Post · bonfire.cafe

@bonfire@indieweb.social · 2 months ago

@thenexusofprivacy

That would be great to know.

Probably this requires blocking at every possible level to be sure (eg. robots.txt, user agent, IP ranges...) And if some bots are using ActivityPub for scraping we could also block their HTTP signature public keys?

We've prototyped a system that builds on Bonfire's circles/boundaries to define and enforce blocks at the instance, user, and post levels. Would love feedback and suggestions to make it stronger!

@rancidrabbit @cuchaz @FediPact

The Nexus of Privacy

@thenexusofprivacy@infosec.exchange replied · 2 months ago

Interesting, would love to find more about the circiles/boundaries-based prototype, is anything written up on that (or is there a repo to check)?

Agreed about blocking all the different paths. For the HTTP signature public keys, does that give any stronger protection than instance blocking?

@bonfire @rancidrabbit @cuchaz @FediPact

@bonfire@indieweb.social replied · 2 months ago

@thenexusofprivacy

Ah yes forgot to include the link: https://github.com/bonfire-networks/bonfire-app/issues/1412

And you're right, that'd be the same as instance blocking.

@rancidrabbit @cuchaz @FediPact

Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.1 no JS en

Automatic federation enabled