Notices by The Nexus of Privacy (thenexusofprivacy@infosec.exchange), page 3

Yeah it is really interesting. I mentioned Rudy's Tech Talk in a reply from another account (which doesn't seem to have federated broadly, not sure what's up about that) , it really digs down into the details. Also his three-part series starting at Blacksky: Expressing the Black Everyday in a New Digital Space is wonderful ... that, along with his other posts, really opened my eyes to what's possible with AT Proto (although of course all the concerns about and criticisms of Bluesky as a venture-funded startup that tolerates terfs and nazis remain valid).

The specifics here would be different so you couldn't take that exact approach but a lot of the insights and techniques could apply. The way I thikn of it is that he's come up with a radically different approach for community in large, all-public social networks that can in principle complement fedi's scoped-visibility networked smaller communities. Details TBD of course!

@soaproot @tillshadeisgone

@graue it's interesting, I saw it as a very fedi-like dynamic in general: a swift response to a non-consensual scraper (even though the architecture does nothing to prevent scraping and there aren't currently any legal protections in place) and the person behind it swiftly backing down.

Also, I'm curious: why do you see this as a plus for fedi? Right now to me they seem roughly equivialent. Neither Bluesky or Mastodon has anything in their terms of service that prohibits this.

And if Bluesky does introduce the user control they're talking about, that would put them ahead of Mastodon -- which right now only has options for

• Your public posts and profile may be featured or recommended in various areas of Mastodon and your profile may be suggested to other users.

• Your public posts may appear in search results on Mastodo

• Your profile page may appear in search results on Google, Bing, and others.

None of which cover this case.

Thanks for the tag! And yes, it's both. Flowers and Mekka both talk about "HOA racism", the more casual stuff including micro-aggressions ... there are bunch of examples in my post.

In a lot of ways the hard-core harassment from bad instances is easier to deal with -- instance-level blocking has its downsides but is great for this use case. But there are other instances that have a pattern of racist behavior that aren't widely blocked.

@ryanrandall @GuyDudeman

In general, yes, instance blocking can help encourage better moderation. But it's complex: instance blocking cuts communication between everybody on both instances, so especially for larger instances a lot of people who aren't behaving badly pay the price. mastodon.social is an extreme example of this -- not particularly well moderated (which isn't the moderators' fault, it's Eugen who's made the decision not to put enough resources into moderation and still keep it as open sigup, but still) so the source of a fair number of problems, but still a big loss to connectivity if you defederate.

(Also I think it's critical not to view instance blocking as punishment, it's really about safety and asserting boundaries. But that's a digression.)

@GuyDudeman @ryanrandall

@GuyDudeman I just reported a post on beige.party for racism. It's far from the worst example of racism I've seen but I'd say it was pretty blatant -- other people had already pointed it out but the person involved ignored it. Then again it's the kind of thing that many white people don't see as racist.

It sounds like you think that if mods don't act on it, the right next step is to call for a fediblock on beige.party. In practice, though, people on beige.party are likely to defend the person -- claiming that it wasn't intentional or whatever. Meanwhile others who have friends on beige.party who aren't saying racist things aren't going to know why their connections have been cut off, and if they find out why will generally think it's an overreaction. If mods haven't originally acted, the pressure on an issule like this is very unlikely to get them to change.

It would be great if that wasn't the case, but then again it would have been great if the person making the original problematic post had just listened to the original pushback and said "oh I get it", apologized, edited the post. But that didn't happen. Watch whiteness work.

@ryanrandall

@hrefna got it, thanks … then yes, I agree with you, sorry for the confusion!

@hrefna I agree it very much applies here, but I'm not convinced that AT is currently much better.

Even if you're in the .1% of people who are hosting their own PDS, if you get banned from the Bluesky relay/appview you lose communications with everybody -- and you don't actually have a record of who's following you.

So if you're on your own PDS, it's better there than here for posts; here, even if you've exported your posts there's no way to import them anywhere. But it's not currently as good in terms of the social graph; here you can import your following list on a new account and restore many of your connections, and can at least get a non-importable export of your followers list.

@cheeaun just wanted to say how impressed I am with what you've done with Phanpy! It's a great example of what @mekkaokereke said in the first post in the thread about how great UX is possible without VC money. I really hope that you're getting the compensation (in whatever form you're looking for) that you deserve -- and if not yet, I hope that happens in 2025!

