Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Private/Locked accounts #1155

Open
muchmich opened this issue Aug 13, 2023 · 20 comments
Open

Private/Locked accounts #1155

muchmich opened this issue Aug 13, 2023 · 20 comments
Labels
feature-request A request for a new feature x:on-the-roadmap We're planning to do this but it may be a bit

Comments

@muchmich
Copy link

The option to make your account "private" as in only your followers can see your posts.

@muchmich muchmich added the feature-request A request for a new feature label Aug 13, 2023
@pfrazee pfrazee added the x:on-the-roadmap We're planning to do this but it may be a bit label Aug 14, 2023
@pfrazee
Copy link
Collaborator

pfrazee commented Aug 14, 2023

This is on the roadmap but it won't be in the near future

@atomicthumbs
Copy link

atomicthumbs commented Sep 6, 2023

It's kind of bizarre that the site shipped without a crucial safety feature like private accounts. I effectively can't use it as a social media platform without them.

As-is, if someone is stalking you on Bluesky, or sending harassment your way in some fashion, your only option is to permanently delete your account. Leaving users open to this kind of danger seems irresponsible.

@olucaslab
Copy link

Hello, it's been around 10 months since this, any update on this actual issue. Like @atomicthumbs said:

As-is, if someone is stalking you on Bluesky, or sending harassment your way in some fashion, your only option is to permanently delete your account. Leaving users open to this kind of danger seems irresponsible.

@qazmlp
Copy link

qazmlp commented Jun 12, 2024

I think this is to a large extent inherent to the architecture. Please excuse the harsh wording, but ATProto is genuinely a "privacy-last" specification where the concept of follower-approval and post privacy aren't meaningful, aside from temporarily deactivating an account entirely.

(Adding a locked account feature to apps isn't entirely impossible of course, but doing so with privacy would require at the least a parallel network with distinct architecture and protocol.)

That's not to say there wouldn't be any value in an appview- and app-side mechanism to limit exposure though, as long as it's made clear that it's trivial to circumvent with an alternative client. That may at least turn away the brunt of the harassment in such situations.

@olucaslab
Copy link

Thanks a lot for the answer, I was thinking about it and that maybe at-proto would be the 'guilty' for not getting this feature. What you said gave a new perspective of the issue.

@DeCat4
Copy link

DeCat4 commented Oct 4, 2024

Whenever this feature ships out and hopefully soon there should also be a remove follower feature and blocking should make a user unfollow you so if you unblock they aren't still following.

@dev0T
Copy link

dev0T commented Oct 9, 2024

As someone that had a stalker in the past, having a private profile is a must. I would even go as far as suggest an option to decide who will be able to see your posts like Mastodon has (for example, mutuals only).

@WAS-D
Copy link

WAS-D commented Oct 17, 2024

I think this issue/feature request is even more relevant/important and needed now. Specifically because of twitter's own privacy features (blocking) being removed, and a lot of people who are inherently more vulnerable to targeted/group harassment join bluesky to get away from that.

@MixxyManiac
Copy link

Here to support this suggestion

and adding my own words here: I very much believe that now would be a great time to have the option to change our account visibility, with both either "Public" (open to anyone) or "Private" (can access by user sending a follow request).

@Nekkowe
Copy link

Nekkowe commented Oct 21, 2024

Thanks a lot for the answer, I was thinking about it and that maybe at-proto would be the 'guilty' for not getting this feature. What you said gave a new perspective of the issue.

Mind you, the AT Protocol is also developed by Bluesky PBC https://github.com/bluesky-social/atproto/tree/main?tab=readme-ov-file#about-at-protocol

@Rohmaioi
Copy link

Rohmaioi commented Nov 8, 2024

hopefully comments/replies can be toggled to public or private (like instagram, private account comments are shown to public)

@LuisMayo
Copy link

I think this is to a large extent inherent to the architecture. Please excuse the harsh wording, but ATProto is genuinely a "privacy-last" specification where the concept of follower-approval and post privacy aren't meaningful, aside from temporarily deactivating an account entirely.

(Adding a locked account feature to apps isn't entirely impossible of course, but doing so with privacy would require at the least a parallel network with distinct architecture and protocol.)

That's not to say there wouldn't be any value in an appview- and app-side mechanism to limit exposure though, as long as it's made clear that it's trivial to circumvent with an alternative client. That may at least turn away the brunt of the harassment in such situations.

