242 comments

[ 4.5 ms ] story [ 252 ms ] thread
This is a new change? It's been like that for me ever since I knew of Instagram. You browse two or three images and plop you get a sign up screen.
What country are you in? Definitely never been the case in the US.
I don't know if theres been any recent change, but not too long ago, login is only required to view Instagram stories. Then they changed it to block location-tagged postings too. Which is a bummer, since I liked to use the webbrowser to browse location-tagged Instagram posts to discover places to eat at. I haven't used it much since, not sure if they added additional restrictions for non-signed-up users recently.
Oh nvm, I confused it with pinterest lol. I can't edit the post above any more. It's sad in general if platforms require accounts to view content.
> Then they changed it to block location-tagged postings too. Which is a bummer

Yes this was a bummer too. I used it all the time. Now I use hashtags which aren't as effective and I'm sure they'll shut that down too. O well, nothing useful really lost.

Definitely a new change, just last week I could look at user profiles without having to be logged in. Right now, it shows me an overlay asking me to log in.
It's new, I think since last Sunday in Switzerland.
I saw this behavior if accessed with a mobile user-agent. Switching to a desktop user-agent unlocked the thing.
BugMeNot to the rescue.
In 2019, with IP geolocation combined with mobile or email verification, BugMeNot no longer seems that useful.

At the moment its instagram.com logins have 35% or lower success rate.

BugMeNot only works for low-profile websites. Anything huge like instagram has protections against sharing accounts. (i.e: they'll block your account until you verify your phone number, friends, etc).
I haven't found a large site that that has worked on in years.
This happened to me recently as well... but it's not surprising(given FB's actions with their subsidiary apps)

Good thing I deleted anything Facebook related a while back.

If it’s free you are the product.

Not sure why people still don’t understand that.

It's too trite and has too many exceptions on both the free side (Linux, Wikipedia, heck, Hacker News) and the non-free (plenty of popular sites and apps that track you out the wazoo even when you do pay).
Linux - not a service

Wikipedia - community backed

Hacker News - we are the product. It's an ad space for ycombinator.

This sounds like "no true Scotsman." What part of "it" in the saying "If it's not free..." implies that the saying is not applicable to software or community-backed websites?

Surely the saying absolutely applies to free mobile games, free raffles at a car dealership, or free loyalty cards in stores. So it's not specific to "services."

Hmm ... very pinteresting news.
They also use meta robots=noimageindex,noarchive on every page without an opt-out which is so incredibly stupid and walled-gardeny for an image sharing site. I wanted to use Flickr instead but nobody else uses Flickr, then I tried making my own image gallery and I learned that browsers do not honor the JPEG rotation EXIF data and I don't want to write my own rotation/cropping code (that and Google completely ignores it), so now I'm trying Pinterest, but that one also wants you to log in to view full images.

Kind of silly I can't find a good image sharing site in 2019.

How about imgur.com?
Imgur's compression is awful, and especially on mobile, has a ton of dark patterns for logged-off users or anyone not using their app.

Personally I'm using Instagram for casual "here's my life" photos where I don't care about compression or any of that, Flickr for more curated public photos, and Google Drive as a secondary private backup.

Imgur requires you to provide a valid mobile number in order to create an account.
Christ. It's strange to recall Imgur's genesis on Reddit as a simple, lightweight replacement for all the obstacles and mess that came with Imageshack/Photobucket/other popular image galleries at the time. Shame it eventually bloated into the thing it was meant to remedy.
Well it happened in two easy steps: 1. They took VC money, 2. Reddit cut the middleman and offered direct photo sharing.

At that point imgur became less about easy photo sharing on reddit and others, and more about creating its own community.

Have you tried https://youpic.com/?
There's also https://pixelfed.org

It is decentralized and open source.

Never heard of this and love the idea. Thanks for sharing, will check it out.
Came across it because someone boosted his messages on Mastodon.

I loved the idea too, Mastodon is somewhat limited and if we can get more alternatives all the better.

(comment deleted)
Yes, PixelFed is great. Based on ActivityPub open standard you can self-host your own instance and federate it to the Fediverse.
Speaking of walled gardens. There is probably no service in this world that I hate more, as a non-user, than Pinterest.
Pinterest manages to do something horribly stupid and kind of abusive that I usually associates with adult sites ads: show you a preview of something that gets your interest, if you click to get access to it put you through a maze of forms and links all promising the result you asked for at the end, and then when you get to it they don't deliver and instead show other stuff you might like but really you don't because you did all that for this specific thing.

I don't get it. You have it. You know the user wants it. You know the user wants it very much, enough to go through all that crap. Yet you are going out of your way to not give him access, making him so frustrated that any hope of "but he will crawl around more and do more stuff" is quickly replaced by "he closes the tab in anger at having lost 5 minutes" ...

