What you should not forget is that: public posts are public, private posts may still be public if sent to dishonest servers, DMs are not protected by encryption and rely on both involved instance's honesty.
If you allow everyone to follow you your data may get mined just as on the commercial platforms.
If you have a commercial bot (in disguise) in your followers, it will see and mine those toots.
Just being a federation is no silver bullet to the privacy issue. But ou aren't the product anymore.
@ckeen If someone really cares for his privacy, wouldn't it make more sense to use a darknet?
@nadir I am not sure what you mean by that. The context of this post was to make clear the current state of the post settings on mastodon instances.
Even if you use Tor to reach mastodon this applies.
I don't know of any Darknet and don't even know what that means. There are hidden services yes and maybe even GNU social nodes set up as hidden services but how does that apply to the users potentially misled by the mastodon wording?
(and yes there's i2p etc... too)
@nadir Yes, what's your attacker model? :)
@ckeen I guess something like "the government". I didn't think about the privacy problem for quite a while. To be honest.
@nadir In general I think if that's the adversary one needs to completely rethink device usage and communication means. Check your local resistance group.
Also plan to get a new government.
@ckeen I recall retroshare to be very easy to use, compared to onion or i2p or freenet. Also it feels more like a social network than those. But i didn't really look much into how "private" it is.
@nadir retroshare relies on the same as freenet in 'dark net mode' IIRC. Which is you connect only to people you trust and there are no moles or snitches inside the network. Both do not conceal that they are running retroshare/freenode per se. so that in itself might be a problem.
@ckeen can we agree to agree?
@nadir Sure, thanks for bringing this up. Now I can point people to this conversation :)
@ckeen Also, did you hear of the freedombox project? I was interested in it when i was interested in darknets too. I think what you said applies for it too (not sure, like said, i gave up on the problem): https://wiki.debian.org/FreedomBox/LeavingTheCloud
@nadir They are packaging selfhosting applications for group communication etc. and are offering several 'tunneling' options. But none of these have anonymity in mind by design.
If you need a system aimed at anonymity better check out Tails
@ckeen From the top of my head: It is much easier to control, observe, censor centralized services than distributed and self-hosted ones. - In general i agree with what you said (hence i started commenting with "darknets" ... ).
@nadir Decentralising is a good thing on its own: It means you are less reliant on central infrastructure, the internet can function as it has been designed. It however does not mean that it cannot be controlled.
That said I think we agree on that.
@ckeen I recall a nice forum software in i2p. I forgot the name, perhaps syndie. (It wasn't really a forum, like a forum, a bit like a mailing list). So it was in the dark, as in i2p, but also decentralized.
@ckeen I didn't mean that much, to be honest. Just a littel hype for darknets. Obviously everything in the clear net is not very private (depends who you consider to be the attacker).