this post was submitted on 19 Dec 2023
840 points (82.9% liked)
Fediverse
28518 readers
401 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
And all of that can be circumvented by pulling the data via the RSS feeds or plain old scraping.
Authorized fetch and domain blocks may be effective to stop drive-by trolls, but do nothing to stop anyone with a minimal amount of resources and interest in scraping data from a social network.
The reality is simple: all information that you put on the web should be considered as publicly available. Those that want or need absolute privacy should not use information in the fediverse and resort only to provably secure communication protocols.
I don’t know of any major instances that have enabled any of those… And all getting around it would take is to create an account on the instance- which for instances without admin approval can be done fully programmatically anyway so it wouldn’t even require human intervention, just a few extra lines of code.
If your instance is federated it doesn't matter how "locked down" your instance is it's pushing data out of the walled garden lol
And that's ignoring the fact you can just create an account on the target instance then hit the instance's API