I'm sure there are metrics showing that it works, or maybe that it doesn't lose enough people to be worth changing, but it is so unnecessary.

They have actually had one positive influence on my life. After having dealt with exactly what you described a few times, I learned that I don't need anything that's on Pinterest. If a search results returns a pinterest link, I ignore it. If I can't find it anywhere except that link, it's as good as a dead link so I move on. This can be extended to much of the internet. So much peace now.
I’m the exact same. Over time I’ve been trained to ignore every link from google search results that points to Pinterest.
Why not use an addon? My addon removes all search results for facebook, pinterest
Sounds like my experience too. Any link on pinterest image, ie from google search is met with login/register form. Well pardon my english but screw that approach, pinterest doesn't exist for me.
It is one of my main uses of Pi-Hole: “never, ever let anything from that domain into my network ever again.” If I accidentally click a link, it doesn’t go anywhere. I use it for quite a few domains that show up in a lot of places, but have proven to be an annoyance. I’m believe Pinterest was one of the first to be added for that reason.

The ad blocking Pi-Hole provides is a nice bonus, too.

It would be cool if this could be extended to automatically clearing those junk sites off Google's results, maybe by querying for a few extra pages, deleting the garbage, and then re-assembling them into fewer pages. Google spam filters would be great, I could also put in a rule to eliminate any page title that starts with a number ("Ten great ways to...").
Google used to have a way to block sites from search results. Do they still have that option?
I wrote a userscript to do this if you're interested:

https://code.byuu.org/google

It blocks search and image results by pattern, and also removes the URL tracker wrapping wherever possible.

Same here, I have their domains blocked in my hosts so if I accidentally click I don't see anything.
I constantly tack "-pinterest" on to the end of Google searches...
I've added Pinterest to my reverse image search extension [1] to avoid having to sign up when there is no alternative source for the image. It returns Pinterest search results [2], and you can access the image directly from the image icon.

I plan to release the image extraction module in a separate extension, so you can just click on the page area with the image, and it opens the image in a new tab. This way you will not need to do a reverse image search to get to the image, or manually look for it in the page source.

[1] https://github.com/dessant/search-by-image

[2] https://i.imgur.com/L2wv2Wk.png

Brilliant, I didn’t know extensions like this existed.
Thank you for creating this, it's an excellent extension!
Thanks! Make sure to explore the extension's options, it can be configured to fit most use cases.
Don't worry it sucks as a user as well. Curiosity pushed me to use Google SSO to circumvent their crap one time, and they allowed themselves to subsequently spam my inbox with a flurry of emails. I proceeded to click the "unsubscribe" link in one of them, but to my surprise the spam kept coming. Turns out they have more than a dozen mailing settings and you have to painfully disable each one of them individually. Of course the simpler option is to mark all emails from pinterest.com as spam in the email client.

Especially as a site that specializes in hosting nearly exclusively non-original content, it's so ethically wrong for them to use such tactics.

Pinterest, Quora, Instagram, I never understood why people keep using these clearly unethical websites. Stop using them and other better alternatives will pop out, it's not like you depend on them like you depend on grocery shops or clothing stores. Voting with your attention is easy and cheap.

> I proceeded to click the "unsubscribe" link in one of them, but to my surprise the spam kept coming.

I despise it when this happens. The only solution is to create a gmail filter to catch the entire domain and archive it or mark it as spam. It's surprising how many companies willfully ignore the unsubscribe option.

(comment deleted)
I ignore any search result that point to Pinterest as, apparently, other commenters do. It looks like Instagram is now going to get ignored as well.
What about Twitter?

I just created an account with an email but after few minutes of clicking around it locked me out. I can only use it again if I give them my phone number, too -.-

As if this wasn't enough of their invasive procedures my profile officially says "Account is blocked because of suspicious behavior".

This is some advanced trickery to fool users into giving them more data than they intended to do when creating a profile and it sucks.

There are more examples: Have you tried browsing Facebook or Xing as a user? It's all a really crappy experience.

I think Twitter does that for some email services, definitely saw that behaviour with ProtonMail and Tutanota, Gmail was safe to use then (a couple of years ago, when I wanted to create a secondary account).
Ok as my domain is newly registered that could be a valid reason probably.

It's a TLD and no service like ProtonMail. Gmail would be the next party I don't want to share information with - I know those are complicated preferences from a "normal" point of view but I don't like to spread my data too much.

fwiw, this has happened to me a few times with fresh twitter accounts. In my experience, if you care enough and have the time, you will probably be able to get support to unblock your account without handing over your phone number.

I'm not saying this to defend twitter, this is definitely some aggressive, disingenuous behavior.

