Why are FOSS platforms like Matrix having such a hard time getting users to migrate from Discord? Because of PluralKit.

  • jarfil@beehaw.org
    link
    fedilink
    arrow-up
    10
    ·
    10 months ago

    The difference:

    • Discord, Facebook/WhatsApp, Telegram, etc. are selling your data… to select customers.
    • Matrix, Mastodon, Lemmy, etc. are giving your data for free… to everyone.

    Like, if there was a stalker wanting to attack you in particular… neither is good, but one is worse than the other.

      • jarfil@beehaw.org
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        10 months ago

        Matrix encrypts by default when starting a “DM room”, otherwise it doesn’t force encryption, only allows it.

        All the unencrypted rooms out there, are susceptible of getting their contents scraped by either the server, a federated server, an invited user, or even anyone.

        Encrypted rooms, can also get scraped unless they’re set with security in mind (only send to validated users, make it invite only, don’t show past history).

    • corytheboyd@kbin.social
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      10 months ago

      Right, you do have to understand that either way, if you put something on the public internet, it is gone.

      I don’t want a company to sell my data, making money off of me, then having the audacity to ask me for MORE money on top (nitro). It feels gross.

      I don’t mind sharing bits of myself online otherwise.

      The owners of federated instances can also just start selling your data too at any point. And as you said, advertisers will also just scrape public data trivially. Basically, the internet and world is a terrible place.

      • jarfil@beehaw.org
        link
        fedilink
        arrow-up
        6
        ·
        10 months ago

        Stuff gets deleted from the Internet all the time… other stuff goes viral and lasts for decades. YMMV

        It seems to me like your threat model is different from OP’s, though. Worrying about ad blockers not being enough, is not the same as fearing for your life because someone might decide to track down where you are IRL.

    • t3rmit3@beehaw.org
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      10 months ago

      Lemmy is not enriching the data you put on it with data that Lemmy purchases from third parties, in order to create a user-product to sell to advertisers. Meta and Discord are (obviously Meta much moreso). That’s why advertisers buy from them instead of just scraping your posts themselves.

      • jarfil@beehaw.org
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        10 months ago

        Advertisers buy from data brokers, not necessarily directly from Meta or Discord. Meta and Google act as data brokers themselves, but they also sell to other data brokers. Those data brokers, will definitely scrape your posts themselves, if they can’t buy them, or the derived data, directly.

        Lemmy, and the Fediverse, has multiple instances that federate and get handed out copies of what we post. We don’t really know what’s going on at each and every instance, and there’s no way of knowing.

        (don't do this)

        If I was a data broker wanting to siphon data from the Fediverse, I’d set up several instances with fake communities and fake users, federate with the different shards of the Fediverse, have the fake users subscribe to as many feeds as possible (easier to do on Lemmy/Kbin than on Mastodon), create accounts on some of the larger instances to get the “Local” feed, and just wait for the data to arrive. It would miss some of the posts, mostly from smaller less federated non-Lemmy instances, but I’m guessing close to 99% could be siphoned with relatively little effort, and for cheaper than buying the data from any single instance. Scraping historical data is extra easy with instances returning some JSON and having clients parse it, be it in JS or in apps. Deleted messages can be either gathered with the custom instance setup, or retrieved from instances that didn’t honor the delete action (there still are some out there).