@mathias @jupiter_rowland “Unlisted” posts are a lot less useful than I initially thought. In fact I can’t see any real use for them at all. They don’t do what I naïvely thought they did.
They still appear on your timeline and the timeline of everyone that follows you. They just don’t appear on the Local and Federated timelines, but as they are just impossible to use on larger instances anyway I doubt anyone would notice.
A drum I beat as often as I can, because I think it’s very important for people to realize, is that under #ActivityPub ALL privacy or audience restrictions are only suggestions.
Effectively, ALL bits of content are public, just with notations asking instances politely to only share them with certain audiences.
People writing content into #Fediverse need to be aware that what they’re putting out there isn’t as private as they might be expecting.
So if you write a private post to a certain group, it’s entirely possible for some instance to ignore your privacy setting and blab the post to the whole world, or in other ways not act as expected with that.
Just be aware.
Currently people are mostly aware of the #privacy concerns, because we are not advertising #Mastodon to be end-to-end encrypted. So I think it is a good idea to first focus on the UI and improve the experience before going for such protocol level things.
As most things in #FOSS it will take time, but I think it is in good hands!
You say that, but I see so many people surprised by this.
I know for a fact that quite a lot of people are not aware because they tell me they’re not.
Personally, this is one of my major gripes against the core design of ActivityPub. It didn’t have to be this way, but choices were made to focus on instances instead of users.
It is the same as with many #blockchain solutions. You had to make sacrifices. They chose decentralization over scalability. #ActivityPub chose moderation and decentralization over imutability and single truths without trust.
We have a lot of trust in our instances.
Oh no! They DIDN’T choose decentralization, and that’s such an key point here.
ActivityPub chose to centralize around instances.
They chose a federated model, not a decentralized one.
Had they decentralized with key focus on users there’s a good chance stuff like this wouldn’t be such an issue.
either fully centralised silos like Twitter or Facebook
or peer-to-peer, i.e. everyone essentially running a Web server on their end-user devices, be that a PC or a mobile phone, and all that comes with it, including humongous storage requirements
@volkris are you
beating the same drum about email?
Yep!
One difference, though, is that people coming from traditional social media platforms are used to having more of an expectation of privacy control than they have in Fediverse. No, not absolute expectation, but more.
Email has always been decentralized with the same lack of expectation of privacy. Social media has tended to be reliant on expectations of privacy from single, professionally run systems.
So in this system people have been surprised when their posts wind up in places they don’t expect. That highlights the disconnect between understandings of privacy around here.
@volkris I think that's more about how people misunderstand who the recipients of activities are (including what Public is :D), than about misbehaving servers.
Well not quite since most people have NO understanding of ActivityPub at all, much less a misunderstanding :)
For so many people, all they know is that they set their post to have a limited audience, and then magic happens, and then Wait, what? What do you mean people outside of the audience I set can see my post?
Anyway, my point is only to raise awareness of this issue as so many have said they’ve been caught off-guard by that lack of privacy here.
The source of that mis-expectation of privacy is a bit of a side topic, I suppose.
@volkris @Stark9837 @mathias @jupiter_rowland I realise that. I’m thinking more at the moment of separating group/forum posts from regular posts. More about tidying up the clutter rather than actual privacy.
Eventually private groups would be good. They are useful to have, even though there is always the risk of bad faith members taking screenshots or otherwise distributing content outside the group.