Mastodawn

Willow (she/her)Jul 4, 2023

@clifff Why the fuuuuck does a social media app need to know my financials and health info?!

YUCK.

ETA: This was not an invitation to reply guys to pile up in my mentions. Go away. No one wants you here.

@MsHearthWitch @clifff If you use instagram you give them the exact same data. Threads is essentially based off of instagram’s data, so yeah threads also has access to the exact same data.Also to add on this a lot of this is opt-in ,i.e., you can choose whether or not to give access to nor not. #threads

Deeso Snep Jul 4, 2023

@arnoid @MsHearthWitch @clifff Yeah, but as usual the problem is that you have to opt out of that stuff. Big Techs rely in a large part of the population who don't understand or are not concerned about privacy.

@Deeso @MsHearthWitch @clifff Both Apple and Google will show pop-ups while setting up the app, though you likely won’t have a lot of option if you use the website instead of the app. One thing I agree with is companies should be more transparent about what data they take from you and more importantly how they store it. But having a completely free app is impossible so you either pay , or opt out of targeted advertising and see random ads on your feed.

Peter Bindels Jul 4, 2023

@Deeso @arnoid @MsHearthWitch @clifff It's not just the opt-out; usually they will gate part of functionality behind unnecessary (but related) permissions.

@dascandy42 @Deeso @MsHearthWitch @clifff They are not allowed to do that as per the store guidelines for both apple and google. Their app submissions would be rejected. So for example a navigation app requires you to give it location access , but if for some reason it also requires access to your contacts for navigation that app will not pass the app review process and the dev will have to make the necessary changes but my main point remains “Transparency” is imp

Peter Bindels Jul 4, 2023

@arnoid @Deeso @MsHearthWitch @clifff I wonder who wants to start a discussion with Facebook about having a permission that's not strictly necessary but related. Can't imagine anyone being paid enough to actually start that.

Not to mention that this is the company that had to patch symbol table loaders in early Android because their code base has so much code.

Deeso Snep Jul 4, 2023

@dascandy42 @arnoid @MsHearthWitch @clifff I think the only leanguage they understand are the huge fines coming from states.

@Deeso @dascandy42 @MsHearthWitch @clifff A lot of the times it’s actually easier for them to just pay the fines.

Deeso Snep Jul 4, 2023

@arnoid @dascandy42 @MsHearthWitch @clifff Paying a fine doesn't exempt you from abiding the law.

@Deeso @dascandy42 @MsHearthWitch @clifff Not saying that it exempts them from the law ….but in a lot of cases they will pay the fine rather than comply with laws and regulations

@dascandy42 @Deeso @MsHearthWitch @clifff Apple and google will do it , when it violates their app guidelines, they may manage to sneak one in but it will eventually be caught and have to be rectified. The second part not surprising , any codebase used for so many years and worked on by mutiple devs will have such issues.

Peter Bindels Jul 4, 2023

@MsHearthWitch @clifff Ever notice Whatsapp needing your full call history to allow you to make calls / video calls?

Boba

Jul 4, 2023

@MsHearthWitch @clifff I'm not sure if these are accurate. The app isn't out yet, so they might still change before release. (Meta obviously will still be a tracking parasite, but I don't think Apple would allow the app to be on the App Store like this)

@MsHearthWitch @clifff

Profit.

سلطان عمر الھندی Jul 4, 2023

@MsHearthWitch @clifff Maybe it want to know if you're financially and healthwise doing ok so when it's tucking you in bed at night it can tell you "Hey it's gonna be ok"

Felis Cat Jul 4, 2023

@MsHearthWitch what's a reply guy

Marc Etienne Jul 4, 2023

@MsHearthWitch @clifff the simplest answer? They want you to easily post from it. So they ask for access so they can share for you. And share with their advertisers, so that they can sell you pablum based on your health, scams that match your income, and so on.

The sad part is, it's just copypasta from Instagram, so they are used to asking for all of this info.

Carlota Lacumi Appreciator Jul 5, 2023

@MsHearthWitch @clifff For real it's so gross and invasive 😭😭

Pascal Leinert 🌹🌻🗽Jul 4, 2023

@clifff What data do you want?

Meta: yes

Meercat ✅  Jul 4, 2023

@clifff That’s unacceptable. How are they allowed such private information; they should even be allowed to ask for that much

indri Jul 4, 2023

@meercat0 @clifff I might be wrong, but I think that's just caution not to omitt any categories of data. Some of those are data that *might* be handled by meta. For example b/c you put them in your bio (race, sexual orientation) or post about them. They'll have your financial info if you use paid services.

Noah Gibbs Jul 4, 2023

@indri @meercat0 @clifff Usually that sort of thing means you're giving them permission for that API.

For instance, for Location, if you tell the app "no" then they can't collect it. iOS just doesn't give them that info. And those categories *look* like they'd be iOS API calls.

