#replycontrol — Public Fediverse posts

@Jasper Burns

Permissions, part 3: At post level

As I've already said, whenever you write a post to start a new thread, you also define the permissions of this post. Of this post and of all replies.

Let's translate this to Mastodon again.

You know the toot visibility button, I guess. Let's assume it looks and works somewhat different. Especially the visibility options.

"Public" still exists. It does what it says on the button: It makes your toot public. Oh, and now, it also makes all replies public. There's no replying to your toot with a DM.

The other three don't exist.

Instead, as the second option, you have "Only me".

Right below, all your lists are listed up. You can pick one of them. You can send your toot to everyone on one specific list of yours and to only those on that list, all without having to mention them. Better yet: Only those on that list are permitted to see your toot. And only those on that list are permitted to see any reply to your toot. Killer feature: They can see each other's replies, and they can reply to each other.

Below that, all groups that you follow are listed up. Again, you can pick one of them. This will have the effect that your toot will go to the group, and it will be forwarded by the group to all its members, but it will not go to your followers unless they're also in that group.

Below that, there's "Custom selection". This opens another window with each one of your lists and each one of your followed accounts, each with a green "Allow" button and a red "Don't allow" button. Here, you can put together a choice of lists and single accounts whom to send your toot to and a choice of lists and single accounts whom not to send your toot to. Again, only those who receive the toot are also permitted to see it, and only them are permitted to see any of the replies, and no-one can ever change these permissions.

What sense this makes?

Imagine you have a list with a certain group of friends in it. One of them will soon celebrate their birthday, and you want to organise a birthday surprise for them. So you send a toot to that list with everyone in it, but without that person who'll soon celebrate their birthday so you won't ruin the surprise for them.

Or: Imagine you have lists according to which languages people speak. Like, you have a German list, and you have an English list. Then you can put together an audience for a German toot from lists and single followed users, but exclude the English list so that those who don't understand German anyway won't receive that toot.

By the way: This also covers DMs. And this means that DMs are actually private.

As Mastodon is right now, you can DM Alice, you can have a conversation with Alice, but Alice could mention Bob and pull him into the conversation. This also gives Bob the opportunity to read the whole thread because he has access to it now. Mastodon only defines to whom a message is sent, but not who is allowed to see it.

In this version of Mastodon, when you DM Alice, you only grant Alice permission to see your toot and everything else in the thread. Now, Alice can mention Bob all she wants, but she can't pull him into the thread. Bob won't even receive the toot with his mention in it. He is not permitted to see it. You have not granted him permission to see the start toot, and thus, you have not granted him permission to see any of the replies, including the one in which Alice mentions him. Alice cannot change any permissions in the thread. Neither can you, by the way. The moment you send the start toot, all permissions are permanently set in stone for the whole thread.

This also makes dogpiling by extra mentions in DMs impossible.

Also, this provides for very effective quote-post control. It isn't allowed to boost posts that aren't public, including replies. It isn't allowed either to Mastodon-style-quote, as in quote-post, posts that aren't public, including replies.

These DMs have another advantage of DMs on Mastodon-as-it-is-now: If you send a DM to Alice and Bob, Bob receives Alice's replies, and Alice receives Bob's replies, and the two can reply to one another.

Oh, by the way, there's another nifty button. A speech bubble. With this button, you can allow or disallow replies to your post. Mind you, again, this only works when you start a thread. You cannot allow or disallow replies to a reply that you post.

Now, how does Mastodon-as-it-is-now handle DMs from Hubzilla, (streams) and Forte? It sees them as Mastodon DMs, and it treats them like Mastodon DMs. The downside is, if I send a restricted-permission post to Alice on Mastodon and Bob on Mastodon, both perceive it as a Mastodon DM. Both can only reply to and converse with me. They can't see each other's replies, and they can't reply to each other.

(8/9)

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #Hubzilla #Streams #(streams) #Forte #Privacy #Security #Permission #Permissions #ReplyControl

@Rob Ricci @caterpillar @Stefan Bohacek @Ericka Simone This is exactly the problem.

I'm on both Hubzilla and (streams) with multiple channels, and I've been on Hubzilla under various guises for longer than the vast majority of Mastodon users have been on Mastodon. I guess you can say that I know both very well.

I can tell you that the possibilities of Hubzilla's permissions system are staggering. It works on up to three levels: for the entire channel (that's "account" in Mastospeak), for individual connections (that's "followers and followed" in Mastospeak), for individual content (posts and and entire conversations, but also images and other uploaded files and documents).

