[HN Gopher] Blocking Threads won't be enough to protect privacy ...
___________________________________________________________________
Blocking Threads won't be enough to protect privacy once they join
the Fediverse
Author : jdp23
Score : 103 points
Date : 2023-07-10 21:13 UTC (2 days ago)
(HTM) web link (privacy.thenexus.today)
(TXT) w3m dump (privacy.thenexus.today)
| [deleted]
| FollowingTheDao wrote:
| My hope is that people will give up on all social media.
| Nextgrid wrote:
| If you have personal information you do not wish bad actors to
| see, do not publish it using an open protocol explicitly designed
| to allow anyone to read said information.
|
| Defederating from Meta as a solution is stupid - Meta can (and
| will if they actually care enough) just rejoin undercover.
|
| Furthermore, when it comes to the fediverse, Meta is actually one
| of the _more_ trusted actors compared to whatever else is on
| there - at least they 're a known legal entity instead of some
| random.
|
| Finally, the fact that publishing private information publicly on
| the fediverse wasn't considered an issue before Meta came along
| shows just how irrelevant the whole thing is - the data has been
| public all this time, but the network is so irrelevant that not
| even bad actors cared enough to actually scrape it (or at least
| do anything with it).
| itronitron wrote:
| You're overlooking the fact that Meta is collecting a whole lot
| more information than just what people post publicly, and
| they're not transparent about that.
| dcow wrote:
| Yeah I stopped reading the article once it mentioned people
| getting annoyed and wanting to control _who_ sees their public
| content. You don 't get to make that call. The community
| doesn't get to make that call. The protocol makes that call and
| the protocol allows anybody to view stuff you post publicly.
| You don't get to say "I publish this but Meta can't view it".
| Not even legally you don't. That's not _privacy_ and no amount
| of "web3" is going to fix that.
|
| Copyright cannot restrict who can view a work you created once
| you transfer or license that work to somebody else (e.g. by
| releasing it publicly on the fediverse). You don't get to say
| "here's my post but if you show it to Meta then that's
| illegal". We don't even have a common legal framework for
| dealing with content distribution that isn't copying (we got
| "lucky" that you have to copy content to view it digitally so
| copyright can be poorly jammed onto the digital content
| distribution model and everything doesn't burn down).
|
| Where the heck did people get the idea that they get to dictate
| how culture spreads and evolves?
| Guvante wrote:
| Your understanding is flawed. Copyright is 100% okay with
| transitively controlling production of content.
|
| After all how else would you describe someone allowing
| Netflix to stream your content?
|
| You can't restream Netflix and Netflix is restricted on how
| it can stream to you. Both rooted in the original Copyright
| protection and the licenses to content given out by
| intermediaries.
|
| Most posting platforms give themselves very broad rights with
| what they can do in a transitive fashion.
|
| But that is "companies don't want to get sued for user
| uploaded content and are lazy" not "you don't have any rights
| over things that are published".
| dcow wrote:
| It's not that simple. If I sell you a book, I cannot place
| a restriction on that sale saying you can't resell that
| book (first sale doctrine). You're allowed to do that
| because you own the _copy_ of the book. You can 't copy the
| book and sell it, because you don't own the _copyright_ ,
| but you can sell the original copy, show it to whomever you
| want, etc. It's not that "copyright is okay with transitive
| licensing" but more that "copyright simply prevents you
| from copying a work you didn't create (or otherwise don't
| have copyrights over)". That's all it does.
|
| If you want to place downstream restrictions on your
| content then you have to license it (and get someone to
| agree to your license). You have rights over how you
| _license_ content. Yes. And users may agree that they 're
| only "viewing" a copy and don't in fact own it when
| engaging with your licensed content, sure. But my main
| point was that you don't get to publish content to the
| public domain and then say oh wait no I didn't want Meta to
| see that oops #privacy #cancelmeta. And further that it's
| kinda silly to imagine a world where everyone licenses
| every little toot they make. At some point we're in a
| public forum and we just all need to understand what that
| means, including that someone you don't like might be
| listening.
|
| Anyway, I don't think licensing content is a positive thing
| for society. It may benefit media conglomerates, but not
| individuals. Arguably, creators _shouldn 't_ be allowed to
| say "Netflix you can stream this content to users but not
| in Brazil". I don't think it's a sealed deal that
| downstream restrictions on content distribution are healthy
| or in any way in the public interest. Charging a royalty
| for a views/streams of some show is one thing. Saying "only
| on Tuesdays and not in Brazil" gives too much control to
| creators to dictate how their art should be interpreted.
| And nobody can prevent you from using Netflix to stream a
| show to your Brazilian friend on the couch next to you...
| nor should they ever be able to. That would be really
| really bad technology, were it to exist.
|
| So short of attaching licenses to every post you make, no,
| there's not a socially healthy, let alone even viable,
| strategy to control content distribution in the
| "fediverse".
| justcool393 wrote:
| > If you want to place downstream restrictions on your
| content then you have to license it (and get someone to
| agree to your license)
|
| That's not how copyright works like... at all. HN needs a
| license to display your comment right now (see here:
| https://www.ycombinator.com/legal/#tou). Copyright works
| by default (in the US) of being the most restricted. The
| first sale doctrine applies but online when you
| distribute something you're not making _1_ copy.
| wpietri wrote:
| > So short of attaching licenses to every post you make
|
| I think you have this backwards. Full copyright
| protection is the default for all content not licensed
| otherwise. Publishing does not put content into a "public
| domain" status. Social media platforms already have
| strong legal terms around every piece of content. If you
| violate that license, platforms may choose to fuck you
| up. E.g.: https://www.malwarebytes.com/blog/news/2023/01/
| untraceable-s...
|
| It would be easy enough for particular Mastodon servers
| and/or accounts to be explicit about their downstream
| licensing.
| scarface_74 wrote:
| > Saying "only on Tuesdays and not in Brazil" gives too
| much control to creators to dictate how their art should
| be interpreted.
|
| Do you feel the same way about restrictive open source
| software licenses like GPL3?
| dcow wrote:
| Yes all software should just be public domain. But
| because we have icky copyright, we have to have icky
| software licenses.
| giaour wrote:
| > but you can sell the original copy, show it to whomever
| you want, etc
|
| The license associated with physical media does have
| restrictions. You can't mount a public display of the
| work without acquiring a separate license. E.g., you
| can't buy a DVD of a movie and then screen it for a group
| (outside of what's permitted under fair use). If you sell
| tickets to that screening or intersperse ads, thereby
| infringing copyright for commercial gain, you're in even
| hotter water.
| nobody9999 wrote:
| >Yeah I stopped reading the article once it mentioned people
| getting annoyed and wanting to control who sees their public
| content. You don't get to make that call.
|
| A fair point, and one that's not really new either.
|
| Don't want something to be public? Don't post it publicly. As
| I recall, when my employer at the time (mid 1990s)
| "federated" their email with the rest of the world, they sent
| out a memo which stated, in part, "don't put anything in an
| email that you wouldn't want to see on the front page of your
| local newspaper."
|
| That was back when local newspapers were a thing, but I
| imagine you can see the parallels.
|
| That said, I do get to control who sees my content -- by not
| making it public (i.e., I don't federate my AP instances and
| curate who can create accounts on them).
|
| If you want something to be _private_ , don't post it
| _publicly_. I 'm not sure why that's such a foreign idea to
| some folks since, as I mentioned, it's not even close to
| being a new idea.
| mcv wrote:
| Controlling who can see your content is actually a very
| reasonable feature; some things are not meant for everybody,
| but just for the people who actually know you. But it's not a
| use case that ActivityPub was designed for. Google+ had a
| really nice feature where you could easily control who can
| see your post. Diapora has something similar, but considering
| it's federated, I'm not sure if you can really guarantee it.
|
| I think the only way to guarantee this control in a federated
| system, is to encrypt everything that's not completely
| public. If everybody has a public key, you can use that to
| encrypt the secret key. It's a hassle, but I think this would
| work.
| echelon wrote:
| There's a portion of the far left and the up-and-coming gen-
| zalpha that takes on a dictatorial "censorship is okay for
| things we dislike" attitude. They don't realize that in the
| 90's and 00's free speech was a place of refuge for liberals
| to escape from evangelical attacks on everything from LGBT
| rights to Pokemon.
|
| They also don't appreciate that the "come one and all" nature
| of the internet back then led to many people crossing the
| fences and experiencing viewpoints they'd never seen or heard
| before. This is an atmosphere we desperately need to return
| to.
|
| Present day censorship, "gotcha" moderation, and algorithmic
| manipulation of emotion have led to hyper polarization. We
| should 1) deescalate the intrusion of these systems and
| remove them from our day-to-day experience and 2) reinforce
| the fundamental rights we all deserve.
|
| Social media networks with over 100,000,000 daily active
| users should not be considered as "private companies with a
| right to free speech through censorship". They are
| effectively public squares that we have all elected and
| chosen to share. Right and left alike.
|
| Public companies tend to censor to protect profits, but small
| individuals (such as Reddit moderators and Fediverse instance
| maintainers) do it from either a position of laziness or
| political retribution. The latter is a form of disgust and
| hatred for fellow humans and should be called out as such,
| even if the other party is guilty of the same.
|
| I've seen the free speech argument twisted into "right wing
| figures trying to force their views into everyone's feed",
| but that need not be the case. There are tools for
| individuals to block. And if we'd finally divorce ourselves
| from platforms and federation and escape to true p2p social
| networking, we'd all have maximum individual control: we
| could institute any blocking, boosting, ingestion, sharing,
| and ranking criteria we wanted. Many amongst the left
| obsesses over what the right is doing (and vice versa), which
| tells me people enjoy rubbernecking rather than tuning out.
| It's a game of "neener-neener" high school football rivalry.
|
| But back to the core point - you shouldn't get to choose who
| people talk to if you're not a first party in that
| conversation. You shouldn't get to choose who can publish
| openly or who can read public broadcasts. If you want to keep
| your words private, share them in private. Your choices
| should be limited to blocking what you personally dislike at
| your own consumption level, and it should be that way for
| everyone. Because that's fair.
|
| The pendulums of politics will swing. One day liberals will
| need the free speech refuge again. Preserve it now even if
| you want to get rid of it. Question yourself if you find
| yourself wanting to mute or persecute others. If you're angry
| with my words right now, please ask yourself why you want the
| other party to shut up.
|
| I want to emphasize that I do not agree with the far right.
| But I will fight with my last breath to preserve the right to
| free speech for us all. If we lose it, we will slide into
| tyrannical oppression from those in power.
|
| I wish we could all just get along. I know that's not going
| to happen in my lifetime, but we should make best attempts at
| deescalation and maintaining open communication with one
| another. Conversation can be a bridge.
| justsomeadvice0 wrote:
| > Social media networks with over 100,000,000 daily active
| users should not be considered as "private companies with a
| right to free speech through censorship". They are
| effectively public squares that we have all elected and
| chosen to share. Right and left alike.
|
| Shouldn't this also apply to TV channels? Chat apps like
| iMessage? Popular newspapers, blogs, and email newsletters?
| And indeed, why stop at 100M DAUs - why not 10M, or 1M? The
| problem I expect is this path leads to the death of freedom
| of the press.
| joe_the_user wrote:
| _Defederating from Meta as a solution is stupid - Meta can (and
| will if they actually care enough) just rejoin undercover._
|
| I agree with the rest of your post but I suspect that in this
| instance Meta, a large public company, that might leery about
| doing something that potentially embarassing.
|
| But your basic point remains true. A wide variety of companies,
| many bad actor, are going to be scraping, processing and
| connecting any data anyone makes puts online and that will
| happen whether Meta joins the fediverse or not. If Meta wanted
| fediverse data bad, they'd likely just buy it.
