Defederating from Meta as a solution is stupid - Meta can (and will if they actually care enough) just rejoin undercover.
Furthermore, when it comes to the fediverse, Meta is actually one of the more trusted actors compared to whatever else is on there - at least they're a known legal entity instead of some random.
Finally, the fact that publishing private information publicly on the fediverse wasn't considered an issue before Meta came along shows just how irrelevant the whole thing is - the data has been public all this time, but the network is so irrelevant that not even bad actors cared enough to actually scrape it (or at least do anything with it).
Copyright cannot restrict who can view a work you created once you transfer or license that work to somebody else (e.g. by releasing it publicly on the fediverse). You don't get to say "here's my post but if you show it to Meta then that's illegal". We don't even have a common legal framework for dealing with content distribution that isn't copying (we got "lucky" that you have to copy content to view it digitally so copyright can be poorly jammed onto the digital content distribution model and everything doesn't burn down).
Where the heck did people get the idea that they get to dictate how culture spreads and evolves?
After all how else would you describe someone allowing Netflix to stream your content?
You can't restream Netflix and Netflix is restricted on how it can stream to you. Both rooted in the original Copyright protection and the licenses to content given out by intermediaries.
Most posting platforms give themselves very broad rights with what they can do in a transitive fashion.
But that is "companies don't want to get sued for user uploaded content and are lazy" not "you don't have any rights over things that are published".
A fair point, and one that's not really new either.
Don't want something to be public? Don't post it publicly. As I recall, when my employer at the time (mid 1990s) "federated" their email with the rest of the world, they sent out a memo which stated, in part, "don't put anything in an email that you wouldn't want to see on the front page of your local newspaper."
That was back when local newspapers were a thing, but I imagine you can see the parallels.
That said, I do get to control who sees my content -- by not making it public (i.e., I don't federate my AP instances and curate who can create accounts on them).
If you want something to be private, don't post it publicly. I'm not sure why that's such a foreign idea to some folks since, as I mentioned, it's not even close to being a new idea.
I think the only way to guarantee this control in a federated system, is to encrypt everything that's not completely public. If everybody has a public key, you can use that to encrypt the secret key. It's a hassle, but I think this would work.
If I explicitly deny Meta to use my work, then that is my wish and I can sue them.
They also don't appreciate that the "come one and all" nature of the internet back then led to many people crossing the fences and experiencing viewpoints they'd never seen or heard before. This is an atmosphere we desperately need to return to.
Present day censorship, "gotcha" moderation, and algorithmic manipulation of emotion have led to hyper polarization. We should 1) deescalate the intrusion of these systems and remove them from our day-to-day experience and 2) reinforce the fundamental rights we all deserve.
Social media networks with over 100,000,000 daily active users should not be considered as "private companies with a right to free speech through censorship". They are effectively public squares that we have all elected and chosen to share. Right and left alike.
Public companies tend to censor to protect profits, but small individuals (such as Reddit moderators and Fediverse instance maintainers) do it from either a position of laziness or political retribution. The latter is a form of disgust and hatred for fellow humans and should be called out as such, even if the other party is guilty of the same.
I've seen the free speech argument twisted into "right wing figures trying to force their views into everyone's feed", but that need not be the case. There are tools for individuals to block. And if we'd finally divorce ourselves from platforms and federation and escape to true p2p social networking, we'd all have maximum individual control: we could institute any blocking, boosting, ingestion, sharing, and ranking criteria we wanted. Many amongst the left obsesses over what the right is doing (and vice versa), which tells me people enjoy rubbernecking rather than tuning out. It's a game of "neener-neener" high school football rivalry.
But back to the core point - you shouldn't get to choose who people talk to if you're not a first party in that conversation. You shouldn't get to choose who can publish openly or who can read public broadcasts. If you want to keep your words private, share them in private. Your choices should be limited to blocking what you personally dislike at your own consumption level, and it should be that way for everyone. Because that's fair.
The pendulums of politics will swing. One day liberals will need the free speech refuge again. Preserve it now even if you want to get rid of it. Question yourself if you find yourself wanting to mute or persecute others. If you're angry with my words right now, please ask yourself why you want the other party to shut up.
I want to emphasize that I do not agree with the far right. But I will fight with my last breath to preserve the right to free speech for us all. If we lose it, we will slide into tyrannical oppression from those in power.
I wish we could all just get along. I know that's not going to happen in my lifetime, but we should make best attempts at deescalation and maintaining open communication with one another. Conversation can be a bridge.
I agree with the rest of your post but I suspect that in this instance Meta, a large public company, that might leery about doing something that potentially embarassing.
But your basic point remains true. A wide variety of companies, many bad actor, are going to be scraping, processing and connecting any data anyone makes puts online and that will happen whether Meta joins the fediverse or not. If Meta wanted fediverse data bad, they'd likely just buy it.
Indeed, all the hand wringing about Meta in particular in the article and here seems deeply confused - of course Meta isn't the only problematic actor out there. Indeed, the anonymity-problem of all the walled-gardens is that they explicitly attempt to stop online anonymity in various overt ways. But everywhere entities are trying to deanonymize covertly and these can be at least as bad.
