Anything that touches the internet can be scraped. Mastodon DMs aren’t encrypted, and public posts are obviously public. There’s nothing stopping someone from using the API or any web crawler to harvest data on mastodon users anyway.
Not arguing for/against threads, tbh I don’t even use mastodon much because I don’t really like the idea of microblogging to begin with
corbin@infosec.pub 11 months ago
Public Mastodon posts are already indexed by search engines.
Retrograde@lemmy.world 11 months ago
Indexing by search engines and what Meta harvests are astronomically different - I fail to see your point.
corbin@infosec.pub 11 months ago
If I am on Mastodon, there is nothing that Threads can collect from me that they can not get already. My posts are public, Meta or anyone else doesn’t need permission to look at them.
The only risk is if I am sending direct messages to someone on Threads from Mastodon, then obviously Meta has a copy. ActivityPub is not E2E encrypted, you shouldn’t be using it for private communication at all, the threat model is the same between Threads and any other Mastodon server.
Retrograde@lemmy.world 11 months ago
Alright, fair enough, but why would you allow meta even an inch of space into a ‘free’ platform? Have you seen the numerous ( and to be fair, much better articulated) comments on here concerning “EEE”?
I’m thinking of it from a grand scale: You’re essentially saying “awe, c’mon, it’s probably okay if Zuck’s mega-corp puts it’s foot in the door of a burgeoning federated forum community; what could go wrong?”
Hey- let’s talk in five years and see what happens- yeah?