|
| Indeed, all the hand wringing about Meta in particular in the
| article and here seems deeply confused - of course Meta isn't
| the only problematic actor out there. Indeed, the anonymity-
| problem of all the walled-gardens is that they explicitly
| attempt to stop online anonymity in various overt ways. But
| everywhere entities are trying to deanonymize covertly and
| these can be at least as bad.
|
| The main thing is that anyone wanting anonymity needs to take
| active measures to achieve it. And these measures vary on how
| visible you are and effectively how much your enemies are
| capable and interested in you. Those talking anonymity would do
| best educating people in this.
| hackernewds wrote:
| Meta has walled gardens at least with privacy settings that
| cannot be scraped.
| kevinventullo wrote:
| _Meta, a large public company, that might leery about doing
| something that potentially embarassing._
|
| I don't know, they did depend on Onavo analytics for a while:
| https://en.m.wikipedia.org/wiki/Onavo
| joe_the_user wrote:
| Yeah, the (less-important, subsidiary) point is they'd be
| happier to use some other source than engaging deception
| overtly and results would be the same.
| jdp23 wrote:
| I should have been clearer about how this relates to general
| issues. I added a sentence
|
| "Of course, Meta's far from the only threat out there, but as
| I discuss in 'Threat modeling Meta, the fediverse, and
| privacy', looking at Meta-related threats also points to
| solutions that increase privacy and safety in the fediverse
| more generally."
|
| Here's a link to the longer post (still a draft).
| https://privacy.thenexus.today/fediverse-threat-modeling-
| pri...
|
| And agreed, it doesn't scale for Meta to infiltrate people
| into every single fediverse instance -- although threat
| actors who are targeting specific people or communities might
| well do this, so it's also something to take into account.
| [deleted]
| bmacho wrote:
| Can Meta scrape twitter or reddit, and pair your messages with
| your facebook account? Sure they can. But it is probably not
| legal, and looks very scary.
|
| Mastodon and Fediverse however explicitly offers your data to
| them.
| not2b wrote:
| Even though Threads isn't federated yet, you can find any
| user's public messages via https://threads.net/@username
| (which is identical to the scheme Mastodon and other
| fediverse sites use). Anyone's public postings can be found
| in the same way, and defederation doesn't prevent it. There
| is nothing to stop the Meta folks from looking at
| https://sfba.social/@not2b even if our admin blocks
| threads.net.
|
| Mastodon and the fediverse explicitly offer public posts to
| everyone. Some sites use robots.txt to block search engines
| and web crawlers that follow the conventions. Others don't.
| dathinab wrote:
| > If you have personal information you do not wish bad actors
| to see, do not publish it using an open protocol explicitly
| designed to allow anyone to read said information.
|
| you seem to not even have read the first paragraph, or not
| understood what it imples
|
| the whole point of this article is that meta has a precendence
| of aggregating and combining data from all kind of sources.
| This includes data which is not supposed to be public, but e.g.
| was sold without your knowledge, awareness or explicit consent.
| A situation you could argue the huge majority of people on the
| internet is in.
|
| For example consider this hypothetical scenario:
|
| So they might take the supposed to be public data of e.g. your
| anonymous political activism (lets say anti corruption in a
| very corrupt country).
|
| Then take a public profile you created e.g. in your teens,
| which you never linked or used the same email address with as
| you politic profile and should have no connection at all (you
| acted carefully).
|
| But then meta is like, oh see through the data we bought/own we
| know that that profile was using that (non public) email
| address and through other data we brought we know that that
| email is belived to be owned by the same person as that other
| email (e.g. you used is for forwarding or account recovery,
| also non public) so we conclude they are the same and publish
| *to the whole world trivially accessible that the anonymous
| political activists is you*.
|
| Or another scenario: They used AI body/face recognition to make
| the link even through you never posted the face in you
| anonymous account without appropriate masking or at all.
|
| Or another scenario: Metadata of locations leaked through the
| usage of social media created the link.
|
| Or another scenario: Someone marks you on a image they took
| without your consent (and/or knowledge), doesn't matter if they
| later delete it or make it only visible to their frinds
| followers.
|
| Or in other words as long as you don't live as a complete
| hermit and have far above average tech knowledge and also treat
| absurdly careful to a point where it causing major annoyance in
| your life stuff like that can totally happen to you.
|
| This is why the GDPR was created to make it illegal to
| aggregate information about third parties without their consent
| in surprising ways. But it's also where it failed the hardest
| to archive it's goals you could say (but thats a different
| discussion altogether).
| zzzeek wrote:
| I think the point they're making is that Meta is in a special
| place, where by using their unusually vast amounts of personal
| data and photos, they are somehow (?) going to dox anonymous
| users by publishing their real names, based on matching their
| profiles in some way. At least that is the implication based on
| the quoted tweet right at the top of the post (which is lacking
| any real detail how exactly Meta got this person's real name
| matched up with an online alias).
| Havoc wrote:
| >using their unusually vast amounts of personal data
|
| Jikes. Hadn't considered that. Certainly seems plausible, not
| just via technical means but also content. I've got a reddit
| profile that I try very hard to keep "clean and anonymous"
| yet I've had people from halfway around the world message me
| say "Hey you're Jack from X". Post sufficient volume and it
| becomes identifiable no matter how hard one tries.
| omoikane wrote:
| I think people can make that discovery but you could always
| deny that association, and it might be difficult for random
| strangers to gather enough proof to say that two accounts
| are linked.
|
| Meta appears to be publicizing account associations that
| were previously difficult to confirm, in a way that defeats
| any previous efforts to maintain deniability.
| yodsanklai wrote:
| > they are somehow (?) going to dox anonymous users by
| publishing their real names, based on matching their profiles
| in some way.
|
| Aren't there laws against that? are there even allow to build
| internal links between FB/IG accounts without user consent?
| not2b wrote:
| The terms of service on Facebook require that real names be
| used, and anonymous users aren't permitted. I know, many
| ignore that, but they occasionally demand a user's real
| name or proof that an unusual name is a real name.
|
| Instagram used to have different rules, but they seem to be
| trying to integrate everything.
| chongli wrote:
| I think they're talking about Meta doxing anonymous users
| on Mastodon. That is, by having Threads join the
| fediverse they can pull in information about anonymous
| users on other Mastodon servers and match it up with
| Facebook and Instagram accounts, linking them and
| potentially unmasking them.
| not2b wrote:
| They could do that just as easily without federation (and
| in fact they already do: they've been found to create
| "shadow users" from people who aren't even
| Facebook/Instagram users from the tracking cookies
| they've gotten lots of sites to add, and they plug in all
| that info if that person later joins Facebook or
| Instagram).
|
| I can't think of anything they can find out if federation
| is turned on that they can't find if federation is turned
| off. Even if there were some info that could only be
| obtained by being in the federation (and I can't think of
| anything but I might be wrong), that's easy enough: just
| create some small instances that don't identify as Meta
| or Threads and have the users of those instances follow
| people on all the large instances.
| adolph wrote:
| > Aren't there laws against that?
|
| Law is a weak form of mitigation for risk of harm. If it
| can be done and there is motive to do it, expect that it
| will be done.
| meepmorp wrote:
| In the US, yeah. We're famously unwilling to do anything
| about that kind of stuff.
| Guvante wrote:
| Have you read the terms of service?
|
| Any rights that they are allowed to strip from you are gone
| as part of the ToS.
|
| Unless there is a law saying what you said explicitly, then
| 100% for certain Meta gives themselves permission to do it
| when you sign up for either service.
| zzzeek wrote:
| I'm sure the US justice system will be glad to let you sue
| after you've been murdered by an online mob that found out
| where you live
| not2b wrote:
| Meta (when they were Facebook) had a rule that members would
| use their real names, that their users consented to as part
| of the terms of service. Apparently they used that as
| justification to find out someone's real name who was using a
| pseudonym. Kinda stinks, but I could see how they could
| justify it (though in the cases I'm aware of they just
| demanded that people provide real names or verify that the
| name that they were using was real).
|
| But someone who uses a completely different site hasn't
| consented to the Threads terms of service, and if Threads
| randomly decided to dox people and alter their posts to add
| real names (or perhaps deadnames for trans folks), that's a
| very different matter, and I'm sure that their lawyers are
| going to tell them not to do that (or risk legal
| consequences). Since non-users haven't agreed to any terms of
| service Meta face real court, none of that binding
| arbitration stuff, and possibly class action if they do it a
| lot.
| chc wrote:
| The only entity that could realistically tell us how Meta
| linked the profile to that person's real name is Meta, and
| they aren't likely to share that information -- so it's not
| exactly surprising that the tweet lacks detail on the matter.
| Tempest1981 wrote:
| Phone numbers and recovery email addresses?
| giancarlostoro wrote:
| I am assuming they used the same email address they use on
| Facebook.
| godelski wrote:
| > Defederating from Meta as a solution is stupid
|
| One question I've had for fediverse people is how you prevent a
| federated system from centralizing. I am legitimately curious.
| Email is often given as an example, but imo that a perfect
| example of a decentralized system BECOMING centralized. Sure,
| other players exist but the vast majority of people are on
| gmail, apple, or outlook (which is much smaller than the other
| two). Things tend to follow power distributions due to the
| momentum force being critical. In network systems (e.g.
| twitter,facebook,HN,email,ISPs,Walmark,etc) the utility/value
| is not linearly proportional to the userbase, but super-linear
| (this was one of the big problems with cryptocurrencies too.
| "Gotta have money to make money"). In these systems resources
| are "attractive."
|
| So with this in mind, how is a decentralized paradigm any
| different than an attempt to just reshuffle the top players?
| (i.e. re-centralize but with a different group at the top) I
| just don't see the mechanism that prevents centralization.
| wmf wrote:
| You can force decentralization in certain ways like only
| allowing one user per domain but nobody has the courage to
| try it.
| fossuser wrote:
| This is similar to how urbit's ID system works fwiw - the
| ID is tied to the computing node itself 1:1 and you can't
| have an account that's separate from a node.
| [deleted]
| not2b wrote:
| The fight over whether or not to federate with threads might
| actually cause more decentralization, as people move off
| instances if they don't like the policies the admins have
| chosen, and different admins make different choices.
| jdp23 wrote:
| It's certainly a challenge. Mastodon's development tends to
| prioritize mastodon.social (Eugen Rochko is BFDL of the
| software platform and also runs mastodon.social) -- for
| example, the mobile app now signs people up by default on
| mastodon.social, and functionality that people running
| smaller instances have implemented in forks hasn't been
| integrated back into the main line. So there's the weird
| dynamic that people generally have better experiences on
| small instances (as long as they're well-admined) but the
| vast majority of the current fediverse is on large Mastodon
| instances. So it'll be interesting to see what happens in
| response to Meta. There's likely to be a partition, and if
| .social winds up taking a Meta-friendly position, then the
| anti-Meta region may be much less centralized.
|
| https://heat-shield.space/mastodon_two_camps.html looks at
| tensions between people who just want a "better twitter"
| (which tends to lead to centralization) and people who focus
| more on small communities (a more decentralized solution).
| fossuser wrote:
| I think you don't, which is why I think federated systems
| built on the existing stack are doomed to fail (by
| recentralizing). You're right to point out email as an
| example of this failure.
|
| You need urbit or something like it to fix it, the problems
| are deeper.
|
| https://martiancomputing.substack.com/p/tlon-urbit-
| computing...
| dcow wrote:
| I am continually impressed by how much _more_ relevant
| Urbit has become (contrary to people years ago arguing it
| would fade out into irrelevancy). Urbit was designed
| holistically to solve the problems the "web 2" internet
| experienced in a structural way, not just apply some fancy
| "web 3" bandaids to some them. So of course it is a lofty
| project. But time and again it's proven that it took the
| right stance on socio-technological issues. Will it ever
| gain enough traction so that it replaces your text message
| app? Well that's really a social question, and one can
| wish. But it certainly solves all the problems people keep
| bumbling into when trying to "do web3". I wish more people
| would give it a serious look.
