If you guys are scared of a fediverse server archiving your stuff, good... but understand that this behavior doesn't have to announce itself.

Those that do are little scary, those that don't... well, they're monitoring.

I'll let you decide for yourself... but just know that OSINT on the Fedi is a trivial task if one were to wish to undertake it.

@thegibson I just learned yesterday that maybe the second person on the Web after Trump that I didn't particularly want to go out of my way to have reading me, has read me. Because Google indexes all of A fundamentalist Christian literal witch-finder who influenced a former Pope is now following me on Twitter.

Oh well. It was probably going to happen anyway, and I don't intend to be especially secretive. But it's sure a thing.

@thegibson Yep, anyone can Google anything these days. Just ordinary random people with a lot of time on their hands and a divinely-appointed task to rid the world of evildoers.

@thegibson I take that back, it's nontrivial for mastodon, it's less problematic with other solutions that work with/like mastodon.

@thegibson This is a design flaw in AP (or rather in the current implementations), no?

@jalcine @thegibson we are making progress toward fixing such design flaws, but ultimately if you/your instance do not use the improved security options, then it will not matter.

@kaniini @thegibson right. this stuff isn't really thought about or heavily discussed in the IndieWeb as of yet. It's more on the philosophy that if you don't want it online then don't post it AFAICS

@jalcine @thegibson

ironically, IndieWeb is more secure than the fediverse because the network is designed to flow from domain to domain. one of the larger security challenges in the fediverse is the caching of third-party data.

@thegibson don't want to troll or anything. But we all are, at this very moment, of our own free will, posting stuff publicly online.

If I didn't want this particular thought of mine accessible to complete strangers on the internet I wouldn't have published it here.

I'm no Mastodon expert, but I believe one could host an invite only instance disconnected from the fediverse, right? That would facilitate "safe" communication inside a controlled community. But that misses the point.

@TheGibson Sometimes I wonder how the misunderstanding that the Fediverse is in any way a private space with restricted distribution came about, when Gargron has always been about making it reach as wide as possible.
Yes, the search inside Mastodon is useless, and an instance administrator can use a setup that keeps out well-behaved crawlers... And the software makes a good effort at keeping restricted content locked down - as long as it's not federated to untrusted neighbors. But that's it?

@galaxis @TheGibson This. When posted it's public.

Don't think it's any different on other platforms, like TW or FB. Locked symbol or not.

Matrix is the same otb.

@bekopharm @TheGibson Well, some of the restrictions inside the software are by design (like limited search, anonymous reporting, blocking functions). At this point it seems they're creating a false sense of security though.
Vital parts are missing: Disabling public web view and public APIs, limiting distribution to a predefined set of instances, a capabilities protocol for the fediverse (so my instance can know if a remote understands my post restrictions), ..., ...

@galaxis one person says CWs make it safe, another person repeats that and implies safe means secure, secure means private, etc. There's a lot of messaging around the word "safe" without really defining it.

@thegibson I agree with a couple of comments made earlier. One, if you don't want your data on social media then the only option is to not use social media at all. 2, if I did not want thoughts of mine on social media see point one. Social media is inherently public. You don't post private things on social media and expect them not to be read. That's why it's called social. It's completely counterintuitive to I want my privacy and no one to know who I am or what I think.


I think it’s ok to expect some form of privacy. But this is not the platform for that innit’s current Incarnation.

@thegibson I guess it depends on who you're looking for privacy from. FB tracked me and tryied to sell ads based on what it thought I was interested and pinged my location every time I would open the app. Mastodon does not do that, but, I have never been under the delusion that anything I have ever posted on social media is private. Once it's out there, it's out there. The only way to completely avoid that is to use some sort of private chat, and then there's screenshots

@thegibson my instance is archiving your posts RIGHT NOW. Be scared. Be very scared.
Sign in to participate in the conversation

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.