this post was submitted on 13 Feb 2024
744 points (98.9% liked)
Technology
59192 readers
2513 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Don't Bluesky and Threads have similar serious privacy concerns? Those running them would, I think, have similar if not even more access to people's information, depending on how much their respective apps request. Mastodon and its apps on the other hand, generally don't request as much access to one's information, meaning instance owners arguably have much less to snoop through.
I'd argue, oddly, that it's easier to hold a single corporate entity accountable for data breaches than mastodon instance owners.
It's likely the case that both of are bad from a data security point of view, but at least with the corporations you know who to shout at.
** edit just realised that mastodon may not work in the exact same way as Lemmy when it comes to instance owners, I'd have to look that up.
I'm inclined to agree, albeit I'm of two minds about it. On one hand, singular entity is technically easier, but being corporate means it's likely to have more wealth/resources to make it untenable for people to hold accountable. Whereas on the other hand, if you put in the effort to pin down a Mastodon instance admin or even a few admins, chances are they won't have those kinds of resources to really defend themselves, so you may be more likely to hold them accountable.
That is, compared to a corporate entity which may drag things out for a slap on the wrist settlement/fine or the like. I can see the different angles to where you're coming from though.
I know there are a lot of people in the various privacy and piracy boards who act like the world is against them and brag about how they only log in to social media through tor and blah blah blah.
They... are basically larping. Nobody actually cares about them.
Whereas, a journalist who investigates labor issues or something that is ACTUALLY illegal? There are plenty of stories about what happens when the companies that actually "own" the data suddenly want to use it to find you. This is when your life becomes having a dedicated laptop that is never on in the same physical location as any of your other devices, needing to change cars, and literally going into hiding.
Also... maybe look up Jordan "friendlyjordies" Shanks-Markovina. His story is not at all unique. He just happens to be brave/dumb enough to talk about it online (and have collaborators who use it for Content)
The worst the various pro-piracy instances will face is a few sacrificial lambs getting put into indentured servitude by a company. The "pro-journalism" instances will get abducted and/or firebombed.
This is why one of the first things musk did was talk about how he wants to work with China (I think?). He instantly made it clear that twitter would no longer even pretend to give a shit about the privacy of its users. Because you should never have sent anything sensitive over a DM. But coordinating a more secure form of communication was very much a thing. Same with "having time" to... flee a country before the dictator you exposed comes for you.
It's always weird to me when a social media app tries to brag about "privacy". You know once you post something publicly, it's out there forever, right? And if you want private, direct messaging, there are apps for that. (And they integrate with Lemmy/Mastodon a hell of a lot better than proprietary apps.)
Right now, I can say "elon musk is a racist piece of shit who owes his entire life to his daddy's emerald mine that ran on apartheid". There is a slight chance that the dipshit cares enough to track me down and call me a pedophile but it is nigh zero.
I can also say how I feel about the CCP and Xinnie the Poo and putin and so forth with pretty minimal risk (my social credit score is already shit).
But what if I am actually a threat to a corporation because I am reporting on information that affects their bottom line? To the point that it is cheaper to pay some muscle to come rough me up. Suddenly, I am dependent on the platform caring more about their "image" than to cooperate.
Similarly, what if I am in a war torn country where roving bands of thugs are murdering anyone who gets in their way (... so possibly early 2025 US...)? Suddenly, that footage of a civilian being beheaded getting traced back to me is my life and the life of everyone I care about.
That is the scale we are talking about. Twitter was not a great company but they were, at least historically, good about not making it easy for those brutal regimes to get that information. That had already started to shift by the time musk took over but it is gone now.
And that, combined with active misinformation campaigns, is already defining the brutal conflict in Gaza.
https://www.w3.org/TR/activitypub/#source-property
Only your host instance has the chance to capture your IP address. That isn't federated.
ActivityPub in particular is radically public. It broadcasts what you post to a bunch of other servers run by anyone from IT professionals to kids, which could be anything from vanilla Mastodon running in a datacenter to an ad-hoc, informally-specified, bug-ridden slow implementation of half of ActivityPub running on a hacked smart toaster. It's for things you want to show to the world.
We have several good options for end-to-end encrypted communication, such as Matrix, which is open source and federated, or Signal, which several of my elderly relatives managed to figure out without coaching.
Even my comment here is being broadcast to every computer used by any person reading this comment.
If you're posting on public social media, your shit is public. It was not very different on Reddit.