Conversation

Notices

1. Embed this notice
   z428 (z428@loma.ml)'s status on Friday, 27-Sep-2024 15:10:34 JST z428

   • Evan Prodromou
   @evan Would have voted "qualified no" if I actually could, at this point. Experiences with "researchers" on other platforms leave me very very cautious and concerned here. Much more than these, however: _My_ Fediverse data itself is irrelevant. What matters seems data that somehow relates me to others, and I can't at all be sure most (or even all) of my contacts are willing for me to share any information on our interactions, communications, messages. Plus, it feels at least not trivial to handle data from people that agreed _and_, from that set, weeding out data from people that have _not_ agreed without actually having at least this interaction information at hand, back then.
   (On the other end, most of my communication out here is public. I have learnt not to very much trust the Fediverse and specificially ActivityPub from a technical perspective with real "private" data so guess any researcher could probably go there and utilize some sort of web or AP crawler to get whichever public information is there without a second thought.)
   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Friday, 27-Sep-2024 15:10:32 JST Evan Prodromou

     in reply to

     @z428 Why don't you trust ActivityPub with private data? It's as good as email.

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Friday, 27-Sep-2024 23:17:34 JST Evan Prodromou

     in reply to

     • heluecht

     @z428 @heluecht the UI for private messages in Mastodon leads to a lot of mistakes, such as people posting something publicly that was meant to be private.

   • Embed this notice
     z428 (z428@loma.ml)'s status on Friday, 27-Sep-2024 23:17:36 JST z428

     in reply to

     • heluecht
     • Evan Prodromou

     @evan At first, I don't trust e-mail with really "private" data either, due to its very nature (store-and-forward, unencrypted metadata, encryption mainly "just" done using PGP/GPG with long-lived private keys closely tied to my identity).

     Plus, I think these things don't really compare. E-mail, by default, has access control and whatever is in _my_ mailbox is supposed to be in _my_ mailbox. With maybe the exception of mailing lists, I usually don't have such a thing as an e-mail sent out to a "random public" - it's always addressing one specific recipient and usually supposed to end up in this persons very inbox invisible to someone else. Fediverse, to me, seems more like "the old WWW" here where a lot of things are public by default and anything to reduce visibility is somewhat difficult to do right on top.

     Adding to that, for ActivityPub things seem slightly more complex depending on how various implementations handle things. In example, I've seen a bunch of situations in which "private" or "follower-only" messages have made it to public views in Friendica. Not sure whether these issues arising from loopholes or weaknesses in ActivityPub as a spec or "just" flaws in individual implementations, yet this makes me very very cautious how to make sure "private" messages actually remain "private".

     cc @heluecht