I'm excited to show off #Atlas - a social mapping server for the #Fediverse.
General Discussion
50
Posts
16
Posters
0
Views
-
@ben Yeah, I really wanted to post comments on some billboards I saw on the freeway. Augmented Reality is beyond my current skillset -- and to make it work, we'd probably need to build out an AR ecosystem on the Fediverse, too.
Hopefully tagging addresses/locations is enough of a step forward that we can find some good uses for this.
@benpate I think the federation is the hard part. I think writing the actual AR application is probably pretty straightforward, at least for developers who are already familiar with their AR platform. (I don't know visionOS or whatever Meta uses, but I know iOS and I doubt it's that much different.)
-
Sure, doing taxiteam for the german yellow cabs. Described some aspects in https://github.com/w3c/activitystreams/issues/582
Would be interested in finishing the federated geocoding part together.
@sl007 Yes, I'd love to work together on geocoding, too.
Right now, there's not much to it..
I'm using commercial geocoders to translate addresses into Lat/Long, then including that in 1) the ActivityStream document, and 2) the search results.
I'd love to work with https://places.pub in some way, but I'm not sure (yet) what that integration would look like, or what we'd get out of it.
So yes: let's keep talking about how we make this seamless. There should be one standard, not six :)
-
Hey Julian..
I would love to integrate with places.pub, and I have this on my list of bookmarks for research.
I'm not sure what that would look like, just yet. Right now, the `Place` isn't its own actor, but just an extra set of data on a `Note`.
Maybe I could use places.pub as a datasource to look up previous addresses? I'm still researching, and would love to get your suggestions :)
-
@benpate this is pretty exciting! do you have any idea what safety features will look like? would you build something into it that, say, actively prevents others from doxing someone?
I'll build whatever people say is most important. These policies will likely be up to individual server owners.
After spammers found Bandwagon, I've been kicking around ways to do moderation before profiles and posts become public.
But whether we're using maps or toots, the issues would still be the same. Bad actors will need to be identified quickly, and dealt with decisively.
I'm adding this into the project board. Feel free to pile on: https://github.com/orgs/EmissarySocial/projects/3/views/1?pane=issue&itemId=135226795&issue=EmissarySocial%7Cemissary%7C566
-
@benpate love what you’ve done so far. Can see so many uses. There’s a definite need to have ‘private’ tags / entries as well as public ones.
@RossA Yes. And this is a really good point.
I'm planning to use Emissary's "Circles" for this (https://emissary.dev/circles) which let you limit posts to certain people. I'll show this in the next video.
And right now, Atlas also has disappearing messages that auto-delete after a set period time.
Nothing on the Fediverse is 100% private; it's always possible a remote server might share your "private" posts with unintended people. But this should help limit comments in most cases.
-
@decibyte Sorry about the README. Right now, Atlas barely runs on my own development laptop.
I've added a lot of new stuff into Emissary to support geolocation, and that still needs to be merged and posted to Github.
But, I'd love to work with you to see this run on your machines - even if it's still an early draft.
I'll have a super-rough-preview release ready in the next few weeks. Let's try to talk then and I'll help you get it running.
-
Better Atlas than the other one. A couple of questions:
- are you envisioning this to be a federated Foursquare or Yelp?
- inserting location tags to people's posts increases their personal data exposure quite a lot. What privacy implications do you see here?
- I didn't catch in the video what is the identity model you're basing this on. New identity on Atlas, or a tie-in to an existing fedi identity?
@benpateHey Osma :) There are lots of uses that I'm still exploring. I could see us using this like Foursquare, Yelp, geocaching, and even local cityguides and journalism.
Hopefully we can find the right balance of features that can cover many.
-
Better Atlas than the other one. A couple of questions:
- are you envisioning this to be a federated Foursquare or Yelp?
- inserting location tags to people's posts increases their personal data exposure quite a lot. What privacy implications do you see here?
- I didn't catch in the video what is the identity model you're basing this on. New identity on Atlas, or a tie-in to an existing fedi identity?
@benpateRegarding location privacy, this only requires *A* location, not *YOUR* location. So, you could always just type in an address you want to share.
I'm working to build in something for people to use the location services on their device to look up their exact location, but this would be something users would opt-in to for every post.
But to show up on a map, SOME kind of location will be required. Otherwise, you'd be better off posting from Mastodon, and not Atlas.
-
Better Atlas than the other one. A couple of questions:
- are you envisioning this to be a federated Foursquare or Yelp?
- inserting location tags to people's posts increases their personal data exposure quite a lot. What privacy implications do you see here?
