PSA: Since Threads apparently will be federating replies soon, I thought I should post this again, because there's still a lot of people that don't know.
When a normal user uses "block this domain" it's LITERALLY just a MUTE. The blocked server can still see, interact, and reply to your posts, you just won't be able to see them.
It's kinda like sitting in a room with hungry bears while wearing a blindfold. If you're scared of hungry bears, your best bet is to get out of the room, not put a blindfold on. And by this, I simply mean to migrate to an instance where the blocks are up to your standard on the "instance" level.
Stay informed and make informed decisions, no matter what you choose to do with your Fediverse presence.
The main reason other AP implementations have added it (or in the case of #Misskey, made signing objects enabled by default which was a reluctant decision) as well despite Authorized Fetch / #SecureMode not being documented in the spec is that plenty of big #MastoAdmins have enabled it for their instances thinking it will prevent harassment from instances they've blocked (despite the fact that AF is purely #securitytheater), forcing the rest of the #fediverse to adopt it to remain compatible. Even at the cost of performance (no more caching).
This is plain ol' #EmbraceExtendExtinguish or #EEE for short against AP and the fedi by the Mastodon monopoly, and nobody wants to talk about it because it undermines the narrative a lot of Mastodon admins are putting out to justify their fediblocking of #Threads. Would've been fine if they focused on the (real) harms #Facebook did to Burma for example, that's a totally fine reason to block FB. But screaming EEE just makes me roll my eyes on their #hypocrisy. :seija_coffee:
Happy to report that Kolektiva has activated authorized fetch, which will help to protect our instance's posts from surveillance and "AI" ingestion by Meta. Thank you to @subMedia@admin@moderation for defending the zone!
okay but fr, I don't see why this is shocking news. #mastodon, by default, works under the assumption that every instance is good unless proven otherwise. this is also true for many other Fediverse software.
the result is that anyone can get a new domain and mastodon will presume they're a new friendly neighborhood instance. most instances block both gab dot com and gabfed dot com for this exact reason.
(1/2) https://wedistribute.org/2023/12/authorized-fetch-circumvented
the only way to truly solve this is whitelisting instances instead of blacklisting. what #Mastodon calls "limited federation mode".
there's many ways to do this, including stuff like federating allowlists or using a semi-centralised trust source.
but in the end, it still comes down to whitelists.
that's something the vast majority of the Fediverse just doesn't do at the moment, but it may have to change at some point. we'll have to wait and see.
Did you know that, if you or your Mastodon instance is blocking Meta, your posts and account can still be data-mined by them? That is, unless your instance has Authorized Fetch activated. More info here: https://kolektiva.social/@ophiocephalic/111602259275182233