I just wrote a message to support and I will keep you posted about any updates.

Just to be sure I also ordered a free SIM card so I have a spam phone for these kinds of services.

Thank you for the advice.

As expected they did not give me the answer I was asking for:

"If you need to reset your Twitter password, please request a new one here: https://twitter.com/account/begin_password_reset.

If your Twitter account is suspended or locked and you are unable to access it, please log in to your account and use the following form to get in touch with us: https://support.twitter.com/forms/general?subtopic=suspended...

Because my account is "temporarily restricted" neither of the cases matches so I think this is their kind way telling me to f-ck off or give them what they want. I don't like these kind of games and I'm thinking about not using their service after all.

LinkedIn is comparably aggravating if you aren't a club member.
I have a browser extension which automatically removes any results from Pinterest in searches.
But pinterest really really wants you to log-in, does it not?

Another entry for the hall of fame is Quora.

Someone should make a bugmenot browser extension...

Now that Instagram has been totally Facebooked, I feel there’s a real gap in the market for what Instagram used to be.

Just want something simple where I can upload some photos, do a bit of light editing, apply a nice filter and share with friends. And also see a chronological timeline of stuff they’ve posted.

No likes, no engagement metrics, no personalisation, no skinner-boxing, no influencers.

Well aware this makes me sound old - and this hypothetical service will never make unicorn money. But I’d use it in a flash.

So VSCO?
VSCO costs $40 a month.
No it's free. They have a premium membership for $20 per year. Where are you getting your information?
Tying it to smartphones and camera apps sucks.
It is not tied to camera apps - you can just upload any image you have in the gallery. Also, you can upload from the web
Ah ok, is this new? For some reason I've had the impression that it was only usable on mobile, now I wonder why.
I recently started using it, and it does somewhat fill that itch of "looking at pretty pictures" that instagram used to fill (almost a year fb/insta-clean now). But to me it seem like a niche platform attracting photographers and creative people that showcase very good photos. I'm somewhat in that niche so I like it but when I stumble on the small clicks of people using it more as a social "hey frinds (insert "vsco girls" meme), here's what I ate for lunch, sucks to be you" I immediately think "hey, this is not instagram goml!". But maybe it is/will be?
(comment deleted)
Micro.blog seems to want to head in that direction - they're certainly on board with the chronological feed & "no likes / metrics" idea, and they have a way to import your photos from Instagram. The service itself is meant to be a social network that works via RSS:

https://help.micro.blog/2017/instagram/

But they make it really hard to even see that they have photo / Instagram-esque features, and it seems mostly connected with their iOS app Sunlit:

https://sunlit.io/

I used to be a member but found the service very hipster & Apple / iOS centric. But it might be what some people here are looking for.

A browser interface for uploading would be nice too!
Path could use a good comeback.
>No likes, no engagement metrics, no personalisation, no skinner-boxing, no influencers.

IG is the defacto "photo sharing" tool because it does all of these. What you are describing is closer to Imgur but they have comments and likes as well, simply because without there's no reason for people to come back.

I still use Flickr. The only place out there which doesn't want to immediately steal photo rights.
I still maintain that if only Yahoo had any intent to do anything rather than sit around back then, Flickr would have won in the field of photo sharing and photo social media, and it would have been a much better end result for the users.
Now that it's not owned by Yahoo any more but smugmug there's still a shimmer of hope for a revival.
Search engine and instant messenger - Yahoo could have been Google & Facebook if they had been managed competently.
Ah but they have previously. They (at the time Yahoo) used non Creative Commons Flickr images in ads. This made me delete my old school pre Yahoo account and remove everything I uploaded.
I was surprised that I can't share a HD image on flickr with someone on mobile and have them be able to see the full image. If I remember correctly, it shows them a bulky UI with a scaled down version of the image.
As a viewer (not sharer), I find unsplash to be very enjoyable and not getting in my way

https://unsplash.com/

And then there is also 500px, a bit more controlled but still very nice in my opinion.

I was very upset with 500px when they abruptly stopped allowing Creative Commons licenses and forced me to re-license my existing photos on the service.

Frankly I'm also slightly annoyed with Unsplash for reinventing the wheel with their own license instead of using standard CC licenses, reducing compatibility with other free culture projects.

>Kind of silly I can't find a good image sharing site in 2019.

Have you investigated paid options? Otherwise, it's kind of silly that people expect free image hosting years after everyone has started monetizing.

