this post was submitted on 31 Aug 2023
245 points (100.0% liked)
Fediverse
757 readers
7 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Technically. Yes.
But doing so is onerous enough that I can't see it as any sort of "threat".
And again... Defederating does absolutely zero to restrict Meta from being able to access your info. Defederating means you don't see Meta. It doesn't block Meta from seeing you.
You don't even need to dip your toes into ActivityPub to scrape most of the data. It's public -- aside (I think) from just user IP addresses on Mastodon. And in the case of Lemmy, I don't think there's anything you can't access from outside of ActivityPub.
Defederating actually does stop Meta from accessing data (at least through ActivityPub) if you enable AUTHORIZED_FETCH / similar. That setting requires remote instances to authenticate themselves, which prevents blocked instances from querying anything. IIRC, Lemmy either already supports or plans to support that same feature.
Meta could, of course, just use web scraping, but that can be prevented with DISALLOW_UNAUTHENTICATED_API_ACCESS. Although admittedly, I don't think Lemmy has this feature yet.
Even DISALLLOW_UNAUTHENTICATED_API_ACCESS can be easily bypassed by creating a client that logs into mastodon.social (for example), and just gobbles up the Federated feed.
It's what the FediBuzz relays are now doing in order to keep single-user instances viable and not funnel everyone to the same 3 instances.
Unfortunately, if Meta wants to be shitty, they'll be shitty. Even stuff like robots.txt & nofollow tags are just polite requests that can be ignored by shitheads.