Conversation

Notices

1. Embed this notice
   Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 07:15:13 JST Jan Wildeboer 😷:krulorange:

   Why am I here and not on #Bluesky or #Threads? Because here I am on my own instance, hosted in the EU, and not on a centralised service from the US (which both Bluesky and Threads are) where soon a Trump government is installed that can easily force both Bluesky and Threads to hand over full access to all my data. That's my personal risk calculation. Yours might be very different. And that's perfectly fine!

   • anban likes this.
   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 07:22:31 JST Jan Wildeboer 😷:krulorange:

     in reply to

     And yes, I still treat every single post and message here as ultimately being stored and analysed by adversaries because the for me the Pub in ActivtyPub means public. My private communication happens via Signal or old fashioned pen and paper. Or, even more often, by direct communication over a coffee, beer or a walk outside :)

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 07:33:36 JST Jan Wildeboer 😷:krulorange:

     in reply to

     Another reason for staying here is metadata. Trust me, not many organisations out there really care about the content of your posts. They focus far more on the connections and frequency of data on likes, boost, follow/unfollow etc. In a centralised service that metadata is, ohm, centralised too and easy to access. In a federated network that isn't that easy, especially when, like me, you live on your own instance and not a big one like mastodon.social. Decentralisation makes abuse expensive.

     anban likes this.
   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 08:26:28 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Honza

     @knezi Try it :) You can see the difficulties already in your daily experience here when you notice that not all replies to a post show up in your timeline. Building the complete social graph of all interactions in the Fediverse is an exponentially bigger problem than doing that on a centralised service like Bluesky or Threads.

   • Embed this notice
     Honza (knezi@mastodon.arch-linux.cz)'s status on Monday, 18-Nov-2024 08:26:29 JST Honza

     in reply to

     @jwildeboer but isn't fediverse easily scraped? Allowing one to harvest metadata too? Sure not as comprehensive as centralised media, but still...

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 09:59:37 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Nazo
     • Honza

     @nazokiyoubinbou Mastodon at least has built-in rate limiting for such scrapers. See https://docs.joinmastodon.org/api/rate-limits/ @knezi

   • Embed this notice
     Nazo (nazokiyoubinbou@mastodon.social)'s status on Monday, 18-Nov-2024 09:59:38 JST Nazo

     in reply to

     • Honza

     @knezi @jwildeboer Quite a lot of the metadata isn't really. They can scrape obvious interactions like if you respond do a post, but not much else. Most instances don't let anyone but the poster see who actually clicked "favorite" for example. They'll see boosts, but that's about it.

     More importantly, they can't see the other, less obvious stuff. For example, Facebook and Twitter know if you click to open a post, but Mastodon won't tell third parties about that.

   • Embed this notice
     Nazo (nazokiyoubinbou@mastodon.social)'s status on Monday, 18-Nov-2024 09:59:38 JST Nazo

     in reply to

     • Honza

     @knezi @jwildeboer As a side note, Mastodon offers a few useful features like automatic post deletions and hiding more profile stuff. This does not by any means guarantee third parties can't scrape or see any of this, but at the same time, it does limit them a lot more. For example, unless they're scraping constantly, they're not going to see older automatically deleted posts.

     A lot of instances will block those who spam too many requests I imagine.

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Monday, 18-Nov-2024 15:20:20 JST Raphael Lullis

     in reply to

     @jwildeboer

     Wait, this argument does not hold.

     Like you said, the data is already public on ActivityPub. Whatever adversaries interested in building the social graph or analyzing metadata can do so, regardless of your instance location or who is power.

   • Embed this notice
     praveen (pravee_n@mastodon.social)'s status on Monday, 18-Nov-2024 18:06:20 JST praveen

     in reply to

     • Heath Stewart

     @heaths @jwildeboer Yes. Bluesky seems like a very well built platform in my opinion.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 18:06:20 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Heath Stewart
     • praveen

     @pravee_n See my other thread at https://social.wildeboer.net/@jwildeboer/113487613965056474 where I explain why Bluesky isn't decentralised and why running your own PDS means nothing as they still run other essential parts. @heaths

   • Embed this notice
     praveen (pravee_n@mastodon.social)'s status on Monday, 18-Nov-2024 18:06:21 JST praveen

     in reply to

     @jwildeboer Bluesky is not decentralised? I thought we can create own on servers there.