I had a really good paid experience with SmugMug, which is now Flickr's parent company.
It takes a couple of hours to write code to handle exif rotations.
(comment deleted)
in python I use pywand:

    def generate_with_wand(self, wand_img: WandImage):
        # create stripped down version of our image:
        wand_img.strip()
        wand_img.auto_orient()
        wand_img.compression_quality = 90

        thumb = wand_img.clone()
        thumb.transform(resize=self.size)
        thumb.save(filename=str(self.get_output_path()))
Exactly! I was including making test case images and writing tests.
So why can't browsers handle it? Now that I think about it, browser image viewers are pretty basic...
I was curious too and looked into it.

Someone originally thought it would be a good idea to ignore EXIF data, and by the time someone else cared enough to address it, they were worried about breaking sites that had bad rotation EXIF data if browsers suddenly started honoring it.

Mozilla tried to add image-orientation: from-image CSS for this purpose, so sites could say "no actually the EXIF data really is good", but then no other browser vendor followed along.

So as usual, everything in computer science is just terrible for the sake of legacy compatibility with the first implementations ever made.

Relevant Chromium bug: https://bugs.chromium.org/p/chromium/issues/detail?id=56845

It works fine when you open the image directly, but it will not apply EXIF corrects for inline images (<img> tag). There are JS libraries that load the image as file data to read the EXIF data and apply the correct rotation, but those fail in some cases (HTTPS trying to load data for an HTTP-linked image, for example).

> then I tried making my own image gallery and I learned that browsers do not honor the JPEG rotation EXIF data and I don't want to write my own rotation/cropping code

This just sounds like an excuse to yourself. It’s not hard to deal with this just strip out the EXIF data and bake the rotation into your images on upload. Problem solved, though I don’t know your experience level.

Or even just detect the rotation tag, leave the image untouched, and rotate it in CSS.
Too many edge cases I’d say.

Images really shouldn’t be stored anyway with rotation data in the EXIF. By pre rotating it you normalize and make it ready to use in any context.

The EXIF should be stripped out and used for other sorts of analytics.

And what's up with their hate of zooming images in desktop?

They HAVE the full res image. There's even bookmarkets to snag the image. What twisted product goal led to the current state?

I seem to recall vaguely that this redesign was part of a response to a legal challenge for copyright infringement from one of the large photo libraries.
Interesting. I have wondered how IG and Pinterest get away with hosting so many photos that weren't uploaded by the copyright holder. Was that the solution? Upload the pics at a degraded resolution and claim that it's not infringement?
The Write.as guys have been working on a good alternative with their Snap.as service [0]. It's tied to the blogging side, but looks like it'll be another simple tool that doesn't pull the same signup-wall crap as Instagram.

[0] https://snap.as

> Kind of silly I can't find a good image sharing site in 2019.

Flickr is very good. Amount of users doesn't really affect my use-case, which is offsite storage and being able to send links to my friends/family.

In fact it is maybe the only service that I pay for.

My guess is that it's to put up an obstacle against crawlers and perhaps also lower the cost of outbound traffic?
More likely it is to be able to create more complete visitor profiles and provide more value to advertisers.
It's one step as they gradually move Instagram to a place where they can effectively monetise everything, rather than it being open and free.

I think where they're heading is to monetise reach, so for anyone posting they will have to boost the post for it to go out to N number of potential user feeds based on how much they pay, same as with Facebook.

Its odd how it seems Instagram is now the biggest part of Facebook and Tiktok seems to be more polished and Instagram lagging behind, even more so with this.
(comment deleted)
This has been causing me a fair bit of inconvenience at work as I quit Instagram last year (decided it was toxic) but still need to research people/trends in my design job.

Guess I'll have to create a fake profile, which in a way will have the opposite of their intended "join the community" action point.

Goodluck with that. They ask for government issued photo ID in many cases for new accounts.
My instagram login made last week with a nonexistent email domain seems to work fine. Who cares if they ban it eventually!
I'm going to try this. I foolishly created an account w/ my FB login back in 2012, and although I rarely use it now compared to a couple of years ago, I would like to use it without it being tied to my personal email.
>Who cares if they ban it eventually!

They will.

wtf. that is creepy as hell.
How does something like this scale?

Does Instagram have a real person checking each one? If not, how would a computer verify that a photo ID was valid?

A real person, so it seemed, responded when I told them they were out of their damned minds.
If this is about the login overlay on people's profiles, you can just zap that with ublock origin.
>Guess I'll have to create a fake profile, which in a way will have the opposite of their intended "join the community" action point.

I don't think they care if it's "fake". They will still be able to uniquely identify you and correlate your activity against a number of other sources to build a more complete profile on you, including what you do on Facebook.

I find browsing IG on a computer to be a lot less habit-forming than pulling it up on a phone. And, if you open up the element inspector in your browser's dev tools, you should be able to view and download the full-resolution image. It's buried behind layers of nested divs, but you can still get to it.

Not surprisingly, they do everything possible to make the desktop experience god-awful.

