De-federating #Threads does NOT prevent #Meta from accessing your public #Fediverse feed.
This is demonstrably false. Almost all servers that de-federate Threads still broadcast the RSS feed of your posts. This is available to everyone, even servers that are de-federated from yours.
If you don’t believe me, test this out for yourself. Append “.rss” to the end of your profile URL (exampleserver.com/@username.rss), and see what happens.
Hell, if I wanted to build a search engine for the Fediverse and not use ActivityPub, I could use RSS instead and I could index most of the Fediverse – whether you opt into it or not.
Let’s stop spreading the myth that de-federation by itself prevents Threads from accessing your public feed.
This entry was edited (4 weeks ago)
reshared this
crossgolf_rebel 🤍 on Calckey :calckey:
in reply to Chris Trottier • • •I have no idea why everyone is only focussing on the technical aspect and simply ignoring the 100 others
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •Yes, and you could scrape the server HTML posts as well.
That is NOT the point that people are making. Threads will not be displaying content scraped this way, which is the actual point. People do not want their stuff broadcast and open to interaction from an instance hosting a literal domestic terrorist (Chaya Raichik), which a defederation achieves wonderfully.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •Fediverse News reshared this.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •And then I would block on user agent, or simply disable RSS functionality for unauthenticated users.
Your point being? Bend over and give up because they may be able to access my information in some obscure way? This frankly just reads like you telling people to give in because the big corp will take it anyway, which is just nonsense.
People that dont want their stuff on Threads shouldn't have their stuff on Threads. The fact that you seem to believe it's alright to be advocating for Threads to become part of fedi while also basically stomping on user choice is absolutely baffling to me.
Fediverse News reshared this.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger Then do it. Take all those precautions and be proactive about it.
But don’t tell people that merely de-federating Threads prevents Threads from having access to your public posts.
reshared this
Fediverse News and BeAware :veriweed: reshared this.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •In its current state, it absolutely does stop them from seeing your posts if defederated. If that changes, I will.
But it probably won't. I don't like engaging in far-away hypotheticals, it's a complete waste of time for everyone involved.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •I hate to break this to you, but hypotheticals often become eventualities. Which means they happen.
Giving people a false sense of security is not a replacement for actual security.
Fediverse News reshared this.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •Don't "hate to break this to you" me.
This isn't a false sense of security. If you prepare for every single possibility, you wouldn't be using your computer, you'd have turned it off and buried it in a concrete block under the ocean starting around the early 2000s.
Large parts of security is being able to RESPOND to threats as they come up. It's always a balance between convenience and security. Disabling public post view for example would make scraping harder, but it would also make it a pain in the ass for normal outside users to see the full context of posts.
This isn't a binary choice. Stop acting like it is. You know this.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •If you follow anything Meta does, then you’re probably aware this isn’t a matter of “threats as they come up” but a threat that is already here.
It’s almost certain that Meta is accessing your public feeds for their own use.
Tools already exist that allow RSS to be converted to posts on Facebook and Instagram. It’s therefore almost certain that someone is building a tool that allows re-broadcast to Meta’s social networks from an RSS feed.
Fediverse News reshared this.
Lucas Gonze (OSS topics)
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger if federation is what you want, welcome to the fediverse. Otherwise, a chat group would be a better fit.
This is important because protocols define who gets to be a member by adherence to standards. Whether or not you like them the question is whether they adhere to the standards. Being allowed to interoperate is not a question of who you are but of how you implement the specification.
m@thias.hellqui.st :verified-skull: likes this.
Lucas Gonze (OSS topics)
in reply to Lucas Gonze (OSS topics) • • •Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Lucas Gonze (OSS topics) • • •Yes, and an instance following the AP standard would respect a defederation by default. That's all they have to do, and it likely is all they'll be doing.
Becoming a hostile actor is more work for basically zero reward for them.
Lucas Gonze (OSS topics)
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •reshared this
BeAware :veriweed: reshared this.
m@thias.hellqui.st :verified-skull:
in reply to Lucas Gonze (OSS topics) • • •@lucasgonze
Like this is how I interpretted it:
"...an instance following the AP standard would by default respect a defederation."
@privateger @atomicpoet
Fediverse News reshared this.
Lucas Gonze (OSS topics)
in reply to m@thias.hellqui.st :verified-skull: • • •@m @privateger thank you! Yes, that would basically work.
