https://ploum.net/2023-06-23-how-to-kill-decentralised-networks.html
Many of us do not trust Facebook and anything it is associated with or swallows up.
EDIT:
"Instagram head Adam Mosseri said "
““Soon, you’ll be able to follow and interact with people on other fediverse platforms, such as Mastodon. They can also find people on Threads using full usernames, such as @[email protected].””
“We’re committed to building support for ActivityPub, the protocol behind Mastodon, into this app. We weren’t able to finish it for launch given a number of complications that come along with a decentralized network, but it’s coming,” he said.
“If you’re wondering why this matters, here’s a reason: you may one day end up leaving Threads, or, hopefully not, end up de-platformed. If that ever happens, you should be able to take your audience with you to another server. Being open can enable that.”
No, this is talking about what you publish as a user, and choosing where it appears.
That’s not really how the protocol works though. You’re suggesting a major change to ActivityPub itself.
Edit: and it’s a change that isn’t even necessary. It’s the whole reason you can create your own instance.
It’s not a big change - it’s adding a field, a table, and a filtering line to the outgoing SQL select statement that chooses what a domain accesses when it requests the feed. Access level control has been a thing for content management systems for 20 years - this is not a big ask.
But to be honest, as you’re the third person to have this misconception, I’m getting to the point where I’m almost tempted to crack open the kbin code and see if I can do it myself.
Again, you’re talking about changing the ActivityPub protocol. Objects aren’t published the way you think they are. It’s more like batch processing. This simply can’t be done at scale without massive investment.
Edit: ActivityPub is closer to an RSS Feed than it is to sending out what you publish to each server. It makes it’s lsit available to others (who don’t have this filter you’re talking about) and they grab the whole thing. They don’t scan each item and grab it as they go. And again, that scanning is done by them, not the hosting server. The feed is open by default. There is no real authentication and identity at the level you’d require to transform this into an entirely different product (a CMS).
I’m going to have to dig into it more, as filtering content from an API feed based on the referring domain’s api credentials is something that’s commonplace in the private sector and on other open source projects - in fact, I’ve recently built some reports in Quicksight that do exactly that, and output results on a secure row level basis.
I think it appears more daunting than it is (context I’ve been a web dev, analyst, ecom manager for 20+ years), but I haven’t yet had time to dig into the code. As you’re now the fourth person to make this claim, I’m now inspired to actually go and dig into this and see if I can hack it on my own. If I manage to do it (or it results in total failure), I’ll update my opinions and these posts accordingly. Disclaimer - I am lazy and slow, so this may take a bit.
Yeah, you can filter your feed. No one is arguing that. But you can’t filter the feed to someone else. That’s not how it works. I also don’t understand why you have to keep throwing around your supposed credentials when you haven’t been able to understand a simple web api concept. If you want Threads not to see you, they need to defederate your server. You don’t honestly think this server is posting to information to every other server individually, do you? Those servers grab information and that information is the same for every server that grabs it. It does not publish individual feeds to individual servers. That’s ludicrous when you consider the minimum specs for a server.
Your credentials don’t mean much when you can’t provide any hint of skill to make it mean much.
FFS. Filter by domain referrer when the call is made to the API from the instance that wants to publish your work. It’s not that fucking hard. How do you think IP filtering works?
Sigh. You people are fucking exhausting. #5 of saying “you can’t do that” and giving nothing more than “server can’t handle it” as a reason, which is why I stated my credentials, because I’m sick of people talking out of their asses.
When the instance that wants to publish your work makes a call to the api, they have a domain referrer value. Being able to filter on that value is already in place through the process of defederation.
Filtering the output on that domain referrer value is neither some complex process, nor will it increase server load as you’re reducing the amount of content the API is producing.
How do you think IP filtering works? Every public facing web service does it. This is the exactly the same thing, except that rather than blocking the entire site, you’re blocking a small part of it. It’s even easier than blocking a specific page to an IP, because you only have to block a subset of data coming out of the feed on the api.