David_MSJan 5, 2024
jerry

Lately, not an hour goes by without someone asking me about what infosec.exchange is “doing about Threads”. There’s a lot of mis- and dis-information running around the fediverse as of late about Threads beginning to federate, along with some legitimate concerns. This post is not about my personal views, but rather my plans for Threads and some instructions.

At the moment, Threads.net is silenced (aka limited) on infosec.exchange. That means that infosec.exchange accounts won’t see threads.net posts or accounts, and threads.net accounts can’t follow infosec.exchange accounts without approval of the person being followed. This gives people the ability to search for a threads.net account and bypass the warning to follow them. From there, it is like interacting with any other fediverse account. That works fine for now as there are not many threads.net accounts exposed to the fediverse, but it doesn’t scale very well for people who want to interact with threads.net accounts in the future.

The big picture plan for threads.net on infosec.exchange is this:

  • Silence threads.net – done
  • Enable the authorized_fetch feature on infosec.exchange to prevent the normal flow of posts from accounts blocking threads.net to Threads’ users and systems – done (note: this in no way prevents people, including Threads, from accessing your public posts. Public posts are public and can be accessed via the web site directly, RSS, and and so on.)
  • Encourage people who do not want to interact with threads.net or have their posts visible to Threads’ users to block the domain threads.net. – This post is kicking off that campaign. See below for instructions.
  • Create a new instance (name will either be infosec.space or infosec.cafe, still deciding) that will fully block threads.net. This should be completed by Jan 1, 2024
  • Encourage infosec.exchange members who are not comfortable with other infosec.exchange users interacting with threads.net to migrate to the new instance or to some other instance that fully blocks theads.net. This campaign will start once the new instance is available.
  • Remove the threads.net silence/limit on infosec.exchange. This will happen 60 days after step 5.

    • Q&A

    Q: I think you are a terrible person not blocking threads.

    A: I am sorry it didn’t work out between us. I am but an imperfect human trying my best to navigate a complicated world. There are other instances that may be more to your liking.

    Q: Will the new instance block instances that don’t block threads.net?

    A: I do not currently see value in this beyond being punitive to other instances, so no, there are no current plans to do that.

    Q: I’ve been told that instances will collapse once threads starts federating. Aren’t you worried about that?

    A: I worry about many things. This isn’t one of them. For sound technical reasons.

    Q: What if no one wants to use your new instance or what if everyone leaves infosec.exchange due to your poor decision making?

    A: I save a lot of time and money.

    Q: What happens when $terribleaccount on threads.net starts harassing people?

    A: I will block the account, just like I do today.

    Q: Aren’t you worried about the moderation of threads.net?

    A: Not really. I get to deal with problematic instances and problematic people all day, every day. If it gets to be too much, I’ll reassess.

    Q: How do I block threads.net on my account?

    A: This is how:

    These instructions are how to block threads.net via a web browser. Some mobile apps also expose this feature and some don’t, and I don’t really have the ability to create instructions for the 20+ different mobile apps.

    Step 1 – search for threads.net

    Step 2 – Select a threads.net account:

    Step 3 – Click on the menu next to the account name in the profile view:

    Step 4 – block the domain

    That’s it.

    https://blog.infosec.exchange/2023/12/27/threads-and-infosec-exchange/

    Threads and Infosec.Exchange

    Lately, not an hour goes by without someone asking me about what infosec.exchange is “doing about Threads”. There’s a lot of mis- and dis-information running around the fediverse …

    Infosec Exchange Blog
    Dec 27, 2023 at 9:19pmWeb
    Show threadKirsty's Old AccountDec 27, 2023
    @jerry
    I have another question, sorry...
    What if only a handful of people move their accounts to the new non-threads federated instance... What is your minimum take-up for that to keep going? Would accounts risk being left homeless?
    Show threadJerry 🦙💝🦙Dec 27, 2023
    @adminkirsty That's a good question. Infosec,place has, I think less than 5 people on it, so it's a small number. @[email protected]
    Show threadthese machines will destroy US.Dec 27, 2023
    @jerry this is by far the best thing I've read all week.
    Show threadDJ🌞Dec 27, 2023
    @jerry Thanks for clarification, Jerry, appreciate the clarity and transparency.
    Show threadVoxel (old account)Dec 27, 2023
    @jerry I will may or may not switch over to the other instance then, depending on how things are going to go.
    Show threadEk Ong Kaar K MichaudDec 28, 2023
    @jerry Bookmarking this post. Thank you.
    Show threadWilla  Dec 28, 2023
    @jerry Thank you, Jerry!
    Show threadKinetixDec 28, 2023
    I find the 'wait and see' attitude with Meta completely mystifying.
    @snott
    Show threadAnimalSpiritsDec 28, 2023
    @jerry Sincere thanks for being our admin and for taking the time to put your strategy in writing.
    Show threadEmanuel AntablinDec 28, 2023
    @jerry Thank you for taking the time to keep us updated. Great moderating on trying to keep all sides happy, unsure about why so much time/effort was spent on this topic, but I trust you're doing what you find in our collective best interest.
    Show threadJeff AtwoodDec 28, 2023
    @jerry this is awesome, can we put you in charge of Facebook/Insta as well? PLEASE?
    Show threadChristian KündigDec 28, 2023
    @jerry reasonable and the right decision. @seb FYI (not sure you have made any statement yet and like most people have probably more important things to worry about than Threads federation 😀 )
    Show threadseb - buttons are toys!Dec 28, 2023

    @chkuendig @jerry Thanks. We are not putting any blocks in place preventatively. We will handle the Threads instance the same way as any other instance. If community members of #IOCX feel like they don’t want to interact with threads users, they can block the instance on the user level.