| fossuser wrote:
| I work at Tlon (the main startup behind urbit, so
| disclaimer) - it's a lot easier to use urbit now than it
| used to be thanks to free hosting.
|
| It needs to be a lot easier still (particularly the
| mobile experience isn't there yet without a fully formed
| app), but if it's been a while it's worth checking out
| again: https://tlon.io/
|
| It'll be insanely hard to actually pull off, but it's the
| only attempt in this space that I think has a legitimate
| chance of a successful outcome. The others are dead on
| arrival because they don't actually fix the underlying
| issues. (Success being widespread adoption of software
| the users actually own and control.)
|
| I personally self-host mine which has also gotten a lot
| easier too:
| https://martiancomputing.substack.com/p/product-review-
| nativ...
|
| The UX needs to be just as good as a centralized service
| - I think urbit is the only design where that's really
| plausible (without recentralizing).
| usrusr wrote:
| Even "effectively re-centralized federated" will still
| provide much better ways to keep all that browser
| fingerprinting stuff and the like away from Meta et al than a
| closed system. E.g. if for some reason you need to operate a
| Google email address you could run the day to day read and
| write behind a forwarding setup never connecting your regular
| browser or your imap client to Google servers, dealing with
| the occasional setup/maintenance from a browser properly
| isolated from your search history and the like.
| awwaiid wrote:
| I've seen email being centralized mentioned a few times but I
| don't think it's true. I email with plenty of people who
| don't use gsuite... seems to work fine. I can see a power
| distribution, sure, but that's still a distribution not a
| central organized cabal that stops newcomers.
|
| Still I agree -- decentralized paradigms that are successful
| seem like they'd end up with big players like you describe
| eventually. Still better than actually centralized like slack
| or something.
| wizofaus wrote:
| > the vast majority of people are on gmail, apple, or outlook
|
| What do apple email addresses look like? I genuinely don't
| know anybody that uses an address that says to me "provided
| by Apple"... I do know a lot of people that use their
| corporate/organisational addresses for personal email though,
| which always surprised me.
|
| Edit: just read that "me.com" email addresses are apple-
| provided - I have at least seen them used occasionally,
| though nowhere near as much as gmail and hotmail/live.com
| (outlook).
| someNameIG wrote:
| me.com is the old address, it's been icloud.com for years
| now.
| wizofaus wrote:
| I couldn't recall ever noticing anyone use an icloud.com
| address as their primary personal email address, though
| searching through my inbox it has cropped up once or
| twice. Actually my sister did use one briefly in 2018.
| mattl wrote:
| And mac.com previous to that. Plus you can use your own
| domain name.
| wizofaus wrote:
| Are there any stats on how many people do that? It seems
| me the only way it could be true that Apple mail has far
| more users than outlook/live/hotmail is if the former
| tend to be associated with custom domains.
| mattl wrote:
| Apple mail the client has a lot more users than any
| Apple-offered mail.
| 8organicbits wrote:
| > wasn't considered an issue before Meta came along
|
| This is false, there's been frequent discussion around how
| indexing and search should be performed in a privacy preserving
| way. Meta is just the latest concern.
|
| [1] https://www.anildash.com/2023/01/16/a-fediverse-search/
|
| [2] https://blog.joinmastodon.org/2018/07/cage-the-mastodon/
| fooofw wrote:
| I feel like the fact that Meta (and anyone) can see posts and
| users regardless of whether or not they are defederated is a
| bit of a distraction.
|
| However, I do see the point of considering ways for instances
| to somehow distance themselves from Meta's instance. If another
| instance/admin was publicly known to comparably engage in
| pervasive user tracking (both on and off their own websites)
| and algorithmic attention monopolization, would we not expect
| many other actors in the fediverse to defederate or otherwise
| distance themselves from those practices/that instance?
| Obviously, several instances have decided to do so by
| premptively saying they will defederate. I'm just saying that I
| think it makes sense to at least consider it. E.g., compare the
| labels the data collected by the Threads Android app (https://p
| lay.google.com/store/apps/datasafety?id=com.instagr...) to
| those of the Mastodon one (https://play.google.com/store/apps/d
| etails?id=org.joinmastod...), and I at least see the contrast.
|
| But perhaps this is just me being naively unaware of rampant
| community-sanctioned indiscriminate collection of user data in
| the fediverse (I'm not part of it, just curiously observing
| Meta's entry).
| alwaysbeconsing wrote:
| There's a huge gap between sharing a post and having that be
| replicated and consumed or archived elsewhere by other
| users/hosts, and having that same post processed against a
| giant pile of other data specifically to de-anonymize it. The
| first one is, yes, just normal use of public information. The
| second is more like spying, and since we know Facebook does
| stuff like that, being apprehensive specifically about them is
| justified.
| JohnFen wrote:
| > Meta is actually one of the more trusted actors compared to
| whatever else is on there - at least they're a known legal
| entity instead of some random.
|
| But they're a known entity with a long track record, which is
| how I know they can't be trusted.
| nomel wrote:
| But, you know the space they operate. That space is limited
| by profits, what their immense legal team allows, and their
| immense security team controls. The alternative is,
| literally, a complete stranger, with no track record, unknown
| motives, and (as the recent hacks showed) doesn't have the
| skillset to keep your information secure anyways.
| nobody9999 wrote:
| >The alternative is, literally, a complete stranger, with
| no track record, unknown motives, and (as the recent hacks
| showed) doesn't have the skillset to keep your information
| secure anyways.
|
| That's not the _only_ alternative. Another is, literally,
| _me_ , someone I know very well, with a lifetime track
| record that I'm intimately familiar with, known motives and
| the skillset to keep my information secure.
|
| It's called "hosting your own instance."
|
| And it doesn't stop me from following users on other
| instances, nor does it require me to accept the TOS of
| other instances either.
|
| That said, I'm not interested in juicing my "follower"
| count or building/enhancing my "brand," nor am I interested
| in doing so for others.
|
| That's the alternative. And when someone comes up with an
| AP hub that can interact with other AP instances like an
| email client (my Thunderbird[0] can talk smtp, pop3, IMap,
| xmpp, Matrix, nntp and more) that's a viable alternative
| for the hoi polloi. Until then, more technical folks like
| myself can just roll their own.
|
| I don't really care what most other people say anyway,
| including (well, especially) "influencers", celebrities,
| politicians, advertisers and other scum of the earth.
|
| So I'll just follow whoever _I_ want to follow from my own
| AP instance. Or not, if I choose not to federate with other
| instances.
|
| [0] https://www.thunderbird.net/
|
| Edit: Added the _missing link_.
| JohnFen wrote:
| This is true, but it's also a "the devil you know is better
| than the devil you don't" argument. Which is not to say
| it's invalid, of course, but it's not a strong argument.
|
| Personally, while I certainly don't trust a random
| stranger, I trust Facebook even less.
|
| Not that any of this matters, really. My opinion affects
| nothing.
| cdot2 wrote:
| [flagged]
| jrajav wrote:
| You're the only one making the absurd terrorist analogy.
| Reposting a person's content in another context with a whole
| crowd of people specifically there to mock and humiliate that
| person, many of whom will then go out of their way to
| personally harass that person, definitely counts as
| "targeting."
| mediumdeviation wrote:
| More than harassment, literal bomb threats https://www.washin
| gtonpost.com/technology/2022/09/02/lgbtq-t...
|
| > After Raichik falsely claimed on Aug. 11 that Boston
| Children's Hospital performs hysterectomies on children, the
| hospital received a barrage of "hostile internet activity,
| phone calls, and harassing emails including threats of
| violence toward our clinicians and staff," the hospital said
| in a statement. The hospital does provide hysterectomies to
| certain patients over 18.
|
| > On Tuesday, police responded to an anonymous bomb threat at
| the hospital. No explosives were discovered, and hospital
| officials said they were cooperating with the police
| investigation of the incident. "We remain vigilant in our
| efforts to battle the spread of false information about the
| hospital and our caregivers," the hospital said.
| numpad0 wrote:
| I'm starting to think there are lots of assholes using gender
| and gender isms as excuse to themselves consistently labeled
| assholes. Like there are people getting feet dragged by gender
| dysphoria, and there are people who's got nothing else to shift
| their blame to than maybe their biological identities that
| catches onto it.
| howinteresting wrote:
| [flagged]
| ndlan wrote:
| [flagged]
| howinteresting wrote:
| Just convince other people about the falsehood of the
| opinion.
| cubefox wrote:
| First, these are completely legitimate opinions which have
| nothing to do with hate speech. Second, last time I checked
| they still mainly reposted things. Third, the fact that you
| think that people should be fired because of their private
| beliefs which have nothing to do with their job is alarming.
| Imagine you would be fired for one of _your_ opinions on sex
| /gender/pronouns etc even though this has nothing to do with
| your job.
| howinteresting wrote:
| You don't get to say "non-binary isn't real" in a workplace
| when some of your colleagues are or could be non-binary.
| That is absolutely a hateful, illegitimate opinion.
|
| The Colorado State University image is basic manners when
| it comes to trans people. It is part of diversity training
| at any decent workplace, and there is no legitimate reason
| to object to it.
|
| edit: I just want to respond to the flagged response: while
| there is disagreement on how to define "sex" and whether
| particular definitions of sex admit only two members or
| more than two of them, that has very little to do with
| whether non-binary is a legitimate social category of
| being.
|
| The statement "non-binary isn't real" flies in the face of
| clear, concrete evidence that non-binary is "real".
| Millions of people describe themselves as non-binary,
| report improved mental health outcomes when socially
| treated as non-binary, nonbinary medical transition is a
| growing field in the medical literature [1], and so on.
| Chaya is obviously aware of all this evidence. This means
| that what her statement is saying is that it isn't a
| legitimate category deserving of social recognition. That
| is absolutely, by definition, hateful.
|
| [1] e.g. https://www.frontiersin.org/articles/10.3389/fendo
| .2021.7013...
| cubefox wrote:
| [flagged]
| phailhaus wrote:
| When the account "just reposted stuff" with inflammatory claims
| about children's hospitals, those hospitals were targeted by a
| deluge of online harassment and phoned-in threats. [1] If
| Twitter is the public square, then their account is on a
| massive soap box with over two million followers. What they say
| is going to have real-world consequences, and to pretend as if
| they have no blame is ridiculous.
|
| [1]
| https://www.washingtonpost.com/technology/2022/09/02/lgbtq-t...
| cubefox wrote:
| [flagged]
| zzzeek wrote:
| going to call bullshit on that. Share the source of so
| called "illegal gender treatment". Going to guess it was a
| hospital that had to quickly change practices due to one of
| those reactionary laws recently passed in Texas or similar
| at best. These laws violate people's human rights and
| should be overturned (and they will be).
| cubefox wrote:
| [flagged]
| [deleted]
| phailhaus wrote:
| Great, so we agree that Libs of TikTok "just reposting
| stuff" is done to achieve political goals, with success,
| that would not have happened without the huge spotlight
| they control. So when they post hateful content targeted at
| trans people, they have reason to be afraid.
| cubefox wrote:
| [flagged]
| phailhaus wrote:
| I don't know why you're responding to me then. The post
| I'm replying to is pretending that "just reposting stuff"
| is totally harmless and has no real world consequences.
