Olá fedinauta! Bem vinda/e/o ao fediverso!
De-federating #Threads does NOT prevent #Meta from accessing your public #Fediverse feed.
This is demonstrably false. Almost all servers that de-federate Threads still broadcast the RSS feed of your posts. This is available to everyone, even servers that are de-federated from yours.
If you don’t believe me, test this out for yourself. Append “.rss” to the end of your profile URL (exampleserver.com/@username.rss), and see what happens.
Hell, if I wanted to build a search engine for the Fediverse and not use ActivityPub, I could use RSS instead and I could index most of the Fediverse – whether you opt into it or not.
Let’s stop spreading the myth that de-federation by itself prevents Threads from accessing your public feed.
Essa entrada foi editada (1 mês atrás)
reshared this
Sergio F. Lima
in reply to Chris Trottier • •Chris Trottier likes this.
Fediverse News reshared this.
Evelyn fra denne andre øya
in reply to Chris Trottier • • •Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Evelyn fra denne andre øya • • •No, they don't. They use ActivityPub.
You know. Like any other instance in the entire fediverse.
Not a single implementation uses RSS for federation (tf?).
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger @evelyn People already grab RSS feeds of websites and broadcast those feeds on the Fediverse. That’s how so many news sites have unofficial profiles here.
So it’s not just plausible for someone to use RSS for re-broadcast on the Fediverse. It’s already being done.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •I could scrape a good 90% of the fediverse by simply hooking up a websocket client on the federated feed of mastodon.social.
But that doesn't mean that defederations are not effective. They STILL turn your posts into read-only copies at worst, which will stop the worst of the abuse.
If Threads becomes an active bad actor using scraping to acquire content, bad things can happen to them when people retaliate, with either hostile AP implementations or lawsuits.
Why would they do this, when they can instead just not do so and enjoy the boring people on mastodon.social instead? They won't be hostile, they're used to the shenanigans at this point. Mastodon gGmbH welcomes them with open arms. Why force the other people into the system too? Meta is a company, they care about money.
Scraping at large scale with RSS is also horrendously inefficient. You'd have to send requests for EVERY profile, every time you want to check for new content, which would equal thousands upon thousands, or even millions, of requests every single day.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •Yes, and you could scrape the server HTML posts as well.
That is NOT the point that people are making. Threads will not be displaying content scraped this way, which is the actual point. People do not want their stuff broadcast and open to interaction from an instance hosting a literal domestic terrorist (Chaya Raichik), which a defederation achieves wonderfully.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •And then I would block on user agent, or simply disable RSS functionality for unauthenticated users.
Your point being? Bend over and give up because they may be able to access my information in some obscure way? This frankly just reads like you telling people to give in because the big corp will take it anyway, which is just nonsense.
People that dont want their stuff on Threads shouldn't have their stuff on Threads. The fact that you seem to believe it's alright to be advocating for Threads to become part of fedi while also basically stomping on user choice is absolutely baffling to me.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger Then do it. Take all those precautions and be proactive about it.
But don’t tell people that merely de-federating Threads prevents Threads from having access to your public posts.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •In its current state, it absolutely does stop them from seeing your posts if defederated. If that changes, I will.
But it probably won't. I don't like engaging in far-away hypotheticals, it's a complete waste of time for everyone involved.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger I hate to break this to you, but hypotheticals often become eventualities. Which means they happen.
Giving people a false sense of security is not a replacement for actual security.
Latte macchiato :blobcoffee: :ablobcat_longlong:
in reply to Chris Trottier • • •Don't "hate to break this to you" me.
This isn't a false sense of security. If you prepare for every single possibility, you wouldn't be using your computer, you'd have turned it off and buried it in a concrete block under the ocean starting around the early 2000s.
Large parts of security is being able to RESPOND to threats as they come up. It's always a balance between convenience and security. Disabling public post view for example would make scraping harder, but it would also make it a pain in the ass for normal outside users to see the full context of posts.
This isn't a binary choice. Stop acting like it is. You know this.
