Mastodon Feed
Reblogged by fromjason ("fromjason.xyz 🖤"):
Ok seems like they don't bridge any posts that are not "full public" for exactly the reasons above(its a MITM).
Further to the point, in the case of nostr the bridgy team will generate their own private-key and essentially MITM your traffic and sign it with their own key.
I get how -some- people might want this from a convenience stand point but this kinda all strikes me as the type of tech we'll all be glad the second we don't need to use it.
Attachments:
- What are the terms of service? Bridgy Fed's terms of service are simple. You agree not to deliberately attack, breach, or otherwise harm the service. If you manage to access private keys or other sensitive data, you agree to report the vulnerability and not use or disclose that data. Otherwise, you may use the service for any purpose you see fit. However, we may terminate or block your access for any reason, or no reason at all. (We've never done this, and we expect we never will. Just playing it safe.) Do you an administer an instance or other service that Bridgy Fed interacts with? If you have any concerns or questions, feel free to file an issue or email me privately! (remote)
- Who can see me and my stuff? Only the people who can already see you and your stuff, as is. Bridgy Fed only bridges fully public data, so if your account is pfiVate or protected or followers-only, it won't (can't!) bridge your account at all. Same with DMs and private/followers-only posts; it ignores those. (remote)
- Bridgy Fed's second tier of product and engineering values are: o Safety and security: Bridgy Fed minimizes harm to its users. The primary way this currently manifests is that it SUAEREERTIIAIGIINGEIE, and it enables and supports the networks' own moderation features (blocking, reporting, etc). It also uses modern secure coding and ops practices to minimize vulnerabilities that could expose private keys or other sensitive information. (remote)
- Note that Bridgy Fed generates some of these ids itself behind the scenes (remote)
