I hope this doesn't sound too radical, but **do not trust proprietary Mastodon clients**. Trusting proprietary applications, especially for social media, is not a good idea.
@brainblasted And thanks to the way the Stackmesh API is designed, even prop. apps can't sneak your data out without alerting the user first.
@brainblasted That sounds radical.
@hinterwaeldler Guess I am radical now
I didn't even know there were any...
@frankiesaxx @brainblasted Neither did I, but seem like a sound advice anyway.
@frankiesaxx @arcans I believe Tootdon is, as I cannot find the source code.
@brainblasted @frankiesaxx @arcans Here is a good start:
https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/Apps.md
If the apps don't show a link to source, I wouldn't trust it.
Additionally, the #mastodon installation allows by default #progressivewebapps for your instance. Acts like a regular app on your mobile device.
https://en.wikipedia.org/wiki/Progressive_Web_Apps
https://developer.mozilla.org/en-US/Apps/Progressive
Reply here if you wanna know more about Progressive Web Apps
@brainblasted I wonder how long it'll be before we start seeing browser extensions that "enhance" Mastodon but then scrape all your data & your friends' data, like there are for Facebook.
Assuming those aren't out there already, of course. But unlike with Facebook there's nobody to block them.
@seanl @brainblasted Mastodon is public, more so than Facebook. It will be scraped six ways to Sunday, and the scrapers will not even pay for the privilege of doing so.
(If they scrape unlisted, follower-only, or DM toots, that's a different matter.)
I don't think it's helpful to stick our heads in the sand about this. There *will* be databases of toots and social connections if Mastodon ever gets popular.
@varx @seanl Sure, but we will be able to control and limit what can be scraped about ourselves. Mastodon isn't trying to track your every move, know who your best friend's best friend is, or other intricacies of your life, so the use they get out of our data will be far less than what they would have gotten from Facebook.
@brainblasted @seanl I absolutely agree. And that's why it's important to not pretend there's privacy here, beyond what we make with our self-censorship.
That's not natural for people to do, of course. It needs to be easier. I'd love to see federated/distributed social media with no public posts at all, and with *horizons*, so that scrapers can't even get access beyond the suckers who friend them.
@seanl If you want private messaging, use tools that are intended for that. If you want to evade dragnet scraping, don't post on Mastodon. *If it's not for public consumption, don't post it here.*
"Unlisted toots" and such are just the thinnest, gauziest curtain over your words. Your words will not stay hidden from the surveillance machine forever.
@brainblasted
This is why I like Mastalab -- Open Source Android Client.
@ScottMortimer There's also Tusky, which is my preferred client
@brainblasted Not at all. I agree. I just think that its not a FOSS problem as much as it is a corporate. Either way theres trust involved. FOSS projects can still steal data. BTW, you would really like the approach Im building into Stackmesh for this reason. Data is owned by the users and applications are assets... e.g, they run locally and data is populated by the user. There is no server-side because every node is a client and server, publisher and consumer