[nobody9999]

>he article explicitly says that talking only about public posts ignores other privacy risks, and has an example related to a followers-only post. Knowing that, do you really think his point is fair?

I was responding to the idea that if you post something publicly, whether that's on a Mastodon instance, a bulletin board at the library, in a Craigslist ad or any other public forum, it's unreasonable to attempt to limit access to the information contained therein. That's intuitively obvious, no?

If you only want specific people to see that information, only give it to those folks. And if they're trustworthy, they won't share it with others but that's not guaranteed.`

How does the old saw go? "Three can keep a secret, if two are dead."

Don't want something to be public? Don't post it in a public forum. Full stop.

I am unfamiliar with the example you mention and its potential privacy impacts. But even if (and maybe especially if) there are the risks/issues you allude to, that doesn't obviate (and perhaps even strengthens) my point.

[jdp23]

I wasn't objecting to your point so much as you calling their summary a fair point. They stopped reading the article before they got to the example of non-public information in it, so mischaracteried it, which doesn't seem fair to me.

Agreed that if something's available encrypted on the web with no login required then usually the only protections you can put on it is security-through-obscurity like hard-to-guess links that don't show up on profiles (YouTube's "unlisted videos") or advisory like "noindex". But, although it's not something I talked about in this article, there are design choices. Mastodon (etc) could evolve so that a lot of what's currently "public" isn't available on the web with no login required.

[nobody9999]

I think I see the disconnect here.

I didn't really pay attention to your username and am seeing now that not only are you the submitter (to HN), but also the author of the submitted post.

As I mentioned, I haven't read your piece so I won't (as I can't knowledgeably do so) comment on the validity of your complaint about GP's point.

I don't have any issue with you, your blog or anything surrounding those things.

In fact, I'm sure you make a bunch of valid, interesting and insightful points in your post.

That said, while you're responding to me as if I had read, digested and considered all the points you make in that post, that's not the case.

My comment was completely unrelated (except as it elicited a response from GP) to your blog post and addressed a completely different set of issues.

N.B., I actually did read your blog post, but didn't realize it was the submission for this discussion thread. I agree with much of what you wrote, especially as it relates to the greedy scum who run Meta and its ilk, as well as the very real risks to a wide swathe of folks who are disfavored by some (many?) in our societies. Especially when those greedy scum "out" folks to add to their sewer of filthy lucre, which is then seized upon by the intolerant jerks to harass innocent people.

All that said, I stand by my initial point: Don't want something read by the "public"? Don't post it in a public forum. Full stop.

All the rest is orthogonal to the argument I made in the comments to which you replied.

[nobody9999]

>I wasn't objecting to your point so much as you calling their summary a fair point. They stopped reading the article before they got to the example of non-public information in it, so mischaracteried it, which doesn't seem fair to me.

I'm confused by what you wrote. Are you claiming that people who post information in a public forum should be able to dictate who gets to see that information?

I didn't read TFA, so I have no idea what it says.

I specifically responded to what GP wrote, and only that. Full stop.

As to the rest of your comment, I don't see how that's relevant to public postings in public forums.

As in this very comment. It's on a publicly available website and is indexed by the major search engines. I have no expectation that anything I write here is "private," nor do I believe I should be able to dictate who is allowed to read this comment.

Contrast that with my Matrix server. Access to what I post there is limited to those who are invited to the specific "room" I post in. And I limit access to the site to those I wish to share such information with. What's more, I don't allow web crawlers to access that information.

Public posts are, well, public and can be viewed by anyone. Private posts are not. That some folks can't keep that straight astounds me.

As for any protocol/implementation shortcomings of Mastodon and/or ActivityPub, that's a different discussion. And one that I'm not engaging in.

As such, I think we're talking past each other. I hope I've clarified myself enough that you'll stop making assumptions that what I'm talking about is related to your (which may well be completely valid and deserving of discussion -- just not with me, at least not in this thread) concerns.

Edit: Fixed prose and typo.