What you should not forget is that: public posts are public, private posts may still be public if sent to dishonest servers, DMs are not protected by encryption and rely on both involved instance's honesty.
If you allow everyone to follow you your data may get mined just as on the commercial platforms.
If you have a commercial bot (in disguise) in your followers, it will see and mine those toots.
Just being a federation is no silver bullet to the privacy issue. But ou aren't the product anymore.
@ckeen excellent toot 💯
@alice Thanks 💜
@ckeen That's one of the main reasons I block any startup following me. But identifying bots is obviously a problem.
Maybe we should do follower activity analysis to identify bots posing as humans? Not quite sure of the moral implications here…
@phryk There's not a good solution to this. As a commercial entity might build up fake identities and get them connected or buy accounts.
It's COINTELPRO all over again but this time with a capitalistic twist.
@ckeen You can also disable search engine indexing in the settings. Or some instances do it for all users by default (e.g. mine 😊).
Among the many good reasons to use mastodon for public discourse and something secure for those privacy things
That would also be a good solution. I think the main thing is people expect it to be in a single location/interface and that if you're interacting with someone on that platform one way, you can transition to another privacy level on the same platform. I want to be able to DM my fediverse homies in my fediverse application. But I don't really care what makes that happen on the back end.
I think having or not having the functionality users are trained to expect will affect adoption. I do use Mastodon less b/c for me Twitter is a nexus where ppl I know from a bunch of different places congregate and a lot of my use is in DM chats. I don't know what the solution is to that. Mastodon doesn't support it & it's hard enough to budge ppl off a platform w/o telling them now they need to join two to do what the one does.
@ckeen use mastodon for public stuff and riot/matrix for private stuff and collaboration and everything is good.
other/older implementations that don't support Gargron's Mastodon specific privacy controls != dishonest
@celesteh That's a good point I haven't thought of. I have had dishonest mastodon servers in mind when I posted that. There have been servers in the wild that have lied about their user stats and one has to assume that not everyone is following even the mastodon extras. And yes activitypub will close at least this gap. Thank you for this addition!
@ckeen If someone really cares for his privacy, wouldn't it make more sense to use a darknet?
@nadir I am not sure what you mean by that. The context of this post was to make clear the current state of the post settings on mastodon instances.
Even if you use Tor to reach mastodon this applies.
I don't know of any Darknet and don't even know what that means. There are hidden services yes and maybe even GNU social nodes set up as hidden services but how does that apply to the users potentially misled by the mastodon wording?
(and yes there's i2p etc... too)
@ckeen I didn't mean that much, to be honest. Just a littel hype for darknets. Obviously everything in the clear net is not very private (depends who you consider to be the attacker).
@nadir Yes, what's your attacker model? :)
@ckeen I guess something like "the government". I didn't think about the privacy problem for quite a while. To be honest.
@nadir In general I think if that's the adversary one needs to completely rethink device usage and communication means. Check your local resistance group.
Also plan to get a new government.
@ckeen I recall retroshare to be very easy to use, compared to onion or i2p or freenet. Also it feels more like a social network than those. But i didn't really look much into how "private" it is.
@nadir retroshare relies on the same as freenet in 'dark net mode' IIRC. Which is you connect only to people you trust and there are no moles or snitches inside the network. Both do not conceal that they are running retroshare/freenode per se. so that in itself might be a problem.
@ckeen can we agree to agree?
@nadir Sure, thanks for bringing this up. Now I can point people to this conversation :)
@ckeen Also, did you hear of the freedombox project? I was interested in it when i was interested in darknets too. I think what you said applies for it too (not sure, like said, i gave up on the problem): https://wiki.debian.org/FreedomBox/LeavingTheCloud
@nadir They are packaging selfhosting applications for group communication etc. and are offering several 'tunneling' options. But none of these have anonymity in mind by design.
If you need a system aimed at anonymity better check out Tails
@ckeen From the top of my head: It is much easier to control, observe, censor centralized services than distributed and self-hosted ones. - In general i agree with what you said (hence i started commenting with "darknets" ... ).
@nadir Decentralising is a good thing on its own: It means you are less reliant on central infrastructure, the internet can function as it has been designed. It however does not mean that it cannot be controlled.
That said I think we agree on that.
@ckeen I recall a nice forum software in i2p. I forgot the name, perhaps syndie. (It wasn't really a forum, like a forum, a bit like a mailing list). So it was in the dark, as in i2p, but also decentralized.
@ckeen This does make me worry that "you aren't the product anymore" means: you get all the bad stuff, but no one has an incentive to make things work. The product is... good feelings?
@ianbicking Well it mostly means that 1. you have to trust your instance admin, 2. unless there is no e2e for DMs they are not private,
@ianbicking One could also ask why people are running services for others in general. There are always several motives at work and the same goes for OStatus/ActivityPub servers.
Admins should be clear about their motifs so you can make a educated choice.
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!