The official Mastodon web user interface and mobile apps aren't great from an accessibility perspective. Fortunately there are some better alternatives – and many of them also work with Mastodon-compatible software like Glitch, Hometown, GoToSocial, Akkoma, and Friendica.

https://privacy.thenexus.today/mastodon-accessibility-resources/

This is a draft, and I'm sure I missed a lot. Feedback welcome!

#mastodon #fediverse #accessibility

@dansup starter packs are certainly useful functionality. A couple questions, based on problems I've seen with Bluesky:

• are they opt-in?
  
• if not, do people get notified when they're added to a starter pack?
• how do people remove themselves?

EDIT: also, will they pay attention to existing opt-out / opt-in signals? @julian had some thoughts on that at
https://fietkau.social/@julian/113469285233683859

Recommendations for accessible fediverse software?

I'm working on a blog post for people thinking of joining the fediverse and want to include this information!

Here's what I think I know so far (although might be wrong) ... other suggestions welcome

Mastodon's web UI is pretty good from accessibility perspective, but has some issues.

Pinafore used to be the most accessible web UI but isn't maintained anymore. Semaphpore is a fork doesn't seem to have had any updates in the last year, so I'm not sure of its status. Enafore is another fork but it's described as "somewhat unstable".

I haven't seen anything about what Mastodon mobile apps are better or worse from an accessibility perspective.

For Lemmy, OurBlind says that moderators have and continue to work with the developers to improve accessibility; Thunder, a Lemmy app for iOS and Android, performs well; and Mlem developers are implementing native accessibiity.

#accessibility #a11y #fediverse

@everton137 No, there wasn't a lot of discussion at #FediForum of the implications of and reasons for Brazilians signing up for #Bluesky instead of the ActivityPub based #fediverse.

I agree that it's not the similarities to Orkut aren't the main reason. Lula's tweet was certainly a big factor but it had already started before that. In https://privacy.thenexus.today/bluesky-atmosphere-fediverse/ I wrote

"Bluesky addresses many (although certainly not all) of the issues newcomers to the Mastodon faced in 2022, and has paid a lot of attention to onboarding and usability. So today's Bluesky is a much better Twitter alternative for most people than Mastodon of 2022 – or today's Mastodon."

and I'm planning on going in to detail on that in a follow-up post ... but, one simple example: there are no Braziliian instances listed on joinmastodon.org. https://mastodon.br-linux.org/instancias/ is useful but how is anybody supposed to find it?

Instances in the free fediverses should consider "transitive defederation" from instances that federate with Meta

https://privacy.thenexus.today/consider-transitively-defederatiion/

Part 7 of Strategies for the free fediverses

Transitive defederation -- defederating from instances that federate with Threads as well as defederating from Threads -- isn't likely to be an all-or-nothing thing in the free fediverses. Tradeoffs are different for different people and instances. This is one of the strengths of the fediverse, so however much transitive defederation there winds up being, I see it as overall as a positive thing -- although also messy and complicated.

So the recommendation here is for instances to *consider* #TransitiveDefederation: discuss, and decide what to do. I've also got some thoughts on how to have the discussion -- and the strategic aspects.

https://privacy.thenexus.today/consider-transitively-defederatiion/

@fediversenews @fediverse #fediverse #fedipact #threads

The free fediverses should work together with people and instances in Meta's fediverses and on Bluesky whose goals and values align with the free fediverse

https://privacy.thenexus.today/work-together-with-metas-fediverses-and-bluesky/

Part 6 of Strategies for the free fediverses

Many of the Meta advocates I've talked to share the free fediverses' long-term goal of building a sustainable alternative to surveillance capitalism -- and the same is true for people on Bluesky. So there are likely to be situations where some of the people and instances in Meta's fediverses and Bluesky wind up as situational allies to the free fediverses.

A few areas where collaboration could be very useful:

- A key principle of organizing is meeting people where they are.

- Moderation on decentralized networks is a shared challenge.

- Bringing concepts similar to Bluesky's custom feeds to the fediverses, and more generally focusing on human-focused and liberatory (as opposed to oppressive) uses of algorithms in decentralized social networks designed from the margins.

- Meta's fediverses, Bluesky, and the free fediverses are all vulnerable to disinformation.

https://privacy.thenexus.today/work-together-with-metas-fediverses-and-bluesky/

#fediverse #threads #bluesky #organizing @fediversenews

The free fediverses should make it easier to move between (and create) instances

Part 5 of Strategies for the Free Fediverse

https://privacy.thenexus.today/make-it-easier-to-move-to-instances-in-the-free-fediverses/

There's likely to be a lot of moving between instances as people and instances sort themselves out into the free fediverses and Meta's fediverses -- and today, moving accounts on the fediverse today. There are lots of straightforward ways to improve it, many of which don't even require improvements to the software. And there are also opportunities to make creating, customizing, and connecting instances easier.

