Why aren't private communities on PieFed federated?
PieFed Meta
9
Posts
7
Posters
24
Views
-
Is that different for Lemmy? If so, why is PieFed's approach to private communities different from Lemmy's?
-
Is that different for Lemmy? If so, why is PieFed's approach to private communities different from Lemmy's?
Because once it leaves the server there is no guarantee that the remote server understands or even respects the notion that it should be private.
Lemmy doesn't have private communities yet afaik.
-
Is that different for Lemmy? If so, why is PieFed's approach to private communities different from Lemmy's?
At a guess, private piefed communities don't federate because once content federates, you can't control who can see it. All you can do is hope that the remote instance will follow the privacy settings, but you can't enforce them.
Private lemmy communities don't federate because they don't exist.
-
Because once it leaves the server there is no guarantee that the remote server understands or even respects the notion that it should be private.
Lemmy doesn't have private communities yet afaik.
@povoq@slrpnk.net okay, yes. This is true, once it leaves the local server there are no guarantees.
However I'd have to ask whether there is an acceptable tradeoff in risk of content exposure.
After all, even in local private groups, things could get leaked via copy-paste, screenshots, etc. The weakest link is the social element.
-
Is that different for Lemmy? If so, why is PieFed's approach to private communities different from Lemmy's?
Real answer: private communities were released LAST MONTH and so far only for PieFed.
Federating would mean a new protocol for potentially both Lemmy and PieFed to agree on. Rules need to be agreed on over how data is handled. New UI/UX. Mod tools to allow communities to block instances that may leak private information. Encryption? Etcetera, etcetera, etcetera.
Give it time.
-
Real answer: private communities were released LAST MONTH and so far only for PieFed.
Federating would mean a new protocol for potentially both Lemmy and PieFed to agree on. Rules need to be agreed on over how data is handled. New UI/UX. Mod tools to allow communities to block instances that may leak private information. Encryption? Etcetera, etcetera, etcetera.
Give it time.
Oh, didn't know that. Okie
-
It's acceptable for some communities, not for others...
To be fair I also don't like the fact that "private" usually means that the server admins can still read what's inside. I get it for images but for text...
MLS on activitypub is very much needed
The weakest link is the social element.
From one sysadmin to watch, now there would be at least 2. It's better to not give a false sense of security, so I understand why one would not federate them at all.
Maybe "gated" communities would be better rather than private in the case you refer to
-
It's not a risk of content exposure. By definition, risk is something that may or may not happen. Federating private content is guaranteed content exposure.
There are websites that make it easy for anyone to see exactly who voted on a post. In a similar way, making a site that ignores or highlights private content is an inevitably. Not to mention federated software that doesn't even know what private content is and will publish it with no malicious intent.
It's very easy to federate and create your own federated database without the intent of actually using it for piefed/lemmy/etc... It's one of the biggest downsides to the fediverse: privacy is impossible. Absolutely nothing is stopping Facebook, Google, or anyone else from setting up an instance and gaining direct access to all federated data.
-
It's not a risk of content exposure. By definition, risk is something that may or may not happen. Federating private content is guaranteed content exposure.
There are websites that make it easy for anyone to see exactly who voted on a post. In a similar way, making a site that ignores or highlights private content is an inevitably. Not to mention federated software that doesn't even know what private content is and will publish it with no malicious intent.
It's very easy to federate and create your own federated database without the intent of actually using it for piefed/lemmy/etc... It's one of the biggest downsides to the fediverse: privacy is impossible. Absolutely nothing is stopping Facebook, Google, or anyone else from setting up an instance and gaining direct access to all federated data.
Yes I think you're right about that. The nomenclature is important to get right because once federation is added to the equation privacy (without some form of E2EE) cannot be guaranteed.
So perhaps calling it something like a gated community (like @ex_06@slrpnk.net said) would help, although that term has some other associations with it too đ
Gli ultimi otto messaggi ricevuti dalla Federazione
-
A few months ago I threw this question out into the void - "what if you could access the fediverse through your Usenet reader??" and got almost no response. Still, the idea had lodged in my brain and wouldn't go away so this weekend I caved in and built the thing. Hat tip to the author of the excellent nntpserver package that did all the hard stuff.
I look forward to seeing someone's screenshots of fediverse posts on a Commodore 64, some day.
This will be released as a part of PieFed 1.7, coming soon.
-
Yes I think you're right about that. The nomenclature is important to get right because once federation is added to the equation privacy (without some form of E2EE) cannot be guaranteed.
So perhaps calling it something like a gated community (like @ex_06@slrpnk.net said) would help, although that term has some other associations with it too đ
-
It's not a risk of content exposure. By definition, risk is something that may or may not happen. Federating private content is guaranteed content exposure.
There are websites that make it easy for anyone to see exactly who voted on a post. In a similar way, making a site that ignores or highlights private content is an inevitably. Not to mention federated software that doesn't even know what private content is and will publish it with no malicious intent.
It's very easy to federate and create your own federated database without the intent of actually using it for piefed/lemmy/etc... It's one of the biggest downsides to the fediverse: privacy is impossible. Absolutely nothing is stopping Facebook, Google, or anyone else from setting up an instance and gaining direct access to all federated data.
-
It's acceptable for some communities, not for others...
To be fair I also don't like the fact that "private" usually means that the server admins can still read what's inside. I get it for images but for text...
MLS on activitypub is very much needed
The weakest link is the social element.
From one sysadmin to watch, now there would be at least 2. It's better to not give a false sense of security, so I understand why one would not federate them at all.
Maybe "gated" communities would be better rather than private in the case you refer to
-
https://discuss.tchncs.de/u/devtoolkit_api https://lemmy.world/u/albert_inkman https://feddit.org/u/arnoldnakamura ~~https://lemmy.world/u/james_bond1 ~~ https://lemmy.world/u/epstein_bot https://lemmy.world/u/humanobserver https://lemmy.world/u/cyberb https://thelemmy.club/u/insightseeker
-
Deploy PieFed on Elest.io and get a working dedicated instance in less than 3 minutes. You can Relax knowing that we are taking care for you of install, configuration, encryption, backups, software updates, os upgrades, live monitoring, alerts, live migrations without downtime ... and more!
-
Oh, didn't know that. Okie
-
Real answer: private communities were released LAST MONTH and so far only for PieFed.
Federating would mean a new protocol for potentially both Lemmy and PieFed to agree on. Rules need to be agreed on over how data is handled. New UI/UX. Mod tools to allow communities to block instances that may leak private information. Encryption? Etcetera, etcetera, etcetera.
Give it time.