Android is similar but different, but with fewer permissions - an Android app can more often just get your data without asking, though not in every case.

@meercat0 @clifff
...you don't HAVE to use their app. 🤷‍♂️

Meercat ✅  Jul 4, 2023

@TheActualBrian @clifff Sure, I don’t have to, and I don’t use their app as a matter a fact. But it turns out most people don’t even check what they are giving away by using these apps. I have a hard time trying to explain them that privacy online in important

@meercat0 @clifff

So, no one uses their app.
It's not out yet.

Yeah, it's difficult explaining data collection to non technical people, but you're not their caretaker.

They can use whatever app they want.

They WILL use whatever app they want and if Meta provides one that gives them what they want where others fail, they'll use it.

If people block Meta out of an emotional, knee jerk reaction, they just cut off the rest of us from what will be the biggest server

Samuel Prudencio

Jul 4, 2023

@clifff @Shine_McShine eeeeh, lo del Acceso a Salud es especialmente sangrante. Increíble.

Mahmoud - محمود عبدالجواد Jul 4, 2023

@clifff if this is a #Mastodon interface? Then #Threads must be blocked from all of #fediverse to prevent our content gets leaked to #meta / #Facebook. Yes, I know everything on fediverse is public and can be easily scraped, but I still wouldn't like Meta to have it on a golden plate without any effort.

Also, it is still possible some conversations are not meant to be public.

Cc.: @Gargron

@mahmoudajawad @clifff @Gargron

Simon Lucy Jul 4, 2023

There are no DMs on Mastodon instances.

Mahmoud - محمود عبدالجواد Jul 4, 2023

@simon_lucy but there's visibility option of post which allows you to specify who can see a certain post. Yes, it is not E2EE, yes it is not meant as a replacement for "DM", yes it exists. I don't want Meta to be able to peak on a post I thought only certain person should see it.

Simon Lucy Jul 4, 2023

@mahmoudajawad

And either party can add anyone into that thread. Don't treat it as private.

(I wouldn't treat Twitter DMs as essentially private either but that's a different matter).

@simon_lucy @mahmoudajawad @clifff @Gargron

dragonfrog Jul 4, 2023

Someone should tell Mastodon

@dragonfrog @mahmoudajawad @clifff @Gargron

Simon Lucy Jul 4, 2023

From the Privacy Policy:
"Direct and followers-only posts: ...We make a good faith effort to limit the access to those posts only to authorized persons, but other servers may fail to do so.... Please keep in mind that the operators of the server and any receiving server may view such messages, and that recipients may screenshot, copy or otherwise re-share them. Do not share any sensitive information over Mastodon."

Nuff said I think.

dragonfrog Jul 5, 2023

@simon_lucy @mahmoudajawad @clifff @Gargron sounds exactly like email or any other non-E2EE direct messaging system.

@dragonfrog @mahmoudajawad @clifff @Gargron

Simon Lucy Jul 5, 2023

You can think of it that way if you like but it makes no difference.

Noah Gibbs Jul 4, 2023

@mahmoudajawad @clifff @Gargron An awful lot of Mastodon data is simply not locked behind anything. Blocking the Threads app won't do much in that case.

The screenshots above are Threads asking the user's phone for data stored on that phone, and won't affect other users.

Not saying it's not a problem. But it shouldn't affect any user other than the one installing Threads. It's around as intrusive as TikTok or Facebook.

Also, all this blocking and #fedipact is just panicking.

If blocked, you MUST use their app to interact with those people.
If not, there's a huge community coming that we can interact with without giving up data.

I wouldn't doubt it if Meta started or fueled the panic so you'll have to give up your data when your non technical family and friends move in.

Noah Gibbs Jul 4, 2023

I can't imagine Meta had to start a panic over this. Given what Mastodon is and does, this was going to be something a lot of people worry about. Not even unreasonably.

In order to intentionally start a panic over this and risk getting caught, Meta would need to be significantly more worried about Mastodon than yet seems likely.

I don't think they're worried.
I think they want to be isolated from the greater fediverse.
If they're the dominant server and you must use their app, then they get your data or you are isolated from the majority.

Besides, you're correct. They didn't have to start it.
I wouldn't put it past them, but they didn't have to.
This is "The Monsters are Due on Maple St."

Frankly them being isolated from the larger fediverse may be the best choice for the rest of us.

It's got precedent. I mean, Gab and Parler are ActivityPub and isolated like that, and mostly it just works out.

We can't stop them, but mostly don't have to deal with them. It might as well be an entirely different tech.

So, decide for everyone to block entire, large servers because, ... why?

Why decide to blanket block anything to do with Meta before it even exists?

Short version: to avoid the same problem as Google with XMPP, Microsoft with SMTP, etc.

To avoid the leverage and pressure they gain by interoperating - they can make incompatible extensions to ActivityPub. Once they do that, we're stuck either supporting that (expensive, kills dev momentum) or not supporting it (being second-class citizens on our own servers.)

