The fediverse has a bullying problem
-
“Doesn’t scale because the containers are set up wrong” is different from “unmaintainable code” though. What of the code was bad? I’ve looked at a bunch of fedi projects and Pixelfed didn’t strike me as either particularly good or particularly bad.
As for the last, I don’t have any examples
?
I mean, that is sort of what I expected. Mastodon doesn’t publicize Wordpress. Lemmy doesn’t publicize mbin. They all, mostly, mention a little bit of the context that they can interoperate with other federated services, but it doesn’t strike me as weird or malicious that someone would write a project and then promote that project. That sounds normal.
Actually, both Mastodon and Lemmy chose to implement sort of their own versions of ActivityPub, and that actually does strike me as selfish behavior. It means that mostly they are their own independent platforms that run “on top of” ActivityPub instead of enabling full interoperation with the other stuff. Doing it that way was hard to avoid, because the design of ActivityPub to me isn’t great, but this situation is actually a perfect example of that: Mastodon implemented a new feature in a way that would break (in a really jarring privacy-violating-to-some-extent way) until everyone else copied their implementation exactly. I’m not aware of Pixelfed doing anything like that. Mastodon and Lemmy can both get away with presenting themselves as “the fediverse” and forcing everyone else into copying one implementation or the other if they want things to actually work, and they both show very little interest in making it easy. If you want to pick out sins of various fedi projects to start to point out that are disrespecting the other projects in the space, something like that is where I would start.
Mastodon implemented a new feature in a way that would break (in a really jarring privacy-violating-to-some-extent way) until everyone else copied their implementation exactly.
You ever notice how Gargron refers to the fediverse as "the Mastodon network?"
He's been doing things this way since 2017 at least. At this point, any longtime observer really has no other choice but to consider the behavior deliberate.
-
I don't think dansup was in the wrong here. Yes, it's a security issue I suppose, but the problem lies within the underlying protocol. Any server you interact with can ignore any privacy markers you add to posts, you're just not supposed to do that.
Whether this is a 0day depends on what you expect out of the Fediverse. If you treat it like a medium where every user or server has the potential to be hostile, like you probably should, this is a mere validation logic bug. If you treat it like the social media many of its servers are trying to be, it's a gross violation of your basic privacy expectations.
the problem lies within the underlying protocol.
The problem lies with Gargron doing what Gargron does, implementing whatever the f he wants for "the Mastodon network" and not giving a crap how it affects the health of the overall fediverse.
Hell, this isn't even the first time there's been drama over Mastodon's advisory post scopes, not by a long shot. I kinda wish I'd saved receipts from the last couple times, some highly experienced devs have chimed in in the past.
-
So check it out: Mastodon decided to implement follower-only posts for their users. All good. They did it in a way where they were still broadcasting those posts (described as "private") in a format that other servers could easily wind up erroneously showing them to random people. That's not ideal.
Probably the clearest explanation of the root of the problem is this:
Something you may not know about Mastodon's privacy settings is that they are recommendations, not demands. This means that it is up to each individual server whether or not it chooses to enforce them. For example, you may mark your post with unlisted, which indicates that servers shouldn't display the post on their global timelines, but servers which don't implement the unlisted privacy setting still can (and do).
Servers don't necessarily disregard Mastodon's privacy settings for malicious reasons. Mastodon's privacy settings aren't a part of the original OStatus protocol, and servers which don't run a recent version of the Mastodon software simply aren't configured to recognize them. This means that unlisted, private, or even direct posts may end up in places you didn't expect on one of these servers—like in the public timeline, or a user's reblogs.
That is super relevant for "private" posts by Mastodon. They fall into the same category as how you've been voting on Lemmy posts and comments: This stuff seems private, because it's being hidden in your UI, but it's actually being broadcasted out to random untrusted servers behind the scenes, and some server software is going to expose it. It's simply going to happen. You need to be aware of that. Even if it's not shown in your UI, it is available.
Anyway, Pixelfed had a bug in its handling of those types of posts, which meant that in some circumstances it would show them to everyone. Somebody wrote on his blog about how his partner has been posting sensitive information as "private," and Pixelfed was exposing it, and how it's a massive problem. For some reason, Dansup (Pixelfed author) taking it seriously and fixing the problem and pushing out a new version within a few days only made this person more upset, because in his (IMO incorrect) opinion, the way Dansup had done it was wrong.
