Replying to Avatar rabble

What do people think of this? nostr:note13k0wh965nntau3jdx8d3ls96uus2zk778z4w6dyg9r8ptt94e6hsj94y3r It seems that Mastodon is designed to share user posts, including private DMs, with anyone who asks for them. Someone with an AI background pulled in a bunch of posts and analyzed them, including labeling the content.

These folks, Maven, followed the ActivityPub spec and the terms of service. They downloaded publicly accessible data using Mastodon servers and services as designed. They then analyzed that data and ran an algorithm to add labels, similar to how every fediverse server does. The difference here is that Maven used machine learning to add some labels, whereas others add labels such as timestamps when the local server downloads the data without using newer machine learning tech.

Bing, DuckDuckGo, and Google also do this; they crawl the fediverse, use AI and machine learning to label content, and display it in different contexts.

The tags that Maven adds are pretty innocent. They are just adding hashtag-like labels for discoverability.

Furthermore, many people are upset that Maven is leaking people's DMs. This is like living in a house where you refuse to have a front door or curtains on your windows and then getting very upset when somebody wanders in and sits down in your living room or looks in from across the street. The fediverse, by design, has no privacy. DMs are public! It says right there in Mastodon that these aren’t private. Nor are Bluesky's DMs, by the way. There is no end-to-end encryption in the fediverse yet. Evan Prodromou is actually working on this, likely adapting the MLS standard, which is great but doesn’t exist yet.

So my question is this: Why does the fediverse rely on unwritten and undocumented norms that are not mentioned in either the specs or terms of service? And why are people constantly surprised when others don't follow these hidden social conventions?
Avatar
Melvin Carvalho 1y ago

Going back a bit, the design of ActivityPub was a way to bring the idea of an email inbox to the web. It's little known that HTTP was based on SMTP but allowed more features. My original idea was "semantic inbox" which allowed sending rich data over HTTP. This became Solid Inbox, then LDP Inbox, then ActivityPub Inbox. So email but better. ActivityPub added an outbox which is used for validation, Solid didnt have this and went for complex shapes, which are still not fully working. Outbox worked. In Solid we had access control, allowing privacy, all inboxes were private by default. ActivityPub did have that feature, and also broke standards compliance or it could have imported some of the things Solid had for privacy, as was designed. Most of the people in the W3C working group that made ActivityPub had not read the underlying specs, so you ended up with a system that worked but was not standards compliant, which broke alot of potential interop and benefits from features. Now there are lots of fixes to compensate for this. I guess this is the normal course of events, something similar is starting to go on in the NIPs getting more centralized and political over time. Ulimately you either have a standard that works, of you have lots of little hacks to get round the fact that you didnt implment the standard, or something in the standard is broken. The fediverse was supposed to look a lot like nostr, but technial and people problems get in the way. Nostr also succeeded because solid broke its pubsub over websockets, otherwise we could have had one big open web, including the federated model, and personal storage. But all is not lost, we now have bridges that translate from one place to another. Hopefully each can learn from the other, and add features to offer users more choice.

Reply to this note

Please Login to reply.

Discussion

No replies yet.