The main thing is that anyone wanting anonymity needs to take active measures to achieve it. And these measures vary on how visible you are and effectively how much your enemies are capable and interested in you. Those talking anonymity would do best educating people in this.
I wouldn't say that the company directly responsible for the state of online discourse today as being leery of doing anything.
https://www.theguardian.com/technology/2014/jun/29/facebook-...
It has published details of a vast experiment in which it manipulated information posted on 689,000 users' home pages and found it could make people feel more positive or negative through a process of "emotional contagion".
...
One test reduced users' exposure to their friends' "positive emotional content", resulting in fewer positive posts of their own. Another test reduced exposure to "negative emotional content" and the opposite happened."Of course, Meta's far from the only threat out there, but as I discuss in 'Threat modeling Meta, the fediverse, and privacy', looking at Meta-related threats also points to solutions that increase privacy and safety in the fediverse more generally."
Here's a link to the longer post (still a draft). https://privacy.thenexus.today/fediverse-threat-modeling-pri...
And agreed, it doesn't scale for Meta to infiltrate people into every single fediverse instance -- although threat actors who are targeting specific people or communities might well do this, so it's also something to take into account.
I don’t know, they did depend on Onavo analytics for a while: https://en.m.wikipedia.org/wiki/Onavo
Using a protocol designed to distribute content with the expectation that you remain in control of it is asinine. If you really want to control it, either allow list federate with only instances you know are in the same circle (IE make your own smaller fediverse), or move to a private forum.
I argued with the Fediverse about this several months ago, and raised all of the same problems in the article with them. Only to be shouted at, doxed, abused, insulted and attacked. I still think that what I experienced would be enough to drive some people to self harm. The level of toxic interactions on the fedivese was the worst I have ever experienced on the internet.
As such I find the fact that there is a freakout over what has been predicted multiple times hilarious. I welcome Meta joining. The sooner people on the fedivese grow up and realize the reality of what is coming the better.
I really like ActivityPub. I really like the fedivese idea. However when you visit you rapidly discover its full of the really annoying people from twitter, and people with "ex tumblr poster" in their bios.
Forget where this came from but it sums it up perfectly.
Fediverse: We are open for federation and you to join!
Meta: Ok here is what we are doing with instagram.
Fediverse: Not that kind of open!One question I've had for fediverse people is how you prevent a federated system from centralizing. I am legitimately curious. Email is often given as an example, but imo that a perfect example of a decentralized system BECOMING centralized. Sure, other players exist but the vast majority of people are on gmail, apple, or outlook (which is much smaller than the other two). Things tend to follow power distributions due to the momentum force being critical. In network systems (e.g. twitter,facebook,HN,email,ISPs,Walmark,etc) the utility/value is not linearly proportional to the userbase, but super-linear (this was one of the big problems with cryptocurrencies too. "Gotta have money to make money"). In these systems resources are "attractive."
So with this in mind, how is a decentralized paradigm any different than an attempt to just reshuffle the top players? (i.e. re-centralize but with a different group at the top) I just don't see the mechanism that prevents centralization.
https://heat-shield.space/mastodon_two_camps.html looks at tensions between people who just want a "better twitter" (which tends to lead to centralization) and people who focus more on small communities (a more decentralized solution).
You need urbit or something like it to fix it, the problems are deeper.
https://martiancomputing.substack.com/p/tlon-urbit-computing...
What do apple email addresses look like? I genuinely don't know anybody that uses an address that says to me "provided by Apple"... I do know a lot of people that use their corporate/organisational addresses for personal email though, which always surprised me.
Edit: just read that "me.com" email addresses are apple-provided - I have at least seen them used occasionally, though nowhere near as much as gmail and hotmail/live.com (outlook).
Still I agree -- decentralized paradigms that are successful seem like they'd end up with big players like you describe eventually. Still better than actually centralized like slack or something.
Since you mentioned email, there is also a large risk that filtering unwanted content and impersonators from appearing on your instance becomes so expensive and/or time-consuming that only a few instances have the resources to do it, just like happened with email.
Jikes. Hadn't considered that. Certainly seems plausible, not just via technical means but also content. I've got a reddit profile that I try very hard to keep "clean and anonymous" yet I've had people from halfway around the world message me say "Hey you're Jack from X". Post sufficient volume and it becomes identifiable no matter how hard one tries.
But someone who uses a completely different site hasn't consented to the Threads terms of service, and if Threads randomly decided to dox people and alter their posts to add real names (or perhaps deadnames for trans folks), that's a very different matter, and I'm sure that their lawyers are going to tell them not to do that (or risk legal consequences). Since non-users haven't agreed to any terms of service Meta face real court, none of that binding arbitration stuff, and possibly class action if they do it a lot.
Aren't there laws against that? are there even allow to build internal links between FB/IG accounts without user consent?
This is false, there's been frequent discussion around how indexing and search should be performed in a privacy preserving way. Meta is just the latest concern.