I think the blog-writer is just mistaken about some of the technical issues involved. It sounds like he's planning on telling his partner that it's still okay to be posting her private stuff on Mastodon, marked "private," now that Pixelfed and only Pixelfed has fixed the issue. I think that's a huge mistake for reasons that should be obvious. It sounds like he's very upset that Dansup made it explicit that he was fixing this issue, thinking that even exposing it in commit comments (which as we know get way more readership than blog posts) would mean people knew about it, and the less people that knew about it, the safer his partner's information would be since she is continuing to do this apparently. You will not be surprised to discover that I think that type of thinking is also a mistake.
That's not even what I want to talk about, though. I have done security-related work professionally before, so maybe I look at this stuff from a different perspective than this guy does. What I want to talk about is this type of comments on Lemmy, when this situation got posted here under the title "Pixelfed leaks private posts from other Fediverse instances":
Non-malicious servers aren’t supposed to do what Pixelfed did.
Pixelfed got caught with its pants down
rtfm and do NOT give a rest to bad behaving software
dansup remains either incompetent for implementing badly something easy or toxic for federating ignoring what the federation requires
i completely blame pixelfed here: it breaks trust in transit and that’s unacceptable because it makes the system untrustworthy
periodic reminder to not touch dansup software and to move away from pixelfed and loops
dansup is not competent and quite problematic and it’s not even over
developers with less funding (even 0) contributed way more to fedi, they’re just less vocal
dansup is all bark no bite, stop falling for it
dansup showed quite some incompetence in handling security, delivering features, communicating clearly and honestly and treating properly third party devs
I sort of started out in the ensuing conversation just explaining the issues involved, because they are subtle, but there are people who are still sending me messages a day later insisting that Dansup is a big piece of shit and he broke the internet on purpose. They're also consistently upset, among other reasons, that he's getting paid because people like the stuff he made and gave away, and chose to back his Kickstarter. Very upset. I keep hearing about it.
This is not the first time, or even the first time with Dansup. From time to time, I see this with some kind of person on the Fediverse who's doing something. Usually someone who's giving away their time to do something for everyone else. Then there's some giant outcry that they are "problematic" or awful on purpose in some way. With Dansup at least, every time I've looked at it, it's mostly been trumped-up nonsense. The worst it ever is, in actuality, is "he got mad and posted an angry status HOW DARE HE." Usually it is based more or less on nothing.
When I see this, the pattern is almost always the same. People take some high-profile person, and some kind of grain-of-truth accusation that they did something bad, that really boils down to "they had a bad day one day" or something, if that, and they run with it all the way through the end zone and halfway to the next town over.
Dansup isn't just a person making free software, who sometimes posts angry unreasonable statuses or gets embroiled in drama for some reason because he is human and has human emotions. He's the worst. He is toxic and unhinged. He is keeping his Loops code secret and breaking his promises. He makes money. He broke privacy for everyone (no don't tell me any details about the protocol or why he didn't he broke it for everyone) (and don't tell me he fixed it in a few days and pushed out a new version that just makes it worse because he put it in the notes and it'll be hard for people to upgrade anyway so it doesn't count)
And so on.
Some particular moderator isn't just a person who sometimes makes poor moderation decisions and then doubles down on them. No, he is:
a racist and a zionist and will do whatever he can to delete pro-Palestinian posts, or posts that criticize Israel.
a vile, racist, zionist piece of shit, and anyone who defends or supports him is sitting at the table with him and accepts those labels for themselves.
And so on. The exact same pattern happened with a different lemmy.world mod who was extensively harassed for months for various made-up bullshit, all the way up until the time where he (related or not) decided to stop modding altogether.
It's weird. Why are people so vindictive and personal, and why do they double down so enthusiastically about taking it to this personal place where this person involved is being bad on purpose and needs to be attacked for being horrible, instead of just being a normal person with a variety of normal human failings as we all have? Why are people so un-amenable to someone trying to say "actually it's not that simple", to the point that a day later my inbox is still getting peppered with insistences that Dansup is the worst on this private-posts issue, and I'm completely wrong and incompetent for thinking otherwise and all the references I've been digging up and sending to try to illustrate the point are just more proof that I'm horrible?
Guys: Chill out.
I would just recommend, if you are one of these people that likes to double down on all this stuff and get all amped-up about how some particular fediverse person is "problematic" or "toxic" or various other vague insinuations, or you feel the need to bring up all kinds of past drama any time anything at all happens with the person, that you not.
I am probably guilty of this sometimes. I definitely like to give people hell sometimes, if in my opinion they are doing something that's causing a problem. But the extent to which the fediverse seems to like to do this stuff just seems really extreme to me, and a lot of times what it's based on is just weird petty bullying nonsense.
