ActivityPub, the protocol that powers the fediverse (including Mastodon – same caveats as the first two times, will be used interchangeably, deal with it) is not private. It is not even semi-private. It is a completely public medium and absolutely nothing posted on it, including direct messages, can be seen as even remotely secure. Worse, anything you post on Mastodon is, once sent, for all intents and purposes completely irrevocable. To function, the network relies upon the good faith participation of thousands of independently owned and operated servers, but a bad actor simply has to behave not in good faith and there is absolutely no mechanism to stop them or to get around this. Worse, whatever legal protections are in place around personal data are either non-applicable or would be stunningly hard to enforce.

  • 0xtero
    link
    fedilink
    41 year ago

    It’s a very good, well articulated post that anyone new to fedi should read and be aware of and try to internalize.

    I like the fediverse because it builds on the idea of small communities exchanging information, but I do agree that the protocol is somewhat lacking when it comes to data integrity and confidentiality - it’s too easy to act in bad faith and there’s very little we users can do to protect us from it. The protocol does excel in availability though, your posts are everywhere! So yay?

    This behavior, may, or may not be suitable for your personal threat model. You have to make that call, but I from what I’ve seen, it’s one of those “oh this is too complicated”-things that surround fediverse adaption. Spreading awareness around this is hard. Your blog was well written and full of facts, but I doubt many got through the whole thing. It’s more fun to discuss if we should call ourselves kbinners or kedditors.

    I’ve been debating this back and worth in my head ever since I joined - right now I’m still posting under my real name and try to post my content with that in mind. That means I have to moderate my posting. I think I might be too old school to not to, but who knows, at some point, I might run into that RaspberryPi armed nazi and that will probably change things.

    Ideally, I’d like to see some W3C activity around this. I was hopeful that perhaps one of the big tech players would throw money and resources to update the spec, but now that it’s apparent Meta took that spot, I’m not very hopeful we’ll ever see significant protocol improvements on that field.

    I’m interested in finding out how Meta is going to deal with federation - they do have to worry about regulators and privacy watchdogs after all - I’d imagine they won’t enable their outgoing federation at all, because at that point they lose control over the data - or - maybe they’ll just federate with couple of “big instances” (even though, that will be dodgy enough, as you point out in your post).

    The GDPR angle is interesting. I’d imagine someone will try to enforce it, sooner or later, but I doubt you’ll find much interest from the law enforcement to go and bust someones lonely RaspberryPi, just because it isn’t in compliance with GDPR. If you admin a large instance though… thoughts and prayers…

    Anyway - good info and well written. Worth a read if you’re new to fedi!