Why am I here and not on #Bluesky or #Threads? Because here I am on my own instance, hosted in the EU, and not on a centralised service from the US (which both Bluesky and Threads are) where soon a Trump government is installed that can easily force both Bluesky and Threads to hand over full access to all my data (I am quite sure Musk is already offering the X/Twitter social graph to Trump). That's my personal risk calculation. Yours might be very different. And that's perfectly fine! 1/3
And yes, I still treat every single post and message here as ultimately being stored and analysed by adversaries because for me the Pub in ActivityPub means public. My private communication happens via Signal or old fashioned pen and paper. Or, even more often, by direct communication over a coffee, beer or a walk outside :) 2/3
Another reason for staying here is metadata. Trust me, not many organisations out there really care about the content of your posts. They focus far more on the connections and frequency of data on likes, boost, follow/unfollow etc. In a centralised service that metadata is, uhm, centralised too and easy to access. In a federated network that isn't that easy, especially when, like me, you live on your own instance and not a big one like mastodon.social. Decentralisation makes abuse expensive. 3/3
Wait, this argument does not hold.
Like you said, the data is already public on ActivityPub. Whatever adversaries interested in building the social graph or analyzing metadata can do so, regardless of your instance location or who is in power.
@raphael They’d have to check/scrape *all* ActivityPub instances all the time to get a complete social graph of the Fediverse. While at a centralised service that social graph is part of the architecture. That’s a huge difference.
Oh, please... I was toying with the idea of making a search engine for the Fediverse last year. It took me less than a week to scrape and index 8 million ActivityPub accounts last year, with all of the users posts, including those that had enabled authorized fetch.
From my home computer.
On a shitty 50MB DSL connection from O2.
Capital-P "privacy" is absolutely incompatible with publishing networks. Telling people that Mastodon is any better in this regard is at best wishful thinking and at worst irresponsible.
We *might* make it work with AP if we have better C2S implementations where end users control the keys and allow for E2EE, but if your threat model involves 3LAs and corporations building your profile, the best solution is to avoid any social network and stick with Signal/Matrix/XMPP.
@raphael I specifically pointed at that in the second toot on my thread: „I still treat every single post and message here as ultimately being stored and analysed by adversaries because for me the Pub in ActivityPub means public.“
Okay, cool. My objection though is to the first post. It doesn't matter whether we are here, Threads, Bluesky or Twitter. When it comes to social media, the only winning move for those concerned about state actors and large corporations is not to play.