[1] https://www.anildash.com/2023/01/16/a-fediverse-search/
[2] https://blog.joinmastodon.org/2018/07/cage-the-mastodon/
But they're a known entity with a long track record, which is how I know they can't be trusted.
However, I do see the point of considering ways for instances to somehow distance themselves from Meta's instance. If another instance/admin was publicly known to comparably engage in pervasive user tracking (both on and off their own websites) and algorithmic attention monopolization, would we not expect many other actors in the fediverse to defederate or otherwise distance themselves from those practices/that instance? Obviously, several instances have decided to do so by premptively saying they will defederate. I'm just saying that I think it makes sense to at least consider it. E.g., compare the labels the data collected by the Threads Android app (https://play.google.com/store/apps/datasafety?id=com.instagr...) to those of the Mastodon one (https://play.google.com/store/apps/details?id=org.joinmastod...), and I at least see the contrast.
But perhaps this is just me being naively unaware of rampant community-sanctioned indiscriminate collection of user data in the fediverse (I'm not part of it, just curiously observing Meta's entry).
Yes they can go out and spider ActivityPub content already, though they probably don't currently bother. But what they will gain by being part of the fediverse is the ability to associate your interest in their content back to your identity and learn out a graph about you. Boost/like/share something off Threads, and you've helped them build a model about you in a way that they can't currently do with all the free content out there already.
I'm not sure why other people aren't making this connection. Again, the threat is that Meta could extend its abilities to build a model on how users from outside its own user database interact with its content and users. They're known to already do this in the form of tracking pixels on 3rd party sites already, but this is a richer source of information.
That said, I also think the Fediverse is so tiny that this particular market isn't of much interest to Meta in reality. I suspect this feature will never launch.
MeWe was nice though, really great communities on there back in the day
you seem to not even have read the first paragraph, or not understood what it imples
the whole point of this article is that meta has a precendence of aggregating and combining data from all kind of sources. This includes data which is not supposed to be public, but e.g. was sold without your knowledge, awareness or explicit consent. A situation you could argue the huge majority of people on the internet is in.
For example consider this hypothetical scenario:
So they might take the supposed to be public data of e.g. your anonymous political activism (lets say anti corruption in a very corrupt country).
Then take a public profile you created e.g. in your teens, which you never linked or used the same email address with as you politic profile and should have no connection at all (you acted carefully).
But then meta is like, oh see through the data we bought/own we know that that profile was using that (non public) email address and through other data we brought we know that that email is belived to be owned by the same person as that other email (e.g. you used is for forwarding or account recovery, also non public) so we conclude they are the same and publish *to the whole world trivially accessible that the anonymous political activists is you*.
Or another scenario: They used AI body/face recognition to make the link even through you never posted the face in you anonymous account without appropriate masking or at all.
Or another scenario: Metadata of locations leaked through the usage of social media created the link.
Or another scenario: Someone marks you on a image they took without your consent (and/or knowledge), doesn't matter if they later delete it or make it only visible to their frinds followers.
Or in other words as long as you don't live as a complete hermit and have far above average tech knowledge and also treat absurdly careful to a point where it causing major annoyance in your life stuff like that can totally happen to you.
This is why the GDPR was created to make it illegal to aggregate information about third parties without their consent in surprising ways. But it's also where it failed the hardest to archive it's goals you could say (but thats a different discussion altogether).
Mastodon and Fediverse however explicitly offers your data to them.
Mastodon and the fediverse explicitly offer public posts to everyone. Some sites use robots.txt to block search engines and web crawlers that follow the conventions. Others don't.
I understand the Meta hate, but joining a very explicitly public and intentionally republishable service and then being unhappy that your data is public and intentionally republishable is bizarre to me.
The irony to me is that any chance of relevance for a protocol is obviously going to need big players like meta to sign up (and that's a good thing for the protocol).
A weird set of circumstances might have aligned where meta sees an advantage in being part of a federated protocol to commoditize a threat to themselves (twitter, bluesky, etc.) and still hold a dominant position in quality of the end user clients (which is the only thing 99% of users care about).
It's a little funny a lot of the mastodon hosts are up in arms about this, but not that surprising when considering what they're actually getting out of being part of it (the identity stuff that comes along with being a mastodon user).
I'd guess similar stuff was said during the eternal september era of the web itself - simply being an internet user was no longer an identity that meant something culturally specific.
Example: download the supposedly privacy-focused app pCloud on your iPhone, start it up, and check what IPs it's hitting. That's right, it's hitting facebook tracking servers.
This is not a tribal ingroup club thing. It's a "fuck off, megacorps" thing.
I thought "mastodon.social" was based in Germany, heart of GDPR country but there is no consent theater, no harassment by cookie popups, certainly no controls over data.
I really don't mind, but there is some serious cognitive dissonance there.
Comparing the sheer amount of data that Meta/Facebook vacuums up to the privacy practices of similar apps is instructive.
https://www.wired.com/story/meta-twitter-threads-bluesky-spi...
In practical terms, Facebook is actually quite tame compared to any other malicious actor who can get the same data. FB just wants it for ads and processes it in aggregate (most is never seen by a human), while other malicious actors might actually target you personally.
