By John Gruber
WorkOS Radar:
Protect your app against AI bots, free-tier abuse, and brute-force attacks.
Ian Betteridge:
What defines Mastodon is not the use of a protocol. The protocol is just an enabler. Instead, Mastodon is defined by allowing communities (instances) freedom of association. It is the ability of communities to choose not to federate with anyone else which gives Mastodon its strength.
His whole post is thoughtful and considered, and worth your attention. Betteridge largely disagrees with me on this issue, and while he hasn’t changed my mind, I’m happy to direct your attention to his arguments.
But I do disagree with this:
If you want to understand why some communities are wary of Meta, it’s worth remembering how ActivityPub works. Let’s say I run an instance called EvilMole.social. If I don’t defederate (block) Meta’s server, any user on their server and any user on EvilMole can follow each other. So suppose that @[email protected] follows @[email protected]. What happens?
First, every single one of Molesworth’s posts are now available to Meta, including all the replies they make to everyone including people who don’t follow anyone on Meta’s server. In other words, Meta gets access to posts from people who may very well have an issue with that.
If you don’t want Meta (or Google, or whoever) to see your posts, then no matter which instance you’re on, and which other servers your instance chooses to federate with, you need to make your account private. If you’re posting publicly on any Mastodon server, everything you post is visible to the world, including Meta. If your account isn’t private, you’re posting to the open web. Google doesn’t run an ActivityPub instance (yet?) but clearly they’re indexing Mastodon posts.
★ Thursday, 22 June 2023