i somewhat am curious what the "SJW features" crowd would make of my position that it is better to degrade compatibility with Mastodon for the sake of security than have broken security indefinitely...
Follow

@karen @kaniini That is one thing I really like about Pleroma. I've had threads broken on my server with remote deletes, but I can still find the entire thing out on other Pleroma instances.

@djsumdog @karen

you can find them on Mastodon instances too, in many cases. Deletes are really broken in ActivityPub.

Mastodon attempts to fix Deletes with LDSigs, but... that introduces problems of it's own because now there's a signed Delete message confirming that the thing you want to delete existed at one time.

Deletes could be fixed in all cases if we had authenticated fetches (because the origin would know *who* has the object!), and if Mastodon did not forward signed objects around the network.

@kaniini @karen I really need to start going through the protocol stuff. The patches I've submitted to Mastodon have all just been UI so far, although I've got one side-project that will throw me deep in that direction. I'm a bit stalled on motivation for it, but I should make an effort this week.

@kaniini @karen Nah, the other side project doesn't deal with Mastodon; but ActivityPub itself.

The Mastodon code base doesn't seem /that/ bad .. it's got a ton of test coverage, which is really what I care about.

@kaniini @djsumdog @karen why don't add and option to disable federated deletes for people who doesn't want broken threads?
@dirb @djsumdog @karen

in theory, i have no opposition to that, under a scenario where we have actual controls over where posts are flowing, e.g. proper OCAP model for forwarding posts, proper authentication to fetch posts, proper addressing of posts instead of broken Mastodon scopes, because then the people who care about their deletes working can control where their posts are flowing, as they can literally do on any other modern federated network (diaspora, hubzilla/osada zot, etc.).
@dirb @djsumdog @karen

*however*, I don't think that's the correct approach to take.

99% of broken thread issues are caused by delete and redraft or the broken mastodon followers only scope (which should send to *mutuals of the OP* instead of all friends).

replacing delete and redraft with properly versioned posts, and replacing the broken followers only scope with diaspora-style aspects will most likely resolve the broken threads issue in the majority of cases.
@kaniini @djsumdog @karen I meant that it could be interesting to have more AP features as optional, like blocks. for example, if someone doesn't want "internet points" they could disable favorites and repeats
@dirb @kaniini @djsumdog you can already disable out of spec stuff but i dunno if disabling stuff that is in the spec is a great idea
@karen @dirb @djsumdog

technically speaking, Pleroma FE already lets you disable likes/repeat counters and notifications.

overall, the problem is that half of mastodon S2S is out of spec, and badly designed.

for example, Mastodon has federated abuse reports, but just picks a random actor on the instance to send them.

it'd be nice to support federated abuse reports that are compatible with mastodon, so that you can send and receive reports about things like spam, but having a real point of contact is also useful for asking follow questions and so on...
Sign in to participate in the conversation
Mastodon

Hitchhiker.social is a Mastodon instance created by Sumit Khanna, a technologist and blogger out of Chicago. This is an experimental instance that's currently invite only.