The main issue is that you shouldn't post anything on a public, unauthenticated network that you wouldn't want random, potentially-hostile actors to see.
Meta scraping your name and doing other shenanigans is a different subject and obviously bad, but the rest is like complaining joining a public torrent tracker and being mad about leaking your ip address to its peers.
If being separated from the mainstream internet is the reasoning then yeah sure, go ahead, but you also can't complain why no one besides fanatics is using alternatives when the alternatives are not worth using for the mainstream audience.
It is anti-privacy by design.
Once you've posted something to it, you have absolutely no control over who has that data and what they do with it. That's the fundamental design of the system.
Complaining about meta potentially ingesting all data from the fediverse comes off as a bit naive. Meta is the least of the privacy concerns on the fediverse. You at least know who they are and have legal recourse against them. Huge numbers of other consumers are not even known. Just look at the thousands of instances that have popped up. Many of which are just in joe bob's closet and god only knows how they protect the data.
It’s just Mastodon movement or whatever it calls itself don’t want to be associated with shady corners of lower classes or the human society, despite there shouldn’t be such classes and hidden areas in the first place, as in not trying to stigmatize, deny and nullify the fact that we’re dirty animals, but in constructively removing negative aspects of life.
Embrace, Extend, Extinguish. Owning the vast majority of the fediverse userbase will cause them to have a large amount of power to compel users or servers to do whatever they want. What do you do when Facebook implements a new feature and all of your followers complain that your using a Mastodon server instead of joining Threads that has this feature they want? You either go against your entire community or let Meta takeover your account.
As such, the resolution is to not let anyone have this much power. It being Meta makes it easier to hate on them, but no single server should own the vast majority of the network, let alone (100M / (100M + 2M + 1M)) = 97% of it [1].
[1] Threads has 100M users and is rising fast, Mastodon was recently stated to have 2M active users, the rest of the fediverse can be estimated to be, say, 1M. As such, Threads has about 97% of the userbase.
The fediverse has somewhere around 10-13m total users, about 8-10m of those are on the main Mastodon network, and around 2-4m MAU. It's hard to pin these down precisely because different counters disagree (it's hard), but if you're going to take the most optimistic number from Meta (the only one you'll ever see), you should take the most optimistic from the other "side" as well.
Threads doesn't have an MAU yet because it hasn't existed for a month, but it will not be anywhere near 100%. Most people I've seen on it seem to have bounced day one and user growth has stalled a lot (roughly halving every day).
Sources for fediverse/mastodon numbers:
- fedidb.org
- the-federation.info (includes some things that aren't activitypub based)
- https://mastodon.social/@mastodonusercount
Threads numbers (only total users, pulled from badges on Instagram)
However I would be surprised if Meta doesn’t continue to possess well above a supermajority of the userbase until another large corporation embraces ActivityPub.
Google all but killed XMPP by using it in GTalk/GChat/Gmail/whatever it's called now. They probably had no ill intent from the beginning, but their very presence gave everyone the need to quickly be if not bug- then quirk-compatible.
By the time everyone came around they suddenly de-federated everyone and with vague references to spam, which everyone knew was bunk. But the damage was done.
I'll interpret this to mean "If the problem is that Threads owns the majority of the userbase, why didn't you complain about Twitter owning the majority of the userbase?"
I'll reply to that as: Mastodon users did. That's why they used Mastodon in the first place, because they felt too much power was controlled in a single entity, so they complained and moved.
In terms of actions to take, what power was there with Twitter that Mastodon users did not exert? With Threads, Mastodon server owners have the power to defederate and block Threads trying to intermingle with their userbase. With Twitter, Mastodon users were the ones with the power to publicly disclose their Mastodon account and tell users to follow them on there.
In each instance, Mastodon users are doing what they can to reduce corporate overlords from having power over as many people as possible. Even if Threads is more centralized because of other instances defederating with it, the overall reach of Meta is reduced.
Mastodon already did this to ActivityPub. Extending open protocols is important else people will stop using them in order to accomplish building what they want.
That's not a resolution, that's a wish. But how could it be achieved though? In 6 months Threads could well have hundreds of millions of active users, the vast majority of whom probably won't care about the fediverse.
> What do you do when Facebook implements a new feature and all of your followers complain that your using a Mastodon server instead of joining Threads that has this feature they want?
Mastodon (and others) either have to compete or their users will be like the people reading email in emacs or vi (no offence intended)
Take a look at Threads.net and Mastodon.social and tell me these two projects have anything in common. Everything is open on Mastodon.social (I can even use the search box) and everything is purposefully closed on Threads.net (I can't even see the basic metadata). It's all dark patterns since day 1. Meta is not givin up a sliver of control that's for sure.
this is the real problem. Mastodon and lemmy share way more information than they actually need to (like lemmy shares a list of usernames who upvoted or downvoted a post, not just a count), and if you're using one of those services you should expect that all your data and interactions are public. that's the actual threat here, not the possibility that facebook might suck up that data. Blocking Threads from federating is just a short-term patch over mastodon's bad privacy controls.
