@ella_kane @drskrzyk I've seen this happen in a few places over the last couple years. It's weird and I don't understand it.

@estoricru @drskrzyk I'm used to it regarding Instagram. That has dozens or archives like this, but I don't remind any of them making any of it CC or anything. O.o

@necopinus @ella_kane @drskrzyk Ugh see this is why I had my @g account. I should have just kept using that one.

@estoricru @necopinus @ella_kane @drskrzyk @g This is just using the public ActivityPub federation. I don't know what's under the hood, but it's just another AP app, like mastodon or whatever, only it isn't a community itself. It's not getting local-only stuff or direct stuff or follower-only stuff, so it at least seems to be honoring AP.

This is basically just what happens when you have a federated network across a variety of completely separate apps that use the same protocol. Some of them will do stuff we don't anticipate.

Though, I think @thegibson and I and a few others have been talking about this being a core design weakness that can be exploited by big data. So there's that. But it's a core AP design at work, here.

@NOCARRIER @necopinus @ella_kane @drskrzyk @g @thegibson Yeah I don't have a problem with anything I say publicly being distributed as that's the nature of public speech but the whole thing about claiming the content as Creative Commons irks me.

I mean, all of my content is always creative commons anyway, but, they don't get to make that decision. I do.

@NOCARRIER @estoricru @necopinus @ella_kane @drskrzyk @g @thegibson

it appears to be one of the remaining GnuSocial based instances, and does have a handful of users of its own.

I vaguely remember that all GnuSocial instances worked in this unusual way of creating a "shadow" profile of remote users (or something similar) - perhaps as there are relatively few of them left even compared to 2017 everyone has forgotten about them?

@vfrmedia @estoricru @necopinus @ella_kane @drskrzyk @g @thegibson It looks like most (all?) GNUSocial implementations said that all content was CC-BY 3|4 so maybe this is a hold over language from that.

Are we sure about what content posted on mastodon actually is or is not licensed as by agreement? I realize I have no idea.

Also, it is correct to say that just because something says content is CC-BY doesn't mean that it is, like you're saying.

@vfrmedia @estoricru @necopinus @ella_kane @drskrzyk @g @thegibson

As part of my suggestion that meaningful key-exchange be implemented in AP, I'd like to see (content + creator-license) digitally signed during federated propagation.

@NOCARRIER @vfrmedia @estoricru @necopinus @ella_kane @drskrzyk @g

Yes and no.

Part of the problem isn’t the protocol... it’s the asynchronous control of resources.

Where as say, Twitter has a huge could that they control, we have a loose knit infrastructure base. We can’t mount attack or defense with that without incurring great personal costs.

The truth is... these sorts of pressures are what turn projects like this into silos.

@thegibson @vfrmedia @estoricru @necopinus @ella_kane @drskrzyk @g I feel like that's why we need signed content (that includes creator license intentions) that can be remotely verified as authentic.

You can't stop all of the abuse, but you can mitigate some of it and prepare a field that generally benefits the creator in a better way.

@NOCARRIER @estoricru @necopinus @ella_kane @drskrzyk @g

Yeah, this is what everyone thought we were doing here when 3319 happened. I tried to point out that it made no sense to be noisy if you wanted to collect data on the fedi.

It is ridiculously trivial unfortunately.

The same issues can be used to base a number of reverse attacks with if a malicious actor chose to.

Twitter of Facebook could decimate the timeline and become unblockable with their cloud resources... a crafty admin could mitigate it by blocking traffic at the firewall or nginx, but the native interface has no way to mitigate it... and many instances don’t have anyone that can handle it.

If they wanted to extinguish, they could do so...

Not trying to be alarmist... I’ve just run a small scale test...

@thegibson @NOCARRIER @necopinus @ella_kane @drskrzyk @g

I tried to point out that it made no sense to be noisy if you wanted to collect data on the fedi.

Seriously, nerds. If we were watching you, you would't know it.

@estoricru @NOCARRIER @necopinus @ella_kane @drskrzyk @g

It’s true, there is no reason to make it noisy...

We were having fun over here, not caching the fedi.

Sign in to participate in the conversation
hackers.town

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.