| cubefox wrote:
| [flagged]
| jdp23 wrote:
| Here's a couple of excerpts highlighting way many LGBTQ+ people
| see Libs of TikTok as a threat
|
| "After gaining a large Twitter following in the spring as she
| baselessly accused LGBTQ teachers of being pedophiles and
| "groomers," Raichik began criticizing children's health
| facilities earlier this summer, targeting a hospital in Omaha
| in June and another in Pittsburgh in August. The attacks
| resulted in a flood of online harassment and phoned-in threats
| at both hospitals."
|
| (From "Twitter account Libs of TikTok blamed for harassment of
| children's hospitals" https://www.washingtonpost.com/technology
| /2022/09/02/lgbtq-t...)
|
| ...
|
| "One former English teacher, Tyler Wrynn, told Lorenz for her
| piece that he had been harassed, sent death threats and
| eventually fired after one of his TikToks about supporting
| LGBT+ kids was posted by Raichik"
|
| (From "How Libs of TikTok Became an Anti-LGBTQ+ Hate Machine"
| https://www.them.us/story/libs-of-tik-tok-twitter-facebook-i...
| )
|
| "While the account doesn't always explicitly encourage
| followers to do anything, its posts have sometimes led people
| to harass or physically threaten its subjects. In one instance,
| a group of five Proud Boys members disrupted a Drag Queen Story
| Hour at a public library, spewing homophobic and transphobic
| insults at attendees, which investigators believe was spurred
| by Libs of TikTok."
|
| (from "Teacher targeted by Libs of TikTok sent death threats
| and lost his job" https://www.thepinknews.com/2022/04/20/libs-
| of-tiktok-teache... )
| justincredible wrote:
| [dead]
| zzzeek wrote:
| what an ignorant take. Social media promotion of "hated" groups
| can be plausibly blamed for mass murder, including a literal
| genocide for which Facebook is now being sued for PS150bn right
| now:
|
| https://en.wikipedia.org/wiki/Facebook_content_management_co...
|
| https://www.nytimes.com/2018/10/15/technology/myanmar-facebo...
|
| https://www.theguardian.com/technology/2021/dec/06/rohingya-...
| cubefox wrote:
| That's completely different. Libs of TikTok only reposts very
| far-left takes to expose their absurdity.
| srveale wrote:
| They provide commentary too. They certainly have an agenda.
| They have targeted specific people and organizations, and
| also groups of people generally. The article writer needed
| an example of a well-known social media account that fit
| this description, and accounts that are worse in terms of
| explicitly encouraging harassment have already been banned.
| cubefox wrote:
| Their only "agenda" is "exposing" and making fun of far-
| left excesses by simply reposting them. I don't think
| they have targeted anyone in particular. If the things
| they repost are damning, they were damning in themselves.
| howinteresting wrote:
| I expect a full retraction and apology:
| https://news.ycombinator.com/item?id=36700969
| srveale wrote:
| > I don't think they have targeted anyone in particular.
|
| Then maybe research before commenting? They do this
| regularly.
|
| > If the things they repost are damning, they were
| damning in themselves.
|
| The whole context of the account is to "damn" the things
| they are posting. Sure, if you pick one of their posts at
| random it'll probably be something that 99% of people
| agree is wacky, but come on. They have inflammatory
| commentary, they target specific people, organizations,
| and groups, they know they influence politics and society
| and are proud of it. If you need me to, I can spend the
| time to prove all that, but it's all to say that yes,
| they are a good example of a social media account to use
| in OP's article.
| cubefox wrote:
| The OP article makes it sound as if they are immorally
| harassing people, not what they are actually doing, at
| least mainly: exposing things which are damning in
| themselves.
|
| An analogy: They raise awareness about far-left excesses
| in a similar way in which the media likes to raise
| awareness about far-right excesses.
| [deleted]
| mrguyorama wrote:
| What is it that right wing people like to point out about
| how they interpret section 230?
|
| Choosing what to post is editorializing.
| joiqj wrote:
| Some people think they are above everyone else and that others
| should not be able to scorn their behaviour.
| jahewson wrote:
| Claiming control over information that you've made publicly
| available is nothing but claiming control over other people.
| dahwolf wrote:
| My prediction on how this goes down...
|
| Meta has zero interest in ActivityPub or the Fediverse, a tiny
| speckle of users hostile to them. In less than a week, they've
| created an "instance" 50 times the size of all of Mastodon and
| the rest of the fediverse combined. The projection/goal is to
| grow towards 1B MAU, which would make it 500 times larger than
| all of the rest of the fediverse.
|
| Why would Meta possibly care about this tiny group of misfits?
| The only reason I can think of is to give legislators the idea
| that they are "doing good".
|
| Say it is done, and we have this Threads cosmos-sized instance.
| Tiny vocal Mastodon instances will defederate out of principle,
| and nobody cares. Because they are anti-growth anyway, they
| object to anything.
|
| Larger Mastodon instances will consider federating but will then
| find out Threads will only do this under conditions. You have to
| serve ads, have to comply with a moderation policy, treat user
| data in a certain way. You effectively work for Meta now, but
| unpaid.
|
| Then you turn the thing on and the flood gates open. The first
| thing you'll notice is your bankruptcy as your few tens of
| thousands of users now having follow access to a billion users,
| including very active and popular ones, spiking your infra. 10x?
| 100x? Who knows? And what about storage? Yesterday I've read how
| a mid-sized Mastodon instance (few thousand users) was adding 1GB
| of media storage every 15 mins. Do that times a 100 (or 1,000) as
| well. Your moderation inbox...well, good luck.
|
| This entire thing isn't going to work, at all.
| no_wizard wrote:
| I wonder if they'll surprise us all a little and allow people
| to create - tightly controlled mind you - personalized fedi
| instances for things like "fan experience", but from the
| Threads app perspective it allows you to jump "portal to
| portal" if you will, without leaving the app, so it feels
| seamless. This would open other monetization verticals for Meta
| via platform creators etc. It'd also give you data carve outs
| that let Meta see what the most popular verticals are and they
| can sell specialized targeted ads against that, which would
| likely fetch a bigger premium and provide more useful
| analytics.
|
| Also worth consideration: They could federate your Facebook
| feed in the future too.
|
| It may not be so much supporting the protocol from the outside
| as its worth doing from the "inside".
|
| EDIT: I'm not talking about full blown customization here, just
| enough that allows creators to make their direct profile feed
| look different from the standard app, maybe have targeted links
| or a special background color etc. Simple but differentiating
| things.
| giancarlostoro wrote:
| I know the main image in the article claims Meta scraped their
| posts and updated their profile, but is it not feasible they used
| the same email address or phone number they use on IG / FB and
| Meta just filled in the missing blanks using information they
| have already? Which mind you, Facebook buying IG was under the
| premise that they would NOT merge IG and FB, but they've been
| doing that for a while now, they are arguably already merged to
| the hip.
| dahwolf wrote:
| As the crypto industry discovered: the paradox of
| decentralization is that every downside it has can only be solved
| in a centralized way.
|
| You can't have perfect privacy in a system that has the exact
| opposite goal: federation. It means your data spreads by design
| and enforcement of any privacy-preserving feature is optional per
| instance.
|
| The very loud minority on Mastodon that obsesses over safety has
| picked the wrong software. They should have just created a
| Telegram group.
| notatoad wrote:
| >Mastodon (and most other fediverse software) wasn't designed
| with privacy and user safety in mind
|
| this is the real problem. Mastodon and lemmy share way more
| information than they actually need to (like lemmy shares a list
| of usernames who upvoted or downvoted a post, not just a count),
| and if you're using one of those services you should expect that
| all your data and interactions are public. that's the actual
| threat here, not the possibility that facebook might suck up that
| data. Blocking Threads from federating is just a short-term patch
| over mastodon's bad privacy controls.
| brianolson wrote:
| ActivityPub has been ignoring privacy since at least 2017
| https://github.com/w3c/activitypub/issues/225
| chc wrote:
| To be clear, Twitter also shares the list of users who like a
| post, and people generally seem to view this as a good feature
| rather than an invasive one, so it makes sense that Mastodon
| implemented it as well.
| paxys wrote:
| > Blocking Threads from federating is just a short-term patch
| over mastodon's bad privacy controls.
|
| It's not a patch at all. Facebook (and literally anyone else)
| can still scrape or otherwise access that data in a hundred
| different ways. Blocking Threads is simply some server admins
| making an anti-Facebook statement, nothing more.
| Karrot_Kream wrote:
| Not justifying the design decision (which is bad IMO), but the
| reason upvotes and downvotes are shared is the nature of
| sending discrete events. I've been working on a Reddit like
| thing on top of Matrix and likewise I have to send upvote and
| downvote events, which means other clients that fetch events
| will fetch each upvote and downvote event and a malicious
| client can then track what individuals upvote and downvote.
|
| (I'm trying to play around with ways around this, like using a
| bot to instead publish aggregation events and making votes
| private, but it's an ongoing exploration.)
| [deleted]
| kazinator wrote:
| If ActivityPub and Mastodon were designed with privacy in mind,
| Facebook/Meta wouldn't touch it with ten foot pole.
| marcosdumay wrote:
| Hunting down your personal details and publishing them is a
| crime1, isn't it?
|
| 1 - I mean on the US where Meta really cares about. It's probably
| one on most countries where Meta has revenue, but that won't send
| anybody to jail.
| oldtownroad wrote:
| The story is almost certainly untrue or a misunderstanding.
| Facebook has no reason to scrape individuals personal
| information and then forcefully update their Facebook profile.
|
| There are various processes at Meta that do require
| identification to be submitted and in some cases that
| information will be published. For example, to be verified on
| Instagram you must have your name be published. Likewise,
| certain Facebook pages must publish their operators identities.
|
| Most likely the person in question submitted their identity
| documents to Facebook (perhaps their account got locked) and
| they didn't realise they were agreeing to that information
| being put on their profile.
|
| The concern is valid -- Facebook has information users might
| not want public -- but the cause isn't nefarious. Facebook is
| not finding an anonymous sex workers identity and then
| intentionally outing them.
| 1970-01-01 wrote:
| >Facebook is not finding an anonymous sex workers identity
| and then intentionally outing them.
|
| They are?
|
| https://www.thewrap.com/facebook-sex-workers-outed/
| pseudalopex wrote:
| > Facebook has no reason to scrape individuals personal
| information and then forcefully update their Facebook
| profile.
|
| Collecting personal information is central to Facebook's
| business model. Facebook's policies mandate legal names.
|
| > Most likely the person in question submitted their identity
| documents to Facebook
|
| Most likely this person would remember that.
|
| > The concern is valid -- Facebook has information users
| might not want public -- but the cause isn't nefarious.
|
| Surveillance capitalism and legal names policies are
| nefarious.
| tredre3 wrote:
| > Hunting down your personal details and publishing them is a
| crime1, isn't it?
|
| It's a crime to obtain public data published on a public
| network built on a public protocol explicitly designed to share
| data? Isn't that the whole raison-d'etre of mastodon?
| jeffbee wrote:
| [dead]
| soligern wrote:
| What an asinine concern. Don't want your data on threads? Don't
| use threads.
| jdp23 wrote:
| Did you even read the article? This is about data going to
| Threads from people who aren't on Threads.
| andybak wrote:
| I know replying with "did you actually read the article?" is
| explicitly forbidden on HN but is there an exception for cases
| where the person who didn't read the article uses a word like
| "asinine" in their dismissive reply?
| ajmurmann wrote:
| Isn't the exact concern here that people avoid Meta properties
| and for that reason chose Mastodon, but now Meta is sucking
| that data in?
|
| To me that still seems fairplay on a platform that's designed
| to be open and heralded that way. Not a opinion I hold strongly
| though.
| [deleted]
| ollien wrote:
| Even if you don't use Threads, when they eventually add
| ActivityPub support, Mastodon users' data will inevitably be
| harvested. Instance admins have been signing a pact[1] to
| defederate with Meta for this reason, in addition to the fact
| that they don't trust Meta to moderate their instance well
| enough for it to be safe to federate with.
