Post ASAPqRQJutxg868nbc by aslakr@mastodon.social
(DIR) More posts by aslakr@mastodon.social
(DIR) Post #AS97XAcCC3PUAEOfEO by simon@fedi.simonwillison.net
2023-01-29T20:16:35Z
0 likes, 0 repeats
People argue passionately about the importance of staying in control of the content they share here - this has been a key element of the ongoing debates around search and Mastodon/the FediverseMeanwhile, ActivityPub works by delivering a copy of everything you say to every server used by at least one of your followers - with no guarantees at all about what those many servers will then do with that dataHere's a more thoughtful related take on this from @timbray https://www.tbray.org/ongoing/When/202x/2022/12/30/Mastodon-Privacy-and-Search
(DIR) Post #AS97iiyykx4LwEYy9I by simon@fedi.simonwillison.net
2023-01-29T20:18:08Z
0 likes, 0 repeats
@timbray Tim's conclusion: "The Fediverse needs to get its content-licensing shit together." - as with so many things, at heart this is a social problem, not a technical onehttps://www.tbray.org/ongoing/When/202x/2022/12/30/Mastodon-Privacy-and-Search#p-9
(DIR) Post #AS98WaMF65IPfUDh32 by foxmccloud45@mstdn.jp
2023-01-29T20:27:19Z
0 likes, 0 repeats
@simon @timbray Well... Yeah? Decentralized systems using the data however they want is far from new. Usenet servers have done this since the 1980s.
(DIR) Post #AS999Rit8PnQBKLIIa by simon@fedi.simonwillison.net
2023-01-29T20:34:46Z
0 likes, 0 repeats
@foxmccloud45 @timbray The difference there is that no-one on Usenet was campaigning vigorously against anyone building a search engine against that content(Or maybe they were? To be honest I bet there were all kinds of debates around that on Usenet back in the day)
(DIR) Post #AS9ACortdaDumwjDXM by foxmccloud45@mstdn.jp
2023-01-29T20:43:36Z
0 likes, 0 repeats
@simon @timbray Hmm, I don't know.I know that there is an opposition to "archiving" and "searching" content because some people want to be able to delete things entirely.But Usenet messages, similarly to e-mails, couldn't be truly deleted so I guess this was a "non-issue".I'm pretty sure that back then, the "worst" you could find were data hoarders who saved everything. They still exist today, so...
(DIR) Post #AS9Ac4LREWkY1laPMO by simon@fedi.simonwillison.net
2023-01-29T20:46:06Z
0 likes, 0 repeats
@foxmccloud45 @timbray this is part of the catch though: if being able to delete things entirely is important to you, then using a social network where everything you write has copies instantly pushed out to hundreds (if not thousands) of machines that sit outside your control would seem to sit in opposition to that desireHence it's a social problem, not a technical one - and the solution likely involves legal mechanisms like copyright and licensing rather than just technical measures
(DIR) Post #AS9AnI2ie1KLhGBHoO by kevix@toot.cat
2023-01-29T20:47:30Z
0 likes, 0 repeats
@simon @timbray I recall people talking about 'freedom box' and how you'd have a federated server that if it went off-line would allow your content in your house to avoid access to government agencies without a search warrant. and in some cases, digital breadcrumbs would end up on servers that accessed your content last. in my current case as a mastodon users, I assume my server has some cache of content that is used for the federated timeline but I don't know how long its there or if its limited by server restrictions like storage.
(DIR) Post #AS9B2L5paPBlV5oRhA by simon@fedi.simonwillison.net
2023-01-29T20:53:25Z
0 likes, 0 repeats
@kevix @timbray From an initial reading of https://github.com/mastodon/mastodon/blob/9cdd643564ef1f885a4c501ac0dfc437291466a7/app/models/account_statuses_cleanup_policy.rb#L10 I get the impression that Mastodon's default policy is to delete cached messages from federated posts after 1209600 seconds, which is 14 daysThere's a lot more complexity to the code around that though so I may be misinterpreting it entirely
(DIR) Post #AS9BDN6WRuA8vJOejg by foxmccloud45@mstdn.jp
2023-01-29T20:56:59Z
0 likes, 0 repeats
@simon @timbray Well, the European Union has started to address that I suppose.But regardless of the service, I believe that once something is published online, it will remain there forever, be it archived on the Wayback Machine or on someone's local hard drive.Complete privacy in the Western World is no longer possible I'm afraid. Any random picture where you appear, even coincidentally, can be published without you knowing, for example. It's something to live with now, I guess.
