With the #meta #Project92 or #Threads Fediverse offering, there has been a, well, robust discussion of how to avoid threats looming. Those advocating mass-preemptive defederation make three cases for it.

➡️ To avoid data mining …

However, defederation does virtually zero to avoid any big tech entity scraping all the Fediverse public social graph today - Want proof?

See here: is.gd/q8U2pv

But what if they merge that Fediverse data with their own internal data from IG isn’t that worse than just scraped data? They can do this now. They already have a frightening amount of internal data from inside IG, and as we said, virtually all of the public fediverse is scrapeable, and syncing those to datasets is unstoppable - with or without defederation.

The second argument:

➡️ To defend against poorly moderated P92 users & ad spam, which disproportionately impact marginalized communities.

This should concern everyone, especially for communities that have suffered great harm on bigtech platforms. www.newamerica.org/weekly/on…

But we have all the tools we need for that now - as users & as admins and deal with exactly this from poorly moderated servers EVERY. SINGLE. DAY.

And if we find ANY server not responsive THEN we block. Protecting our users is our 1st job but we have all we need - WITHOUT first strike defederation.

And remember we only have to protect the 1.3 million monthly active users inside the Fediverse. And we do that now every day. Spammers and toxic accounts inside the P92 network we or our social graphs don’t touch is their problem. Our problem is protecting our people.

And as new users migrate over the Fedivese we will scale to support them - which we need to build scalability of moderation out anyway.

The 3rd argument for defederation:

➡️ To defend against being “Embraced, Extended, and Extinguished.”

This is a real risk, and others point to Google and Facebook and XMPP, or Google and RSS Google reader. Where a big entity takes over, then rug pulls or extends an open standard slowly into a non-standard, non-interoperable functionally siloed service.

This is a real risk. But you don’t - and can’t - defend against this by defederation.

Why not? Because even if the entire existing Fedi pre-blocked them. Instagram has 1.6 BILLION users. If they push this, in one day just on their own they will be the size of the current Fedi’s monthly user base, and then grow from there.

Virtually Instantly, they become the biggest ActivityPub entity on the planet. With or without a mass block.

A Smarter Strategy Against “EEE attacks” than Premptive First Strike Defederation - that Still Protects Our People

So if we can’t stop the embrace, what can we do to combat the second “E?” How do you stop them from “extending” the AcitivyPub standard and twisting or crippling it?

This isn’t a new battle. Tons of efforts to use an EEE attack on open tech fail.

As others put it well #OpenSourceSoftware space has fought and won this battle many times.
And as Dave Winer the godfather of RSS & Podcasting said: “Podcasting has withstood countless attacks like this, and has always been left standing as unsullied as ever.”

We know how to win this.

➡️ First: Innovate and outcompete.

Especially where you can do things giants can’t. We can always outcompete Meta at being more private, ad-free, better moderated, and more open. We also need to compete on User Interface and User Experience.

XMPP may have been hurt by FB and Google’s rug pull - but my recollection was more like this user when asked why did XMPP die and SMPT thrived?

I was a weird XMPP nerd in high school and tried to switch friends from AIM. So here's my experience.
  • Onboarding was difficult. There was no obvious choice of server or client to use.

  • Adding friends was difficult. You needed to send a subscription request to a contact, and they needed to send one to you. If anything happened during this process, you couldn’t chat. * Popular XMPP clients, like Pidgin, also supported the other chat services (AIM, ICQ, MSN, Yahoo, etc) so people just continued using those.

  • Network effect. You need to convince a mass of people its better, otherwise, nobody’s using it because no-one uses it.

  • No obvious benefit to the user. It’s decentralized sure, but there weren’t many improvements over AIM that people actually used.

  • A lack of good iPhone XMPP clients.

In 2005 Google added XMPP support to Google Talk/GMail Chat and they were federated, but nobody federated back and they closed off its successor (Hangouts).

It’s eerie how those complaints - onboarding, confusing UX, the discovery of friends - feel akin to some made of the current Fediverse. We need to up our game all those issues fast…and I see promising signs we are. Fedi client and server software will need to just be better - something #OSS devs have done for years. And we can too.

OK, the next tactic we know works against #EEE attacks:

➡️ Having a broad set of OTHER allies inside the tent of stakeholders. Growing the base of those who “embrace” it to even out the power dynamics.

And btw, defederating developers PREMPTIVELY before they launch a single Meta Activtypub server, is the fastest way to make OTHER potential developers run for the hills. Actually to run to Bluesky.

And my last major tactic for this post:

➡️ Fediverse ActivityPub Standards Must Hold: We need to support our standards makers STAT.

The best defense against “extend” is a clear line of what we are defending. ActivityPub has needed a robust “test suite” to test compliance for a while & good efforts were unfinished. They need to be picked up at warp speed. To see an example of his working for other tech see: webmention.rocks

The creator of the Wordpress ActivtyPub plugin said that he wished he had this.

Until we get a robust test suite for #ActivityPub the risk is Meta or others “extend it” or the converse, support “almost all of it,” but miss crucial bits.

Dave Winer mentioned once that Google leaving bits of RSS support out of Google Reader hurt the effort for years. (But it recovered and #EEE failed over time)

I’m working with a number of stakeholders now to see if we can build out an alpha of just this. Is crucial work. Want to help? DM me at @techambers@indieweb.social on the Fedi.

Wrapping up: This isn’t a new fight. OSS devs have been here before. Many times. And won.

We have all the tools, development energy & moderation tech to protect our people we need - without first strikes.

We have past #OSS & open tech fights to learn off of & as others have argued well: being open - if they are - is a first crack in #Meta’s armor.

We may get a window - if we both protect our people & don’t act insularly - to run an #EEE campaign reaching out to THEIR users.