|
| [1] https://fedipact.online/
| tick_tock_tick wrote:
| > when they eventually add ActivityPub support
|
| What does that have to do with anything? Mastodon is
| explicitly setup to allow all user data to be harvested. What
| Threads supports or doesn't support in the end has no bearing
| on Mastodon having all user data public.
| ollien wrote:
| I think you would agree that harvesting that information is
| far easier if it's being literally POST'd to your servers
| (which ActivityPub does) than if you're going out to scrape
| them, no? It's the same principle with defederation; either
| they're going to scrape all the data, or the data is going
| to be literally sent to their platform.
|
| The point is, the idea that "don't use threads" solves the
| problem being presented (your data being harvested), is
| wrong.
| kazinator wrote:
| Just like digital entertainment is set up to allow all
| movies and music to be downloaded for free!
|
| If you don't like it, just don't make movies or music.
| smoldesu wrote:
| This, but unironically. If you are uncomfortable with the
| idea of a zero-marginal-utility medium distributing your
| content without your consent, you probably shouldn't make
| and share digital copies of your work.
| robrtsql wrote:
| Thanks. I was going to point out that this was an existing
| problem in the Fediverse (there are instances that are
| 'unsafe' because they are either explicitly _for_ hate speech
| or just don't do enough to moderate it) and that the standard
| approach is to not federate with those instances, nor with
| any instance that chooses to federate with them. It's not
| universally popular (some people don't like the idea of
| 'guilt by federation') but it's necessary if your goal is to
| prevent your users from coming into contact with nazis.
| PaulHoule wrote:
| I find it hard to believe they are really going to join the
| Fedi. With 100 million users on Threads and maybe 2 million
| on the Fedi, how could Meta possibly benefit? Federating
| could bring them trouble but no benefit.
| notatoad wrote:
| The EU digital markets act will require "gatekeepers" like
| meta to provide some form of interoperability or open
| access. Supporting activitypub would be a way to satisfy
| that requirement.
| PaulHoule wrote:
| But Mastodon can't possibly comply with GDPR the way it
| is organized. I mean Heavens you can use it without
| clicking on a cookie popup, they probably owe $70 billion
| dollars just for all the people who haven't seen a cookie
| popup already.
| countrpt wrote:
| It doesn't need a cookie popup because they aren't using
| cookies for non-essential reasons, similar to how it
| complies with GDPR because they aren't collecting any
| data beyond what is necessary for the service's stated
| purpose.
| notatoad wrote:
| I'm assuming this is the point. Facebook can get around
| things like requests for deletion under the GDPR by
| sending that data out to the fediverse, and then reading
| it back in from the fediverse after they've deleted it.
|
| and when the EU complains, they get to throw their hands
| in the air and say "yeah, you made us do it"
| ollien wrote:
| I could definitely see a benefit for them from a
| legislative perspective. By federating with other networks,
| they're able to signal to lawmakers that they're not
| _really_ a monopoly, they're willing to pay-ball with
| others.
|
| Also, isn't the 100M user figure disputed, because it's
| counting existing Instagram users or some such?
| PaulHoule wrote:
| It is real sign ups but it is very easy to sign up. Just
| because you signed up doesn't mean you're going to use it
| regularly.
| smoldesu wrote:
| What stops them from harvesting Mastodon users' data after
| they're defederated?
| ollien wrote:
| I mean, I guess nothing, they could absolutely still scrape
| data, but that's much more likely to be noticed (rather
| than sucking in data as part of product functionality), and
| is a higher barrier to entry.
| [deleted]
| Falell wrote:
| The article shows that federation delivers data to Meta even if
| you personally don't use Threads, but I agree with your point.
|
| If you want to control distribution of your data, don't join a
| federation designed to distribute data. Trying to blacklist
| nodes in a graph that you don't control is not a solution.
|
| Information wants to be free, if you post something to a social
| graph assume everyone in the graph can see it forever.
| zimpenfish wrote:
| Specifically addressed in the article.
|
| "Even if I only make followers-only posts, which aren't public
| and can't be boosted, if somebody who's following me replies,
| any of their followers on Threads will see my account name and
| instance" and also "If somebody on another instance who follows
| me boosts one of my public or unlisted posts, people on Threads
| who are following them may be able to see everything I've said
| in the post"
| nickthegreek wrote:
| Isnt this a core way that ActivityPub works though? Like this
| isn't a Meta issue. It is the technical functionality of the
| protocol these federated services are built on. If you
| transmit data using the AP protocol, your content isnt
| private.
| kgwxd wrote:
| Meh, I'm posting on a public forum, I don't consider any of it
| private. Anyway, they're not going to do the Fediverse, I'm 100%
| positive at this point. There is no benefit to them anymore.
| Nobody wants them there, and their target user doesn't want the
| complications inherent to the system. I love Mastodon and Lemmy
| specifically for these reasons. Go there. Forget this nonsense.
| It's a beautiful place to be.
| sureglymop wrote:
| I want it to be blocked for a different reason. The fediverse has
| always been small enough that the content is "underground" and
| interesting. Some of the people on there are weird or completely
| different than me and that's what makes them so interesting.
| That's not the case on something like Twitter and Instagram. Good
| and actually interesting content is drowned out between your
| average tweets and posts about nothing at all. Or all the content
| sucks and is there for the sake of exposure, likes, clicks etc.
| But I don't want mastodon to be overrun by 100M users'
| uninteresting content! I don't even want them in the replies of
| posts. Mastodon has consistently been great before this while
| Twitter fiasco. I wish it never happened, I don't want the space
| I have liked for years to change and be ruined. Maybe an apt
| analogy would be the difference between Marginalia and Google as
| search engines. Why would one want the interesting underground
| search engine to be filled with SEO spam and ads?
| jazzyjackson wrote:
| You know what, you've convinced me. I've been rooting for some
| kind of society-at-large network to succeed at federation (I
| was so optimistic I tried bitclout, and more recently bluesky.
| Both want to be a single global database to send money or to
| index hashtags and blocklists globally)
|
| I really believed that discoverability is king, and I should
| just be able to search a global graph of user profiles and read
| everything that everyone has ever said, but you're right,
| there's a lot of conversations that don't happen in public, and
| not everyone wants to be "discoverable".
|
| So I think there's a case to embrace the balkanization of
| social media, and go back to having separate identities to be a
| part of each phpbb we signed up to. Going to different domains
| to talk to different groups of people makes sense, and we can
| have the modicum of privacy offered by a semi-private chat
| server like discord, so that your messages don't get indexed by
| google and archived forever. (Obviously discord retains all the
| message logs, DMs included, but at least its not publically
| searchable)
|
| And global social media is always going to suffer eternal
| september. Smaller, unfederated chat communities is a probably
| a much healthier approach to social media than whatever it is
| we've been doing the last decade of meta-gramming
| strogonoff wrote:
| ActivityPub has a problem of laying all data out, nicely
| structured, just waiting to be scraped and mined and machine-
| processed, in perpetuity by default, as if it was something
| people inherently need when communicating. Is it, though?
|
| It does look like something idealistically-minded early techies
| would justifiably find really cool.
|
| It may indeed be desirable for, say, Dutch government (and
| perhaps any government that wants to be transparent).
|
| However, I'd argue it may be from suboptimal to harmful for
| regular people.
|
| Regular people may have to worry about future governments, which
| may or may not end up less transparent to hostile towards them,
| as well as other powerful adversaries. Regular people may want to
| be careful and value features like transience, privacy, and
| plausible deniability.
|
| Perhaps we can do better and come up with a protocol that
| combines openness and those values. Whether Facebook enters the
| Fediverse with its new product or not, ActivityPub in its current
| shape and implementation seems to be a liability.
| dahwolf wrote:
| Indeed, and I extend this problem to any data of any value. The
| more semantically you describe it, the more pathways you create
| for abuse.
| ilyt wrote:
| _shrug_ not having API didn 't stop anyone before that.
|
| And "I want random people to see my social stuff (cos I yearn
| for attention) but not that particular person/corporation" is
| unsolvable problem
| strogonoff wrote:
| Bug-free software is unsolvable, but it does not mean we
| should stop trying to avoid bugs, that'd be just silly.
|
| If _fully precluding_ public and private intelligence is
| infeasible, that does not mean we should be using a protocol
| that in many ways _is optimised_ for public and private
| intelligence.
|
| Privacy, like many things, is a spectrum.
| xg15 wrote:
| I'm with you if you want to keep the API but put them
| behind stronger authorisation requirements, i.e. what
| "authorized fetch" seems to be for.
|
| I absolutely disagree if you want to keep the data public
| but make it "harder to scrape", i.e. remove all APIs bury
| it in some annoying HTML/Javascript mess.
|
| That would absolutely punish the wrong players: Having an
| API which allows easy access to structured data allows all
| kinds of desirable usecases, such as being able to use
| whatever client you like.
|
| In contrast, the big players who are interested in tracking
| the entire userbase already have enough experience in
| building robust scrapers - they won't be deterred by a
| closed-down API.
| Aaronstotle wrote:
| Don't have public accounts on a platform if you are concerned
| about privacy. Don't use threads, don't use Mastadon.
| kazinator wrote:
| Don't go outside if you're concerned about bullies.
| Aaronstotle wrote:
| Meta makes their money through advertising, they do
| everything in their power to profile and track you so they
| can serve up relevant ads.
|
| The issues in the article are related to how
| ActivityPub/Mastadon work, if you are concerned by privacy
| issues, don't use Meta.
|
| Meta is guaranteed to erode your privacy, being outside
| doesn't come with a guarantee of being bullied.
| foderking wrote:
| unironically
| dabedee wrote:
| This reminds me of the "embrace, extend, extinguish" strategies
| Microsoft used extensively with Linux and open source software in
| the 90s. From [1]: "a phrase that the U.S. Department of Justice
| found that was used internally by Microsoft to describe its
| strategy for entering product categories involving widely used
| standards, extending those standards with proprietary
| capabilities, and then using those differences in order to
| strongly disadvantage its competitors."
|
| [1]
| https://en.m.wikipedia.org/wiki/Embrace,_extend,_and_extingu...
| briffle wrote:
| remember the glory days when both google chat and facebook chat
| used XMPP (jabber?) and you could chat with people with any
| client you wanted.. (ahh, i miss pidgin). that lasted until
| they had 'converted' enough users to their systems to then
| close off all connections and make a walled garden.
|
| I assume they will do the same with the ActivityPub
| compatibility. I don't see it as a permanent plan.
| jdp23 wrote:
| There's a lot of discussion about that! Here's a very good
| article on the EEE threat. https://ploum.net/2023-06-23-how-to-
| kill-decentralised-netwo...
|
| Personally I think it's more an "embrace, extend, and exploit"
| approach; a decentralized model could work well for Meta, for
| example if they do revenue-sharing on ads hosted by other
| instances (think Disney or LA Lakers).
|
| Update: here's another good article looking at how Meta could
| embrace and extend -- again, not extinguish.
| https://darnell.day/heavy-meta-four-business-reasons-why-ins...
| drdaeman wrote:
| In my personal (subjective) opinion, XMPP died because of
| entirely different primary reason: it, by design, had trouble
| working on mobile devices. Keeping the connection was either
| battery-expensive or outright impossible, and using OS native
| push notifications had significant barriers. At the very
| least, that's why I stopped.
|
| It's not like Google had "extinguished" anything, it's more
| like the "largest server went uncooperative and removed
| themselves". Sucked for people who were able to chat before
| and got separated, but I disagree with painting this as some
| sort of fatal blow.
|
| I don't think there's some statistics on reasons why people
| stopped using XMPP, but I don't believe Google is the reason
| for it. I'd speculate that it just coincided with the
| beginning of the smartphone era and this whole "Google killed
| XMPP" is a convenient myth.