    As far as I understand the business model of companies like meta, it is highly unlikely that they will make federation opt-out on their side. They will very likely only enable the fediverse as an opt-in feature for their users.

    Show threadChristian KündigDec 29, 2023
    @seb awesome, thanks for clarifying. and thank you for running #IOCX!
    Show threadPaul Chambers🚧Dec 29, 2023
    @jerry
    No comment except, as I was reading the FAQ question starting with "Q: What if no one wants to use your new instance..." answer, a commercial on TV in the background said, "I just saved a bunch of money by switching to..."
    Show threadMorten ToudahlDec 29, 2023

    @jerry I have not kept up with things in the fediverse for a while.

    Why is threads.net a problem?

    Show threadAndres JalintonDec 30, 2023
    @mortentoudahl
    So...Threads is owned by Meta, a very poor moderated / highly evil company that doesn't stop to genocide or basically nothing really.
    It has 100 million active users, making it 100x bigger than the  itself, that would mean 100x (or more, since it's poorly moderated) more effort to moderate.
    Technically, if you go viral on Threads, you have to endure a request rate of millions (every fav, reply, boost from an instance of 100 milllion active users)
    Show thread🄯 CarlOSDec 30, 2023
    @Andres @mortentoudahl @jerry only posts from accounts that are followed by local fediverse users will be available into that instance. So, unless millions account are followed from your mastodon/fediverse instance that won't be a problrm.
    Show threadAndres JalintonDec 30, 2023
    @carloshr @mortentoudahl
    That's not true, you don't need to follow an account to reply, boost or like a post.
    Show thread🄯 CarlOSDec 30, 2023
    @Andres @mortentoudahl but that post needs to be known by your local instance.
    Show threadAndres JalintonDec 31, 2023
    @carloshr @mortentoudahl
    Sure, it won't happen if lile defederate threads, but if not, it means problems.
    Show threadYetkin Degirmenci 🍫Dec 29, 2023
    @jerry Thank you so much!
    Show threadKromey Dec 30, 2023
    @jerry As someone who's paid so little attention to it that I barely even know Threads exists, why is them federating a bad thing?
    Show threadPeoriaBummerDec 30, 2023

    @jerry “I get to deal with problematic instances and problematic people all day, every day.”

    People need to understand that you are a sheriff in the god damn Wild West.

    Show threadAndres JalintonDec 30, 2023

    @jerry
    Hello Jerry, happy holidays.
    Thanks for this very insightful post.

    I have some questions from the technical side of things.

    I'm assuming you will be running two  instances in one machine, do you have any way to "sync" the external media so one  instance shares the same file with the other (saving lots of GBs of data from duplication)

    About the technical reasons behind not worrying about Thread, could you elaborate more?

    Thanks again!

    Show threadLaimisDec 30, 2023
    @jerry well done, sir! You are going above and beyond with providing a new instance to satisfy those wanting full block. Super informative, and sane!
    Show threadClaudiusDec 30, 2023
    @jerry
    Q: why lift the silence/limit? This could simply remain in place, IMO.
    Show threadCosmic RayJan 1, 2024
    @jerry
    Thanks, that's reasonable
    Show threadDavid Benfell, Ph.D. (he/him/his)Jan 1, 2024

    @jerry

    For me, step 3 consistently opens in a new page where I do not have access to blocking functions.

    Show threadKrupoJan 1, 2024

    @jerry this is by far my favourite FAQ exchange ever.

    "Q: What if no one wants to use your new instance or what if everyone leaves infosec.exchange due to your poor decision making?

    A: I save a lot of time and money."

    Show threadGarrettJan 13, 2024
    @jerry Thanks for doing your best to find a middle ground path, steering towards it, explaining your logic, and also running+moderating the server(s) in the first place!
    Show threadPhillip Hallam-BakerJan 17, 2024

    @jerry This is illustrating what I see as a structural flaw in Mastodon: It conflates hosting with curation.

    I understand why it works that way but it is a broken approach. It puts too much work on the people running services for a start.

    Publishing should be pumping out bits and nothing more.

    Curation needs to be separate so we can subscribe to multiple curation services without having to pick a service for its curation.

    Show threadLucas Gonze (infosec posts)Jan 26, 2024
    @jerry I respect your clear and calm analysis of the threat, if any, of Threads. Thank you.