Just take it it with a grain of salt, too, if you see it, is also what I'm saying. Whether it comes from me or whoever. A lot of times, the issue doesn't look like such a huge deal once you strip away the histrionics and the assumption that everyone's being malicious on purpose. Doubly so if the emotion and the innuendo is running way ahead of what the actual facts are.
Who would've thunk that misusing the same type for both public and private posts (with a sprinkle of weird mention rules to determine the visibility) could backfire?
Well, definitely not Mastodon devs. Lemmy's current approach of using an entirely different type is much better.
If you're interested in some details, I recently wrote a comment about it: https://lemmyverse.link/lemmings.world/comment/14476151
-
When I first started the reading I figured the person being bullied was the woman who was upset with dan because her concern about disclosure wasn’t really reasonable. I don’t think the bullying problem is innate to the fediverse, and thankfully we have a lot of tools to safely navigate the fediverse and tune out the abuse.
But there is a not insignificant portion of folks on here that are here because they were banned or warned on mainstream platforms because they couldn’t regulate themselves and still aren’t regulating themselves.
The vast majority of people I’ve came across are genuinely kind. Dansup doesn’t exactly follow best practices in his development which I think causes a lot of strife in the segment of the fedi population who can’t regulate when someone does something they don’t agree with.
I don’t agree with how he has handled loops so I just don’t use it. I don’t think ill of Dan at all.
I don't exactly think ill of him, but I'll stay away from any platform he creates. He shared one snippet of code where he disabled validating certificate validity and certificate names. When called out on it, he decided to delete the post.
Security and standards don't seem like the first things on his mind.
-
But there is a not insignificant portion of folks on here that are here because they were banned or warned on mainstream platforms because they couldn’t regulate themselves and still aren’t regulating themselves.
What?
Plenty of people on mainstream platforms are obnoxious. Twitter and Reddit in particular are hives of villainy that make anything available on Fedi platforms look childish. Why do you think people are here because they were ejected from mainstream platforms?
Dansup doesn’t exactly follow best practices in his development which I think causes a lot of strife
What?
Can you elaborate?
I did elaborate a bit in a sibling comment.
-
But there is a not insignificant portion of folks on here that are here because they were banned or warned on mainstream platforms because they couldn’t regulate themselves and still aren’t regulating themselves.
What?
Plenty of people on mainstream platforms are obnoxious. Twitter and Reddit in particular are hives of villainy that make anything available on Fedi platforms look childish. Why do you think people are here because they were ejected from mainstream platforms?
Dansup doesn’t exactly follow best practices in his development which I think causes a lot of strife
What?
Can you elaborate?
No disagreement that there are many more insufferable people on Reddit and twitter. But whenever meta discussion comes up about leaving those sites such as [email protected] there is always a small handful of people that mention they were banned for “disagreements”. Not to mention the meta drama between .ml users and .world users.
With regards to Dansup, the most common complaints I see are developing Loops closed source and not opening it to federation and still not open sourcing it after 6 months. And with Pixelfed being developed with laravel instead of a stack that is more scalable.
-
They refused to operate ON a country with a hostile anti encryption law as a threat.
Signal could have mocked the France government for being authoritarian fascist censorious anti-mathematics pieces of turd, but leave USERS stuck in France with the danger of the government’s bs law.
A metaphor for ease of comprehension: Signal threatens a farmer for hunting chicken down, by ceasing all freeing-chicken-from-the-farm operations.
Not killing the farmer, but leaving the chicken without the tools to liberate themselves.Yes, I read Animal Farm.
You know they can't legally operate there if they don't follow the law, right?
Pulling out is the only form of protest they have as a company. The rest is up to its users.
Anyway, if it happened, you could still use Signal anyway, perhaps with the help of a relay like other countries who prefer spying over privacy.
-
Who would've thunk that misusing the same type for both public and private posts (with a sprinkle of weird mention rules to determine the visibility) could backfire?
Well, definitely not Mastodon devs. Lemmy's current approach of using an entirely different type is much better.
If you're interested in some details, I recently wrote a comment about it: https://lemmyverse.link/lemmings.world/comment/14476151
Yeah, the whole thing of "if #public is in
toand the user is incc, it means one thing, but if it's the other way around, it means something different" just reeks of "IDK I just wanted to hack it up and move on and IDGAF how platforms other than Mastodon are going to wind up handling it." Which is fine... as long as your users universally understand that that's your level of care towards honoring non-public visibility settings they're setting on their posts. -
I'm gonna go out on a limb here and say you're both wrong. Here me out.
