Sharkey’s mastodon api implementation lets you ddos the server.

That would also key in (no pun intended) with the nomadic identity FEPs.

Posts should be encrypted, this is what diaspora does. I agree with this. For emails though, pgp is used by no-one. Also, AP uses tls as well.

I was thinking that encrypted posts could work with multi key encryption (if my understanding of this post is correct https://stackoverflow.com/questions/597188/encryption-decryption-with-multiple-keys ).

The problem (imo) is mastodon being the internet explorer of the fediverse, and refusing to do any encryption.

I wouldn’t consider it a hack, as the protocol was actually made with these posts in mind. Public posts weren’t the focus of activitypub.

I would consider it similar to email, should we abandon it (yes, but not because of this) just because a malicious email server started publishing all the emails it recieved? AP is just email but social media.

I really wish people (normies) could figure our pgp for email.

No, Imagine this

There is @bob@pixelfed.example their is their friend, @joe@mastodon.example. bob also follows @jane@gotosocial.example

If bob makes a private post (ie, followers only), only the instances of people he follows will recieve the post. The instance will see that its supposed to be private, and not show it to everyone.

This may, gotosocial.example, mastodon.example and pixelfed.example have the post, but don’t show it. misskey.example won’t have the post.

Then, if gotosocial.example (hypothetically) had a bug where it ignored posts visibility settings, those posts would be shown, since the post is sent to that server. If misskey.example had a similar bug, nothing would happen as the post wouldn’t have reached that server anyway.

Its like email, an email server can decide to expose everyone’s emails to the public, so don’t add that email to your mailing list or email chain.

private posts are only sent to instances that either your followers or the list of people you want to see the post are on. If they all co-operate, you will be fine.

Its like email, if a server decided that it would expose everyones emails, everyones emails are exposed.

has the FEP system helped?

Like lemmy?

Anyway, there’s nodebb.

There’s other places with lists for those.

ChimeIn is cool.

check https://alexandrite.app/ and https://phtn.app/

There’s also https://vger.app/ for mobile.

lemmy is similar to usenet, in a way.

subreddits are forums.

https://github.com/LemmyNet/lemmyBB

nodebb does this, discourse is working on AP.

Check lemmybb.

I just report and remove as a follower.