Still, the question is whether to ban Threads for who they are rather than how they implement the standard.
Lucas Gonze (OSS topics)
in reply to Lucas Gonze (OSS topics) • • •@m
let's talk about being a club as much as a protocol, as a model. What's wrong with being a club?
/CC
@atomicpoet @privateger
m@thias.hellqui.st :verified-skull:
in reply to Lucas Gonze (OSS topics) • • •@lucasgonze
I am thinking your reply to my clarification actually is meant for @privateger , correct? Otherwise I'm getting all confused. 😄
If at all interesting (I haven't been in the thread previously) I think the people of the Fediverse too often confuse the capabilities of services (Mastodon, Pleroma, Sharkey etc) with the infrastructure capabilities (or lack thereof) of the protocol (ActivityPub) and the wishes of "the users" or "the communities".
Too often they are lumped together along with a "it has always been like this", and we call that "The Fediverse", and then people point fingers at others for not using the same base view when talking about as varied things as "my users wishes" vs "capabilities of the protocol".
It does however also highlight, and hopefully put some pressure on, developing and evolving ActivityPub in such a way th
... Show more...@lucasgonze
I am thinking your reply to my clarification actually is meant for @privateger , correct? Otherwise I'm getting all confused. 😄
If at all interesting (I haven't been in the thread previously) I think the people of the Fediverse too often confuse the capabilities of services (Mastodon, Pleroma, Sharkey etc) with the infrastructure capabilities (or lack thereof) of the protocol (ActivityPub) and the wishes of "the users" or "the communities".
Too often they are lumped together along with a "it has always been like this", and we call that "The Fediverse", and then people point fingers at others for not using the same base view when talking about as varied things as "my users wishes" vs "capabilities of the protocol".
It does however also highlight, and hopefully put some pressure on, developing and evolving ActivityPub in such a way that it perhaps can handle, via the services, the wishes of the users of the services, which is something it is lacking today.
I could imagine a great point to start would be to add some security/privacy features that trickles all the way down to the protocol. But today they don't exist in the protocol, which would need to be updated/upgraded/refactored to cater for that.
To me an open protocol should not identify users, instances or locations, but merely facilitate communication and relevant functionality, and the protocol should function
the same for anyone implementing the protocol. The rest should be functionality of the services (which can be opinionated), which function on top of the protocol.
But that is my view. 😄
@atomicpoet
Fediverse News reshared this.
Lucas Gonze (OSS topics)
in reply to m@thias.hellqui.st :verified-skull: • • •@m Yes. I was on a phone sitting on the beach and couldn't properly track the threads.
About mixing up services, protocol, and communities, I believe there is a Cambrian Explosion moment of social networking innovations. Some of the end results will be troll nests, like Truth Social. Some will be single-interest forums, like mini-Reddits. Some will be general purpose communication infrastructure, like SMTP.
/cc @atomicpoet @privateger
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Lucas Gonze (OSS topics) • • •An instance fetching activities from another instance would not get an answer if they got blocked.
Unless they actively try to circumvent it by doing out-of-spec shenanigans, blocking them will behave as you would expect it to. A spec-adherent AP instance respects the other instances.
Federation doesn't mean you have to be open to everyone, it means you can choose who you wish to associate with. Being able to choose is the thing seperating Fedi from Twitter, where everyone is in one giant nightmare pot.
I run a lightly moderated instance myself. Being able to block all the horrendous shit out there however is a core feature and the reason I'm even here.
Yakyu Night Owl
in reply to Chris Trottier • • •Chris Trottier likes this.
Cătă
in reply to Yakyu Night Owl • • •@Yakyu Night Owl well, diaspora still exists.
@Chris Trottier
Evelyn fra denne andre øya
in reply to Chris Trottier • • •Fediverse News reshared this.
Chris Trottier
in reply to Evelyn fra denne andre øya • • •@evelyn If Meta snooped on encrypted Snapchat data, why would they not use RSS (or some other means) to access public Fediverse data?
https://techcrunch.com/2024/03/26/facebook-secret-project-snooped-snapchat-user-traffic/
TechCrunch is part of the Yahoo family of brands
techcrunch.comFediverse News reshared this.
Evelyn fra denne andre øya
in reply to Chris Trottier • • •Chris Trottier
in reply to Evelyn fra denne andre øya • • •@evelyn Telling people “Threads will never access your public feed because they’re de-federated” gives people misplaced confidence and a false sense of security.