For example, you can grant or deny permission to

• see your public profile (this requires OpenWebAuth magic sign-on which Mastodon has rejected)
• see your connections (this requires OpenWebAuth magic sign-on which Mastodon has rejected)
• see your public posts in your stream (this requires OpenWebAuth magic sign-on which Mastodon has rejected)
• send you their posts (this means public posts that aren't replies because replies are not posts on Hubzilla)
• like (that's "fave" in Mastospeak; you know, the star), dislike and comment on your posts
• send you DMs
• see your uploaded files (this requires OpenWebAuth magic sign-on which Mastodon has rejected, but this also extends to images and other media embedded into posts, comments and DMs)

All in all, Hubzilla has 18 such permissions, but these are the ones that matter from a Mastodon point of view. They can be granted or denied for your entire channel at seven or eight levels, and if they're denied at channel level, they can be granted for individual connections. Imagine that, on Mastodon, you could allow only certain followers to see your profile and your toots. Or you could only allow certain followed accounts to send you their toots. All of this is reality on Hubzilla right now.

Better yet: You know that you can send toots only to mentioned accounts on Mastodon. Hubzilla exceeds and improves upon this in three ways. First of all, you can send posts to individual connections. Or to a certain privacy group (from a Mastodon POV, that's a list on steroids). Or to a custom selection of individual connections and privacy groups while even being able to exclude certain other connections or privacy groups. This goes way beyond Mastodon's "mentioned = allowed to see".

But this doesn't only define who will receive your post. It also defines who is permitted to see your post.

And: The permissions of a post are inherited by the entire conversation. Comments always have the same permissions as the top post. There's no restricting the permissions in a comment, and there's no relaxing the limitations of a comment. It's impossible to pull other Fediverse users into a private conversation by mentioning them if the top post wasn't targetted at them.

Even better yet: You can allow or disallow comments on individual posts (remember that a post on Hubzilla is only a post if it starts a conversation, not if it's a reply).

On top of all this, Hubzilla's filters are both vastly more powerful than Mastodon's filters and easier to use. Mastodon requires you to set up one new filter for each word that you want filtered. It's always blocklisting. And it's always account-wide.

Hubzilla covers Mastodon's entire filter functionality with one or two text fields. You have one blocklist for the whole channel. And you have an optional extra feature named "NSFW" with its own filter list that generated individual, reader-side content warnings for you. The equivalent of defining a new filter on Mastodon is to add a new line to one of these filter lists. Want to back them up? Just copy-paste them into a text file.

But wait, there's more: Hubzilla also has a channel-wide allowlist. If you only want to see certain content in your stream, you can allowlist certain keywords.

Hubzilla even optionally has one blocklist and one allowlist per connection. Imagine you could filter individual followed accounts on Mastodon.

Hubzilla's filter lists support regular expressions. There is also a "filter syntax" that lets you filter by whether a message is a top post or not, whether a message is public or private, whether it's a repeat (that's "boost" in Mastospeak or "retoot" for those of you who still have Twitter on the brain). The filter syntax even lets you use Boolean operators.

(streams) and Forte are similar. Their permissions are somewhat different (you don't need permissions for wikis and websites if you don't have wikis and websites). The permissions system is vastly easier to use because it's no longer template-based. You can simply switch permissions on and off for your channel as well as for connections. And you can choose to have even more options for reply control.

Again, all this exists in the Fediverse right now. And most of it has existed for longer than Mastodon. Some of this dates back to the earliest days of Friendica in May, 2010.

Unfortunately, next to nobody knows.

For most Mastodon features, the features that Mastodon has are the features that the Fediverse has. If Mastodon doesn't have it, the Fediverse doesn't. Not only is Mastodon the default, but there's nothing that strays from this default. That's why Mastodon users keep wishing for "the Fediverse" to introduce features which Friendica has had for almost 16 years already. Or which Hubzilla has had for over a decade.

In addition, probably not even 10% of all Mastodon users have ever heard of Hubzilla. Probably not even 1% of all Mastodon users know what Hubzilla can do. And even only the existence of (streams) and Forte is almost entirely unknown outside of (streams) and Forte themselves and Hubzilla.

#Long #LongPost #CWLong #CWLongPost #FediMeta #FediverseMeta #CWFediMeta #CWFediverseMeta #Fediverse #CW #CWs #CWMeta #ContentWarning #ContentWarnings #ContentWarningMeta #Hubzilla #Streams #(streams) #Forte #Permission #Permissions #ReplyControl #ReplyControls #Filter #Filters #MastodonCentricism #MastodonNormativity