The fediverse is a privacy nightmare ( blog.bloonface.com )

TiffyBelle , 11 months ago

I’m not sure this blog post is the “ah-ha!” revelation you think it is.

If you’re posting something, you’re choosing to put that out there on the public internet which should henceforth be considered “public.” This isn’t a privacy violation unless you choose to make it one by violating your own privacy by oversharing sensitive information.

This has been the case online since time immemorial. Once something’s out there, consider it non-retractable. This isn’t specific to the Fediverse/ActivityPub. Even in centralized forums/reddit the things you post were cached by web archive/scraped by unscrupulous sites/used to train AI, etc. even if you tried to delete them from the source server. “Deletion” has never truly been a thing on the internet, which is precisely why people should really consider what they post. Heck, there were specific sites dedicated to showing which comments were “deleted” from reddit in full.

I don’t consider any of these things “privacy violations.” A privacy violation would be if the email address you signed up to your instance with was being broadcast to other servers in the open. What you choose to put out there is up to you and the inherent danger with interacting with any form of social media.

bathrobe , 11 months ago

@TiffyBelle

@Bloonface

Maybe you didn’t read where it says even DIRECT MESSAGES aka private messages you send to people, and don’t choose to post in public, is easily and easily available.

This place is already an echo chamber. Jesus that’s bad. Everyone is on a new team and now we love this team and this team is never wrong and all criticisms are invalid. Even the really bad ones.

I don’t really care. I’m old enough to have never trusted the internet. But let’s not pretend this isn’t a huge fucking deal, and isn’t completely fucked just because Reddit bad and fediverse good

TiffyBelle , 11 months ago

There are literally warnings when you try to DM someone on Fediverse apps that say it should not be treated as a secure medium:

https://feddit.uk/pictrs/image/10c7c4f1-22c8-48ac-9eb0-600d2cbbd74a.png

https://feddit.uk/pictrs/image/17e0957b-84e3-43de-b67e-1b14e64cb990.png

Even on traditional centralized platforms I’ve never treated DMs as “private.” Anything not end-to-end encrypted cannot be considered private and never has been able to be. Once again, these aren’t exclusive issues to the Fediverse.

With that said, I do see it as important to draw attention to these types of things. Users should absolutely know not to share sensitive information via DM, or make the mistake of considering them a secure medium on any platform, centralized or not.

melmc , 11 months ago

Of course you can have encrypted group chats on Signal, if you're not concerned about meta data. Or xmpp group chats with encryption if you want decentralization. You can keep your secret stuff secret and your public stuff public simply by using different apps.