I rarely check out IG, but one of the annoying things about the experience is when viewing videos. There is no volume control so you end up with whatever audio is playing at full blast. They also don't provide a slider for playback so you can't do things like rewind to a second ago.

I ended up writing a Chrome extension to avoid that mess.[1]

1: https://chrome.google.com/webstore/detail/ig-video-controls/...

FYI, you can only have 5 accounts per IP, so don't lose them (or just use a proxy to make a new account)
I wonder if this is somehow related to the "Wagatha Christie" scandal involving Colleen Rooney finding out who was leaking her private Instagram stories to a hostile press.
How accurate is the belief that logged-in eyeballs are profitable, but logged-out ones aren't?
No idea, but the parent company follows the same strategy - Facebook also nags you obnoxiously to log in on public pages, but it's not a requirement (probably because it would hurt the many "we-were-too-cheap-to-build-a-proper-website-but-here's-our-Facebook-page" businesses too much).
I suppose they are trying to bully non-users to create an account to view the next popular instagram page that all the cool kids started following last night.
That way they can reach people with their marketing even when they aren't visiting the site because they got their e-mail address at registration. That doesn't mean profit, but certainly more chance of it.
You can still be tracked & advertised to if you're not logged in, but once you have an account it's easier to build up your marketing profile and show "more relevant" adverts & sponsored content, which drives the larger advertising revenue.
This reduces the amount of total eyeballs though... potentially by a significant amount. For ex anyone sharing a picture on Twitter or FB will only be able to show it to their followers with Instagram accounts.
And so yet another thing Facebook touches turns into garbage. This is from the same company that promises transparency... yet buys up their competition and does this (and shares data between Whatsapp and FB). They really have no moral compass, do they? Name the engineer or product manager who did this. Name and shame.
This looks like a result of linkedin scraping case. Although I hate walled gardens, in the age of facial recognition etc, I hate some random scraper have my photos more.
Yes and those annoying Instagram scrapping copy websites which just make a copy of Instagram
(comment deleted)
> I hate some random scraper have my photos more

On the other hand, you can't scrape YOUR OWN photos either.

Instead of complaining about scrapers, how about not uploading things you don't want scraped?Though i'm not a scraper, I can mildly understand the "annoyance", but it's absurd to assume something you post on your own to not be downloaded by somebody.Is it that different between a person simply downloading one picture and someone scraping all your photos?(for whatever purpose)

This "hurts" instagram only in the traffic they receive.However i'm assuming they're also saving some money since they're cutting some costs.

The actual bad problem for instagram is that they're turning into facebook and it shows.One more reason to ditch big shitty corporations like facebook that make the world a pile of trash.

As much as I find this revolting, I just tried with a page in a browser I'm not logged in to anything fb and it still worked.

So maybe it's still being rolled out or limited to some profiles?

When it happened to me, it was only after I scrolled down a couple of screens after clicking on a few images. The first screen or two of images were still publicly viewable.
So they became the new pinterest?
I've never worked out how to use pinterest. It's one of those "successes" that I personally fail to see any value in. If I'm searching for something and I land on pinterest it's like hitting a dead end. I can get nothing useful from it and immediately go back and look elsewhere.
It works well when you're logged in and use the iPad app.
Support the federated alternative that is being built based on the same technology (ActivityPub) as Mastodon and Peertube.

[1] https://pixelfed.org/

[2] https://github.com/pixelfed/pixelfed

Kay man, surely all my friends will be there
sups easy to get my 90 year old grandmother to switch over to see pictures of my kids
> Fan: Why don't you follow anyone on twitter? > Eminem: Always be a leader not a follower.

https://twitter.com/emin3mquotez/status/415206423342366720

That aside, if not now, when? If not us, who? Someone has to start it. None of my friend were on FB when I joined it.

If nobody was a follower, could there be any leaders?
The sad reality is nobody wants to use a platform that their friends mostly aren't on.

Nobody really uses facebook because it's just so amazing, but because almost all of their friends and family are using it. (and facebook groups, many, many people use facebook for organizing meetups because it's free and... everyone's on it). It's familiar and easy, no complex things like federated servers to choose from. Just one central site.

In real life I told some friends I left facebook/twitter, and they were like "ok". ¯\_(ツ)_/¯ Few people are just going to stop communication with their social group over principles or whatever. I stopped using facebook because I was fed up, but it sucked not being in the group chats for the communities that I was involved in. I had to work harder to keep abreast of what was going on, and it still wasn't the same. If I had kept on organizing and hosting events it would've been impossible.

Things like meetups are possible on meetup.com, etc, for sure, but now I'm not privy to anything on facebook, and I have to pay to have my own group. Very few people are going to make that decision. I know people who still have fake accounts just to access fb groups, but not deal with the rest of facebook.