Even if Meta never officially uses RSS, what will stop someone from mirroring your account on Threads via RSS?
Evelyn fra denne andre øya
in reply to Chris Trottier • • •Chris Trottier
in reply to Evelyn fra denne andre øya • • •@evelyn Well, a good portion of the Fediverse is not as technically inclined as you are. What you see as a generality is, to them, an absolute assurance.
If people discover their posts are being re-broadcast on Threads, I don’t want them upset because they thought de-federation would prevent that.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Evelyn fra denne andre øya • • •No, they don't. They use ActivityPub.
You know. Like any other instance in the entire fediverse.
Not a single implementation uses RSS for federation (tf?).
Fediverse News reshared this.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger @evelyn People already grab RSS feeds of websites and broadcast those feeds on the Fediverse. That’s how so many news sites have unofficial profiles here.
So it’s not just plausible for someone to use RSS for re-broadcast on the Fediverse. It’s already being done.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •I could scrape a good 90% of the fediverse by simply hooking up a websocket client on the federated feed of mastodon.social.
But that doesn't mean that defederations are not effective. They STILL turn your posts into read-only copies at worst, which will stop the worst of the abuse.
If Threads becomes an active bad actor using scraping to acquire content, bad things can happen to them when people retaliate, with either hostile AP implementations or lawsuits.
Why would they do this, when they can instead just not do so and enjoy the boring people on mastodon.social instead? They won't be hostile, they're used to the shenanigans at this point. Mastodon gGmbH welcomes them with open arms. Why force the other people into the system too? Meta is a company, they care about money.
Scraping at large scale with RSS is also horrendously inefficient. You'd have to send requests for EVERY profile, every time you want to check for new content, which would equal thousands upon thousands, or even millions, of requests every single day.
Fediverse News reshared this.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger @evelyn Yes, there’s many, many reasons to de-federate Threads. I’m not talking about those other reasons.
De-federation, by itself, does not prevent Threads from accessing your public feed. You already imply agreement with me by saying you could scrape a good 90% of the Fediverse.
Collin Donnell
in reply to Chris Trottier • • •Chris Trottier likes this.
Underfaker
in reply to Chris Trottier • • •That is not and was never the point, why blocking is necessary.
Wenn should stop spread false arguments
Chris Trottier
in reply to Underfaker • • •Maybe you don’t believe de-federating Threads will prevent them from accessing your public feed, but many people do. In fact, they’ve said so in replies to me.
Which is why I wrote the original post.
Fediverse News reshared this.
Jon F :anarchist_flag: & ☮️
in reply to Chris Trottier • • •Chris Trottier likes this.
Chris Trottier
in reply to Jon F :anarchist_flag: & ☮️ • • •Fediverse News reshared this.
BeAware :veriweed:
in reply to Jon F :anarchist_flag: & ☮️ • • •@AvonVilla that's the thing.... ANYONE can do those things. It doesn't take lots of money to view RSS feeds or make something automated to store data from RSS feeds....anyone can do any of these things at any time.
If you're not okay with literally anyone getting your data, the only option you have is to make your profile private.
Chris Trottier likes this.
Fediverse News reshared this.
Jon F :anarchist_flag: & ☮️
in reply to BeAware :veriweed: • • •Fediverse News reshared this.
BeAware :veriweed:
in reply to Jon F :anarchist_flag: & ☮️ • • •@AvonVilla you literally were SO close to my point, but missed it....
ANYONE can do federation and "steal" your data. Nobody has to make an account that shows who they really are. I can make an account with all kinds of lies and fake info, then follow anyone I want and use their posts however I want and they wouldn't have a clue....
Chris Trottier likes this.
Fediverse News reshared this.
Jon F :anarchist_flag: & ☮️
in reply to BeAware :veriweed: • • •@BeAware On the specific comment "anyone can do federation", remember too, that anyone can do defederation. MY point is that it should be done in the case of meta.
I'm happy that the instance I'm on has gone down that path.
Fediverse News reshared this.
BeAware :veriweed:
in reply to Jon F :anarchist_flag: & ☮️ • • •@AvonVilla again missing my point...
Defederation is a response action. Something that one has to know about specific activity that would make them want to defederate. If you don't know, you can't defederate...your PUBLIC data is public. Blocking meta won't change that and they aren't the only bad actors in the world with access to your public data via Federation. We federate by default, meaning your data is exposed by default, to Meta, or anyone else that isn't defederated...