| xorcist wrote:
| It's more that there is more to a complicated story than
| that, but that Google dropped it when it did surely was
| important at the time. To put it the other way around, had
| Google continued to run a federated chat, Android would
| have had first class support in no time. The fact that
| third party real time messaging never worked well in
| Android, and really bad in GApps, is related to this
| decision.
| smoldesu wrote:
| As many others have said before, this isn't very likely to
| happen for many of the reasons it never happened with the web
| or Linux.
|
| - ActivityPub is an open protocol. If Meta goes all-in on it,
| they'll be implementing a transparent spec everyone knows.
| Modifying that would send obvious shockwaves through the
| network and signal their non-cooperation. There isn't a covert
| way for them to really try this.
|
| - Mastodon itself is AGPL licensed, meaning any Meta fork (for
| whatever reason) would be subject to "provide the source code
| of the modified version running there to the users of that
| server. Therefore, public use of a modified version, on a
| publicly accessible server, gives the public access to the
| source code of the modified version."[0]
|
| - Meta has no reason to. If they decide the app is sufficiently
| popular without ActivityPub integration, then things return to
| the status-quo for Mastodon. Meta loses what little control
| they had over the direction of the
| standard/protocol/applications and nothing really changes.
|
| [0] https://www.gnu.org/licenses/agpl-3.0.html
| vidarh wrote:
| There's no reason for Meta to use Mastodon in order to
| federate, so I don't see why the license of Mastodon is
| relevant.
| smoldesu wrote:
| Then there's nothing for them to extend or extinguish. If
| they're not able to manipulate the client and they can only
| control the content on their own server, what leverage does
| Meta have to extinguish the fediverse?
| vidarh wrote:
| They can potentially try to make changes to the protocol,
| and try to leverage their users numbers to force people
| to accept it. I think, though, that they'll find that a
| lot of us are stubborn and don't like them and will not
| react well to that.
| bobthecowboy wrote:
| It doesn't have to be a technical strategy, but a UX path to
| EEE.
|
| I've been thinking about this in terms of Lemmy (also built
| on ActivityPub), which I understand isn't currently on the
| table for interop (but if Facebook is after Twitter's lunch,
| why shouldn't they be after Reddit's). It could even be the
| same application - Kbin is another AP service which has
| separate tabs for "link aggregation" and "microblogging"
| (Reddit and Twitter, respectively).
|
| With Lemmy, the way a large corp could come in and push it
| around is by simply creating it's own version of the top 100
| (or N, whatever) communities, and automatically subscribing
| users into them based on their interests (already known, due
| to existing accounts/profiles elsewhere). c/linux on lemmy.ml
| has ~6k subscribers, and is the largest Linux community on
| Lemmy, afaict. It's not unreasonable to think a large corp
| willing to pull in its existing userbase couldn't increase
| that by an order of magnitude in very short order. Overnight,
| those communities become _the_ place where conversations are
| happening on those topics (maybe even with some pre-seeded
| content) and the existing lemmy communities stagnate.
|
| Fast forward a while and one day BigCorp decides to pull the
| plug. Existing non-BigCorp Lemmy users are now separated from
| the communities they've been in and need to create BigCorp
| accounts. You could argue that those non-BigCorp Lemmy users
| are no worse off than they are pre-BigCorp-federation, but
| they're effectively migrating their communities all over
| again.
|
| As far as why, I think it's pretty invaluable for Facebook
| to:
|
| 1) appear to be "playing ball" from a regulatory aspect 2)
| eat a competitor's lunch 3) control a (potentially!) up and
| coming federated service
| [deleted]
| linusg789 wrote:
| "Privacy" and "fediverse" are like water and oil: they don't mix.
|
| Meta would have no more (extra) access to Fedi posts than an
| large Mastodon instance like Mastodon.social would have.
| Modified3019 wrote:
| https://news.yahoo.com/teen-mom-plead-guilty-abortion-230802...
|
| >A Nebraska woman has pleaded guilty to helping her daughter have
| a medication abortion last year. The legal proceeding against her
| hinged on Facebook's decision to provide authorities with private
| messages between that mother and her 17-year-old daughter
| discussing the latter's plans to terminate her pregnancy.
|
| If you have information you don't want others to know, then don't
| tell your secrets to a multi-billion dollar pseudo-governmental
| organization that has even less data collection protections than
| the governments it serves. There's more you should do, but that's
| a big one.
| jeroenhd wrote:
| If you have secrets at all, don't send them through any
| ActivityPub conversation.
|
| People on Mastodon make this mistake quite often, tagging
| someone they're talking about, or realising that the person
| they tagged now receives a copy of their conversation.
|
| This is a massive issue on top of the lack of end to end
| encryption. Both servers receive plaintext copies of the
| messages exchanged. I'm sure mastohub.ai is a safe server, but
| how can you be sure they'll never be bought out or hacked?
|
| If you want to federate and share secrets, try something like
| Matrix or XMPP. They make it significantly more difficult to
| read your messages.
| jdp23 wrote:
| That's true -- and my more detailed threat modeling post has
| a big public service announcement saying "don't share
| information on the fediverse that you want to keep secret" --
| but there's a lot of information that's not "secret" that
| people do want to share on social networks.
|
| https://privacy.thenexus.today/fediverse-threat-modeling-
| pri...
| em-bee wrote:
| this is also what always bothered me about twitter. some
| friends of mine has absolutely private conversations on their
| public twitter feeds (nothing sensitive but stuff like
| sharing shopping lists). my fear always was that if i join
| twitter they would use it for private conversations with me
| insteads of using email or something else that isn't public
| for everyone.
| HideousKojima wrote:
| [flagged]
| isoprophlex wrote:
| Please take your inflammatory language somewhere else.
| s1artibartfast wrote:
| [flagged]
| dathinab wrote:
| > If you have information you don't want others to know, then
| don't tell your secrets to a multi-billion dollar pseudo-
| governmental organization that has even less data collection
| protections than the governments it serves.
|
| that's such a naive egoistic apathetic world view it baffles me
|
| sometimes I wonder if posting stuff like that just don't
| understand how humans and societies work, or just don't care
| because "they know better".
| s1artibartfast wrote:
| What a terrible article. Well relevant to the discussion of
| data privacy, it completely misconstrues the case. This
| Behavior would have been illegal against under the row standard
| as well given that the team was more than 7 months pregnant and
| the two attempted to incinerate the body to destroy evidence
| watwut wrote:
| I mean yeah, but also, the actual fault is on the side of
| people who literally voted for this. And campaigned for this.
| And spend years trying to put the right people on supreme court
| so that this happens.
| [deleted]
| Pxtl wrote:
| tl;dr:
|
| Things you post publicly are public.
| dsr_ wrote:
| I don't think Meta is ever going to federate in the first place.
|
| What would they gain?
| 1970-01-01 wrote:
| The best way to handle it is to make a "minimum viable" account
| and do absolutely nothing with it, ever, except login and logout
| annually. Set up a spam filter to trash every single notice from
| the company.
| nemacol wrote:
| Can you help me understand why this is preferable to never
| joining in the first place? What is the goal? Controlling the
| entry for my email/auth of choice?
| 1970-01-01 wrote:
| It is a mitigation for identity theft and slander.
|
| https://news.ycombinator.com/item?id=26931894
| paxys wrote:
| A lot of privacy problems (including every single one raised in
| that article) will be solved by just not posting your personal
| business on social media, but people are somehow unwilling or
| unable to accept it.
|
| If you post incriminating content on a Mastodon server it is
| still out there whether Facebook can officially connect to it or
| not. It is archived forever out of your control. The server owner
| can be subpoenaed. Anyone can scrape the website, take a
| screenshot, or share it in a hundred different ways. Regardless
| of what pseudonym you use it can be tied to your real identity
| with 5 minutes of internet sleuthing.
|
| "Private" online social media is an oxymoron. If you put
| something out there in the world you don't get to control whose
| eyeballs land on it. Facebook isn't the problem, your
| expectations are.
| dahwolf wrote:
| It's even worse when you consider that others will put
| something about you out there. They willingly give up their
| contacts list (with you in it), when joining a network.
|
| A "friend" may make a photo of you as part of a social/work
| event and directly post it publicly.
|
| Even with no participation on your behalf, your real name,
| phone number, address and photo are out there.
| justincredible wrote:
| [dead]
| bobobob420 wrote:
| not a problem for 99.99 percent of people.
| seattle_spring wrote:
| So... Still a problem for 700,000 people. Got it
| bobobob420 wrote:
| the only problem is lack of critical thinking and
| victimization. You're joining a centralized netowrk its
| pretty obvious.
| andybak wrote:
| Isn't ActivityPub specifically about decentralisation?
| bobobob420 wrote:
| protocol to centralize decenteralized activity. The blog
| starts with an issue on facebooks centralization and then
| goes into issue on centralization on this decentralized
| network. It's all very stupid imo. Edit sorry for my
| spelling
| AndyMcConachie wrote:
| In theory it shouldn't be hard to block Threads. If they're only
| using one domain for all their users it's trivial to block it.
|
| But privacy is not the issue with Threads. The issue with Threads
| is that they're going to attempt to destroy the Fediverse through
| standard Embrace, Extend, Destroy tactics.
|
| You see this with Bluesky as well. The point is to interoperate
| when it's in your interests and then break interoperability when
| you have enough of the audience. Thus, thereby capturing the
| lion's share of the audience.
|
| Just wait. Threads will soon have a 'new feature' that only works
| with Threads and that does not work on other Fediverse nodes.
| Then they'll try and poison the standards bodies working on
| ActivityPub. They could increase the velocity of new 'features'
| to ActivityPub so fast that unpaid OSS developers couldn't keep
| up. Like Google and that cartel do with browsers. Eventually Meta
| and maybe a couple other large players will control the
| standards, or atleast make it obtuse enough to prevent new
| entrants. This playbook is tried and true.
| nologic01 wrote:
| This feels like irrational fear. The subversion of the original
| Web took decades to happen, a lot of complacency, lack of
| reflexes and the moral degeneration that allowed surveillance
| capitalism to become hugely profitable.
|
| For sure Meta cannot be trusted to be up to anything kosher
| especially since social media tech is close to the money
| spinning core of the Death Star.
|
| But what "stolen" audience are you worried about? The existing
| million or so fediverse users that will be lured back into the
| lethal embrace of the move-fast-and-break-things brigade?
| Future fediverse users that cant tell whether they are joining
| a surveillance apparatus or, e.g. their local community
| instance? Threads is currently cannibalising Instagram in the
| hope, pressumably, of grabbing some pieces from the decaying
| corpse of Twitter. All quite morbid affairs that dont have
| overlap with the migrants escaping to build a new life in the
| fediverse.
|
| The issue of subverting the fediverse standards is more serious
| - in principle. But the tangible threat is not clear (to me at
| least). E.g., the protocols are low level, minimum interop
| standard, they specify nothing about how server platforms can
| (ab)use their users. This is all down to implementations.
|
| In any case if you dont want corporate control of a standard
| make sure you dont take any corporate money and if they insist
| to join the fediverse party give them one vote like every other
| solo fediverse pioneer.
|
| The fediverse is being noticed. Thats a good thing. Savvy PR by
| fediversians could spin Meta's "interest" in the project to
| open doors that they could not dream of. Granted PR and
| marketing is not the fediverse's strong point. Its better this
| way even if it makes the job of adoption harder. But lets not
| get scared by shadows.
| [deleted]
| vinceguidry wrote:
| Every single comment on this story qualifies to be in "Shit
| HNer's say."
| shadowgovt wrote:
| The unfortunate thing about the Fediverse, relative to a
| (hypothetical) walled garden, is that this sort of information
| leaking is inevitable.