Bridges are likely the only feasible way forward, but even though mastodon has one for twitter adoption hasn't really happened.

Overview of the available instances: https://fediverse.network/pixelfed https://the-federation.info/pixelfed

App with Pixelfed support for Android: https://fedilab.app/

Public profiles are public on Pixelfed: https://pixelfed.social/ubports

i just get an account creation screen on the pixelfed.social site
Will pixelfed ever support "stories" ? I kind of became addicted to stories on Instagram, although I admit the old gallery-only is less stressful
Get your own website, so you'll have a place for those who just want to check you out without paywalls, loginwalls, any kind of walls.

Add https://fed.brid.gy/ & webmention support, so you'll be @your.domain@your.domain on activitypub (read: pixelfed, mastodon, gnusocial, whatever) so the "fediverse" can follow and interact with you.

Add h-feed markup for your website, so indieweb can follow and interact with you.

Keep RSS & Atom feeds, so anyone oldschool can follow you. I'd love to add keep pingback... but that is insanely spam-prone.

What's a good Instagram alternative with ActivityPub support? And what's a good instance to join, since I don't necessarily want to self-host just to test it out?
Every time federation comes up, I always ask where the bridges are that allow "following" people on the non-federated sites (e.g. Twitter), and the answer is always vague and non-specific, suggesting that such bridges exist without any information about using them.

I'd love to see a switching guide for, say, Twitter, that specifically says "here's how to transparently follow people on Twitter, and here's how to have your posts show up on your old Twitter account". Or similarly, if you're switching from Instagram, how do you follow folks from Instagram and automatically post to Instagram?

Perhaps you have misunderstood the purpose and implementation of federating sites like these?

Your question sounds like someone asking how a user of a newly opened Facebook account can follow people on Twitter. They're entirely different services. The federating, or not, is immaterial.

The first part is the alternative service.

Mastodon is an alternative to Twitter, presented in a Twitter-like format and flow. People who use it do so because they want to avoid the restrictions and cultures of Twitter. They don't want to post the same content across the two services. They don't want to interact with Twitter. They want to be on Mastodon.

The second part is the federating of the service.

Instances of Mastodon are spread around, hosting a set of users on their individual servers. Each of those instances can then communicate between with the others, intending for you to be able to follow and interact with users on other Mastodon server instances as transparently as those of your local Mastodon server. They are still interacting within the Mastodon environment.

> Perhaps you have misunderstood the purpose and implementation of federating sites like these?

No, I absolutely understand how federating sites work, and don't need the condescension.

It's common, in many types of federated reimplementations of non-federated sites, to create special-case bridges that allow treating a large non-federated site as if it were following the federation protocol, precisely to help people migrate and to continue interoperating with users who are on the non-federated site.

In the specific case of ActivityPub, there are multiple bridges that allow following Twitter users as if they were part of the fediverse. Multiple Mastodon users I know have mentioned them. People just don't talk about them very clearly, or document them in migration guides. Hence my comment suggesting that.

If specific portions of the fediverse want to avoid ever interacting with Twitter bridges, they can absolutely do that, just as they can avoid interacting with other portions of the fediverse. But it would be helpful if potential new users had some information they could use to migrate more smoothly.

Apologies. I didn't mean to sound condescending. It just seemed like a desire to do something so entirely at odds with the two approaches to online interaction (open, user controlled, non-hierarchical vs closed, corporate controlled and top down implementations) that it confused me.
"...so entirely at odds with..."

That sounds a bit like "why would you even want to run Photoshop on Unix? It's not open source! It's an entirely different philosophy!"

Many people balance different needs and values. Someone might like the idea of open federation but still need to follow people on Twitter for their day job, or simply follow a thousand interesting people that they don't want to simply drop just like that, to enter into a comparative wasteland.

Providing people with half-way solutions actually encourages more people to come and transition smoothly.

> People just don't talk about them very clearly, or document them

Because I am pretty sure it violates Twitter API use. Twitter has no incentive to allow data moving off their network.

> It's common, in many types of federated reimplementations of non-federated sites, to create special-case bridges that allow treating a large non-federated site as if it were following the federation protocol

The non-federated site has to play along with the federation standard for this to work. Just like Compuserve or AOL, which provided both proprietary "walled gardens" and (increasingly over time) interoperability with federated services like e-mail.