It's fine though, you keep dodging the point and it doesn't matter anyway because you got what you want and so do I. Have a good day.
Fediverse News reshared this.
Hunterrules
in reply to Chris Trottier • • •Adam Dalliance
in reply to Chris Trottier • • •It'll prevent their normal automated systems though. They'd have to have a second scrapper using a second access channel and they haven't even finished writing their first yet.
Plus, the terms of service on this instance explicitly forbid them, they would be breaking the law and if we find they have done so they are open to legal attack .
Ку :emojione_bear:🇧🇬🇪🇺
in reply to Adam Dalliance • • •I find it quite unlikely that any other fediverse instance would have the legal power to do anything against them in such a situation.
At the same time, I do agree they probably won't care about doing that scraping. They won't put in the work to get all the possible data, when they have multiple large instances they can use instead. Plus ways to get to it through the other instances they are federated with.
Anyway, blocking them in my opinion is much more about having a peace of mind that my instance won't suddenly get overrun with data from them whenever they reach more feature-rich integration. Though I believe they would be working on ways to address that somehow, since I doubt they realistically expect anyone would be able to just cache all the stuff that comes from them, even just the text parts. Plus... you know... blocking them is a tiny act of pointless resistance that makes me feel good. 🙂 It's just not a particularly useful one from a privacy standpoint.
argv minus one
in reply to Chris Trottier • • •Defederating #Threads will, however, stop Threads from drowning out the entire rest of the Fediverse.
The result of federating is that Threads *is* the Fediverse now, and the rest of us are just the silent periphery that no one cares about and aren't even allowed to speak to Threads users (the federation is one-way). This kills the Fediverse. Easiest #EmbraceExtendExtinguish ever.
Fediverse News reshared this.
Chris Trottier
in reply to argv minus one • • •@argv_minus_one You have to manually turn on federation for it to work on Threads. So far, few people on Threads have done that.
I doubt they will drown out the Fediverse.
argv minus one
in reply to Chris Trottier • • •Chris Trottier
in reply to argv minus one • • •@argv_minus_one Limited federation is an option that addresses that. Admins can make it so that only specific Threads accounts that you follow show up in your home feed.
For example, if you’re only following @potus, you will only see his account and no one else on Threads.
De-federation is not a one size fits all solution, and there’s other tools available to address problems.
Regardless, WordPress has a bigger install base than Threads. What are you going to do if they turn on federation by default?
Fediverse News reshared this.
argv minus one
in reply to argv minus one • • •Fediverse News reshared this.
Chris Trottier
in reply to argv minus one • • •@argv_minus_one If you have moral reasons for blocking Threads, that’s okay. But I’m addressing people who believe de-federation prevents scraping.
Misinformation is the problem here, not your feelings about Threads.
Fediverse News reshared this.
BeAware :veriweed:
in reply to argv minus one • • •argv minus one
in reply to BeAware :veriweed: • • •@BeAware
Indeed. Unfortunately. But user-level domain blocks are a thing, and I blocked threads.net the first time I saw a post from there.
BeAware :veriweed:
in reply to argv minus one • • •@argv_minus_one it should be called "user level domain mutes" though because once two-way federation is live, they'll still be able to see, react, and comment on your posts, you just won't be able to see them.
Kinda like sitting in a room with hungry bears with a blindfold on...😬
argv minus one
in reply to BeAware :veriweed: • • •@BeAware
Really? When I instituted the domain block, the warning message said that users on that domain won't be able to see or interact with my content, if I recall correctly.
BeAware :veriweed:
in reply to argv minus one • • •@argv_minus_one really...I had an example of this exact thing happening back when Eugen was pushing it.
I don't know why he insists on lying....I have seen it in the wild and tested it myself on my own instance. There MIGHT be a way to ensure that the blocks are honored, but that wasn't obvious from the situation so I don't know if it's possible.😬I can try to find the example I had, but no promises cause I've deleted many posts since then.
BeAware :veriweed:
in reply to BeAware :veriweed: • • •@argv_minus_one originally, my example was a user posting "I have blocked kolektiva" (now deleted) and they weren't an admin, yet in their replies there was many kolektiva users commenting on their post...
