• @norb@infosec.pub
    link
    fedilink
    171 year ago

    “Insert_Bad_Actor” is so widely vague that it can apply anywhere to anyone (slippery slope, I know, but this entire discussion hinges on some application of the principle).

    Two months ago the rallying cry for federation/fediverse was “YOU CAN CONTROL IT” which very quickly has morphed into “YOU CAN CONTROL IT AS LONG AS YOU FIT IN THIS PARTICULAR BOX.” A lot of this feels like it’s coming from a place of fear, which is not a great place to make informed and logical decisions from.

    A lot of the discussion I’ve seen here and on Mastodon around Meta/Threads/federating with a corporate entity seems to be circling around three issues.

    1. Privacy. There is an assumption that as soon as Meta gets it’s fingers into the metaverse pie they’ll hoover up everything they can. My question to anyone that thinks this is, “How do you know they don’t do it already?” Meta can very easily have a server setup somewhere to pull in ActivityPub information. IT’S THE ENTIRE POINT OF FEDERATION. You can’t stop them, other than to block the instance. So unless someone figures out that Meta is running a particular instance and then announces it so that admins can block it, it’s reasonable to assume it’s already happening. This just means what you post already isn’t private, and never should be assumed to be.

    2. Ads. Somehow people think that Meta will abuse federation to sells ads to send out as posts. Which, if they do that, they will be quickly blocked and they’ve just ruined their new crop of eyeballs. On top of that, sending ads out into the void to end up next to god knows what content, on god knows what server, in front of god knows who, is not something that most ad buyers are going to spend money on. Any ad buyers want to know that they are getting value for their spend.

    3. EEE, or Embrace Extend Extinguish. This is to me the most valid argument for keeping them at arm’s length. The basic premise is that these huge corps can spend the money up front to build on top of an open standard, add improvements that will be limited to only their version, then once they have the market share/cornered pull the rug out by either defederating and hurting the whole thing, or by locking users in to their “better” service. This has happened a number of times in the past, and Facebook has been guilty of it themselves.

    Whatever happens with this in the future will be interesting to watch unfold, that’s for sure. But doing anything before the service even has the hooks to connect in and federate seem so premature to me.

    • @theDoctor
      link
      71 year ago

      You hit the nail on the head.

      I purposefully went vague because this won’t be the last. There will always be decisions that need to be made. There will always be a new company looking for a payday.

      And if we are going to say, don’t just ‘Defederate from Meta’, but also ‘Defederate with anyone who hasn’t defederated from Meta too!’ then we have one very steep and slippery slope indeed.

    • @thathoe@lemmy.blahaj.zone
      link
      fedilink
      61 year ago

      100% agreed on just about everything. I don’t think EEE is even a good argument (I’d love to entertain strong arguments otherwise!) - kerberos seems like the best related example, but that’s not even very applicable, and I don’t think XMPP even was subject to EEE (here’s a longer response on that: https://lemmy.blahaj.zone/comment/708874 )