As other commenters have said, there should never be any expectation of privacy on the fediverse. DMs here and private items are not actually private, they're quite literally blasted out to anyone who listens. I feel like I have to say that a lot. I actually like how Lemmy handles it, it warns you that it's unencrypted and that it recommends Matrix (and you can put your matrix handle on your profile).
However. I'm also disillusioned by Dansup. He made a great project with Pixelfed. It got off the ground and has a great following. However, I've read through the code, I've tried to spin it up, hell even tried to help contribute - but it's a spaghetti'd mess of unmaintainable code. What irks me is rather than dive in and fix the code, help those who honestly want to spin up his projects, he starts a completely separate project (off the same spaghetti'd base that barely scales), and goes on a whole PR junket talking about it. Then when I see people asking questions of his code or how to do things he usually jumps down their throats - or completely ignores them.
And honestly the biggest thing that irked me was that I didn't feel he gave credit to the hundreds - thousands of other people who work to make the fediverse work. Pixelfed is a great experience - but it's one of many all working together, and the developers are a huge chunk, but you have the infrastructure, us admins hosting, those out there vocalizing it, those trying to start communities, it's an ecosystem, and I just felt like he ignored the fediverse and instead pushed Pixelfed.
I actually like how Lemmy handles it, it warns you that it's unencrypted and that it recommends Matrix
It also uses an entirely separate AP type that's not used for anything else (ChatMessage) unlike Mastodon which uses Note, which is also used for: Mastodon posts and comments, Lemmy comments, most likely others.
ChatMessage type also has strict requirements about recipients, the chances to leak them are slimmer. Additionally, if the target app does not support the type, it's very unlikely it will handle it at all, but Note will most likely be handled in some way.
In conclusion, Lemmy PMs are very hard to leak accidentally (still very easy to leak intentionally).
Sadly, Lemmy will be moving to Mastodon-style PMs.
-
You know they can't legally operate there if they don't follow the law, right?
Pulling out is the only form of protest they have as a company. The rest is up to its users.
Anyway, if it happened, you could still use Signal anyway, perhaps with the help of a relay like other countries who prefer spying over privacy.
Privacy and encryption are inalienable human rights, even in authoritarian hells like North Korea.
There's is no reason to comply with bs laws.If you don't see mocking a fascist government as a form of protest, I'm not so sure how I can help you see the harm in leaving.
That last paragraph is the problem, they know they are a line of defense for many vulnerable people in France. So leaving them to their own devices is a form of complicit acceptance.
-
A great example is his handling of Laravel, scaling, and Docker. It's pretty clear that he doesn't have a huge understanding of Docker - or at least hasn't managed docker images at scale. A huge thing there that I ran into constantly is that the Pixelfed containers both are 1) Stateful and worse than that 2) depend on each other's volumes. This means that the Pixelfed containers must share the same host as it's workers. He put a lot of time and effort into building scripts that would simplify the setup for a docker compose file, but never thought horizontally - scaling these containers out on a cluster or separating workers off away from the web-api nodes at all.
I spent 3 weeks trying to de-tangle that all and got nowhere. I've been watching the guys over at glitch-fed ( a fork of pixelfed ), and from what I see they're trying to do the same thing. I wish them godspeed. Until then, I can't recommend Pixelfed as it just can't horizontally scale. Sure you can throw a more expensive machine at the problem, but that's not a fix.
As for the last, I don't have any examples - and I think that's because no one else has gone on a press junket like he has. The owners of Mastodon started a foundation a while back, I think that's the most official news I've heard out of them. I think that's what bothered me - for the vast majority of people that was their first chance to hear about the open web. Instead of saying "We have a thing called the fediverse. I'll spare you the details but you can choose Pixelfed, Mastodon, even Wordpress or many others, and they all work together". Instead all I heard anywhere was Pixelfed. Feel free to call BS there, maybe he did somewhere and I just missed it.
Using Laravel as a framework should be the first red flag, I yet have to meet a Laravel dev who understands architecture (and I interviewed quite a bit of them). That framework is several anti-patterns bundled into a nice package.
-
Everyone I ever talked to told me "well yes we have to implement our own version of ActivityPub because AP is under-defined". In most cases it is defined what AP does, but not how. Therefore individual programers go in and figure out on their own how a certain thing they are building for their platform should be structured in AP.
Now, every project could simply go "I will copy the way Pixelfed implements it". But why should PF have that priviledge?
