Bob MottramApr 6, 2017
So the mastodon.social privacy policy is ok, but if I were the maintainer I'd avoid recording any IP addresses. One thing to consider is that when you're a meganode both state and non-state organisations will become interested in your logs and will try to obtain them either explicitly, with goons showing up and making threats, or also less explicitly with implants and exfiltration or NSLs and gagging orders. If you don't record IPs then in the worst case there's not much that third parties can get.

Another factor to consider is that the demographic of fediverse folks probably includes a higher proportion of non-normative views and lifestyles than you might find in the silos. These non-normative people are precisely the groups which the really bad guys always seek to target. So as maintainer you should be concerned with your user's interests and practice metadata minimization which can limit any potential damage.
Show threadFrankie SaxxApr 6, 2017

@bob
It would be interesting to know how much IP info is used/recorded in an interaction with a non-home instance.

I can see some instances adamantly rejecting non-recording of IP data not just for logs and troubleshooting, but because they're heavily into social policing & want robust banning & blacklisting.

If the info isn't passed, then conceivably how much IP info is saved could be decided by each instance individually.

Show threadBob Mottram
@frankiesaxx it all comes back to the problem of having too many users on one server. Users should be able to block whoever they want, but having the admin do that without agreement of the users is problematic. As the number of users on an instance increases the probability of affinity between the admin and any random user approaches 0.5
Apr 6, 2017 at 9:38amWeb