Hi Fediverse denizens. I've been working on a project I hope will help Fediverse devs make software that federates across ALL services, not just Mastodon-plus-a-few-others.
-
The Psychotic Network Ferretreplied to Darius Kazemi last edited by
@darius JESUS MARY AND JOSEPH!
We do NOT need easier access to RESULTS.
We need better documentation to the constructs that deliver those results.
At a certain point, you have to start admitting that layers of extrapolation are counterproductive.
The Fediverse is already a tangled mess of RESTFUL calls.
-
@darius Maybe there are already projects that do this, and discovery is enough of a catalyst? Maybe everyone just falls back to a basic `note`? Forgive my ignorance, I’m basically just rehashing things I’ve had to work through previously.
-
@everyplace I mean I am hoping that people can build stuff like that on top of this! I just was gobsmacked that the basic data wasn't even out there really.
Also the schema data has already proven useful in standards discussions
-
Darius Kazemireplied to The Psychotic Network Ferret last edited by
@nuintari I don't really understand what you mean by "easier access to results" here
-
The Psychotic Network Ferretreplied to Darius Kazemi last edited by
-
@darius what happens when something you can post here will get strikes on other platforms? Some are worse than others but I also think it's a great idea if you can get around actually free speech!
-
Jennifer Moore 😷replied to Darius Kazemi last edited by
Seems to me like a cool and potentially very useful thing!
Also, respect for the lovely job done here of explaining it up front before people have a chance to get worried - which "ought to be" common sense, but in practice seems to be remarkably uncommon sense
-
a: this is a super valuable tool, very helpful, it's great youre building it!
b: I genuinely do not think the fediverse can exist if we're taking the idea seriously that surfacing activitypub data formats requires an opt-in consent. Taking that idea to its logical conclusion means that its literally impossible to build a federating AP server.
-
@YakYak_OG @darius my understanding is that as the software is just recording the shape of the protocol level messages, the actual contents of the messages (the free speech) is completely irrelevant.
i.e., it doesn't matter what the contents is or who said it because the software ignores that. It records “<string>" or “<uri>” or whatever.
-
@darius I think this is going to be fundamental as a tool for compatibility between Fediverse software as the network grows. Understanding what is being sent, schema wise, is essential to being able to handle it.
I also wouldn't mind running this as a proxy in front of a server, where I can submit information about activities I receive, but anonymizing everything before forwarding to the collector.
-
@darius please hand off Hometown to another maintainer! It's cool you're moving on to these new, bigger projects, but it's sadly ironic that those of us who liked your ideas about social media the most — and therefore started Hometown servers — are left stuck without updates or bug fixes.
-
@darius great tool but the Mastodon developers do not want to comply with other rules for different federations and activity hub standards. Mastodon will only work in Mastodon. It’s the reason why you won’t see misskey post in Mastodon or pixelfed photos, the Mastodon developers deliberately ignore everything outside the Mastodon community.
-
-
Darius Kazemireplied to Jennifer Moore 😷 last edited by
@unchartedworlds means a lot coming from someone on the scicomm server!!!
-
@graue yes, I want to do this and have plans for it, but I needed to get this out first
-
-
Deborah Pickettreplied to Darius Kazemi last edited by
@darius How do you counteract poisoning of the data by bad actors? Do you have a blocklist of peers or addresses to discard data from? Can you remove poisoned anonymized datapoints if they’re discovered long after collection?
Does the relay work with peers who have AUTHORIZED_FETCH turned on? Most relays don’t.
-
The Nexus of Privacyreplied to Darius Kazemi last edited by
@darius thanks for taking time time to write it up so thoroughly and get feedback! It seems like a great tool -- I was impressed by the demo at FediForum -- and I really appreciate you thinking so deeply about the privacy aspects and taking a conset-based approach. I certainly hope that this sets the bar for future projects.
Opt-in at the server level makes a lot of sense to me, and I like the specific approach you described in your reply to @djsundog ... it's a mechanism server admins are already familiar with. The discussion of how you can't leverage existing opt-in/opt-out signals makes it clear that trying to do so would compromising user privacy (and also exposes a limitation of the current design -- not your issue but something I hope developers think about).
Scrubbing the data is a great example of data minimization, and the example makes it easy to understand. The exceptions you list all seem very sensible,
A question about the additional opt-out mechanism ... does this do anything more than the admin undoing the opt-in by unsubscribing? If not, then it might be overkill ... although certainly nothing the matter with having an email-based opt-out as well.
-
Darius Kazemireplied to Deborah Pickett last edited by
@futzle yes to blocklist and yes to removing poisoned data manually
No it doesn't work with authorized fetch, and I assume that a server with that turned on doesn't want my tool anywhere near them anyway
-
@darius okay! this seems solid to us. we do suspect it errs on the side of not capturing quite enough data to solve real compatibility problems, but we're supportive of resolving that iteratively by looking at the data captured this way, then studying what else it's useful to capture one thing at a time.