I shared a bit about exactly this here: https://lemmyverse.link/lemmings.world/comment/14476151
-
Yeah, the whole thing of "if #public is in
toand the user is incc, it means one thing, but if it's the other way around, it means something different" just reeks of "IDK I just wanted to hack it up and move on and IDGAF how platforms other than Mastodon are going to wind up handling it." Which is fine... as long as your users universally understand that that's your level of care towards honoring non-public visibility settings they're setting on their posts.Yep. Sadly, Lemmy will move on to implement this exact horrible mess in future versions.
The current ChatMessage approach is much better than crazy shenanigans with to/cc/mentions.
-
Privacy and encryption are inalienable human rights, even in authoritarian hells like North Korea.
There's is no reason to comply with bs laws.If you don't see mocking a fascist government as a form of protest, I'm not so sure how I can help you see the harm in leaving.
That last paragraph is the problem, they know they are a line of defense for many vulnerable people in France. So leaving them to their own devices is a form of complicit acceptance.
There is a reason: you will be sued out of existence. And the bit about North Korea made me laugh, so thanks.
-
There is a reason: you will be sued out of existence. And the bit about North Korea made me laugh, so thanks.
You get sued no matter what authoritarian country your tools get used in, it doesn't mean Signal Technology Foundation han to comply with French law, as they are not beholden by their jurisdiction.
That is why I used North Korea as an e.g. Kim Jong Un can't sue the world. -
You get sued no matter what authoritarian country your tools get used in, it doesn't mean Signal Technology Foundation han to comply with French law, as they are not beholden by their jurisdiction.
That is why I used North Korea as an e.g. Kim Jong Un can't sue the world.But if you officially operate somewhere, they can sue you, I thought that was common knowledge?
Anyway, not complying with local laws and operating in the country can get you in some serious trouble. And the trouble will escalate until you comply or pull out of the country.
Kim Jong Un can sue anyone. Like, they can sue Signal if they want. Sure, they have no way to enforce it, but they can sue (and win the case). It's not like this would be a first, that happened quite a few times. Especially in dictatorship.
-
Using Laravel as a framework should be the first red flag, I yet have to meet a Laravel dev who understands architecture (and I interviewed quite a bit of them). That framework is several anti-patterns bundled into a nice package.
I mean, I completely agree but last time I said that people flamed me over it. If it was still 2013 then I'd look more into it, but today it's such a monolithic architecture
-
Well, where are you all when the Fedi cheerleading squad keeps posting about how bad it is that this or that competitor stores this or that information and how secure and private and great it is in Fedi servers because they don't store anything?
Because I've spent years chiming in to explain these things in those and it normally just gets people angry and complaining that you're shilling for corporate social media or whatever. The image being projected, both accidentally and on purpose is that no centralized data collection means your data on Fedi is private when it is extremely not.
-
They're nasty pieces of shit when they don't have to look at the person they're hurting or putting in danger, but that only supports my theory. There's an empathy disconnect that's created when there isn't a human face or voice immediately in front of them. Once they aren't in danger of an in-person interaction all the venom comes out. Online, that's basically all of our interactions.
I should point out the phenomenon where a minority in a community will magically become "one of the good ones" so that the bigots can continue hating minorities while empathizing with their neighbor. This is also becoming less common as we grow more isolated from each other and everyone moves online, destroying the potential for that face-to-face interaction.
I do concede that there has been a trend towards xenophobia that has been exacerbated by filter bubbles and even more by algorithms. But the balance is that people who once had no choice but to suffer ostracism and extreme isolation have been able find community online and have improved mental health and outcomes in many ways.
I certainly found this myself in the early days of the internet before the iron fist of corporatism grabbed this fledgling space, determined to extract value from it, and creating the nightmares of isolation and hate that are now Farcebork and its ilk. Fedi has been a welcome return to smaller communities that have to do the necessary work of self management, which reduces the hate and isolation that is promoted by antisocial media, even if it doesn't stop it altogether.
My point is, the internet isn't worse. Humans can be good or bad, but certain environments make them behave in worse ways, and these environments can exist both online and off.
-
But if you officially operate somewhere, they can sue you, I thought that was common knowledge?
Anyway, not complying with local laws and operating in the country can get you in some serious trouble. And the trouble will escalate until you comply or pull out of the country.
Kim Jong Un can sue anyone. Like, they can sue Signal if they want. Sure, they have no way to enforce it, but they can sue (and win the case). It's not like this would be a first, that happened quite a few times. Especially in dictatorship.
How can non-enforceable laws be laws?
Your majesty, the peasants are rebelling, they have overtaken the army, what do we do?
