cool to index. If they thought it is unpopular they should have | made indexing opt-in not opt-out. | | Going forward this will be instance specific thing, a lot of | people want to be able to do searches. ___________________________________________________________________ (page generated 2023-01-02 23:00 UTC)