Wild ass comment.
Unless you really really need portability between devices
Who doesn't??? What do you do, copy 20-char randomly generated passwords manually all the time? That's the whole point of password managers...
I use firefox's local, inbuilt manager
Browsers are NOT a secure storage for sensitive data, if you want a local password manager at least please use KeePassXC.
In the EU companies can't scrape personally identifiable information without consent, even if it's already publicly available. IANAL, and there's probably ways they can sneak around the GDPR, but at least it's not a free for all. It's unclear though how it works for federation. It's definitely not the same legally though.
The reason for not directly federating content to Threads isn't so nobody there can ever see my amazing posts, it's so Meta can't easily profile me. Scraping public posts on a different platform would probably be illegal, at least in the EU, and reposts don't give them a lot of data about me. Federating content, however, would give them most of the same data that Mastodon has on me without even having to ask.
Mastodon instance blocks are already bidirectional AFAIK: if you block an instance your content does not get federated with them. I was actually surprised that this does not seem to be the case for Lemmy. I don't think this break any core abstraction of AP...
a long form nuanced take
interesting, however have you considered pee pee poo poo
Truly a worthy contribution to the discourse, thank you...
ActivityPub doesn't just push everything on a server to every federated instance like a fire hose. In the first place, as Masimatutu@mander.xyz said, it only feeds your content to an instance if somebody on that instance follows you, which you can set to require your manual approval. Your posts could also get pushed if somebody else boosts your post and they have followers on the other instance.
However, if you set an instance block, none of your posts get sent to the instance, period. They would have to resort to scraping. In other words, if you don't want to give meta your data, just set an instance/domain block.
For my use case yes, that would defeat the purpose, but for what it's trying to do it kinda makes sense... At least, they have to do it to comply with payment regulations. And you're still only exposing your identity to one service with a decent reputation, rather than plenty of possibly shadier ones. It seems like a fair tradeoff if what you're looking for is privacy from services you want to pay for.
Backed by who?
Andreessen Horowitz (a16z), a Silicon Valley venture capital firm with a recent history of questionable investments...
Can countermeasures be implemented in the clients to mitigate privacy risks, while not having to proxy images?
Thanks for the tip about the archived Reddit link, I've updated it!
For the seed to leech ratio you're right, but I feel like it might be a bit much to throw at somebody who's just figuring all this stuff out. It's not a guide on how to seed safely, I don't want to encourage people to put themselves at risk who don't yet have the skills to protect themselves.
It's there... Step 4 of the section "Download A Torrent Client". I didn't call it "binding an interface" because the intended target of this post would have no idea what that means.
Mullvad already has that. It's called "WireGuard Obfuscation" in the settings. Obscura just seems to have a different implementation based on similar principles.