Deborah PickettMar 22

So with the revelation that the owner of a big Fedi server is a target of a lawsuit, and that if things go badly the server may find itself seized—

I realize that that users on that instance follow users on my instance, so there are going to be semiprivate posts of mine that may fall into the hands of people—law enforcement, data brokers—who are not beholden to any Fedi Admin Code of Honour.

(I already do not post about my crimes on Fedi, if I were the kind to do crimes.)

Server seizure is just not a part of the ActivityPub threat model. What if it was? How would it change the protocol to protect data at rest, or perhaps not even keep it at rest on a server but defer to the originating server?

End-to-end encryption [user-to-user, not server-to-server] could be part of the answer, but it need not be the whole answer.

I welcome considered thoughts, so any response I see within an hour of my posting this will be ignored.

Show threadLuci Bitchface Angerfoot

@futzle maybe i am just too stupid but i have thought a lot about it and i don’t think it’s possible without basically majorly breaking compatibility with all existing software.

It seems like cwebber has come to the same conclusion

Mar 22 at 3:09amWeb
Show threadDeborah PickettMar 22
@bri7 Yes, my thought is also that it would require a protocol revision and a period of adoption, and that this is unlikely to happen unless we have a major incident where the revision would have helped. I hope the looming mstdn.ca incident isn’t major enough, TBH.