Follow

Gonna block qoto.org on this instance later this morning when I’m at my desk.

Their forked version of mastodon implements a feature that allows accounts on their instance to follow locked accounts—even if you reject a follow request from a qoto user, they can see all your public-level posts on their home timeline.

This is a breach of trust to users of other instances and provides a vector for stalking and harassment, as users may not know who is following them.

Public posts may be discoverable and accessible by visiting someone’s profile, but this qoto feature (and the mastodon pull request that does the same thing) posits that users are entitled to view someone’s public posts at the moment they’re posted. That’s wrong. Denying a follow request, but not blocking someone, means you do not consent to giving them instantaneous and convenient access to reply to or engage with your posts. Just because they’re public doesn’t mean they’re for you.

Show thread

The people replying to this saying “but your public posts are easy to get already, just grab the RSS feed or remember to visit the profile!” underestimate the value of slightly inconveniencing users whose follow request you denied. Nothing is easier than something being in your home timeline, across all masto clients, to reply to or boost or like or bookmark.

Show thread
@alex thanks for the heads up. I'll be doing the same.

@alex It is still public right? No one is "entitled" to see your posts, but if you are posting them publicly, there is little you can do to stop certain people from reading it. That is the nature of a free network (versus one where someone is in control of everything). There is also an RSS feed attached to each account by default which is trivial to follow in many different ways.

Also, in a free network, I acknowledge your freedom to block qoto.org to show your disagreement with their feature.

@masterofthetiger it is not about stopping them, it is about inconveniencing them. Introducing a tiny bit of friction to discourage it.

@alex But is it wrong for them to break that friction themselves?

I agree that it was probably a bad idea for QOTO to do that (while understanding that there were likely legitimate reasons for the it), but is it really worth blocking the whole instance over it?

@masterofthetiger they specifically advertise the ability to follow locked accounts as a benefit of their platform.

@alex Hmm... I looked more into it and read a couple different conversations some people have had. It is a complicated issue. As it stands, I believe it can too easily be used for the wrong reasons.

I think that there are legitimate reasons for such a feature, but it seems to be bad the way qoto has implemented it. It needs a lot more consideration.

https://github.com/tootsuite/mastodon/issues/5686

@alex @masterofthetiger

I follow only a handful of people from my Kiwi Farms account, so the home feed, where I see their posts, is still useful. On Twitter and Gab, I follow way too many people to keep up with the volume. On Twitter, that just means that I take occasional samples from the bottom of my Twitterrific timeline, and miss the rest. On Gab, I navigate with lists, which can follow public posts of ANYONE, without their knowledge. I'm pretty sure that standard Mastodon lists work that way, too, though I don't have any accounts with which to test it.

It seems absurd to me to expect your public posts to be invisible to someone just because you denied a follow request. If you want your timeline to be private, set your default visibility to "Followers-Only", and rarely make public posts.
@masterofthetiger @alex

I don't pander to the easily offended. Happy to be blocked by such. I grew my internet skin back in the IRC and newsfeed era, before whiny babies were routinely coddled.

Not saying Alex is a whiny baby. I don't know him well enough to say that. But it took very little disagreement from me to get hit by his ban hammer. Which is why I guessed that my mention of Gab is more likely his problem. But I'll never know. And will forget about it a few minutes after the last post in this thread.

@alex I just asked the reasoning about the feature to the admin, and this was his response:
https://qoto.org/@freemo/103765390219364642

@alex

"...but this qoto feature (and the mastodon pull request that does the same thing) posits that users are entitled to view someone’s public posts at the moment they’re posted."

I'm confused. Aren't there already RSS feeds for every Mastodon user on every instance? For example, yours is https://dads.cool/@alex.rss and mine is https://todon.nl/@coding.rss. Wouldn't this enable anyone to "view someone's public posts at the moment they're published?"

Or ... is it possible to disable RSS feeds? And/Or ... is there a significant delay from when posts are published in Mastodon and then added to the RSS feed?

I'm just now seeing this issue with qoto and your comments are some of the first I've seen, so I apologize if some of the context I'm missing makes my question moot.

@coding I can’t speak to the ability to block the RSS feeds, but I do know using an rss reader to my feeds as a level of complication and abstraction from interacting that’s good enough for me

@alex I see your point. Friction can help deter bad behavior. Yet, at the same time, it's important for people to know that their public posts are public to anyone whether one follows or not.

It's also important for users to know that their private posts are, at the least, accessible to instance maintainers.

I agree with blocking qoto. I would probably do the same if I maintained an instance. In doing so, I'd also remind my users that their RSS feeds are still public, people can still see their public stuff via a browser, etc... so they don't have a false sense of security and accidentally get into trouble posting something they think someone can't see.

@coding I think this is absolutely the right call, and the right way to view the situation. What I'm disheartened by is the people who seem to think "the best way to teach people about how they don't really have privacy is for me, personally, to violate their expectations of privacy!", which is the attitude of a few people in the replies to this thread (people who I have now blocked)

@alex those people all coincidentally hang out on perfectly silencable instances themselves, amazing how that works.

@alex
If you don't want someone to reply to your toot, just block them. Or better yet, mute them and let them reply for the benefit of other people if you don't want to read them.

I'm getting notes of DRM from this.

@alex To say the obvious: it clearly makes a difference for the people wanting to be creepy. They always could just use RSS or public posts, but they still insist on the new "feature".

@alex What is the purpose of locked accounts with public-level posts? Anyone can see the posts with a regular web browser, there is no need to have their "forked version".

@bortzmeyer sometimes you post public, sometimes you post followers-only. If I deny your follow request, it’s because I don’t want my posts on your home timeline. This fork takes that choice away from me.