- I didn't catch in the video what is the identity model you're basing this on. New identity on Atlas, or a tie-in to an existing fedi identity?
@benpate@osma And regarding Identity: This will be its own server with a separate identity/account from your daily Mastodon ID. Although you could always link the two with rel=me tags, I don't have an easy way for you to use this to post from a remote server.
But interestingly, @julian has been championing the use of the ActivityPub API for more sophisticated emote interactions. Perhaps in the future we'll have a way to do this.
-
-
This is exactly right. And, it's the way Atlas currently works. You can just type in any address you want to share. You don't have to be there to do it.
I'll eventually add a widget where users can share the geolocation data from their device, but this would be opt-in for every post, and never required.
-
I think we have enough evidence by now to know that even people who should have training to know better, accidentally reveal too much on apps, and that location is a particularly sensitive item.
https://dl.acm.org/doi/10.1145/1978942.1979295
https://www.runnersworld.com/uk/news/a40358143/strava-israeli-military/
@osma @julian I've seen headlines like this in the past.
It's hard to account for every crazy thing people will do with the tools we make. But I'm planning to make it so you explicitly choose to look up your actual location with every post. I'll have to get into the actual code to see what's possible, but I believe this will be enough control that it should avoid accidents like these, yes?
Let's keep talking about location and privacy. It's important that we get this right.
-
@benpate This is really great! One project that could very well be a nail for this hammer is https://wanderer.to !
@DePemig Thank you Gilles :) I'm adding this to my bookmarks.
-
@benpate this could be fun for geocaching
@phil Yes, I think it could be. I know *about* geocaching, but am not really familiar with the details. Do you have any suggestions on where I should start researching?
-
@osma @julian I've seen headlines like this in the past.
It's hard to account for every crazy thing people will do with the tools we make. But I'm planning to make it so you explicitly choose to look up your actual location with every post. I'll have to get into the actual code to see what's possible, but I believe this will be enough control that it should avoid accidents like these, yes?
Let's keep talking about location and privacy. It's important that we get this right.
-
@osma @julian I've seen headlines like this in the past.
It's hard to account for every crazy thing people will do with the tools we make. But I'm planning to make it so you explicitly choose to look up your actual location with every post. I'll have to get into the actual code to see what's possible, but I believe this will be enough control that it should avoid accidents like these, yes?
Let's keep talking about location and privacy. It's important that we get this right.
Somewhat relevant, I believe mastodon's argument for not supporting age verification is that they don't collect location data and so there's no way for them to determine if their users are somewhere where age verification applies. I don't know how well that works on legal grounds, but probably worth thinking about if you're building social apps that require geolocation
-
@benpate I think the federation is the hard part. I think writing the actual AR application is probably pretty straightforward, at least for developers who are already familiar with their AR platform. (I don't know visionOS or whatever Meta uses, but I know iOS and I doubt it's that much different.)
@ben Ha! I'd have figured the exact opposite 😅
Even as someone who'll never stop whining about how hard it is to get ActivityPub going, 3D graphic and Augmented Reality seems (to me) like another level of work altogether.
So, if you happen to know someone who could take a list of addresses and map it into a 3D space...
Let me know if you're interested in this? I could easily give you a JSON file of annotations tied to your current location.
-
Yes. Great point. And UX and privacy are both top concernse of mine.
So, #Emissary's default registration options ask for very little information: name you want to use, public-facing username, and an email address where you can receive notifications.
This should be enough to provide anonymity for those who require it, while still allowing them to build trust and reputation with their community via this new identity.
-
Somewhat relevant, I believe mastodon's argument for not supporting age verification is that they don't collect location data and so there's no way for them to determine if their users are somewhere where age verification applies. I don't know how well that works on legal grounds, but probably worth thinking about if you're building social apps that require geolocation
Interesting point. Age verification laws around the world are going to make everything a lot more tricky.
Though Mastodon's argument doesn't make sense to me: IP addresses inherently map to location data, so we all receive *some* location, whether we're listening or now.
I don't have a good solution for this, right now.
It'll probably need to be baked into new user registrations, which admins would need to choose in some way.
Do you have a solution you'd recommend?
-
@sl007 Yes, I'd love to work together on geocoding, too.
Right now, there's not much to it..
I'm using commercial geocoders to translate addresses into Lat/Long, then including that in 1) the ActivityStream document, and 2) the search results.
I'd love to work with https://places.pub in some way, but I'm not sure (yet) what that integration would look like, or what we'd get out of it.