It doesn't have to play along; it just has to have enough of an API to extract the necessary information. The idea of the bridge is to translate between the standard everyone else speaks and the API of the big non-federated site most people use.
There is no bridge. I highly doubt the Twitter API TOS would even allow it. What you can do is get a client that supports both Mastodon as well as Twitter. I recommend Twidere on Android.

https://f-droid.org/de/packages/org.mariotaku.twidere/

There sort of is although I don't know why anyone would want it.

https://github.com/renatolond/mastodon-twitter-poster

I actually have my twitter and mastodon accounts linked with this, but I assume a bridge like the other commenter requested would allow to follow any twitter acount from your Mastodon account.
Ah yes. You're right, certainly would be stopped by Twitter even if technically possible.
It doesn't seem likely that Instagram or Twitter is going to go away tomorrow. Posting to Twitter and Mastodon means that eventually there would be content and interactions building up over time.

There seem to be two problems with replacing Instagram or Twitter. The first one is money to run servers, fight spam, handle subpoenas, etc.

The other one is having an authoritative directory. How is anyone to know that "ClearAndPresent" on Twitter is the same as "ClearAndPresent@SomeRandomInstance.mastodon"? An obvious way would be to send a DM to a Twitter account but it seems likely that Twitter would shut that down pretty quickly. We've all heard the stories of Facebook (and LinkedIn and ...) pillaging Gmail for contacts.

After the recent LinkedIn scraping court rulings, it seems Twitter should be legally scrapable. Twitter is largely public content submitted by their users, which Twitter does not own. It’s plausible this is why Instagram removed public access.
yes, twitter should be legally scrapable.

however, no-one but google actually has the horsepower to do it. You'll be playing an arms race with their devOps team if you try at scale, because they'll say you're degrading service and that IS illegal.

so, while it's a nice legal victory, it's a moot one for things like twitter.

Bridges are a (very necessary) migratory tool, but you're never going to get perfect connectivity while living in a walled garden, because the whole point of a walled garden is to block connectivity and interoperability. The lack of good controls for cross-posting across Twitter/Facebook/Instagram is one of the central problems (no pun intended) that these federated services are solving.

Some bridges do exist (see Matrix connectors), and I agree that it should be a very high priority to add more of them and improve the existing connectors.

But it's also important to understand that, yes, they're messy, and will probably always be a little messy -- because the services they are connecting to don't play nicely with others. If Twitter had an amazing 3rd-party API that anyone could use to write a custom client, view content, export data, and filter posts, then it wouldn't be as big of a priority to get off of Twitter.

However, all of that being said, I too would like to see more guides here. I spent a long time following Matrix before I realized there were public Discord bridges that could be used without even hosting my own server.[0] I just never saw it mentioned anywhere.

The publicity/documentation around this stuff could improve a lot.

[0]: https://t2bot.io/

With enough users behind it, social media sites would see the need to integrate into the federation instead of remaining walled.
How mature and functional is it now? I recall looking at it in the past and seeing that it wasn’t ready (I’m perhaps not recalling things right). In the list of instances, the one with the highest number of users, pixelfed.social, seems to have less than 10 posts per user (in total), on average. Sounds like adoption is not even as good as Mastodon yet.
Are you aware of any mobile apps for Pixelfed yet?
I have started on one based on the work I did for the PeerTube app [1] but I have not released anything yet as pixelfed it self was too much of a WiP. I will start the project up again in a little bit when I have some time.

[1] https://github.com/sschueller/peertube-android

Why thwe focus on photos instead of images?
Offtopic question.

All Instagram images and videos appear to be hosted a publicly accessible storage even those of private profiles. You just need to know the URL.

Is this security by obscurity really enough?

I've wondered about that on several sites.

So it's true that it still requires:

a) a user who should have the URL give it to them

or

b) person 1 guessed the URL, like a password since it's usually a long url with a GUID of some type.

But is that acceptable for some reason? Easier development?

Because otherwise you need to:

a) issue one time/short lived token for accessing an image on S3 for instance, for all the images that will be shown on a page when a page loads for an authenticated user.

or

b) proxy the image requests by making an api endpoint for image names, authenticate those requests, fetch the image from a place only the server has access to and stream the image data back.

I would say so, the URLs are pretty darn long:

https://scontent-arn2-2.cdninstagram.com/vp/5932ec6f480e416a...

It's not obvious how likely it is to guess a valid URL, but even if it's just the first path, its still 128 bits (assuming a hexadecimal alphabet). According to [0] there are 50+ billion photos uploaded to Instagram. Even if we assume 10 000 billion posts (200x margin), 10^13 is a very small number in comparison to 2^128≈3.4*10^38,

[0]: https://www.omnicoreagency.com/instagram-statistics/

(In the the URL above I've changed one character, yielding it invalid, leaving it as an exercise for the reader to figure the missing one out.)

(comment deleted)
Well, you can log into any website by just guessing an unguessable token and setting a cookie. That's not what people refer to as obscurity, else all cryptography is just security through obscurity which makes it a useless distinction.

