And it makes sense to me that a business would leverage that data in ways to benefit themselves.

Big fat nope on that one. This is exactly what the GDPR is about. I’m giving you my data for a specific purpose, and unless I tell you otherwise, you have no fucking business using that data for anything else. Gonna be interesting to see how this one plays out in the EU.

…I think you’re confusing GDPR and GPRS? Unless I’m being whooshed here

I mean… Yes? If there’s a way to do something without having to take my hands off the steering wheel I’ll use that

At the danger of being whooshed here - with Goat simulator specifically, I think it’s pretty obvious that the game is overall not meant to be taken seriously, including the title.

Never heard of that, thanks for bringing it to my attention!

Not really self-hosted in the typical sense, but Obsidian with the Tasks and/or Kanban plugin synced through a (self-hosted) solution of your choice could work?

Haven’t tried the whiteboard tool in Google keep (didn’t even know there was one), but the Excalidraw plugin for Obsidian should cover almost any whiteboard use case I can think of. A bit more limited but also good is the native Canvas plugin in Obsidian.

That’s how literally all language change happens? People just start using words differently or use new words, it slowly spreads, until a majority is using it. You can either embrace it and be happy you get new tools to express yourself with, or reenact the “old man yells at clouds” meme and be grumpy. I know which one I’ll choose.

Check out this one: https://thegradient.pub/othello/

In it, researchers built a custom LLM trained to play a board game just by predicting the next move in a series of moves, with no input at all about the game state. They found evidence of an internal representation of the current game state, although the model had never been told what that game state looks like.

Windows: “Time for updates! Stop everything you’re doing and please wait…please wait…please wait…please wait…”

How am I hearing about this all the time, but it has never happened for me? Every windows update for me so far has always gone the same, unintrusive way - when it’s time to shut down the PC in the evening, I notice there’s an “Install Updates and Shutdown” option next to the normal “shutdown” option, which I use if I’m not in a terrible hurry right now. Takes a little longer to shut down, next boot will also take a little longer, but that’s it. I’ve literally never had these unwelcome interruptions I hear so frequently about.

It’s a way to verify that an app, or any package of data really, actually comes from the source you’re expecting it to.

It’s based on some clever math, but basically, an app developer has two very large numbers that share a certain mathematical relationship, but if you only know one of them, it’s extremely hard to calculate the other one. One of those numbers (the private key) they keep securely to themselves, the other number (the public key) they publish permanently for everyone to see.

Now when the releases an app or an update to it, they put both the app and their private key into a special formula, which produces a new big number, called the “signature”. Then, they publish both the app and the signature to the play store.

Now, when your app store sees an update of the app, it won’t just blindly trust it, but first check that it’s actually legit, so that it doesn’t accidentally install a virus or something. To do that, it downloads the app and the signature, and puts them into another special function, together with the public key that was used to sign the version of the app that you currently have installed. Now the clever part is, because of the special mathematical relationship between the public key and the private key, this function can check whether the signature was in fact produced by combining the app with the private key of the developer, without actually having to know that private key. This way, it can now be sure that this app update is actually coming from the original developer - unless they have been compromised and their private key leaked.

So, technically, saying “it has the same signature” is not quite correct. The signature changes with every update. The thing that’s the same and allows to install the update is the key being used to generate the signature.

This I very close to how (asymmetrically) encrypted messaging works, btw. If you have a key pair like above, you can encrypt a message with one of the keys in a way that it’s only decryptable with the other one. This way you can have people send you encrypted messages without anyone else knowing the encryption key, not even the sender of the message.

For note taking, you might even get by without self-hosting, looking at software like Obsidian which works perfectly fine with just SyncThing to sync between devices, or just literally any other file syncing solution, self-hosted or otherwise.

You’re not getting my point - if federation wasn’t the goal, they wouldn’t even need anything like ActivityPub. It’s a protocol to allow different servers to talk to each other in a way that is just not necessary and way too much overhead if you’re planning to have an insular solution controlled by just a single entity anyway. Picking it as the protocol for internal-only communication between your own servers would simply be a very questionable architectural choice, Meta’s Engineers know better than that. Threads already works without supporting ActivityPub, so it’s obviously not needed for making the app run. Them also working on supporting ActivityPub is just creating an additional, public interface in order to connect to the fediverse, which they otherwise simply wouldn’t need to do.

Just noticed another possible confusion: ActivityPub is just a protocol, a definition of how servers can talk to each other. There’s no ready-made implementation that Meta could be using to get a headstart, they are most definitely developing their own implementation of it. So even if they were actually using it without wanting to federate, the only thing they’d be saving on is designing their own protocol, but that’s not really beneficial because then they’ll have to deal with a protocol that wasn’t actually made for their use case and according to their specific needs.

I know that, but if that’s not the goal, then what else do they hope to achieve by implementing ActivityPub? It means they plan to federate with the larger fediverse, and you can bet that there’s a carefully calculated business reasoning behind it.

ActivityPub was just an easy protocall to build off of quickly

If they didn’t want to federate, they wouldnt have a need for ActivityPub or any kind of similar protocol.

It’s not only IPs and emails though. Since users can put whatever they want in comments and posts, all of those must be treated as potential PII, and have to be included in subject access requests and deletion requests.

Genuinely curious, why do you not like PWAs?

I don’t think it’s quite that bad/simple. Viewing your main instance as the Controller and other instances as Processors in GDPR terms won’t work, because instances don’t have the necessary control over each other for that, as you say.

However, you could circumvent that issue by making the case that each instance actually acts as an independent Controller. By participating on a federated service, you are explicitly agreeing to the data you provide (your profile, posts, comments, etc.) being made public and shared with other compatible services. That should be enough as the basis for other instances to reasonably assume you want your data to be processed by them, which (I think, not a lawyer) is sufficient justification for processing the data independently, as long as it’s in line with how you generally expect the fediverse to work.

This would mean that each federated instance is its own, independent entity that processes your data, and to make use of your rights under GDPR, you need to do that with each of them individually. They effectively become their own “original data collection point”, in your words, even if that data collection was not explicitly triggered by you.

The only thing missing for that to be legal (again, in my layman’s view) is transparency about who’s processing your data and how, which is necessary under GDPR. Every instance that receives your data via federation would need to let you know about that, and make available to you information on how exactly your data is processed and how you can make use of your rights under GDPR with them. That, in turn, would probably be easiest if the protocol spoken between fediverse servers were extend with automated and standardized ways to propagate GDPR requests from your home instance to any other instance that is processing your data, so that you don’t have to actually deal with every single server yourself to get your rights enacted. Defederation in the meantime might be a problem, but there’s ways around that, too.

You play however is the most fun to you! Gaming can become so much more fun when you realize that different difficulty levels are there to serve you and your enjoyment of the game, not the other way around!

That’s the spirit!