I enjoyed reading this. Admittedly I'm very new to the activity pub protocol, but it's hard to grasp at first how this leak actually occurs.
I read this part of the activity pub spec and I think I get it, but not completely. So it is really up to the activity pub server implementation to strip the bto/bcc audience fields and do the "right thing" in order to preserve privacy? Could anyone shed some light on this?
https://www.w3.org/TR/activitypub/#remove-bto-bcc-before-del...
@[email protected] follows @[email protected]. pixelfed.social now receives all posts Alice makes which Bob can see. It has to, because it has to show these posts to Bob.
@[email protected] does not follow Alice. pixelfed.social has a bug where it's not correctly filtering out Alice's posts when Mallory visits her profile.
The root cause is pixelfed.social thinks Mallory is following Alice but mastodon.social thinks Mallory does not follow Alice. This is due to pixelfed.social accepting follow requests slightly too early in the handshake between pixelfed.social and mastodon.social.