|
| Meta has the scale and scope to make it scary, but the point of
| the Fediverse is that it is federated, which implies some
| openness. If you're federated, you are publishing content to
| other people that they might do whatever they want with. That
| includes crawling it, storing it, indexing it, and building mass
| profiles. You can certainly protect yourself by blocking bad
| actors, but since the network is, well, a network, an aggressor
| that _wants_ your published data need only find access to a node
| you _do_ want to share with and copy from there.
|
| So you either default-close your data and choose very, very
| carefully who you federate your node to or... You don't put that
| data in the fediverse at all.
|
| (Contrasting to a walled garden, where monolithic control of the
| data storage and transfer means a single entity is responsible
| for where the data goes and can constrain at will. If someone's
| kicked off Facebook, they're _off_ Facebook; they have a single
| attack surface they have to reenter to get to that data, not
| O(nodes) they could make an account on to reach the data of
| someone who 'd rather not share it with them).
| Dma54rhs wrote:
| What's the point of joining a decentralized federated platform if
| you don't want other instances or people to see what you post?
|
| Meta scraping your name and doing other shenanigans is a
| different subject and obviously bad, but the rest is like
| complaining joining a public torrent tracker and being mad about
| leaking your ip address to its peers.
| itronitron wrote:
| If I take public transit to work should I be bothered by Uber
| posting my daily commute details?
| kazinator wrote:
| What's the point of joining a decentralized, open-source
| federated platform if you don't want Facebook to collect
| information about you and track you online, even though you
| aren't a Facebook user?
| hanniabu wrote:
| federated is not decentralized
| rcmjr wrote:
| Why do you think they aren't doing that now? Meta could
| easily do it.
| lkjdsklf wrote:
| if you're at all concerned about privacy, the fediverse is
| not for you.
|
| It is anti-privacy by design.
|
| Once you've posted something to it, you have absolutely no
| control over who has that data and what they do with it.
| That's the fundamental design of the system.
|
| Complaining about meta potentially ingesting all data from
| the fediverse comes off as a bit naive. Meta is the least of
| the privacy concerns on the fediverse. You at least know who
| they are and have legal recourse against them. Huge numbers
| of other consumers are not even known. Just look at the
| thousands of instances that have popped up. Many of which are
| just in joe bob's closet and god only knows how they protect
| the data.
| User23 wrote:
| > Once you've posted something to it, you have absolutely
| no control over who has that data and what they do with it.
| That's the fundamental design of the system.
|
| Welcome to the Internet. It's always been like that.
| w0m wrote:
| So you want the information to be free! But not free to
| _those_ guys over there. Ever so slightly hypocritical.
| klabb3 wrote:
| That's a bit of an overstatement. I can want an open
| neighborhood but still be creeped out when a neighbor puts
| up a camera facing my house.
|
| Systemic data collection and casual access aren't equal.
|
| That said, on these protocols you can't control it anyway,
| so it's not like you can stop it.
| MBCook wrote:
| But it's Mastodon. It's ALL posted online without a
| paywall.
|
| They could have been scraping it for years (if they
| cared) and you'd never know.
|
| Federating won't give them anything new except DMs to
| their users since those aren't encrypted.
|
| All the existing stuff you've posted publicly is already
| public.
| Dma54rhs wrote:
| As others have noted they are doing it anyway. Gmail accepts
| emails from ProtonMail despite "ideological differences" and
| vice-versa, otherwise it's destined to doom.
|
| If being separated from the mainstream internet is the
| reasoning then yeah sure, go ahead, but you also can't
| complain why no one besides fanatics is using alternatives
| when the alternatives are not worth using for the mainstream
| audience.
| mattl wrote:
| There was a post here from Drew DeVault a while ago on how
| they're rejecting all non-plaintext email.
|
| I see the situation as similar
| fsflover wrote:
| This is not a problem specific to
| Federation/ActivityPub/Mastodon.
| numpad0 wrote:
| And what's wrong about details on bunches of _whore_ - people
| engaged in the oldest professional occupation known to
| humanity, no less - scraped into Meta systems, as a
| _replica_? It'll end up in recording, representing,
| normalizing birth control as well as commercial sexwork and
| also current status and known issues around it.
|
| It's just Mastodon movement or whatever it calls itself don't
| want to be associated with shady corners of lower classes or
| the human society, despite there shouldn't be such classes
| and hidden areas in the first place, as in not trying to
| stigmatize, deny and nullify the fact that we're dirty
| animals, but in constructively removing negative aspects of
| life.
| mrguyorama wrote:
| Because famously, shining light on a community of people
| that are hated only results in that community becoming
| accepted.
|
| Please ignore the people who die and are harmed in the
| process.
| numpad0 wrote:
| yeah, segregation and gatekeeping wash clean, and feels
| great doing too.
| blitzar wrote:
| Threads doesnt need to exist for facebook to capture every
| post in the fediverse.
| Moldoteck wrote:
| They can collect all that info right now from that
| decentralized platform without integrating it in Threads
| crooked-v wrote:
| "Decentralized access for everyone, unless it gets popular enough
| that somebody actually wants to interop with it"
|
| I understand the Meta hate, but joining a very explicitly public
| and intentionally republishable service and then being unhappy
| that your data is public and intentionally republishable is
| bizarre to me.
| dnissley wrote:
| This reaction has shades of nimbyism: Yes we care about climate
| change + housing affordability + are in favor of increasing
| immigration. No we can't have those evil developers building
| big apartment buildings in my neighborhood! How dare you
| insinuate these things are related in any way!
| x3n0ph3n3 wrote:
| Just being pedantic, but none of that first sentence is
| requisite for NIMBYism. I know plenty of NIMBYs who disagree
| with the first sentence.
| ldehaan wrote:
| [dead]
| mrguyorama wrote:
| "You didn't invent the perfect solution so you aren't allowed
| to complain about the faults of your imperfect reality"
| turnsout wrote:
| Yeah, this article reads more like a critique of the way
| ActivityPub and Mastodon work. None of this is particular to
| Meta.
| PaulHoule wrote:
| The odd thing is that even the biggest fedi promoters don't
| seem to get it.
|
| I thought "mastodon.social" was based in Germany, heart of
| GDPR country but there is no consent theater, no harassment
| by cookie popups, certainly no controls over data.
|
| I really don't mind, but there is some serious cognitive
| dissonance there.
| Finnucane wrote:
| There's no consent theatre because mastodon isn't doing
| anything that requires consent under the GDPR.
| sunbum wrote:
| Because almost none of that is actually required if you are
| not collecting data outside of the actual usage of the
| application.
| PaulHoule wrote:
| People are documenting their own personal lives without
| any protections. You can delete your account and the
| system will circulate a polite notification that other
| servers _should_ delete that information.
|
| If you are a "sexworker" (sic) and you doxx yourself
| tough luck.
|
| If you reveal your mental illness through the things you
| write about and the language patterns you use tough luck.
| (Pro tip: machine learning algorithms can read your
| social media posts and psychodiagnose you better than the
| psychiatric nurse practitioner you'll struggle to get an
| appointment with.)
|
| People get these spams inviting them to play games where
| they ask questions trying to gather their answers to
| break into their bank account such as "What was the name
| of your first pet?" Even if you didn't have a tendency to
| be paranoid maybe you should.
| chc wrote:
| What does any of what you just said have to do with GDPR
| requirements?
| PaulHoule wrote:
| If this is right
|
| https://github.com/mastodon/mastodon/issues/7280#issuecom
| men...
|
| #1 is "consent theater" which I am not noticing, maybe I
| missed it. Even if I give consent to one server am I
| really giving consent to any other server? Can any other
| server be bound to my agreement with the first server? #2
| is a "polite request" and not a guaranteed property of
| the platform. #3 seems to be satisfied.
| numpad0 wrote:
| Fedi promoters are traumatized from Mastodon explosion of
| late 2010s that forced them into picking either of
| revolustionist-terrorist or anime-loli or trans-furry
| factions to support, of which the last one is the only
| less-than-seriously-considering-self-harm choice for most.
| It still must be full pain and giant source for self
| contradiction.
| the_gipsy wrote:
| They're not unhappy about their data being intentionally
| republishable. C'mon. On the contrary, they are saying that
| when the product gets successful, they will pull the rug. Like
| facebook did before, and like twitter did with the API and now
| again.
| dahwolf wrote:
| Pulling the rug is a daily event in the Fediverse itself.
| dnissley wrote:
| Even if this happens it won't make any difference to how
| these instances operate, will it? It'll just reduce traffic
| to them, right?
| chc wrote:
| In the same sense that Google didn't largely kill off the
| RSS ecosystem with Google Reader and Microsoft didn't
| stagnate the browser ecosystem for a decade with Internet
| Explorer, sure.
| dnissley wrote:
| The death of RSS preceded the death of Google Reader, no?
| (Although it may have hastened the last act of it's
| death.) Not sure I understand the comparison to IE.
| mrguyorama wrote:
| People are complaining that facebook is, intentionally or
| otherwise, going to suffocate the baby in the crib, before
| it has a chance to grow. If you provide a way to see
| mastadon content without actually doing the work of joining
| mastadon, nobody will join mastadon except the people who
| have strong ideological reasons to join mastadon, which
| accelerates the problem.
|
| It's the same effect as any platform that tries "free
| speech" invariably becomes a nazi echo chamber, because the
| only people who WANT to use the less popular system are
| those that CAN'T or REALLY REALLY REALLY cling to their
| ideology.
| dahwolf wrote:
| The original idea of having many small-sized instances is
| already failing, also without Meta. Small instances are
| unreliable (they quit/shutdown), have major sync issues
| (not seeing all replies, boosts etc) and have a tendency
| for too restrictive moderation and defederation.
|
| So indeed, most people (normies) will naturally flow
| towards larger and more mainstream instances. It's
| already tilting in that direction and actively encouraged
| in the signup process.
|
| As these instances grow, they will simply have more
| disagreeable posts (from the perspective of the
| ideological instances) leading to even more defederation,
| hence the split will become ever harder over time.
| GeekyBear wrote:
| > joining a very explicitly public and intentionally
| republishable service and then being unhappy that your data is
| public
|
| Comparing the sheer amount of data that Meta/Facebook vacuums
| up to the privacy practices of similar apps is instructive.
|
| https://www.wired.com/story/meta-twitter-threads-bluesky-spi...
| Nextgrid wrote:
| IMO the problem with Facebook is the _private_ data they
| vacuum. If you publicly post the data on an open network, I
| see no problem with them taking it.
|
| In practical terms, Facebook is actually quite tame compared
| to any other malicious actor who can get the same data. FB
| just wants it for ads and processes it in aggregate (most is
| never seen by a human), while other malicious actors might
| actually target you personally.
|
| The main issue is that you shouldn't post anything on a
| public, unauthenticated network that you wouldn't want
| random, potentially-hostile actors to see.
| dmonitor wrote:
| This feels like another instance of seeking a technical
| solution to a legal problem
| pseudalopex wrote:
| People seek mitigations to problems when solutions are not
| available.
| fossuser wrote:
| I think for a lot of mastodon users it's more about being part
| of a specific ideologically aligned in-group than it is about
| anything else (this post touches on a lot of stuff that makes
| overtures to that).
|
| The irony to me is that any chance of relevance for a protocol
| is obviously going to need big players like meta to sign up
| (and that's a good thing for the protocol).
|
| A weird set of circumstances might have aligned where meta sees
| an advantage in being part of a federated protocol to
| commoditize a threat to themselves (twitter, bluesky, etc.) and
| still hold a dominant position in quality of the end user
| clients (which is the only thing 99% of users care about).