(I'm trying to play around with ways around this, like using a bot to instead publish aggregation events and making votes private, but it's an ongoing exploration.)
lemmy does not make it in any way clear that upvotes and downvotes are public information.
It's not a patch at all. Facebook (and literally anyone else) can still scrape or otherwise access that data in a hundred different ways. Blocking Threads is simply some server admins making an anti-Facebook statement, nothing more.
What does that have to do with anything? Mastodon is explicitly setup to allow all user data to be harvested. What Threads supports or doesn't support in the end has no bearing on Mastodon having all user data public.
If you want to control distribution of your data, don't join a federation designed to distribute data. Trying to blacklist nodes in a graph that you don't control is not a solution.
Information wants to be free, if you post something to a social graph assume everyone in the graph can see it forever.
To me that still seems fairplay on a platform that's designed to be open and heralded that way. Not a opinion I hold strongly though.
"Even if I only make followers-only posts, which aren't public and can't be boosted, if somebody who's following me replies, any of their followers on Threads will see my account name and instance" and also "If somebody on another instance who follows me boosts one of my public or unlisted posts, people on Threads who are following them may be able to see everything I've said in the post"
>A Nebraska woman has pleaded guilty to helping her daughter have a medication abortion last year. The legal proceeding against her hinged on Facebook's decision to provide authorities with private messages between that mother and her 17-year-old daughter discussing the latter's plans to terminate her pregnancy.
If you have information you don't want others to know, then don't tell your secrets to a multi-billion dollar pseudo-governmental organization that has even less data collection protections than the governments it serves. There's more you should do, but that's a big one.
People on Mastodon make this mistake quite often, tagging someone they're talking about, or realising that the person they tagged now receives a copy of their conversation.
This is a massive issue on top of the lack of end to end encryption. Both servers receive plaintext copies of the messages exchanged. I'm sure mastohub.ai is a safe server, but how can you be sure they'll never be bought out or hacked?
If you want to federate and share secrets, try something like Matrix or XMPP. They make it significantly more difficult to read your messages.
https://privacy.thenexus.today/fediverse-threat-modeling-pri...
that's such a naive egoistic apathetic world view it baffles me
sometimes I wonder if posting stuff like that just don't understand how humans and societies work, or just don't care because "they know better".
[1] https://en.m.wikipedia.org/wiki/Embrace,_extend,_and_extingu...
Personally I think it's more an "embrace, extend, and exploit" approach; a decentralized model could work well for Meta, for example if they do revenue-sharing on ads hosted by other instances (think Disney or LA Lakers).
Update: here's another good article looking at how Meta could embrace and extend -- again, not extinguish. https://darnell.day/heavy-meta-four-business-reasons-why-ins...
It's not like Google had "extinguished" anything, it's more like the "largest server went uncooperative and removed themselves". Sucked for people who were able to chat before and got separated, but I disagree with painting this as some sort of fatal blow.
I don't think there's some statistics on reasons why people stopped using XMPP, but I don't believe Google is the reason for it. I'd speculate that it just coincided with the beginning of the smartphone era and this whole "Google killed XMPP" is a convenient myth.
- ActivityPub is an open protocol. If Meta goes all-in on it, they'll be implementing a transparent spec everyone knows. Modifying that would send obvious shockwaves through the network and signal their non-cooperation. There isn't a covert way for them to really try this.
- Mastodon itself is AGPL licensed, meaning any Meta fork (for whatever reason) would be subject to "provide the source code of the modified version running there to the users of that server. Therefore, public use of a modified version, on a publicly accessible server, gives the public access to the source code of the modified version."[0]
- Meta has no reason to. If they decide the app is sufficiently popular without ActivityPub integration, then things return to the status-quo for Mastodon. Meta loses what little control they had over the direction of the standard/protocol/applications and nothing really changes.
I've been thinking about this in terms of Lemmy (also built on ActivityPub), which I understand isn't currently on the table for interop (but if Facebook is after Twitter's lunch, why shouldn't they be after Reddit's). It could even be the same application - Kbin is another AP service which has separate tabs for "link aggregation" and "microblogging" (Reddit and Twitter, respectively).
With Lemmy, the way a large corp could come in and push it around is by simply creating it's own version of the top 100 (or N, whatever) communities, and automatically subscribing users into them based on their interests (already known, due to existing accounts/profiles elsewhere). c/linux on lemmy.ml has ~6k subscribers, and is the largest Linux community on Lemmy, afaict. It's not unreasonable to think a large corp willing to pull in its existing userbase couldn't increase that by an order of magnitude in very short order. Overnight, those communities become the place where conversations are happening on those topics (maybe even with some pre-seeded content) and the existing lemmy communities stagnate.
Fast forward a while and one day BigCorp decides to pull the plug. Existing non-BigCorp Lemmy users are now separated from the communities they've been in and need to create BigCorp accounts. You could argue that those non-BigCorp Lemmy users are no worse off than they are pre-BigCorp-federation, but they're effectively migrating their communities all over again.