Here's one such reply, but as you can tell, the original post isn't there because it was deleted. I can only assume they deleted it because they realized they were wrong...🤷♂️🤦♂️
https://kolektiva.social/@bigMouthCommie/111780235030461218
HACKthePRISONS (@bigMouthCommie@kolektiva.social)
kolektiva.socialargv minus one
in reply to BeAware :veriweed: • • •@BeAware
🤦♂️
BeAware :veriweed: reshared this.
shellsharks
in reply to argv minus one • • •Fediverse News reshared this.
Chris Trottier
in reply to shellsharks • • •@shellsharks @argv_minus_one Also, even though it’s possible Threads could turn on federation by default for all accounts, I don’t think that’s likely.
This would piss off everyone who has a private Threads account, causing a big blow up over there. And for what purpose?
Regardless, I suspect Threads has other more compelling reasons to add federation than “taking over the Fediverse”.
shellsharks
in reply to shellsharks • • •Fediverse News reshared this.
argv minus one
in reply to shellsharks • • •@shellsharks
A member of the social media cartel doesn't want to crush an independent competitor? You must be joking.
@atomicpoet
Chris Trottier
in reply to argv minus one • • •@argv_minus_one @shellsharks Correction: a monopoly wants to crush a competitor while simultaneously proving to regulators that it’s not a monopoly.
And while they’re at it, they’re kicking certain content off their platform by saying “Mastodon exists”. 😆
ferricoxide
in reply to shellsharks • • •Fediverse News reshared this.
Chris Trottier
in reply to ferricoxide • • •shellsharks
in reply to ferricoxide • • •Fediverse News reshared this.
Chris Trottier
in reply to shellsharks • • •BeAware :veriweed: reshared this.
Sergio F. Lima
in reply to Chris Trottier • • •Chris Trottier likes this.
Tuxicoman
in reply to Chris Trottier • • •One can also get your toots by reading it on another fediverse server (because you have a follower there)
With a bot account that subscribe to everyone sneakly, one can also gather a lot of data.
Chris Trottier likes this.
Toon Van de Putte
in reply to Chris Trottier • • •Chris Trottier
in reply to Toon Van de Putte • • •@toon I’m not a lawyer, so you’ll have to test things out in whatever place you live.
Nevertheless, but the greater concern for me isn’t indexing but access to your public feed. And de-federation does not prevent access.
Fediverse News reshared this.
Allen Versfeld
in reply to Toon Van de Putte • • •@toon
So first up, I'm not an IP lawyer, or any other kind of lawyer, so I can only talk about how big online copyright cases have played out, from what was reported in the media, but I reckon that indexing is entirely legal.
Search engines have been indexing the content of every website they can find for over 30 years. This includes stuff that the owners really didn't want indexed. There have been many well-publicized cases of Google and friends indexing stuff that should have been protected but that wasn't, including private medical records, plaintext password databases, classified government documents, internal company documents, and more. A popular hacking technique is to simply use google to search for filenames that might contain sensitive data (maybe something like "Patient admissions filetype:xlsx")
As far as I know, no search engine has ever been found guilty of breaking the law by doing this, and nobody has ever successfully sued.
Closest I can think of to rea
... Show more...@toon
So first up, I'm not an IP lawyer, or any other kind of lawyer, so I can only talk about how big online copyright cases have played out, from what was reported in the media, but I reckon that indexing is entirely legal.
Search engines have been indexing the content of every website they can find for over 30 years. This includes stuff that the owners really didn't want indexed. There have been many well-publicized cases of Google and friends indexing stuff that should have been protected but that wasn't, including private medical records, plaintext password databases, classified government documents, internal company documents, and more. A popular hacking technique is to simply use google to search for filenames that might contain sensitive data (maybe something like "Patient admissions filetype:xlsx")
As far as I know, no search engine has ever been found guilty of breaking the law by doing this, and nobody has ever successfully sued.
Closest I can think of to real legal problems for indexers was when Google started bulk-scanning copyrighted books, and making them available in books.google.com
That was a long time ago so I don't remember much of the reporting, but based on how that website works now, I suspect that the only copyright issue that stuck was "You can't just give copies away", The index remains, and you can read excerpts of books, but not the whole text.
m@thias.hellqui.st :verified-skull:
in reply to Allen Versfeld • • •@uastronomer
*09:33 ThePirateBay has entered the chat*
🙃
@toon @atomicpoet @fediversenews
Fediverse News reshared this.
الماريسي
in reply to Chris Trottier • • •Chris Trottier likes this.