anything I write on the internet should be treated as my private information. If I want to keep any conversation private, I will still post it in a public website.
Comment on Authorized Fetch Circumvented by Alt-Right Developers
rglullis@communick.news 6 months ago
Repeat after me: anything I write on the internet should be treated as public information. If I want to keep any conversation private, I will not post it in a public website.
weeahnn@lemmy.world 6 months ago
PeriodicallyPedantic@lemmy.ca 6 months ago
Wow, why are you so triggered just because some people didn’t think you were funny?
weeahnn@lemmy.world 6 months ago
About as triggered as those who downvoted me.
PeriodicallyPedantic@lemmy.ca 6 months ago
No, you’re right. Everyone who downvoted probably also went on an angry tirade first, but they just didn’t type it out. Totally the same. 👍
otter@lemmy.ca 6 months ago
?
stoy@lemmy.zip 6 months ago
He thought he was funny, he repeated what the above poster said to repeat.
solrize@lemmy.world 6 months ago
I don’t think your comment was offensive per se. It was just ridiculously naive. If we are trying to build practical tools, they have to fit how things work in the real world, not how they work in anybody’s dreams. If you want to have private conversations on a public website, use encryption.
sj_zero 6 months ago
Seriously. Bobthenazi could just go to an aligned server and make an account Bobthenotzi and boom -- perfectly able to follow whoever he wants.
rglullis@communick.news 6 months ago
One more reason to argue that we should drop the idea of “aligned” servers and that we are moving to a future where it is better to charge (small) amounts from everyone instead of depending on (large)/donations from a few.
sj_zero 6 months ago
Ideally, a distributed fediverse wouldn't need much in terms of donations because it's a bunch of small instances instead of a few huge ones.
rglullis@communick.news 6 months ago
Not the point. The point that if instances that are open for everyone will be open for bad actors as well.
If the mere act of signing up to an instance requires a small payment, you are automatically preventing the absolute majority of spammers, “spray and pray” spammers and channer trolls.
spaduf@slrpnk.net 6 months ago
To add a bit of important nuance to this idea (particularly how this argument comes up with regards to threads). This does not apply to legal rights over your content. That is to say, of course you should treat any information you put out there as out of your control with regards to access but if somebody tries to claim legal rights over your content they are probably breaking the law.
rglullis@communick.news 6 months ago
Right. Publicly available does not mean in public domain. But the issue here is not of copyright, but merely of gated access.
spaduf@slrpnk.net 6 months ago
Totally. I’m just trying to bring it up whenever I see folks bringing it up because some people don’t seem to make the distinction. Worries me that some are so willing to cede that big social will illegally hoover up our data and there’s nothing we can do about it.
heavy@sh.itjust.works 6 months ago
I agree with you, however there are issues with not just privacy but also authenticity. I should be able to post as me, even in public, and have a way to prove it. Nobody else should be posting information as me, if that makes sense.
rglullis@communick.news 6 months ago
For that, we should start bringing our own private keys to the server, instead of trusting the server to control everything.
And if we start doing that, pretty soon we will end up asking ourselves why do we need the server in the first place, and we will evolve to something like what nostr is doing.
I’m all for it.
ttmrichter@lemmy.world 6 months ago
Giving places for cryptobros to wank without being pointed at and laughed at by their betters?
rglullis@communick.news 6 months ago
No. You are thinking of Discord.
0x1C3B00DA@kbin.social 6 months ago
Sure, but that's already solved on the fediverse by using HTTP Signatures and isn't related to Authorized Fetch.
heavy@sh.itjust.works 6 months ago
I meant to say generally, for folks that might read this comment and think problems surrounding the platform and security are solved.
ttmrichter@lemmy.world 6 months ago
Clear sign every post using a third-party application. Make your public keys known far and wide. Authenticity solved.
Natanael@slrpnk.net 6 months ago
And now we’re dealing with key management instead
ttmrichter@lemmy.world 6 months ago
You always need key management if you have decentralized authentication.
ttmrichter@lemmy.world 6 months ago
You always need key management if you have decentralized authentication.