I don't know about AT Proto's shenanigans but I don't see why this couldn't be enforced Server-Side. ActivityPub does it. Sure, you have to trust all servers from all your followers, but it's stil a mile safer than doing it client-side

This is hurting adoption in some circles (specially queer/marginalized people) who are precisely the kind of people who're more likely to look for an alternative to Twitter/X

@atomicthumbs
Copy link

If privacy is impossible on ATproto, how did they implement DMs?

@Nekkowe
Copy link

Nekkowe commented Nov 15, 2024

If privacy is impossible on ATproto, how did they implement DMs?

Simple, they didn't implement them through AT Proto ("yet").
https://bsky.social/about/blog/05-22-2024-direct-messages
https://docs.bsky.app/blog/2024-protocol-roadmap#product-features

Basic "Off-Protocol" Direct Messages (DMs): having some mechanism to privately contact other Bluesky accounts is the most requested product feature. We looked closely at alternatives like linking to external services, re-using an existing protocol like Matrix, or rushing out on-protocol encrypted DMs, but ultimately decided to launch a basic centralized system to take the time pressure off our team and make our user community happy. We intend to iterate and fully support E2EE DMs as part of atproto itself, without a centralized service, and will take the time to get the user experience, security, and privacy polished. This will be a distinct part of the protocol from the repository abstraction, which is only used for public content.

@vinoff
Copy link

vinoff commented Nov 21, 2024

I am also adding my interest to this feature, namely: The ability to not allow other people to see our follows/followers.

Imagine you are in a more conservative country and you are gay/trans/whatever. Yet, you still want to see eye candy and follow some gay/trans/whatever people. You should be allowed to do so, in a somewhat private way. As it stands, you cannot do that, for fear of your friends/government/police/whatever stalking you and finding out about it and you suffering the consequences.

This should really go to the top of the list and be implemented as soon as possible, in my opinion.

@TogglesHappyZoo
Copy link

I really, really wish this would get pushed up the priority list. I have friends who desperately want to leave Twitter but haven’t explicitly because locked accounts don’t exist, AND they’re worried that Twitter is going to remove locked accounts, leaving them vulnerable.

I don’t know about other communities, but in my communities, this is the number one issue preventing Bluesky adoption as far as I can tell. Everyone keeps saying it will be really hard, but it’s a high priority for queer minorities, so it really should be an issue that’s tackled sooner than later.

@alastairvox
Copy link

alastairvox commented Nov 24, 2024

I have many users/friends that exclusively use twitter for the private accounts, it is a meaningful and non-replicable in a public fashion way of using social media that needs to be prioritized. Understandably AT protocol doesn't like non-public posts, but being able to directly authorize certain clients or allow certain users IS conceptually possible

@sambc
Copy link

sambc commented Nov 28, 2024

I don't know the underlying details of ATproto, so I can't comment from a real position of technical authority here, but with how I understand it works (with the Firehose at its core), in-protocol privacy could be done, but it would mean that every post from a private account was actually sent as a separate post for each account authorised to see it. So each new accepted follow would also generate a new instance of every existing post, as well.

The method would be by using keypairs - every account gets a keypair stored in the PDS, or at least the public part there. When a private account posts, it creates one post for each follower with metadata indicating which follower it is for, and with the post encrypted with that follower's public key. The follower, on receiving it, can decrypt it with their private key.

Not hideously complex to implement, but puts a potentially significant extra burden on the network/service, and with a lot of implementation wrinkles in terms of clients (apps) getting the private keys. And it's the people who follow the private account who have to make sure their private key is in every app they use, and entering the passcode for it if (as is sensible) they use a passcode.

But hey, this is open source, if anyone wants to do it and has the know-how and the free time, I'm sure they can offer a patch.

@Geist-Hund
Copy link

I've made an account, but I am very hesitant to really get into using bsky without any real privacy options. I do not feel safe on there as long as it's so open, and most of my friends feel the same.
It shouldn't be hard to implement something along the lines of follow requests for private accounts. Or, even simpler, the option to make individual posts private/mutuals only.

@C-crypto
Copy link

If the future private accounts implemented in Bluesky are like X, where the entire account is private, I would like to be able to “reject reactions from private accounts.”

In X, reposts, likes, replies, etc. from private accounts are not notified, and it is impossible to know from whom such reactions were made. Therefore, even if a private account sends us a malicious reaction, we cannot block it or take other actions because we do not know who sent it. Therefore, when private accounts are implemented in Bluesky, I hope this kind of harassment against individuals will be eliminated.

Possible ways to deal with this include a function to “reject reactions from private accounts” as well as “make it possible to know from whom reactions are coming, even from private accounts”.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature-request A request for a new feature x:on-the-roadmap We're planning to do this but it may be a bit
Projects
None yet
Development

No branches or pull requests