   • Embed this notice
     Heath Stewart (heaths@fosstodon.org)'s status on Monday, 18-Nov-2024 18:06:21 JST Heath Stewart

     in reply to

     • praveen

     @pravee_n @jwildeboer you can. They have docs on it: https://docs.bsky.app/docs/advanced-guides/federation-architecture#self-hosting

     Seems pretty easy. Already several other PDSes out there e.g., letting people make custom feeds using hashtags, LLMs, whatever to drive a bespoke algorithm.

     I’ve been comparing services (been here for a couple years) for about a week. There are pros and cons to both.

   • Embed this notice
     fury999io (fury999io@fosstodon.org)'s status on Monday, 18-Nov-2024 19:14:10 JST fury999io

     in reply to

     @jwildeboer Why specifically Trump?

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 19:23:49 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • fury999io

     @fury999io Becaise he is becoming president of the country where Bluesky, Facebook etc are based.

   • Embed this notice
     nelomah (nelomah@mastodon.social)'s status on Monday, 18-Nov-2024 19:47:16 JST nelomah

     in reply to

     • Raphael Lullis

     @raphael @jwildeboer does ActivityPub include metadata?

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Monday, 18-Nov-2024 19:47:16 JST Raphael Lullis

     in reply to

     • nelomah

     @nelomah @jwildeboer

     How could it not?

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 19:47:46 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Raphael Lullis

     @raphael They’d have to check/scrape *all* ActivityPub instances all the time to get a complete social graph of the Fediverse. While at a centralised service that social graph is part of the architecture. That’s a huge difference.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 19:58:15 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Raphael Lullis

     @raphael Or to explain my argument in more simple ways: Twitter has the Firehose, where you can access all traffic at once. In a federated network such as firehose doesn’t exist and trying to build it is an exponentially bigger problem that IMHO cannot be solved.

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Monday, 18-Nov-2024 20:18:04 JST Raphael Lullis

     in reply to

     @jwildeboer

     Oh, please... I was toying with the idea of making a search engine for the Fediverse last year. It took me less than a week to scrape and index 8 million ActivityPub accounts last year, with all of the users posts, including those that had enabled authorized fetch.

     From my home computer.

     On a shitty 50MB DSL connection from O2.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 20:23:04 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Jerome

     @dl2jml You are trying to move my thread far, far away from its original intention. Why not do that in a new post/thread instead of hijacking my post?

   • Embed this notice
     Jerome (dl2jml@mastodon.radio)'s status on Monday, 18-Nov-2024 20:23:15 JST Jerome

     in reply to

     @jwildeboer This has the potential to be very disruptive because how can you compel people to earn a living if they choose poverty? How can you sustain a civilisation if people refuse to reproduce? How can economic empires thrive if individuals no longer wish to work for large corporations?
     When this behavior will be recognized as disruptive, the absence of positive signals will be seen as a negative sign.

   • Embed this notice
     Jerome (dl2jml@mastodon.radio)'s status on Monday, 18-Nov-2024 20:23:26 JST Jerome

     in reply to

     @jwildeboer Come to think of it, this is going to be even more important, because society is experiencing a "passive revolution". Young generations simply do not want to work for "the system". And, contrary to popular belief, a sizable proportion of them is not on mainstream social networks.

   • Embed this notice
     Jerome (dl2jml@mastodon.radio)'s status on Monday, 18-Nov-2024 20:23:36 JST Jerome

     in reply to

     @jwildeboer All these work because the burden of the proof is put on you. That is the opposite of a fair judicial system, but we are talking of unfair regimes.

   • Embed this notice
     Jerome (dl2jml@mastodon.radio)'s status on Monday, 18-Nov-2024 20:23:47 JST Jerome

     in reply to

     @jwildeboer If you want a job, employers want to see your Linkedin and FB account. It may not be always legal, but it is hard to prove you did not get the job because of lack of access or lack or a suitable track record.
     In some dating circles, people who do not have the right pictures to show on their phones are suspicious.
     Online shopping sites make it more difficult for new customers and will extra check them. It is easier if you have a track record of purchases.

   • Embed this notice
     Jerome (dl2jml@mastodon.radio)'s status on Monday, 18-Nov-2024 20:23:58 JST Jerome

     in reply to

     @jwildeboer That is already a reality today. If you need a US visa, you need to tell them about your social accounts. Be prepared to have to explain why you don't use FB.
     If you need credit, you need a record of your credit usage. Problem if you pay most in cash. In countries where most people pay by card, be prepared to explain what you do with your money if you are controlled by the tax authorities. They will have access to your bank accounts and see cash withdrawals.

