So this has been going around my head for a while now: What if they do not care about their users per se but want the few users they get to exploit the federation to shamelessly crawl the fediverse?
I mean… they get enough users that will subscribe to enough of the fediverse to make instances of every shape and size proactively deliver them our post and interaction data with free shipping, right?
So is defederating in the end not only a prevention against company controlled content that might flood the fediverse, but a measure to protect the users on the fediverse right now from ending up in Meta’s databases just in the same way they would if they just had used facebook in the first place?
I don’t think meta is threatened by the fediverse yet. They’re just trying to grab twitters market share.
Oh, I don’t think they’re threatened by the fediverse either. I think that there is no chance in hell that they have not built some tool internally that will try to funnel every bit of data on the fediverse into their data pools, using users as a means to get the instances they want to scrape to deliver the data to them without any consent of the other instance’s users whatsoever.
Then why they will implement ActivityPub?
Why reinvent the wheel when you have a FLOSS service that has active developers and millions of “beta testers”?
I don’t think so because they can just crawl the fediverse now without threads as far as I’m aware. We’re all posting publicly right?
They could do classic web crawling, yes. But that is -super slow -easy to detect -easy to block -illegal for companies to do for the sake of selling shit in many places, since the users have not given you consent to use their data
I think they try to pull the WhatsApp stunt here: when you sign up to WhatsApp, WhatsApp will send your whole contact list to Meta and update it on every change in order to “connect the phone numbers on your phone with WhatsApp users” (or so they say). They have structured this process in a way that they’re not at fault, but the user is. Since the user “sent” them the numbers, they are not the ones who need consent to use the data, the user needed that. Same with the fediverse. “No. We didn’t steal any data without consent! Our users should have had that consent when they subscribed to technology@lemmy.world! The data was pushed to us from there, we ain’t doin’ nothin’ wrong!”
I don’t think anyone needs consent to do research using your public posts though. You can literally scrape the whole Twitter and run sentiment analysis and nobody can do anything about it for example.
Yes, you can. Yet, that will not give you the interaction history (who liked what and such) and is way less convenient to do compared to “set up ActivityPub in own app real quick and have the whole fediverse send shit to me nicely formatted with interaction data ready to be used”. Legal issues arise in some spots when doing web-scraping-things like when you copy and use copyrighted imagery or happen to scrape stuff you weren’t allowed to see for some reason.
All of those hurdles are out of the way automatically when you literally just use the inner workings of the service the data is from. No user can complain when Mate collects data sent to them via ActivityPub. That is literally what this protocol is used to do and the inner core of any application running it. If you don’t want your data to be sent to other instances around the world: Don’t use the protocol, right?
They can get the data in many different ways, this is just the most convenient one.
What does that do for Thread users though? They can’t interact with the posts. Would make Thread suck more as suddenly there is this group of users in some strange parallel universe you can see but can’t interact with and they can’t see you.
Interesting thanks for that I didn’t think of it that way!
Correct me if I’m wrong but defederating only stops us from being able to view posts from Threads, our posts/comments will still be completely accessible to Threadz/Meta
In terms of “protecting” your data from Meta, defederating will achieve nothing
I believe they would not get any content from the other servers if they are following ActivityPub protocol. Basically when they query for posts all those who defederated them would return a 400.
They could get around that an access the public side of everything but that causes a bigger call center issue. “Why can I see posts from lemmy.world but I can’t reply?!?”
Defederation does not protect user data/privacy, not in the slightest. Anyone can spin up a Fediverse instance, play nice, and secretly sell or transmit the database to any third party. (I’m not even sure defederation blocks read access by the blocked server, regardless it’s moot as a read access block on a single server is trivial to circumvent.
Forget it.
Defederation only has one effect: protecting write access on the defederating server. It does not prevent people writing about content from the defederating server on other servers (in the same way that you could comment about a Twitter post on Reddit by posting a screenshot), and it certainly will not stop read access.
I think people are misunderstanding what defederating gets us. Yes what you stated is all correct. You don’t even need to have a server you can get the vast majority of the data you need from the public API and scraping the pages. It’s more work but totally feasible.
What defederating gets us is that Thread would need to come up with a convoluted way of pulling in all the data and their users wouldn’t be able to interact with other federverse accounts. You could see my Toots but not be able to comment or +1 them. You’d just see them as if you didn’t even have an account.
So what is the benefit of that? Sounds to me like a shittier service than had they not tried to federate at all.
No, users still see content from defederated instances
For example BeeHaw has defederated from lemmy.world however lemmy.world users are still perfectly able to see posts from BeeHaw communities, they just can’t interact with them
The point Is if you’re wanting to Defedrate from Threads from a privacy perspective you’re achieving nothing
If you’re defederating/blocking Threads because you don’t want to see their content or want their users interacting with you/your instance then fair enough
Well, it might not be a 100% effective solution then but it does save users the trouble of accidentally interacting with content on Threads. If it doesn’t show up in my feed, I don’t click on it without noticing where it came from.
I thought you could block defederated domains from making public API calls, though maybe they is a step done outside of ActivityPub.
The point Is if you’re wanting to Defedrate from Threads from a privacy perspective you’re achieving nothing
I think people need to stop thinking privacy is a thing with a public service like this. It’s not. All we’d get is making Thread crappier if they had this ghost version of all Federverse accounts.
Yeah absolutely, I think people really need to understand that Meta won’t be the last to try to integrate with the Fediverse, as it grows it’s unfortunately unstoppable that ad companies (as well as more malicious actors) will start harvesting as much useful user data as they can
People need to be more careful with what they post as even small things like who has upvoted/downvoted a comment is viewable
Yes, it is.
you can hoover up everything even without instance and through API, but it takes a well motivated actor to do so. fb has this capability
Or they can sloppily slam a little ActivityPub into their new attack on Twitter, use the fediverse’s anti-giant-corp-shenanigans-image for advertising ("Have you heard of the super open and user-run and “good” and super data protective fediverse thing? You can have that through us and it will still feel like the big-corp-world you are used to but shomehow make you feel all anti-capitalism and warm inside! DOWNLOAD TODAY!), boost the availability of content from launch and then, as the cherry on top, eliminate the need for any real ressources that would be required to scrape the web and avoid any legal issues that come with that. ActivityPub will make the rest of the fediverse bring all that content to them free of charge. NO APIs, nothing to call, nothing to monitor. The ActivityPub component on their end just needs to be running and all that nice, juicy user data from people who did not want them to have their data will come rushing in just like that.
or they can just set up single user instance, populate it with bots that subscribe everywhere, and get the same effect
Yes and no. Coding a bot that actually runs reliably when dealing with mass-inputs to other servers isn’t as easy as having users do the stuff for free. Time isn’t important to them I guess. Plus: As an added bonus you get the “embrace, divide and conquer” approach that has worked for services like XMPP for example.
Threads can only attack Fediverse in two ways: spam (business as usual), and convincing existing fediverse users to use Threads instead.
Assume everything you do and post on Fediverse (or Threads, or anywhere else for that matter) is public, and has been scraped by three letter agencies, advertisers, and archivers.
Being anywhere on the internet is like being in a public cafe. You think no one is watching, but people are, they just aren’t paying attention to you untill you do something worth watching.
Many instances have proactively signed a pact to defederate from them but I don’t think lemmy.world did, and if they don’t I’ll be looking for another instance that does.