#fediverse #fedipact #threads @fediversenews

The free fediverses should support concentric federations of instances

Part 4 of Strategies for the Free Fediverses

https://privacy.thenexus.today/the-free-fediverses-should-support-concentric-federations-of-instances/

Here's how @zkat describes caracoles: "you essentially ask to join concentric federations of instances ... with smaller caracoles able to vote to federate with entire other caracoles."

And @ophiocephalic's "fedifams" are a similar idea: "Communities could align into fedifams based on whatever conditions of identity, philosophy or interest are relevant to them. Instances allied into fedifams could share resources and mutually support each other in many way"

The idea's a natural match for community-focused, anti-surveillance capitalism free fediverses, fits in well with the Networked Communities model discussed in part 3, and helps address scalability of consent-based federation discussed in Part 2.

https://privacy.thenexus.today/the-free-fediverses-should-support-concentric-federations-of-instances/

#fediverse #fedipact #threads @fediversenews @fediverse

The free fediverses should focus on consent (including consent-based federation), privacy, and safety

https://privacy.thenexus.today/free-fediverses-and-consent/

(Part 2 of "Strategies for the free fediverses")

#fediverse #mastodon #fedipact @fediversenews

Strategies for the free fediverses

https://privacy.thenexus.today/strategies-for-the-free-fediverses/

The fediverse is evolving into different regions

- "Meta's fediverses", federating with Meta to allow communications, potentially using services from Meta such as automated moderation or ad targeting, and potentially harvesting data on Meta's behalf.

- "free fediverses" that reject Meta – and surveillance capitalism more generally

The free fediverses have a lot of advantages over Meta and Meta's fediverses, some of which will be very hard to counter, and clearly have enough critical mass that they'll be just fine.

Here's a set of strategies for the free fediverses to provide a viable alternative to surveillance capitalism. They build on the strengths of today's fediverse at its best – including natural advantages the free fediverses have that Threads and Meta's fediverses will having a very hard time countering – but also are hopefully candid about weaknesses that need to be addressed. It's a long list, so I'll be spreading out over multiple posts; this post currently goes into detail on the first two.

- Opposition to Meta and surveillance capitalism is an appealing position. Highlight it!

- Focus on consent (including consent-based federation), privacy, and safety

- Emphasize "networked communities"

- Support concentric federations of instances and communities

- Consider "transitively defederating" Meta's fediverses (as well as defederating Threads)

- Consider working with people and instances in Meta's fediverses (and Bluesky, Dreamwidth, and other social networks) whose goals and values align with the free fediverses'

- Build a sustainable ecosystem

- Prepare for Meta's (and their allies') attempts to paint the free fediverses in a bad light

- Reduce the dependency on Mastodon

- Prioritize accessibility, which is a huge opportunity

- Commit to anti-fascist, anti-racist, anti-colonial, and pro-LGBTQIA2S+ principles, policies, practices, and norms for the free fediverses

- Organize!

#fediverse #freefediverse #threads @fediverse @fediversenews

The free fediverses should emphasize networked communities

https://privacy.thenexus.today/the-free-fediverses-should-emphasize-networked-communities/

Here's how @lrhodes describes the Networked Communities view:

"instances are valuable for the relations and interactions they facilitate locally AND for their ability to connect you to other parts of the network."

By contrast, @evanprodromou notes that "Big Fedi" advocates typically see instances as typically see the instance as "mostly a dumb pipe." But The Networked Communities view aligns much better with the free fediverses' values – as does the "Social Archipelago" view @noracodes sketches in The Fediverse is Already Dead. Not only that, it's good strategy!

@fediversenews #fediverse #threads #fedipact

@tokyo_0 that's certainly true: "we can't provide the basics of security because our implementation is too inefficient" is a very weak position.

It seems plausible to me that auth fetch would cause problems for a caching mechanism that was originally written without taking auth fetch into account. It could just be that nobody's looked (yet) at how to make it more efficient. But it could also be that each request from a different account really does require separate checking when auth fetch is turned on in ways that aren't the case when it's turned off. I haven't looked at the code let alone run a profiler so dunno. With Claire's PR turning it on, I guess we'll find out!

@Sibilant