   • Embed this notice
     Jerome (dl2jml@mastodon.radio)'s status on Monday, 18-Nov-2024 20:24:09 JST Jerome

     in reply to

     @jwildeboer It is good that someone posts about the importance of metadata.

     However, in a surveillance state, the absence of signal is a signal in itself. If you do not have a continuous track of metadata on social networks, if you do not show a record of your life as a "good citizen", that is enough of a signal to light a warning. And that is a lot more difficult to escape.

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Monday, 18-Nov-2024 20:35:33 JST Raphael Lullis

     in reply to

     @jwildeboer

     Capital-P "privacy" is absolutely incompatible with publishing networks. Telling people that Mastodon is any better in this regard is at best wishful thinking and at worst irresponsible.

     We *might* make it work with AP if we have better C2S implementations where end users control the keys and allow for E2EE, but if your threat model involves 3LAs and corporations building your profile, the best solution is to avoid any social network and stick with Signal/Matrix/XMPP.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 20:38:54 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Raphael Lullis

     @raphael I specifically pointed at that in the second toot on my thread: „I still treat every single post and message here as ultimately being stored and analysed by adversaries because for me the Pub in ActivityPub means public.“

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Monday, 18-Nov-2024 20:44:55 JST Raphael Lullis

     in reply to

     @jwildeboer

     Okay, cool. My objection though is to the first post. It doesn't matter whether we are here, Threads, Bluesky or Twitter. When it comes to social media, the only winning move for those concerned about state actors and large corporations is not to play.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Monday, 18-Nov-2024 23:29:11 JST Jan Wildeboer 😷:krulorange:

     in reply to

     Now also part of a blogpost at https://jan.wildeboer.net/2024/11/My-Digital-Life-After-Twitter/

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Tuesday, 19-Nov-2024 00:49:44 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Heath Stewart
     • praveen

     @heaths To identify yourself in the Bluesky network, you need an identifier. The layer that manages and provides these is the PLC. And, guess, who runs the only PLC that is used in the Bluesky network?@pravee_n

   • Embed this notice
     Heath Stewart (heaths@fosstodon.org)'s status on Tuesday, 19-Nov-2024 00:49:45 JST Heath Stewart

     in reply to

     • praveen

     @jwildeboer @pravee_n my understanding was that anyone *could* run a relay, but even their docs admit it’s a ton of bandwidth and implies there’s not much incentive to do so. So maybe they are practically running all the relays and that makes them practically centralized.

     Still, it seems to solve for the problem of the Mastodon effect where sites are getting DOS’d by instances requesting data for thumbnails.

     Personally, I see pros and cons. To each their own, though.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Tuesday, 19-Nov-2024 03:04:46 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Heath Stewart
     • praveen

     @pravee_n AFAICS no. @heaths

   • Embed this notice
     praveen (pravee_n@mastodon.social)'s status on Tuesday, 19-Nov-2024 03:04:47 JST praveen

     in reply to

     • Heath Stewart

     @jwildeboer @heaths Is it possible to tun alternative PLC?

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Tuesday, 19-Nov-2024 03:56:02 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Heath Stewart
     • praveen

     @heaths @pravee_n No, you can’t. did:plc is primary.

   • Embed this notice
     Heath Stewart (heaths@fosstodon.org)'s status on Tuesday, 19-Nov-2024 03:56:03 JST Heath Stewart

     in reply to

     • praveen

     @jwildeboer @pravee_n looks like you can use the `did:web` method as described in https://atproto.com/specs/did#blessed-did-methods

     To clarify: not trying to push anyone anywhere. 🙂 This just seems like a great exploration of the protocol. I skimmed the docs earlier - I’m really liking the Labeler functionality - but this thread has convinced me to read more thoroughly.

   • Embed this notice
     Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)'s status on Wednesday, 20-Nov-2024 16:54:42 JST Jan Wildeboer 😷:krulorange:

     in reply to

     • Chasalin

     @chasalin Yes. But to work you still need a Relay, the PLC and the AppView. Self-hosting != federated or decentralised.

   • Embed this notice
     Chasalin (chasalin@mastodon.chasalin.nl)'s status on Wednesday, 20-Nov-2024 16:54:43 JST Chasalin

     in reply to

     @jwildeboer
     Did you know you can host your own PDS (personal data service) for bsky?
     That way you control quite a lot yourself.

     But still, bsky is, like 'the rest' a bit of a black hole: money and bleats go in and, yeah, what comes out? And where does the money go?