Chris Trottier
in reply to Latte macchiato :blobcoffee: :ablobcat_longlong: • • •@privateger If you follow anything Meta does, then you’re probably aware this isn’t a matter of “threats as they come up” but a threat that is already here.
It’s almost certain that Meta is accessing your public feeds for their own use.
Tools already exist that allow RSS to be converted to posts on Facebook and Instagram. It’s therefore almost certain that someone is building a tool that allows re-broadcast to Meta’s social networks from an RSS feed.
argv minus one
in reply to Chris Trottier • • •Defederating #Threads will, however, stop Threads from drowning out the entire rest of the Fediverse.
The result of federating is that Threads *is* the Fediverse now, and the rest of us are just the silent periphery that no one cares about and aren't even allowed to speak to Threads users (the federation is one-way). This kills the Fediverse. Easiest #EmbraceExtendExtinguish ever.
Chris Trottier
in reply to argv minus one • • •@argv_minus_one You have to manually turn on federation for it to work on Threads. So far, few people on Threads have done that.
I doubt they will drown out the Fediverse.
argv minus one
in reply to Chris Trottier • • •Chris Trottier
in reply to argv minus one • • •@argv_minus_one Limited federation is an option that addresses that. Admins can make it so that only specific Threads accounts that you follow show up in your home feed.
For example, if you’re only following @potus, you will only see his account and no one else on Threads.
De-federation is not a one size fits all solution, and there’s other tools available to address problems.
Regardless, WordPress has a bigger install base than Threads. What are you going to do if they turn on federation by default?
argv minus one
in reply to argv minus one • • •Chris Trottier
in reply to argv minus one • • •@argv_minus_one If you have moral reasons for blocking Threads, that’s okay. But I’m addressing people who believe de-federation prevents scraping.
Misinformation is the problem here, not your feelings about Threads.
Tuxicoman
in reply to Chris Trottier • • •One can also get your toots by reading it on another fediverse server (because you have a follower there)
With a bot account that subscribe to everyone sneakly, one can also gather a lot of data.
Toon Van de Putte
in reply to Chris Trottier • • •Chris Trottier
in reply to Toon Van de Putte • • •@toon I’m not a lawyer, so you’ll have to test things out in whatever place you live.
Nevertheless, but the greater concern for me isn’t indexing but access to your public feed. And de-federation does not prevent access.
Allen Versfeld
in reply to Toon Van de Putte • • •@toon
So first up, I'm not an IP lawyer, or any other kind of lawyer, so I can only talk about how big online copyright cases have played out, from what was reported in the media, but I reckon that indexing is entirely legal.
Search engines have been indexing the content of every website they can find for over 30 years. This includes stuff that the owners really didn't want indexed. There have been many well-publicized cases of Google and friends indexing stuff that should have been protected but that wasn't, including private medical records, plaintext password databases, classified government documents, internal company documents, and more. A popular hacking technique is to simply use google to search for filenames that might contain sensitive data (maybe something like "Patient admissions filetype:xlsx")
As far as I know, no search engine has ever been found guilty of breaking the law by doing this, and nobody has ever successfully sued.
Closest I can think of to rea
... exibir mais@toon
So first up, I'm not an IP lawyer, or any other kind of lawyer, so I can only talk about how big online copyright cases have played out, from what was reported in the media, but I reckon that indexing is entirely legal.
Search engines have been indexing the content of every website they can find for over 30 years. This includes stuff that the owners really didn't want indexed. There have been many well-publicized cases of Google and friends indexing stuff that should have been protected but that wasn't, including private medical records, plaintext password databases, classified government documents, internal company documents, and more. A popular hacking technique is to simply use google to search for filenames that might contain sensitive data (maybe something like "Patient admissions filetype:xlsx")
As far as I know, no search engine has ever been found guilty of breaking the law by doing this, and nobody has ever successfully sued.
Closest I can think of to real legal problems for indexers was when Google started bulk-scanning copyrighted books, and making them available in books.google.com
That was a long time ago so I don't remember much of the reporting, but based on how that website works now, I suspect that the only copyright issue that stuck was "You can't just give copies away", The index remains, and you can read excerpts of books, but not the whole text.
الماريسي
in reply to Chris Trottier • • •