Good bye, FediASINT!
This was fun, but FediASINT has achieved its goals and so was shut down. Thanks for everything, Fediverse!
We planned on running this tool for a few days until it made its way into Fedi meta. But y'all's reaction was far quicker and more intense than we could have ever imagined! Shoutout to those who realized that authorized fetch stops the crawler from fetching their posts. Technically speaking, we could have kept the party going, but it would require significantly more resources, and none of us consider it a worthwhile investment.
The funniest part was the right wing getting triggered by the word "problematic". It was our fear they would use our tool for malicious purposes. However, a single word in the announcement post helped us avoid that! Roughly 90% of the requests we received were for alt-right Pleroma instances.
The Gibson hinting at us being related to an intelligence agency is worth a separate mention as well.
The GDPR requests made very little sense to us, though were amusing to see.
The saddest part was Eugene Rochko blocking us for "doxxing", which we most certainly didn't engage in. We think that he considered us a PR risk, even if a minor one. That reaction was disappointing. But it is probably the fastest moderation action Mastodon.social has taken in years.
We expected at least someone to get upset by us using FingerprintJS, though it seems nobody noticed.
Otherwise, the reception was pretty much exactly as we expected. We wish we could participate in the conversation, instead of being an external observer. But we did achieve our goals: 1) successfully force a Fedi meta; 2) test our software architecture for resilience; 3) upset all the privacy fanatics; and 4) get more instances to enable authorized fetch.
We have one question left: why do all Fediverse software packages leave C2S API endpoints for favorites, reposts and reactions open? It is absolutely unnecessary. They are not used for federation; in Mastodon, they aren't used in the web app either (although it seems like that might change in the nearest future?). While Pleroma does use them, we do not consider their use-case worthwhile.
We encourage you to mail your software package maintainers to get that problem solved, so that we are the first (?) and last who could build a publicly accessible tool like FediASINT.
If anyone wants to chat, our email is still the same: email@example.com. Later!