A server is offering public full-text search of our posts
Will Murphy
Public
Seen by 73
Came across this post announcing a public, full-text, cross-server search feature. I tried their search and found posts from our server. Full-text search is a tool used by targeted harassment campaigns, and it has been purposefully omitted from Mastodon. The post says we can request an opt-out via our admin account
Poll Created Tue 8 Nov 2022 3:46PM
CWG to contact @leakix@infosec.exchange via social coop admin account to request opt-out of search indexing Closed Wed 9 Nov 2022 5:49PM
Thanks for your participation all. The operator of the service has shut it down per this message on their homepage, https://fedsearch.io
>Due to extreme backlash from the Mastodon community we decided to end the project, it is obviously not wanted by server admins.
So this proposal is now moot.
If you're interesting in managing the indexing of your public posts, be sure to visit https://social.coop/settings/preferences/other and check out the "Opt-out of search engine indexing" option. This will tell well-behaved search engines not to collect your posts or offer them in search results. However, this does not prevent a bad actor from ignoring the setting and aggregating anyway. Take advantage of Mastodon's post visibility options to limit the distribution of messages that you do not want to be easily accessible to the public: https://docs.joinmastodon.org/user/posting/#privacy
Results
| Results | Option | % of points | Voters | |
|---|---|---|---|---|
|
|
Agree | 71.4% | 10 |
|
| Abstain | 7.1% | 1 |
|
|
| Disagree | 21.4% | 3 |
|
|
| Undecided | 0% | 0 |
14 of 14 people have participated (100%)
Sam Whited
Tue 8 Nov 2022 3:50PM
Seems fine; posts and accounts can still be made private and discoverability while it can of course be a tool for harassment can also be a tool for finding interesting thoughts, conversations, and people to follow or engage with. Better discoverability seems good to me.
juniper cameryn
Tue 8 Nov 2022 3:53PM
Being able to find/be found by interests and topics without just hashtags sounds cool but I am more interested in minimizing the possibility of targeted harassment.
Eamon Caddigan
Tue 8 Nov 2022 4:28PM
The Fediverse has strong norms against full-text search. Regardless of how I feel about those norms (fwiw, I'm ambivalent), I think it's bad practice to break those norms and only offer the option to opt-out. The only right and decent way to introduce full-text search to this ecosystem is on an opt-in basis.
Giacomo
Tue 8 Nov 2022 4:46PM
I disagree with the idea, but I think the opt-out from that search engine should be an option for the individuals who prefer it. I would suggest to follow through with the proposal but in a different way
Will Murphy
Tue 8 Nov 2022 3:46PM
I need to rethink my vote after learning that their crawler attempts to honor the user-level search engine opt-out option found on https://social.coop/settings/preferences/other
(although at present it fails to honor it completely, I assume this was inadvertent)
Jonobie Ford
Tue 8 Nov 2022 5:13PM
I would change to disagree if it seemed like their user-level opt in/out was being respected (@Will Murphy 's comment that it exists but isn't working at all).
Moon Baron
Tue 8 Nov 2022 6:06PM
I concur with the points made by @sam and @giacomosansoni
Tom Resing
Tue 8 Nov 2022 7:43PM
They should honor the opt out found in user preferences and honor it completely (including boosted posts). I also posted in that thread that they should consider switching to opt-in for servers instead of opt-out.
shosha
Wed 9 Nov 2022 4:57PM
Agree with server-level opt-out in the absence of a fully functional individual-level opt-out. As others have said, also agree this kind of thing would be more appropriate as an opt-in (at whatever level). Also - seems like we kind of found out about this by accident? Is there anything we can do at the server-level to prevent this kind of thing? Or at least monitor for it?