So yes: let's keep talking about how we make this seamless. There should be one standard, not six :)
cool. I am doing funded work for taxiteam and menschys and for redaktor (CMS) and Public Spaces Incubator (EBU and Public Broadcasters), fulltime, anyway :)
About places.pub - did post the code to federate OSM a long while ago https://gist.github.com/sebilasse/ca76c60955e5414cff2c253f1cd89af4
this snippet comes with a bunch of other modules.
An OSM to JSON-LD proxy like places.pub is super nice but what we need in taxiteam is a bit more.
Our database is a consolidated cache of OSM and wikidata knowledge but organized as hierarchical Collections, both political-administrative as well as by geohash.
So, if you are down to Country "DE"
https://gist.github.com/sebilasse/9b4c50bfabad43879c9c43c3adbe9ca1 it is a Collection of Federal States with its own id (2nd file).
With ActivityPub, we have the ability to define these hierarchies starting by Collection Q2 having the M49 regions as items with ['Collection', 'CollectionPage'] and that goes down to e.g. country/state/adm3/city/district/suburb/"hood" …🧵 1/3
Gli ultimi otto messaggi ricevuti dalla Federazione
-
dansup@mastodon.social there are no video controls on firefox mobile on android
-
@computersandblues @thisismissem
But back to your original point, it could be interesting to roll up all of the notes about a particular POI, to say something meaningful about what's going on there.
That's probably out of scope for me right now, while I'm just learning how to make maps. But I'm making a note to research this some time down the road.
Fortunately, we have a lot of "closed source" research that we can lean on, then just cherry pick the best ideas and make them "open."
-
@computersandblues @thisismissem
Half finished thoughts are the best!
And, I know I'm dipping into some choppy waters here, but I think "consent" relates to what content the server wants to share, and not consent of the "property/location owner."
I recognize there's potential for abuse (i.e. doxxing someone) but that exists outside of a mapping app, too.
But there's also cool use cases for non-consensual digital graffiti.. something in the spirit of:
https://observer.com/2025/10/artists-indigenous-ar-intervention-met-american-wing/
-
@thisismissem @benpate i was also thinking how this is solved by the foursquares etc., aside from moderation. limiting notes to pois instead of arbitrary latitude-longitude-tuples may also be a viable strategy, and that might make it easier to figure out whom to even ask for consent, or who may be able to manage allowlists or similar mechanisms. not arguing to replicate that exactly, but remember foursquare mayors? the fediverse might have elected janitor groups.
i'm aware that i'm sharing half-finished thoughts, and i hope i'll find a bit more time for this.
-
Agreed, even if they didn't collect/save IP addresses, I don't think you could get around it just by telling a court you didn't want to collect that data. I imagine they'd just tell you that you need to collect it.
(looked up the source so I'm not just randomly attempting to quote things from memory https://techcrunch.com/2025/08/29/mastodon-says-it-doesnt-have-the-means-to-comply-with-age-verification-laws/)
The social nonprofit explains that Mastodon doesn’t track its users, which makes it difficult to enforce such legislation. Nor does it want to use IP address-based blocks, as those would unfairly impact people who were traveling, it says.
-
tom@tomkahe.com said in I'm excited to show off #Atlas - a social mapping server for the #Fediverse.:
> Somewhat relevant, I believe mastodon's argument for not supporting age verification is that they don't collect location data and so there's no way for them to determine if their users are somewhere where age verification applies. I don't know how well that works on legal grounds, but probably worth thinking about if you're building social apps that require geolocationYeah, this justification just doesn't pass scrutiny. Mastodon does collect the user's recently active IP addresses, and from that you can use geoip to resolve to a country/state. This could also all be handled by a FASP.
In other words, Mastodon could indeed implement age verification, the only remaining question is: what would that gate access to?
-
benpate@mastodon.social you may want a way to gain consent before allowing posting of a location + mentioned people. The other thing you may want to do is have moderation UI that allows searching for all notes for a specific location, and potentially banning the usage of certain locations in notes. i.e., if you see a doxing, then your mods can prevent that location from being tagged, and delete the note. If a person is tagged as at a certain location, they should need to accept the tag before that shows up in the Note.
You could also do things like limit posts being added within a certain region to a certain radius (based on geoip).
-
@benpate
no idea, I imagine a lot of my answers involve fixing the laws themselves haha.Bluesky offloads some of that responsibility to the PDS (i.e. I can tell my PDS that I'm an adult and it'll tell Bluesky that I'm verified) so (very) long-term I think I'd like that sort of service provided by the C2S server, so clients wouldn't have to think about it.
But yeah, I'd assume you'd have to implement it during the registration process and have admins use a method of their choice for verifying age (and optionally let them turn it off entirely if they can confidently say that nobody from XYZ location will ever be using the site)