@alex I'm still puzzled. If you post public, it means you accept anyone (follower or not) to see your toots (and I think that Mastodon reminds you of that when you post).

@bortzmeyer I want to do the best I can to guarantee my users have the same experience if they deny a follow request across the fediverse. That might not be possible, but I can at least block obvious offenders.

@alex thank you for taking action, and for spreading awareness!

@alex Good job putting a fork in their forked version. Can y'all do it for cooler.mom also?

@alex they can also just follow the RSS feeds of users...

@feld as I have said elsewhere in the thread, introducing just a little friction is enough of a deterrent for many, and the simple fact is that I want to be able to get as close as I can to guaranteeing to my users that if they decline a follow request from a user, that user will not get to have my user's posts in that user's home timeline

@alex You're giving your users a very false sense of security. We should be educating users instead.

@feld not a fan of any form of education that requires a violation of trust

@feld I am giving users the expectation that follow relationships on mastodon will work the way they are described in mastodon's own documentation

@alex you should defederate with anything you cannot guarantee is 100% verifiable Mastodon software then, and I don't know how you could ever verify it anyway.
@alex i don't understand why you aren't yelling at Gargron for misleading documentation that lies to the users.

Here's what i predict will happen this year:

- more people will scream about non-Mastodon software or modified Mastodon software / forks
- Gargron will add a feature to allow you to automatically block/defederate from anything that's not certified Mastodon software
- Everyone will just spoof the version string to lie and pretend to be Mastodon to avoid being automatically blocked


This is a useless war being waged and can never be won. Just educate your users. Teach them to not trust social media to give them any sense of privacy. It will make the world a better place.

Please, whatever you do, don't make the same mistakes that we've already seen with Facebook/Instagram/Twitter. Your instance admin will not be able to save you from the boogey-boys.
@feld @alex how long until people on the internet realize that when you post something publicly it will be posted publicly

@sylveon @feld I don't know, but I'm pretty sure the right way to teach them is not by demonstration

@alex @feld well maybe you should teach your users to not post things publicly if they don't want it posted publicly
@alex @feld the problem with blocking on the fediverse is that it relies on the other server to follow the arbitrary rules made up by your server.

it also makes no sense even outside of a federated system, because if blocking someone hides your posts from them, they can just log out and see your posts again...

really, the mute function is the only one that really makes sense to have.
@sylveon @alex let's not dogpile on Alex now; I'm sure he knows most of these things and I think we've made our point as clear as it will ever be. He can administer his instance however he wants.

We just have to try harder on the education front for those users who we hold influence over.
@alex @feld Goona have to agree with alex here. Taking measures is a better lesson since it shows that we all have to work to ensure the trust and take action when the trust is broken. If not, nothing can ever be trusted even in the slightest.
@qrsbrwn @alex the whole point is that you can't trust anything in a federated system. you can only trust in a silo where you have 100% control over enforcement.

@qrsbrwn @feld this is a service that regular people use and it is perfectly reasonable to make small gestures towards expectations of normal behavior, I don't need PGP keyed interactions or whatever I just want to shame known bad actors from disrupting a loose social contract of shitposters and gardening dads

@feld @alex trust is always tentative and when broken that needs to be handled. Not being able to trust things has nothing to do with federation.
@alex
You did say *public* posts, right?

So sure, discourage people from grabbing that information from fairly reasonable method A, but any scraper that comes by can have at it? Are you blocking all traffic and selectively letting packets in by hand?

You did say *public* posts... On thy microblogging service.
@feld

@Kinetix @feld yes, exactly, I am a firm defender of fig leaf security

@Kinetix my question is—what does it mean to decline a follower request? if the answer is "if you even occasionally post publicly, literally nothing" then, well, ok. but many people, including me, post publicly sometimes and followers-only (or on my instance, local-only) other times. I think there's a reasonable expectation among users that denying a follow request means that the person you denied will not get your posts in their home timeline, regardless of the other methods they can get to you

@alex
I don't see how that's a reasonable expectation at all for public posts. The understanding on public posts has to be "visibility scope = everywhere", and I think it's foolish to expect otherwise - ie: a lack of understanding around that is what can get people hurt. One is publishing a thing on a website with no restrictions on it. That's all it comes down to.

Allowing a follower allows that follower to see one's posts with more limited visibility, that is all.

And as many others will point out, one should not expect security or privacy in the fediverse at all. That's not what it's designed for.

My biggest point of contention here is that I do not understand how anyone can expect anyone else to not consume public posts.

@Kinetix I did not ask what it mean to accept a follow request, but rather that it means to /deny/ one, and it seems like your answer is "nothing"

@alex
Not really. To deny one is to put in those stumbling blocks to try and prevent someone from putting limited scope posts of yours on to their timeline.

Totally meaningless for public posts, though.

@Kinetix okay. I do not believe your position on this is shared by the average user of mastodon dot com, the website for posting garbage

@Kinetix I will not be convinced by the argument that I should leave my users exposed to little violations because I'm leaving them exposed to bigger ones anyway. I do what I can. done with this thread, have a lovely week

@alex
Fair enough. I'm sorry you feel that someone grabbing a public post is somehow a violation, little or otherwise.
@alex
Perhaps fediverse users should be polled to gather the understanding levels of what public means, and then a public campaign can be launched to educate about what public means, along with how trivial it may be to violate perceived privacy in the fediverse.
@alex have you considered asking why it is possible for this to work, and demanding better of the people who make the underlying technology?
Sign in to participate in the conversation
dads.cool

dads.cool is a Mastodon instance for dads, running the Hometown fork of Mastodon.