Archival is something that should be taken very very seriously by social media software
-
@aud An actual delete does remove your content from the DB: https://github.com/mastodon/mastodon/blob/e1b7382ea6b8b944a363914490d6476726dd7075/app/services/delete_account_service.rb and optionally keeps your username reserved (which I think the UI doesn't even give you the option to nuke the username).
Doesn't prevent an admin from keeping backups or whatnot of course.
-
@aud and yes, overwrites aren't real since SSDs came along, because the drive is permitted to remap blocks to other blocks any time it likes. also, it often does so without even telling the higher levels about it.
-
@[email protected] I like the thing I read recently (about encrypting DMs in the fediverse and how difficult it actually is) and one thing is they split out security and privacy from each other, and I feel that's a good mental framework for thinking about these. It is indeed very difficult to securely remove a person's data; however, attempts to maintain their privacy through deletion are still worthwhile.
Still, I think security + privacy is obviously preferable. But jesus, that sounds like a nightmare in the making. -
@[email protected] hahahahaaaaaaaaa yeah. I like that @[email protected] calls him "website boy" lmao. It's pretty accurate.
-
@aud you mentioned tombstones. tombstones are an important strategy in general, and we have definitely specced things out in the course of our privacy work that rely on them. they can be quite helpful in scenarios where there's a need to redact things but the metadata that the thing existed should be kept. of course, they require the specific application-layer code to be aware of how deletion works and have specific support for it.
-
@[email protected] Ah, thank you. That's good to know.
-
@[email protected] but admittedly, from a science perspective, that sounds like a pretty cool fucking problem to work on (how to extract data from a pile of dust).
-
@[email protected] ugh, this makes me wonder if the site I found talking about undelete was just total made up bullshit. God, I hate the new internet.
-
@aud Could be, the Mastodon interface very clearly says you won't be able to recover the account when you delete: https://docs.joinmastodon.org/user/moving/#delete
-
@[email protected] Right? I think it's unfortunately not always realistic to remove even the very data that suggests something that existed there (given that all this data is linked, it's probably like trying to trim an entire subgraph and not have the existing nodes break). Still.
-
@aud right???? it's like the un-shredding of paper problem, but on hard mode
(un-shredding paper is solved, and commercially available for a few thousand dollars per page. good fun.)
-
@aud Also easily possible there's some fork somewhere that preserves data on delete (for compliance or blackmail or whatever other reason).
-
@[email protected] fuuuuuucking google man
-
@[email protected] Yeah, but I suspect this one was bullshit. Ugh. This is the one issue I have with not running a Mastodon instance.
I shouldn't trust a random google result. I know this, and yet the habit is still so hard to break admittedly, that's why I phrased it as a question: I didn't trust the results. But I should have dug into the source myself. I appreciate you taking the time to do so for me, though! -
@aud we kind of don't quite believe that anyone's actually figured out how to run a bunch of dust through an electron microscope and get good three-dimensional models of each particle. like. the mechanics of actually putting an object on a microscope stage are quite hard. so we're pretty sure this is just a case of militaries deciding they need to defend against absurd things that aren't going to happen. just... only pretty sure.
-
@[email protected] hm. now I'm curious how they solved that. Admittedly, if you had a machine that could separate and then scan the individual parts (or even clusters of them), you could then basically have the software play letter tetris to assemble the pieces into something. Hmmmm...
-
@[email protected] the concept of information remains so fascinating to me. It's a problem area I came to from chemistry (and is kind of what kept me going in that field, to be honest!) so I remain totally fascinated with the realities of entropy and what they mean in computing and archival.
-
@[email protected] To be fair to them, that is a good security strategy for information. Don't defend against the technology that exists today, but assume further, even impossible, refinements of existing tech (especially when it's inexpensive to take the extra step). Assume if there's a needle, there will always be a better mechanism for finding it in a haystack.
-
@aud the way they've bragged about it in the business press makes it sound like it's mostly a software solution, yeah.
-
@aud of course, we never really believe a technology works until we actually try it, and for obvious reasons we haven't tried this one.