You could say "Meta won't do that" and I'd say "that seems very, very unlikely."

Because Embrace/Extend/Extinguish is the corporate default, Meta is extremely likely to do that, and it's a really ugly situation once they start doing it.

The only way that *doesn't* happen is if Meta has a *lot* of respect for ActivityPub in a way that seems actively detrimental to their own corporate bottom line.

The odds do *not* seem high.

The other obvious point for us to object is when they add extra new features ("Extend") - where we can let Meta decide what development Mastodon et al have to do, and/or not add the features and be "worse".

It's not a better point. But waiting longer than that is even worse.

The least painful point to say "seriously, no" is at the "Embrace" stage.

Another way to think about it: if we cut them off after there are, say, 50,000 follows back and forth between Meta-based services and non-, then we're cutting off 50,000 follows "for no reason".

If we do it now, we're cutting off many potential follows but zero that actually exist.

And if we refuse to *ever* cut them off, we're setting the fediverse back by 10+ years as Meta screws it over.

There's no *good* time to do it. Least-bad is now.

@codefolio
@mahmoudajawad @clifff @Gargron

False dichotomy.
It's not now or never.

Not at all.

When they add features that look bad on the rest of Mastodon, we could absolutely cut them off then.

Then people moving from regular Mastodon to Meta would have to do it to get the new features *and* to keep follows to their side.

The incentives to move to Meta get stronger if we wait.

That has nothing to do with your knee jerk reaction and shows that it's not now or never.

People are going to go to Meta because they'll have a fully featured app, they won't have to know how the back end works, and everyone they know will be there.

Mastodon dropped the ball on all that and Meta is picking it up and running with it.

Blocking them only drives more people away.
Acting like it's rational to act out of fear doesn't help either.

Noah Gibbs Jul 6, 2023

@TheActualBrian @mahmoudajawad @clifff @Gargron Ah, got it.

*That's* what you want.

Yeah, Mastodon is never going to be for you.

That's cool.

But then why are you bothering with Mastodon instead of going to one of the walled gardens? There are plenty.

Trying to argue that Mastodon should *be* a walled garden will never work. It's not structured like that, and it's specifically defended *against* ever being that.

The Actual Brian Jul 6, 2023

I never said it should be like other social media.
I said that if you want it to grow, you must embrace the general public.
I said that you'll never get the general public here without simplicity.

Good god, federation was a good idea, yeah, but like EVERY system implemented by techs with no input from support, you ARE a walled garden because you exclude anyone but tech nerds.

Keep trying to avoid that one, simple fact.

Nothing has happened, but you KNOW what the ONLY solutions are.

It's funny. I hear completely different arguments from everyone and they're all just trying to justify fear in whatever context I asked.

Everyone is simply afraid of losing control of the thing they imagine they are God/king of and losing control is inevitable unless you want to never grow.

I mean... Do you see any scenario in which Facebook does *not* add incompatible features to ActivityPub? I can't imagine a plausible one. And then this goes the same way similar situations do.

Yes. I do.
They do or they don't.
Whatever profits them more.

FFS, they're profit driven, not out to get you.

And, if they do, you did it to yourself and are just pissed that someone else made a more popular platform than you did.

You paranoids have been demanding people ban the larger instances and verbally lynching admins for talking to Meta because you "kNoW" what they must have said, just like you just "kNoW" it's the only possibility.

Noah Gibbs Jul 6, 2023

Let's be clear: I'm very intentionally *off* the more popular walled-garden platforms. They still exist.

I'm here for the weird hippie hacker built-by-transfolk-and-furries co-op vibe.

I do not *want* massive popularity, particularly if it destroys that.

The Actual Brian Jul 6, 2023

That's nice. You want to hide. Fine.

I never said it implied you couldn't do that.
I was saying that IF people didn't want Mastodon to wither and die or, at best, forever be an obscure afterthought, it has to grow and growth means bring in the general public.

It's astounding how thick people who believe they're intelligent and correct can be. I've been repeating that and you just keep trying to find some way around it.

More straw men.
Not the only way.

Straw man. No one said they won't.

If they do, act then.

It's open source. That's, what I'm continually told, is the beauty of it, and now it's only open if certain people are not panicked by what one might do.

Prejudgment.

Also, if they do, they cut themselves off.
So what?

The thing is, if they do that, they *don't* cut themselves off. They make the rest of Mastodon look like a second-class service while taking a lot of the Mastodon userbase with them. "Join us or watch your service slowly degrade as other people use Meta-specific features that look lousy or just don't show up on your server."

@TheActualBrian @mahmoudajawad @clifff @Gargron Open Source fixes some problems but not others.

XMPP was open-source, including the significant majority of clients. SMTP was open-source in the same way.

Open Source doesn't magically make this go away, which is why there's a history of it causing severe problems to established Open Source ecosystems.