I don’t understand why people don’t understand that AcitivityPub is not a private protocol. Like at all. Its not meant to be and was never meant to be. Any “privacy” improvements from random instances are not part of the core code structure and do not work outside of them 99% of the time.
It’s good to be aware of and in general treat anything uploaded to the internet as public, but it also is a bug that the software isn’t working right.
It was a poorly implemented feature that was never communicated and when said feature failed to function outside of the specific instance it was designed for, people threw shit. That’s not a bug. If anything its an integration failure. A failure that is entirely the fault of the mastodon instance team. Calling it a vulnerability is fuckin wild.
It seems
Any “privacy” improvements from random instances are not part of the core code structure
The privacy improvements are from the ActivityPub protocol. The author cites them.
Edit: …and the spammer who keeps copy-pasting the same irrelevant spam from thread to thread is back