(DIR) Post #AS9BRIGHFbkFxTb8Fs by dead10ck@mastodon.dead10ck.com
2023-01-29T20:59:53Z
0 likes, 0 repeats
@simon @timbray I agree. I am a software dev that chose to host my own instance, so I am of course highly biased in my opinion, speaking as someone who is both technically knowledgeable and exposed first hand to the information sharing that happens between instances. I recognize that most people have never had to think about this before, having mostly only experienced social media through walled gardens, where the only thing one had to do to protect privacy was set their post to private, and their info never left the central place (and when it did, there was a PR and legal shit storm, e.g. Cambridge Analytica).However, the whole idea with Mastodon from the very beginning is decentralization. It is a central feature that your posts are shared with anyone and everyone on the Internet who cares to ask for it. This is even more liberal than email, where one has to explicitly choose where to share each and every message. One might even say privacy is a fundamental anti-goal of the Fediverse's design.However, I do agree that a lot more could be done to make all of this a lot clearer, and to improve privacy. It's very clear that privacy was on no one's mind when designing the most popular Fediverse software, and ActivityPub.
(DIR) Post #AS9Ddeca8wo0gn3JjM by jonoabroad@mastodon.nz
2023-01-29T21:24:36Z
0 likes, 0 repeats
@simon @timbray It feels as though, as Tim said, we need IP and UX folks on it.It doesn't feel like an insurmountable problem to solve.
(DIR) Post #AS9JF274GR6G25xGpk by mnot@techpolicy.social
2023-01-29T22:27:28Z
0 likes, 0 repeats
@timbray @simon see my response there - copyright isn’t likely to be able to constrain this kind of service.
(DIR) Post #AS9VP6vwOZ0vKTK2vw by __steele@hachyderm.io
2023-01-30T00:43:14Z
0 likes, 0 repeats
@simon @timbray People talk about the ActivityPub spec a lot, but in practice the privacy story is much worse than that.Mastodon has a streaming API and any unauthenticated websocket client can connect to the 'public' feed to get *pushed* every toot - not just from that instance, but every instance federated to it as well.It significantly lowers the barrier to entry for data collection - and puts it within reach of any dummy with an ax to grind.
(DIR) Post #AS9YzsMNqFQ6huug64 by rabble@mastodon.social
2023-01-30T01:23:26Z
0 likes, 0 repeats
@simon @timbray I think what people say they want isn’t what they actually want. We just don’t have good language to understand the actual needs and desires.
(DIR) Post #AS9mpweERYCqT6Q7vc by shoq@mastodon.social
2023-01-30T03:59:11Z
0 likes, 0 repeats
@simon I have marveled at this inefficiency for months now. Matrix is similar. If one user on a small server follows 10 big rooms, it has to receive all that federated data just to say "hi." It worries me. But I'm not an engineer. Maybe there's nothing to worry about. Maybe.
(DIR) Post #AS9n2HhXzcPLEur4nw by j2bryson@mastodon.social
2023-01-30T04:00:08Z
0 likes, 0 repeats
@simon @timbray Twitter had at least 8K people working on things like this that Musk fired, not clear how many now. I'm still not convinced these things can be handle efficiently decentralised, though Wikipedia is a good example but not entirely decentralised either and certainly an enormous and apparently expensive effort.
(DIR) Post #AS9oeesMNZee4Wm57w by memory@m.blank.org
2023-01-30T04:19:40Z
0 likes, 0 repeats
@simon (meanwhile meanwhile: if your post ends up on even so much as a single server without a default robots.txt file, google indexes it, which makes the entire debate hilarious)
(DIR) Post #AS9sxGmCbUZ8eF1ZT6 by stpaultim@fosstodon.org
2023-01-30T05:07:45Z
0 likes, 0 repeats
@simon @timbrayThanks for sharing this. Maybe I'm just too old, but I'm a bit confused about the expectation that one can put a message on the internet that is available to anyone in the world, but then expect that they will be protected from anyone using their content in ways they don't consent to. In my opinion, people are angrily trying to prevent Mastodon from becoming something that it already is.
