Poisoning and Privacy

SoniEx2 · December 26, 2023, 11:18am

If you’re familiar with extensions like trackmenot and AdNauseam, the TL;DR of this post is about extending their techniques to ActivityPub.

Poisoning is about changing the responses an instance sees when it is blocked, rather than outright rejecting the requests.

In fact, this technique already exists. You can use poisoning today with e.g. Support custom responses · Issue #1 · lexi-the-cute/block-meta-from-fedi · GitHub, but there is a caveat: this only provides passive protection. In other words, it only changes the responses that were actually requested.

We can go further. ActivityPub allows servers to push new posts out to followers on other instances. Thus, we can extend this technique to preemptively poison responses before they’re even requested. This would provide active protection, in the form of active poisoning.

Thoughts?

SoniEx2 · February 14, 2024, 12:27am

just came across a fully-featured implementation of activitypub poisoning: https://puckipedia.com/4th-wall--talki

really neat.

stevebate · February 14, 2024, 12:55pm

Is this based on authorized fetch and whatever domain is associated with the HTTP Signature?

SoniEx2 · February 14, 2024, 12:58pm

we believe so.

but in the context of poisoning, the system wouldn’t reject malicious requests, it would just recognize them and do something else in response. probably not much different from a “shadowban”.