So apparently as a default feature Pleroma has an option to circumvent and ignore blocks.

Can someone make me a version of the gab-blocking code for Pleroma, please? I suddenly feel very unsafe.


Kaniini is being very loud about this alongside their indirect adverstising to fascists (screaming as loudly as possible about how they couldn't possibly do anything about them and that they'd just fork it so it's pointless trying to do good) so i think Pleroma is about to get *worse* than gab.

Pleroma has become a MASSIVE security issue for vulnerable people, for targets of harrassment and stalking. Kaniini is going full mask-off fascist here, in enabling online abuse and I'm going to have to say that they need to get in the fucking ocean with their attitude towards other's safety and lives.

Funny how this feature suddenly becomes a thing mere weeks after Kiwifarms makes a pleroma instance.

Kaniini is a fascist who is enabling fascist abusers and defends it in the flimsiest of ways

still pissed about pleroma devs being fash 

I stand corrected, this has been a feature for a while longer than Kiwifarms has been here and it's why Kiwifarms went for a pleroma instance.

still pissed about pleroma devs being fash 

still pissed about pleroma devs being fash 

still pissed about pleroma devs being fash 

still pissed about pleroma devs being fash 

@Pyretta Ok, so let me make sure I understand this.

AP works, by sending toots between servers automatically, if the two servers know they exist.

AP still sends toots to servers if some users have been user-blocked, and it's on the receiving end to uphold that.

Problem 1 is Pleroma not honoring user-blocks.

@Pyretta And problem 2 is Pleroma sharing toots between them, making it possible to get toots even from instance-blocking instances?

@octet33 No, no problem 2, just problem 1. All instances share all toots, blocks or not (aside from instance blocks)

@Pyretta Ah.

So enforcing a block is as simple as just not giving toots to the pleroma instance?

There's no leaking from unblocked instances to blocked instances?

@octet33 Yeah, but if user A on Instance A (which federates with Instance B) has user B on Instance B blocked, user B can just stop honouring blocks with this pleroma feature and see User A's toots anyway. If Instance A blocks Instance B, then it no longer works. . . until content federates to Instance B through Instance C from instance A

@octet33 so unless your federation is airtight, people can read your toots because federation leaks and they can just stop honouring blocks thanks to the Litigation Bunny and the other asshole pleroma devs.

@Pyretta So this isn't malicious sharing between pleroma instances, but rather an inherent security flaw of AP affecting all implementations.

So only instance B would need to be Pleroma for problems to result?

@octet33 If instance B is pleroma then users on that instance can read through personal blocks if they like. Instance blocks usually get circumvented by federation unless a concerted effort is made (like with Gab).

@Pyretta There could be another solution through protocol modification, if federation from C was merely a reference to A (rather than a copy of the toot), but that'd still require buy-in.

Frankly, I'd imagine that any competent admin would be scared half to death of block circumvention.

@octet33 Yep! Block circumvention is way too easy, lots needs to be fixed before it's even remotely safe. I guess you would have to attach "do not federate to these instances" data to toots as they get federated out, so any pull request by a blocked instance gets denied by any instance, not just the parent instance of the toot.

@Pyretta In other words, AP wasn't ever designed for security and that's suddenly a massive problem that could render the entire protocol unusably unsafe unless community-level resolutions are implemented.

Kinda like MS Windows.

Someone needs to come up with an alternative federation protocol.

@octet33 AP was never designed for security, then Pleroma came along looking to deliberately exploit that and just what the hell.

@Pyretta It's like when the first computer viruses were written and did MASSIVE damage and even still, on many operating systems the best security measures are just finding programs that look like they might be malicious with AV scans (rather than systems to ensure a virus can't cause problems).

@Pyretta The only truly perfect alternative is centralized moderation (e.x. Birdsite), and that only works if the moderators are reliable (which is impossible at the scale of Twitter, or probably even the entire Fediverse.)

@octet33 Twitter is okayish security wise (you can see around blocks if you log out and you know someone's @ and they're not a locked account) but the moderation and algorithms and advertisement are downright hostile.

@Pyretta Yeah, that's what I meant by centralized moderation requiring reliable moderators.

AP trades easier selection of moderators (and smaller-scale moderation), for less technical security.

Sign in to participate in the conversation

A home for those who're trying to be better people- hence, afterlife.