I believe you need root to access those, plus a file manager that supports it (I use Mixplorer which does). Otherwise, as someone else suggested, you can access them from a computer over ADB or MTP.

Other people in that thread have pointed out that it isn’t showing posts being delivered to Threads despite the block. That should be testable with other instances, but not Threads since it’s not receiving any content from Mastodon at the moment. The concerning thing there is the user still being able to view content from people they’ve blocked, but that seems to be a bug if it’s reproducible.

In the EU companies can’t scrape personally identifiable information without consent, even if it’s already publicly available. IANAL, and there’s probably ways they can sneak around the GDPR, but at least it’s not a free for all. It’s unclear though how it works for federation. It’s definitely not the same legally though.

The reason for not directly federating content to Threads isn’t so nobody there can ever see my amazing posts, it’s so Meta can’t easily profile me. Scraping public posts on a different platform would probably be illegal, at least in the EU, and reposts don’t give them a lot of data about me. Federating content, however, would give them most of the same data that Mastodon has on me without even having to ask.

This post from Eugen Rochko mentions that blocking Threads at the user level “stops your posts from being delivered to or fetched by Threads”. Basically, the user-level instance block is bidirectional.

Limited federation mode is a different feature, at the admin level. It doesn’t really affect the delivery of posts in either direction, it just hides the blocked instance’s content from the global feed. Defederation on the other hand is indeed bidirectional, but again it’s on the admin level rather than users’.

Mastodon instance blocks are already bidirectional AFAIK: if you block an instance your content does not get federated with them. I was actually surprised that this does not seem to be the case for Lemmy. I don’t think this break any core abstraction of AP…

I thought I heard they were rolling out some material you theming in beta a while ago. Did they revert it?

Backed by who?

Andreessen Horowitz (a16z), a Silicon Valley venture capital firm with a recent history of questionable investments…

I’m aware they’re not using a generic model, but that’s not much better. Current custom-made models still fuck up significantly more than humans, and in less predictable ways.

Even if their custom model is slightly incorrect 1% of the time, that’s still a major problem in critical systems like those.

Legacy COBOL code is largely used in critical systems like those of banks and airlines. What could go wrong with having that code rewritten by stochastic parrots who get programming answers wrong half of the time?

Interesting demo! Does this use the user agent string for identifying clients?

Oh I mean, sure, but I don’t think IP logging is the main privacy concern with spy pixels.

I’m assuming this trick uses the user agent string and other request metadata to identify clients. Even if it didn’t recognize Jerboa as a client, it did guess that I was on mobile. That’s not possible just by tracking IPs, unless they’re cross-referencing it with other datasets. Also, I was on VPN anyway, so the IP would have been useless.

It should be possible for clients to obfuscate/fake the metadata of image requests to make tracking with spy pixels less effective.

Can countermeasures be implemented in the clients to mitigate privacy risks, while not having to proxy images?

Awesome work folks, thanks!

What you’re trying to do is often called “domain delegation” or “well-known delegation”. Here’s an example of the documentation for the same thing in matrix-synapse. I don’t know if the Lemmy server supports this yet, my suggestion would be to join the matrix chat for the development and ask there. You should find a link to the chat room on the github page. If it does support it then most likely the process is the same as the one I linked for matrix.

Sure, but this isn’t finding new instances, just new communities on known instances. Indeed, this is not difficult to implement. The reason it’s not done already is for resource economy. A lot of instances are already struggling to scale, making them process and store a lot more content with little value for most users of the instance isn’t feasible for a lot of servers right now.

Social media and torrents are pretty damn different. There’s a reason no federated platform has implemented automatic discovery, even ones with much more resources than Lemmy, like Mastodon.

I don’t know why you folks keep pointing at missing features and saying “Lemmy doesn’t have this pretty advanced network feature, so it’s not really decentralized”, or “it cannot organize”, or “it’s useless”… It’s basically two people’s passion project that only blew up in the past month because reddit fucked up. You’re not paying for it, are you? So I really don’t see how this attitude is warranted.

Yeah what’s being described there is basically a P2P model. I still think it wouldn’t make a huge difference in the chattiness of the protocol. At best it would redistribute the load for outgoing federation messages, but not for incoming ones. An instance still has to receive each message individually, regardless of where they comes from.

I understand the logic, and you’re right to think about how improve Lemmy’s scalability. But I’m not sure if this is the way to go.

If you build a dedicated federation proxy for an instance, you’ve really just slightly moved the problem. The federation proxy is going to have the same scalability issues, and if anything the total load goes up.

If you build multi-instance hubs, you suddenly introduce a lot of new issues.

• Security: I think Lemmy checks the source of an update to verify that it comes from the legitimate host. You would have to introduce some kind of signatures to verify that the activity originated from the legitimate host.
• Privacy: now your users have to trust the hub owners with their data, not just the instance.
• Motive: who would be running the hubs, and why? They would have to be even bigger that the instances, and there would be much less incentive to do it.

Other people in the thread have already made this point: even with a full mesh network, the number of remote calls made for a single activity is equal to the number of instances subscribing to that activity (plus one if the activity originates from an instance that’s not the host of the activity).

A hub/spoke model doesn’t change this, it just moves the load from the host instance to the hub. The number of connections is still the same: if N instances need to receive the activity, N calls will have to be made. If anything this adds 1 more call from the host instance to the hub.

Even peer-to-peer distribution of activities, mentioned by @[email protected], wouldn’t actually change the amount of calls being made. You still have N servers that have to receive the activity, so you need at least N calls overall. What this would do is redistribute the load better over instances, so the host doesn’t have to make all N calls. It would definitely be an improvement, but it would not be easy to implement successfully, and it would almost surely break ActivityPub compatibility.

The only thing I can think of that would actually reduce the overall network load, though, is batching: sending multiple activities/updates together in a single message. AFAIK this is not supported by ActivityPub, though, so implementing it would mean breaking compatibility, and also implementing an entirely updated version of the protocol (which is a massive undertaking).