As far as why, I think it's pretty invaluable for Facebook to:
1) appear to be "playing ball" from a regulatory aspect 2) eat a competitor's lunch 3) control a (potentially!) up and coming federated service
I assume they will do the same with the ActivityPub compatibility. I don't see it as a permanent plan.
1 - I mean on the US where Meta really cares about. It's probably one on most countries where Meta has revenue, but that won't send anybody to jail.
It's a crime to obtain public data published on a public network built on a public protocol explicitly designed to share data? Isn't that the whole raison-d'être of mastodon?
That's not what I said, and not what is on the article.
There are various processes at Meta that do require identification to be submitted and in some cases that information will be published. For example, to be verified on Instagram you must have your name be published. Likewise, certain Facebook pages must publish their operators identities.
Most likely the person in question submitted their identity documents to Facebook (perhaps their account got locked) and they didn’t realise they were agreeing to that information being put on their profile.
The concern is valid — Facebook has information users might not want public — but the cause isn’t nefarious. Facebook is not finding an anonymous sex workers identity and then intentionally outing them.
They are?
Collecting personal information is central to Facebook's business model. Facebook's policies mandate legal names.
> Most likely the person in question submitted their identity documents to Facebook
Most likely this person would remember that.
> The concern is valid — Facebook has information users might not want public — but the cause isn’t nefarious.
Surveillance capitalism and legal names policies are nefarious.
I really believed that discoverability is king, and I should just be able to search a global graph of user profiles and read everything that everyone has ever said, but you're right, there's a lot of conversations that don't happen in public, and not everyone wants to be "discoverable".
So I think there's a case to embrace the balkanization of social media, and go back to having separate identities to be a part of each phpbb we signed up to. Going to different domains to talk to different groups of people makes sense, and we can have the modicum of privacy offered by a semi-private chat server like discord, so that your messages don't get indexed by google and archived forever. (Obviously discord retains all the message logs, DMs included, but at least its not publically searchable)
And global social media is always going to suffer eternal september. Smaller, unfederated chat communities is a probably a much healthier approach to social media than whatever it is we've been doing the last decade of meta-gramming
There's just no way to get enough moderation in place and get people to behave respectfully, and then it just gets ugly.
I remember BBSes back in the 80s degrading to uncomfortable useless places simply because of a few bad trolls or assholes getting in the mix. Now it's just ridiculous.
Small, comfortable social networks and a feed that I can fully control, that's what I want. Facebook and Twitter began their misdeeds the moment they rolled out algorithmic suggested content that I did not explicitly subscribe to.
I've mostly just retreated into a few discord channels for family and friends at this point, with forays into Mastodon here and there. Oh, and way too much time on this orange site.
The issues in the article are related to how ActivityPub/Mastadon work, if you are concerned by privacy issues, don't use Meta.
Meta is guaranteed to erode your privacy, being outside doesn't come with a guarantee of being bullied.
I'm quite convinced that Meta actually does have the real name of most of us as well as the ability to link it to other accounts. But the idea that Meta would willingly reveal this without the user's consent means a planet-scale doxxing event. It could lead to actual deaths in the real world, and they would be legally crushed.
What is far more likely to have happened is that the user had an Instagram account with their real name and used that to log in/sign up to Threads. There is no stand-alone account on Threads currently.
Meta is not known for being a good citizen, but unlike sending fake notifications or tracking which helps them achieve a business goal, updating user profiles without consent achieves nothing of that sort.
It could lead to actual deaths in the real world
Myanmar https://www.nytimes.com/2018/10/15/technology/myanmar-facebo... https://edition.cnn.com/2021/12/07/tech/facebook-myanmar-roh... and Dutertes drug war in the Philippines https://www.buzzfeednews.com/article/daveyalba/facebook-phil...
It does look like something idealistically-minded early techies would justifiably find really cool.
It may indeed be desirable for, say, Dutch government (and perhaps any government that wants to be transparent).
However, I’d argue it may be from suboptimal to harmful for regular people.
Regular people may have to worry about future governments, which may or may not end up less transparent to hostile towards them, as well as other powerful adversaries. Regular people may want to be careful and value features like transience, privacy, and plausible deniability.
Perhaps we can do better and come up with a protocol that combines openness and those values. Whether Facebook enters the Fediverse with its new product or not, ActivityPub in its current shape and implementation seems to be a liability.
And "I want random people to see my social stuff (cos I yearn for attention) but not that particular person/corporation" is unsolvable problem
If fully precluding public and private intelligence is infeasible, that does not mean we should be using a protocol that in many ways is optimised for public and private intelligence.
Privacy, like many things, is a spectrum.
Who gave FB permission to conflate two different identities?
The law says they don't need permission to do something like that, regardless of any morality or decency issues that causes. The law is often not aligned with morality.
Most people seem to not really get this, even when they objectively know it, or are otherwise unable to imagine what could go wrong, because doing so basically requires you to be the unhealthy kind of imaginative and paranoid. "What if facebook doxxes me and changes my display name" SEEMS like it should be an insane paranoia, because the human brain isn't equipped to handle extremes of scale and bureaucracy like this.
Amazing, eh?