You can make off with millions of dollars in bitcoin by guessing numbers correctly. It's public and yours for the taking.

That's not what "security by obscurity" means. (I had the same question a while ago about something similar, so I learned the distinction.)

If my secret is kept at "example.com/sadf23s[...long uuid...]" then that is not an example of security by obscurity, any more than a username/password combination is. Indeed, my long url is almost certainly much longer than the majority of user's username/password combinations.

It is potentially sharable, if that's something I'm concerned about, but that can be managed via cookies, timeouts, single-use urls, etc. And I also might be ok with it being sharable, just not discoverable. (e.g. Google Sheet's distinction between "anyone with a link can access" sharing and "anyone on the internet can find and access.")

"Security by obscurity" refers to relying on some part of your architecture or code being obscure. E.g. hoping that no one knows what static salt you use in your simplistic hashing function, or hoping that no one learns that there is a page called "s3cr3t-admin-access.html" that lets you get into your site without a password.

The usual test is: if an attacker had access to all my source code, could they get in? In the case of randomly-generated uuids as urls, the answer is "no."

"System security should not depend on the secrecy of the implementation or its components."

Odd, private firefox search and opened https://www.instagram.com/kimkardashian/ just fine. I know, dumb example.
Yes, same here.

Try scrolling down a fair bit and you will see it. (happened to me on second "loading" of the next "page" of pictures)

Yes, after scrolling 2-3 pages down the message appears. It won't go away. The only way to bypass (on a PC) it is stop scrolling right before the message pops-up, click on an image and then click on the right-arrow to move to the next/older photo. You can see all photos like this (and vids etc.) just fine, as long as you don't scroll down any more. You game the system by moving "horizontally".
I saw a login prompt flash then immediately gone. I wonder if my adblock shut it down
Depends on your IP address, even in the same country :/
"The photo-sharing social network has begun locking down its platform by preventing signed-out users from having unlimited access to public profiles.As a result, you’ll now be prompted to either sign up or login after viewing a handful of photos and posts via mobile or desktop web. Worse, there’s no getting around it."

I don't like the change, but it's about 36 photos which is quite reasonable.

Pinterest did this as well. I also noticed they started to aggressively stick ads in the main feed of their mobile app around two weeks ago - like each third post. Instant uninstall.
Good luck. I temporarily disabled my Instagram account and can’t recover it. The process is supposed to be just login again, but it hangs because I had two factor Authentication enabled. My account is now in a limbo. There is no proper support channel for this problem. And the form they provid for help on the app just give an “invalid parameters” when trying to submit, but the funny part is it’s hidden behind the iPhone X notch, only found the error because I took a screenshot. Instagram always been like this? or is this sign of Facebook tighter grip on it?
Instagram also shut down their public api last year and are deprecating the graph api in a week. (5 Nov) https://developers.facebook.com/docs/instagram-api/

The new api has no access to consumer (non-Business or non-Creator) instagram accounts.

If Facebook offers a public API, people will complain that Facebook hasn't learned their lesson from Cambridge analytica. If they don't, then they're accused of having a walled garden. Damned if you do, damned if you don't.
I thought Cambridge Analytica had access to far more data than was available on the public API which is what made it so controversial?
Yes, that was precisely the issue.
CA had access to information they never should've had. Just like phone apps having access to a Contacts API that they never should have that kind of access to.

Having a tightly managed API would be just fine.

> The new api has no access to consumer (non-Business or non-Creator) instagram accounts.

Good.

Where does it say they’re deprecating the graph API on Nov 5?
Yup, I recently tweeted about this. Their previous API was much more pleasant to work with. IMO a 'personal use only' account type with a limited data scope would be a great option to have. Thus far, I can't get my 'app' authorized for personal use despite it being only for a page on my blog. I've given up trying to use their API. I'd like to just scrape my photos now but I'm not sure if even that's a possibility.

https://twitter.com/jonlprd/status/1184547466244448257

uBlock Origin `uBlock Filters - Annoyances` filter list (Not subscribed in a default setting) has a filter[1] already to override this dark pattern.

[1] https://github.com/uBlockOrigin/uAssets/commit/05a3fea080d06...

Is that in the "anti-facebook list"?
> Is that in the "anti-facebook list"?

I have no idea if it is in that filter list or not as I don't use it but if you want to add the 'uBlock filters - Annoyances' list to your uBO setup follow steps below.

1. Open 'uBO Settings'

2. From within the uBlock Origin Dashboard, Navigate to 'Filter lists' tab (should be second tab)

3. Expand the 'Built-in' filter list options by clicking the '+' button next to 'Built-in'

4. Check the option for 'uBlock filters - Annoyances'

5. Hit 'Apply changes' button in top right corner