(DIR) Post #AS9t9zmV6Qc9heERyS by fields@hachyderm.io
2023-01-30T05:08:47Z
0 likes, 0 repeats
@simon @timbray I’m really very baffled by the peple who post on a very public social network (not just mastodon) and yet still act like / think / insist they’re just talking to a few friends. There are social networks with robust privacy controls, but this isn’t one of them.
(DIR) Post #ASA80uMpMT7HcMLfVY by simon@mastodon.star-one.org.uk
2023-01-30T07:55:58Z
0 likes, 0 repeats
@simon@simonwillison.net @timbray [1/3] I think the summary of the issues is good, the analysis of the need for solutions is pertinent, but sadly I think the proposed solutions are……‘analogous to the state of the European-accessible web post-PECD/GDPR’ :)Srsly, web users already have far too many buttons to click to accept Terms and Conditions in order to access content as it is, we don’t need to be adding *more* barriers!
(DIR) Post #ASA81BrEKgXLrZhgky by simon@mastodon.star-one.org.uk
2023-01-30T07:55:58Z
0 likes, 0 repeats
@simon@simonwillison.net @timbray [2/3] How about instead we adopt simpler solutions:* Add an additional toggle on the content sharing settings so users can select logged-in-only or not, and* We accept that conversations on the Fediverse are ephemeral, and by default purge the content database of any instance after a ‘suitably ephemeral period’ of something like three months; if people want their words archived permanently, that’s what blogs are for
(DIR) Post #ASA81EViT86u5if38i by simon@mastodon.star-one.org.uk
2023-01-30T07:55:59Z
0 likes, 0 repeats
@simon@simonwillison.net @timbray [3/3] And then full text searches on the public database can be permitted to meet the useful case of being able to find out what’s going on in a disaster zone whilst it’s happened.
(DIR) Post #ASA8UwlgzzNFkgIom8 by AndHuman@tech.lgbt
2023-01-30T08:01:58Z
0 likes, 0 repeats
@simon @timbray Ugh. This is so frustrating. Why can't we have privacy, security and digitally interact too?
(DIR) Post #ASAPqRQJutxg868nbc by aslakr@mastodon.social
2023-01-30T11:16:24Z
0 likes, 0 repeats
@simon @foxmccloud45 @timbray There where X-No-Archive X-No-Archive, https://en.wikipedia.org/wiki/X-No-Archive?wprov=sfti1
(DIR) Post #ASAYKcaZlfBH4yq8Ia by simon@fedi.simonwillison.net
2023-01-30T12:51:29Z
0 likes, 0 repeats
@simon@mastodon.star-one.org.uk a personal data point: if I find out that software I use has decided to delete my content automatically after three months I will ditch that software on the spot!
(DIR) Post #ASAYYj2SaInj8Ybk6S by simon@mastodon.star-one.org.uk
2023-01-30T12:53:41Z
0 likes, 0 repeats
@simon@simonwillison.net That’s a fair response, but I’d say if it was clearly described as the functionality of Mastodon, would you still ditch it?
(DIR) Post #ASAg0wRT2nICUhhrAe by simon@fedi.simonwillison.net
2023-01-30T14:17:33Z
0 likes, 0 repeats
@simon@mastodon.star-one.org.uk yes, I'd ditch Mastadon straight awayGreat thing about the Fediverse is there are already strong alternatives, and more on the way
(DIR) Post #ASAsy3pYPrglwcvgDQ by alexito4@mastodon.social
2023-01-30T16:42:44Z
0 likes, 0 repeats
@simon @timbray @Migueldeicaza I feel like the early community attributes features of this platform to ‘technology’ when in reality was just a side effect of the limited number of people in here.
(DIR) Post #ASAvSAsmxcgqPcvgK8 by emoses@hachyderm.io
2023-01-30T16:59:24Z
0 likes, 0 repeats
@simon @timbray @phildini yeah this reminds me so vividly of DRM debates from the 90s, except with the inverse power dynamic: you can’t deliver content to someone and then expect to restrict what they do with it technologically. They’re incompatible goals. You can’t stream music to a user and then tell them how to listen to it, and you can’t send your toots to someone and then tell them how to store and process it. If you don’t want your thoughts public…don’t make them public.
(DIR) Post #ASB0ByC4ry9aCD2mlU by darius@friend.camp
2023-01-30T17:58:33Z
0 likes, 0 repeats
@simon you are correct, that's the default policy