I’ve been hearing that Meta (Facebook) intends to join the fediverse. I have some very big concerns about that, as do apparently many others. There exists a group of instances called the fedipact which will not be federating with Meta, and I was wondering if this instance would be joining. So there is no ambiguity with this post: I have no desire to participate in any instance that is federated with Facebook, and will kindly pass on another Eternal September. Hope that doesn’t come off as aggressive, that’s just where I’m at.

  • @[email protected]
    link
    fedilink
    English
    8
    edit-2
    1 year ago

    But how did all this affect people using XMPP protocol for other than Google Talk?

    Google had custom patches to their XMPP implementation. In theory, every XMPP user can talk to every Google user now. In practice, this wasn’t true. Google eventually abandoned XMPP, but that left a sore feeling in the XMPP user base. Basically, people felt like “XMPP just doesn’t work, it’s s*it”. If you’re coder, you’d know that’s not true, but not everyone is, so it basically left XMPP with a bad name.

    In short, XMPP would have been much better off if Google never laid hands on it. Now, no one want’s to touch the code base to actually make a better version, cuz then you’d have to write in the readme that it’s based on XMPP, and again, no one will wanna touch it. That’s why people are reinventing the weel about many of these technologies, because no one wants to take on burden that XMPP carries with it.

    I’m also seeing potential for growth here for services using activitypub, mainly for the microblogging service Mastodon, as that’s apparently a similar platform to Threads, or the other new player BlueSky, which also is going to use activitypub protocol.

    Take a look at the telemetries Threads gathers and everything becomes evident. You’re signing away your privacy basically. I wouldn’t wanna be near that thing if it was the last social media platform on earth.

    • @[email protected]
      link
      fedilink
      English
      21 year ago

      Thanks for explaining!

      About the Threads telemetry. I wonder how does the telemetry they gather from the users of their app (“The Threads app can collect data related to your health, financial information, contact information, browsing history, location and purchases, among other things.”) affect users who interact from other instances (for example some mastodon instance) with thread users posts/replies.

      I learned from #mastodon irc channel that in Mastodon for example, the instance owner/maintainer has the following extra information on users of their instance: “IP addresses, email, when they connect, what toots they browse and when”. So this information is not available to Meta, if you are interacting with threads user for example from a mastodon instance that is federating with the threads instance. I’m not seeing how they are getting extra information on you as they can collect all the metadata and your mastodon behaviour already by just creating another anonymous mastodon instance that gets federated with other mastodon instances and then collect the data that can be gathered across the instances. Or maybe you can even scrape the data from mastodon without running an instance even? I’m just trying to learn as I go and my information may be wrong. Please anyone correct/fix if there are mistakes here and inform me more thanks :)

      • @[email protected]
        link
        fedilink
        English
        3
        edit-2
        1 year ago

        I wonder how does the telemetry they gather from the users of their app (“The Threads app can collect data related to your health, financial information, contact information, browsing history, location and purchases, among other things.”) affect users who interact from other instances (for example some mastodon instance) with thread users posts/replies.

        If they really wanted to, they can make it work. Maybe add spyware through a security hole in Lemmy no one’s discovered yet. And since instances are federated, they just spread the disease to one another and it’s users. Anything is possible. If a human made it, it can be broken.

        One thing I’ve learned thus far is to never trust a platform/software owner that has a financial interest. RHEL is also a perfect example of that. The latest changes basically do exactly what MS did 20+ years ago when FOSS and open source was at it’s infancy - shared source. It’s a company that deals with FOSS software for more than 25 years, yet they decided to do this. After you see things like this, you really start to reevaluate things. Many people are scared to donate code to companies now, that’s why projects like Arch and Void thrive nowadays. People finally said “f it, I’m not contributing code to a company that might wanna sell that some day, better donate it to community projects”.

        Mastodon for example, the instance owner/maintainer has the following extra information on users of their instance: “IP addresses, email, when they connect, what toots they browse and when”.

        That’s perfectly normal, Lemmy admins have that info as well. Forums also have that info… you can’t hide everything, that’s nuts, you at least have to have an IP to browse the internet.

        So this information is not available to Meta, if you are interacting with threads user for example from a mastodon instance that is federating with the threads instance.

        Well, kinda, but not exactly. In order for a post or a comment to be saved on Lemmy (and I presume the same is true for Mastodon), 2 copies of the post are made. One resides on your instance (that’s called the original) and the other is saved on the instance on which the community you posted in resides (that’s the copy). Both copies share the same info, date, time, username, post content, original instance (the one you’ve got your account on), etc. Even if the IP is only available on the user’s instance, that still gives meta (or anyone else) a lot of info to manipulate with. They know my username, post content, date and time of post. That info can easily be exploited by people who know what they’re doing. As I said previously, all it would take is a piece of malware that could grab data from the instance’s database and send that to Meta, or whoever. People think that this is really hard, it actually isn’t, coders do stuff like this for fun every day.

        I’m not seeing how they are getting extra information on you as they can collect all the metadata and your mastodon behaviour already by just creating another anonymous mastodon instance that gets federated with other mastodon instances and then collect the data that can be gathered across the instances. Or maybe you can even scrape the data from mastodon without running an instance even? I’m just trying to learn as I go and my information may be wrong. Please anyone correct/fix if there are mistakes here and inform me more thanks :)

        They could do that, but with thousand of instances in the fediverse, that’s just not viable. Even if you do it only to the larger instances, you still have to automate the process, which can get tricky if you don’t actually use the fediverse’es biggest downfall (and it’s biggest strenth at the same time) - everyone is connected to everyone else. Sure federation is clanky ATM, but that will pass. Eventually, everyone will in fact be connected to everyone else. It’s a lot easier to spread malware that way.