If you post incriminating content on a Mastodon server it is still out there whether Facebook can officially connect to it or not. It is archived forever out of your control. The server owner can be subpoenaed. Anyone can scrape the website, take a screenshot, or share it in a hundred different ways. Regardless of what pseudonym you use it can be tied to your real identity with 5 minutes of internet sleuthing.
"Private" online social media is an oxymoron. If you put something out there in the world you don't get to control whose eyeballs land on it. Facebook isn't the problem, your expectations are.
A "friend" may make a photo of you as part of a social/work event and directly post it publicly.
Even with no participation on your behalf, your real name, phone number, address and photo are out there.
If I don’t want other people to see something or to know about it, I don’t post it online. Or I don’t post it in a way that could be traced back to me. There’s absolutely no link from my HN account, for instance, back to me IRL.
Why open yourself up to the risk? What do you get in exchange?
Meta has zero interest in ActivityPub or the Fediverse, a tiny speckle of users hostile to them. In less than a week, they've created an "instance" 50 times the size of all of Mastodon and the rest of the fediverse combined. The projection/goal is to grow towards 1B MAU, which would make it 500 times larger than all of the rest of the fediverse.
Why would Meta possibly care about this tiny group of misfits? The only reason I can think of is to give legislators the idea that they are "doing good".
Say it is done, and we have this Threads cosmos-sized instance. Tiny vocal Mastodon instances will defederate out of principle, and nobody cares. Because they are anti-growth anyway, they object to anything.
Larger Mastodon instances will consider federating but will then find out Threads will only do this under conditions. You have to serve ads, have to comply with a moderation policy, treat user data in a certain way. You effectively work for Meta now, but unpaid.
Then you turn the thing on and the flood gates open. The first thing you'll notice is your bankruptcy as your few tens of thousands of users now having follow access to a billion users, including very active and popular ones, spiking your infra. 10x? 100x? Who knows? And what about storage? Yesterday I've read how a mid-sized Mastodon instance (few thousand users) was adding 1GB of media storage every 15 mins. Do that times a 100 (or 1,000) as well. Your moderation inbox...well, good luck.
This entire thing isn't going to work, at all.
Also worth consideration: They could federate your Facebook feed in the future too.
It may not be so much supporting the protocol from the outside as its worth doing from the "inside".
EDIT: I'm not talking about full blown customization here, just enough that allows creators to make their direct profile feed look different from the standard app, maybe have targeted links or a special background color etc. Simple but differentiating things.
Ultimately I think their play here is they want to build their social graph and interaction model around users that are not on their network right now. Every time you boost or share something that came out of Threads, they'll learn something about you -- a non-Meta user -- that they couldn't get just from mining public content. But I think they'll find they're actually not interested much in that data, that its value isn't high enough to justify the hassle.
I just think it's a tempest in a teacup and by the autumn when it's rumoured to be supposedly launching, we'll just stop hearing about it. Or there'll be a trial for a bit and then it'll just get unceremoniously dropped.
I don't use Fediverse nor Meta/Threads, but I write stuff that is public and anyone can view it, or private which only the recipient should read, like anything else, whether I post on Hacker News, or on Usenet, or on a public IRC channel, or whatever else it might be. (Some people don't like public IRC logs, but if it is a public channel then I would prefer that it does have logs; fortunately some IRC channels do.)
And guess what happens when Meta refuses those DMCAs? You go to the networks they peer with. You don't screw with tier 1 transit providers, not even Facebook has some magical power here.
This isn't, and was never, about privacy. It is 100% about Meta stealing data and displaying it so they can pretend people are using their product, so it looks active, and then they can tell their shareholders it was a successful launch. Nobody in the Fediverse wants to help Zuck profit from people's hard work that they didn't donate to him (ie, post on Facegram and thus license it to him).
The flip side of this is also, how will they moderate data that isn't theirs? They will have to unfederate from certain servers and users, thus solving the problem.... and if you've seen the fediverse, its 20% trans catgirls who code in rust, are part of a polycule, wear programmers socks, and have spicy opinions about niche Linux distros, all of which are persona non-grata on the Instabook platform.
The catgirls are going to save us from Zuck slathering the Internet in Sweet Baby Rays. This wasn't the future I was expecting.
They have done the opposite of a moat... they built a bridge across the moat that is around the prison island everyone is trapped in.
Meta would have no more (extra) access to Fedi posts than an large Mastodon instance like Mastodon.social would have.
I'm not sure I agree, privacy can be achieved via anonymity. Use a VPN, block cookies, change usernames, etc
But privacy is not the issue with Threads. The issue with Threads is that they're going to attempt to destroy the Fediverse through standard Embrace, Extend, Destroy tactics.
You see this with Bluesky as well. The point is to interoperate when it's in your interests and then break interoperability when you have enough of the audience. Thus, thereby capturing the lion's share of the audience.
Just wait. Threads will soon have a 'new feature' that only works with Threads and that does not work on other Fediverse nodes. Then they'll try and poison the standards bodies working on ActivityPub. They could increase the velocity of new 'features' to ActivityPub so fast that unpaid OSS developers couldn't keep up. Like Google and that cartel do with browsers. Eventually Meta and maybe a couple other large players will control the standards, or atleast make it obtuse enough to prevent new entrants. This playbook is tried and true.