|
| It's a little funny a lot of the mastodon hosts are up in arms
| about this, but not that surprising when considering what
| they're actually getting out of being part of it (the identity
| stuff that comes along with being a mastodon user).
|
| I'd guess similar stuff was said during the eternal september
| era of the web itself - simply being an internet user was no
| longer an identity that meant something culturally specific.
| [deleted]
| ipaddr wrote:
| Thread users are today's aol users. Better to keep them out
| of areas where real conversations happen
| dbfx wrote:
| Then I fail to see the issue since "real conversations"
| aren't happening on the fediverse either.
| nemo44x wrote:
| There's dozens of real conversations happening. Dozens!
| treyd wrote:
| What do you mean by this? There's over a million active
| users including quite a few high profile people like Cory
| Doctorow.
| turnsout wrote:
| You are 100% right that Threads users are today's AOL
| users, and _that 's a good thing._ If Threads actually
| federates, it will be another Eternal September [0], and we
| need that for ActivityPub to truly thrive.
|
| [0]: https://en.wikipedia.org/wiki/Eternal_September
| JPws_Prntr_Fngr wrote:
| Surely you, Foss User, are aware that FB et al don't just
| "republish" your voluntarily published info as per GP - they
| doggedly track you around the internet and the physical
| world, 24/7, without consent, storing, profiling, and
| reselling you to advertisers.
|
| Example: download the supposedly privacy-focused app pCloud
| on your iPhone, start it up, and check what IPs it's hitting.
| That's right, it's hitting _facebook tracking servers_.
|
| This is not a tribal ingroup club thing. It's a "fuck off,
| megacorps" thing.
| jchw wrote:
| I wonder if all of this hoopla over Meta joining the Fediverse is
| even justified. If Meta wanted to suck up all of that data right
| now, they could do that without creating an entire social network
| to do so, by literally grabbing it from the source, where it is
| publicly available, and they can do this with basically no fear
| of ever getting called on it. By merely federating with and
| supporting ActivityPub, all they do is make it reciprocal, and
| opt-in, at least from our PoV.
|
| The real risk here in my opinion is the influence that Threads
| could have over the Fediverse indirectly. What if they become an
| integral part of it and threaten to leave, or just leave? What if
| they become the defacto censor of what instances you can federate
| with, by virtue of cutting off anyone that doesn't defederate
| certain instances? Etc, etc.
|
| The privacy concerns, while they hold some validity, are a little
| bit moot for people who weren't going to consider using Threads
| in the first place. Google hoovers up all of this data already if
| only indirectly, and nobody seems to bat an eye.
| nottorp wrote:
| 'I had a FB account as Mistress Matisse, but FB scraped my legal
| name from somewhere else and then changed my displayed NAME on my
| account without notice/consent.'
|
| Who gave FB permission to conflate two different identities?
| mrguyorama wrote:
| The legal right for a private entity to do most things to its
| private property.
|
| The law says they don't need permission to do something like
| that, regardless of any morality or decency issues that causes.
| The law is often not aligned with morality.
|
| Most people seem to not really _get_ this, even when they
| objectively know it, or are otherwise unable to imagine what
| could go wrong, because doing so basically requires you to be
| the unhealthy kind of imaginative and paranoid. "What if
| facebook doxxes me and changes my display name" SEEMS like it
| should be an insane paranoia, because the human brain isn't
| equipped to handle extremes of scale and bureaucracy like this.
| gidam wrote:
| probably in their TOS, where they give themself right to do
| anything.
| raymondgh wrote:
| I'm surprised that a followers-only post's author's information
| would be available to followers of original author's followers. I
| would think that a non-public discussion started by one account
| should be nonexistent to anyone without access to follow that
| account.
| dahwolf wrote:
| The sex worker real name reveal has to be bullshit.
|
| I'm quite convinced that Meta actually does have the real name of
| most of us as well as the ability to link it to other accounts.
| But the idea that Meta would willingly reveal this without the
| user's consent means a planet-scale doxxing event. It could lead
| to actual deaths in the real world, and they would be legally
| crushed.
|
| What is far more likely to have happened is that the user had an
| Instagram account with their real name and used that to log
| in/sign up to Threads. There is no stand-alone account on Threads
| currently.
| charcircuit wrote:
| My guess is that she was breaking Facebook's real name policy
| by using a fake name on her main profile. It seems plausible
| that Facebook would update someone's main profile to their real
| name.
| chrisnight wrote:
| The problem I see with Threads isn't what Meta will do with
| fediverse data, it's the power they have with owning 97% of the
| entire fediverse network [1].
|
| Embrace, Extend, Extinguish. Owning the vast majority of the
| fediverse userbase will cause them to have a large amount of
| power to compel users or servers to do whatever they want. What
| do you do when Facebook implements a new feature and all of your
| followers complain that your using a Mastodon server instead of
| joining Threads that has this feature they want? You either go
| against your entire community or let Meta takeover your account.
|
| As such, the resolution is to not let anyone have this much
| power. It being Meta makes it easier to hate on them, but no
| single server should own the vast majority of the network, let
| alone (100M / (100M + 2M + 1M)) = 97% of it [1].
|
| [1] Threads has 100M users and is rising fast, Mastodon was
| recently stated to have 2M active users, the rest of the
| fediverse can be estimated to be, say, 1M. As such, Threads has
| about 97% of the userbase.
| ajross wrote:
| Threads is still way behind Twitter, though, which doesn't even
| federate with Mastodon and never did. If that's your complaint,
| why wasn't it doubly or triply so with the last corporate
| overlord? "Don't use that silly Mastodon thing, everyone is on
| Twitter" is, in fact, the way the world has worked for the
| whole lifetime of Mastodon.
| chrisnight wrote:
| > If that's your complaint, why wasn't it doubly or triply so
| with the last corporate overlord?
|
| I'll interpret this to mean "If the problem is that Threads
| owns the majority of the userbase, why didn't you complain
| about Twitter owning the majority of the userbase?"
|
| I'll reply to that as: Mastodon users did. That's why they
| used Mastodon in the first place, because they felt too much
| power was controlled in a single entity, so they complained
| and moved.
|
| In terms of actions to take, what power was there with
| Twitter that Mastodon users did not exert? With Threads,
| Mastodon server owners have the power to defederate and block
| Threads trying to intermingle with their userbase. With
| Twitter, Mastodon users were the ones with the power to
| publicly disclose their Mastodon account and tell users to
| follow them on there.
|
| In each instance, Mastodon users are doing what they can to
| reduce corporate overlords from having power over as many
| people as possible. Even if Threads is more centralized
| because of other instances defederating with it, the overall
| reach of Meta is reduced.
| Karrot_Kream wrote:
| The fact that Threads has a much larger userbase than
| Mastodon already means that they won't ever really feel
| threatened by it. The stated reasons why GChat and Facebook
| Messenger eventually defederated is that it was hard to
| keep scaling the platform while speaking XMPP, but the
| unstated reasons were that Messenger and GChat at the time
| were still very much niche technologies that were jockeying
| for marketshare in a crowded space.
|
| This time around Threads is already an order-of-magnitude
| larger than the existing Mastodon Fediverse. Moreover, now
| Meta has a diverse array of different social products, so
| there isn't as much pressure on any one product to succeed.
| If Threads ends up in a dominant position in the threaded-
| text social network world, that already nets them more
| users and more opportunities for ad revenue, which they can
| collect revenue aside their existing properties of
| Facebook, Instagram, and WhatsApp. On the other hand,
| interoperating with the Fediverse allows them to be
| opinionated about what kind of content they allow on their
| network (e.g. if you're posting from Threads, you can't
| post sexually explicit content) which can keep them
| advertiser friendly, while offering a relief valve for the
| loud minority that will want content disallowed by Meta's
| content policies. It's a win-win really.
| charcircuit wrote:
| >Owning the vast majority of the fediverse userbase will cause
| them to have a large amount of power to compel users or servers
| to do whatever they want
|
| Mastodon already did this to ActivityPub. Extending open
| protocols is important else people will stop using them in
| order to accomplish building what they want.
| FinnKuhn wrote:
| I don't think you can really compare total users (how many
| people have created an account) and active users (how many
| people actually use the platform).
| stormbrew wrote:
| Threads has 100m _total users_ (that number is based on userid
| badges on Instagram afaik).
|
| The fediverse has somewhere around 10-13m total users, about
| 8-10m of those are on the main Mastodon network, and around
| 2-4m MAU. It's hard to pin these down precisely because
| different counters disagree (it's hard), but if you're going to
| take the most optimistic number from Meta (the only one you'll
| ever see), you should take the most optimistic from the other
| "side" as well.
|
| Threads doesn't have an MAU yet because it hasn't existed for a
| month, but it will not be anywhere near 100%. Most people I've
| seen on it seem to have bounced day one and user growth has
| stalled a lot (roughly halving every day).
|
| Sources for fediverse/mastodon numbers:
|
| - fedidb.org
|
| - the-federation.info (includes some things that aren't
| activitypub based)
|
| - https://mastodon.social/@mastodonusercount
|
| Threads numbers (only total users, pulled from badges on
| Instagram)
|
| - https://www.quiverquant.com/threadstracker/
| chrisnight wrote:
| This is indeed true and we will have to see how the numbers
| settle as we go along.
|
| However I would be surprised if Meta doesn't continue to
| possess well above a supermajority of the userbase until
| another large corporation embraces ActivityPub.
| stormbrew wrote:
| I think that's true, though I also think the fediverse (but
| not necessarily Mastodon specifically) will outlive
| threads.
|
| But I think the really big question will be: in 3-6 months
| is meta putting out DAU and/or MAU numbers for threads
| separate from Instagram's?
|
| Until then you can only guess how "big" it really is. I
| don't personally find the numbers so far all that
| impressive: it's a sub-10% conversion rate from insta daily
| active users and I think behind the celebratory face
| they're putting forward that might not be what they were
| hoping for.
|
| But mostly I see this trend everywhere where people give a
| lot of latitude to things like threads and Twitter and then
| give the most pessimistic read of the state of Mastodon.
|
| If Mastodon were a startup and "centralized" its growth,
| bumpy as it is, would be the darling of the tech press.
| This is really obvious because every article about the fall
| of Twitter lists at least one and often several networks
| that have worse numbers and worse growth than Mastodon as
| if they're the next big thing.
|
| Though maybe that'll change now that threads has bought its
| first 100m users.
| xorcist wrote:
| The power imbalance when a semi-monopolist joins an open
| protocol is a really hard problem to solve.
|
| Google all but killed XMPP by using it in
| GTalk/GChat/Gmail/whatever it's called now. They probably had
| no ill intent from the beginning, but their very presence gave
| everyone the need to quickly be if not bug- then quirk-
| compatible.
|
| By the time everyone came around they suddenly de-federated
| everyone and with vague references to spam, which everyone knew
| was bunk. But the damage was done.
| vidarh wrote:
| I think a potential difference here is that a substantial
| part of the existing Fediverse won't care if we break
| compatibility with Threads. Many will actively welcome it, so
| there's potentially less pressure to yield if the make
| changes people don't like.
| stormbrew wrote:
| The Mastodon corner of the fediverse is also ridiculously
| more well run and diverse than xmpp outside the big players
| ever was.
|
| Like, when threads joins it's far far more likely to be a
| net contributor of spam and abuse towards the rest of the
| network because the people who run Mastodon instances
| generally actually care.
|
| Even Mastodon.social (the biggest instance currently)
| routinely gets silenced or blocked temporarily by other
| instances when it lets spam get out of control, and that is
| generally considered a good thing by users.
|
| Honestly that's gonna be the main reason threads gets
| defederated after the first round of ideological blocks:
| self-defence against abuse.
| 56kbps_capsLOCK wrote:
| [dead]
___________________________________________________________________
(page generated 2023-07-12 23:00 UTC)