For sure Meta cannot be trusted to be up to anything kosher especially since social media tech is close to the money spinning core of the Death Star.
But what "stolen" audience are you worried about? The existing million or so fediverse users that will be lured back into the lethal embrace of the move-fast-and-break-things brigade? Future fediverse users that cant tell whether they are joining a surveillance apparatus or, e.g. their local community instance? Threads is currently cannibalising Instagram in the hope, pressumably, of grabbing some pieces from the decaying corpse of Twitter. All quite morbid affairs that dont have overlap with the migrants escaping to build a new life in the fediverse.
The issue of subverting the fediverse standards is more serious - in principle. But the tangible threat is not clear (to me at least). E.g., the protocols are low level, minimum interop standard, they specify nothing about how server platforms can (ab)use their users. This is all down to implementations.
In any case if you dont want corporate control of a standard make sure you dont take any corporate money and if they insist to join the fediverse party give them one vote like every other solo fediverse pioneer.
The fediverse is being noticed. Thats a good thing. Savvy PR by fediversians could spin Meta's "interest" in the project to open doors that they could not dream of. Granted PR and marketing is not the fediverse's strong point. Its better this way even if it makes the job of adoption harder. But lets not get scared by shadows.
The real risk here in my opinion is the influence that Threads could have over the Fediverse indirectly. What if they become an integral part of it and threaten to leave, or just leave? What if they become the defacto censor of what instances you can federate with, by virtue of cutting off anyone that doesn't defederate certain instances? Etc, etc.
The privacy concerns, while they hold some validity, are a little bit moot for people who weren't going to consider using Threads in the first place. Google hoovers up all of this data already if only indirectly, and nobody seems to bat an eye.
If you want true privacy, make a centralized self-hosted service where people have to be allowed in explicitly.
Don't see what the problem is in the OP, they are kind of expressing displeasure that a service that technically can be scraped by almost anyone is... you know, scheduled for scraping and exposed. And at the same time nobody actually bothered to prevent the scenario from happening.
And this also looks very much like the early internet: people didn't think others are malicious so security was minimal.
This kind of naivete really needs to get clubbed to death. We can't afford being as naive nowadays.
Meta has the scale and scope to make it scary, but the point of the Fediverse is that it is federated, which implies some openness. If you're federated, you are publishing content to other people that they might do whatever they want with. That includes crawling it, storing it, indexing it, and building mass profiles. You can certainly protect yourself by blocking bad actors, but since the network is, well, a network, an aggressor that wants your published data need only find access to a node you do want to share with and copy from there.
So you either default-close your data and choose very, very carefully who you federate your node to or... You don't put that data in the fediverse at all.
(Contrasting to a walled garden, where monolithic control of the data storage and transfer means a single entity is responsible for where the data goes and can constrain at will. If someone's kicked off Facebook, they're off Facebook; they have a single attack surface they have to reenter to get to that data, not O(nodes) they could make an account on to reach the data of someone who'd rather not share it with them).
You can't have perfect privacy in a system that has the exact opposite goal: federation. It means your data spreads by design and enforcement of any privacy-preserving feature is optional per instance.
The very loud minority on Mastodon that obsesses over safety has picked the wrong software. They should have just created a Telegram group.
It's my understanding that Libs of Tik Tok simply reposts public videos. Say you manage to find a way to block them specifically from seeing your content what's to stop another account springing up and doing the same thing. The only option is to keep your content among friends. But then you have another trust model where your friend could be the next Libs of Tik Tok.
The working group was closed after browser implementers failed to express interest. As I recall, Microsoft Internet Explorer was the only browser participating. https://learn.microsoft.com/en-us/openspecs/ie_standards/ms-...
I could be mistaken/mislead about the purpose here. But this idea of having the data be able to advocate for itself what rights other people have seems semi-obvious. It won't prevent abuse, but the age of ultra-Legalistic DMCA corporate hawkishness seems largely to have won above almost all others, in most arenas, and this idea of sticking a "you can't do that" label on stuff thus seems like a pretty obvious first level defense. One that big data warehouses & big companies in particular probably couldn't violate & keep under-wraps.
2 Said well elsewhere but its daft to want to hide public info from a subset of users on a protocol designed to distribute public data.
This will make Mastodon pretty much useless if it can just block networks..
It's hard to take the post seriously when they make statements like that, From the linked article:
> Fuentes, who claims to have been banned from Meta's platforms, announced in a livestream on July 6, “I signed up for it last night. I made a fake Instagram. I got on a fake Thread.”
I'd guess of the 100M users that have signed up lots of people that are banned, or post content that gets banned on FB and Instagram have managed to make accounts too. But I'm sure the same content moderation policies on FB/IG will apply once they start posting, some will get through, but that is far from being welcomed.
I'm glad I just routinely obfuscate my online presence by lying on every different platform.
Blocking threads? Do we need a mutex here? Faster I/O?
What would they gain?
Things you post publicly are public.