Add ability to hide source application

[jomo]

Revealing the source application of toots could be considered (low level) unwanted information disclosure. Some users might like showing which apps they're using while others might argue that it's nobody's business which app a toot was sent from.

For Twitter, there are actual tools that gather this data and show which applications a user uses to what percentage – or even at which times of a day, which can be used to gather information about this user. There are crazy people on the internet and they use this kind of OSINT to find patterns in application usage (combined with other patterns) in order to doxx people.

Example: At which times of a day is a user probably at home (tooting from desktop) and when are they probably not (tooting only from phone for a while)? For how long are they leaving home each day and at which times? How many different devices (applications) does this user own? …

If a user decides not to reveal the application, it should be hidden from both API and the web interface.

---

• [x] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
• [x] This bug happens on a tagged release and not on master (If you're a user, don't worry about this).

[MightyPork]

for the record, this is how we could tell which Trump's tweets were from Trump and which from someone else: http://varianceexplained.org/r/trump-tweets/

[Sylvhem]

I think the RFC 6973 could be of use here. One of the main recommendation of this RFC is to reduce the data sent about users.

[ghost]

How about not recording it at all?
User-Agent strings will be sent to servers, but I see no point in all the "sent from web" "sent from pidgin" "sent via airplane" etc to be in the UI, all it does is to provide people potentially with the ability to gather data.

[jomo]

It's been a year since I filed this issue and coming to think of it again, I fully agree with @Sylvhem and @ng-0. I don't see any real benefit of this information being recorded and/or exposed.

I'd be happy to submit a PR that removes this.

@Gargron do you have any thoughts on this?

[trwnh]

@jomo I think there's a separate request to expand the from-client abilities to include muting by app source, so that you could mute "Moa" or "Mastodon Twitter Crossposter". (#8271) The problem is that right now, iirc, client names don't federate, and this info shows up only for local users. That was perhaps the biggest historical use of the source field, for 3rd-party Twitter apps to be able to mute crossposted tweets from Facebook or YouTube or other sources.

From a technical standpoint, application is already nullable and in fact applied to all remote statuses. I think application sources should be reworked to meet the following:

1) Always federate application, so that eventually they can be used as a muting criteria in a separate issue 2) Allow users to selectively remove this information if they want to, somehow? I'm not sure which way makes the most sense

[Gargron]

I don't see any real benefit of this information being recorded and/or exposed.

Reasons to expose application:

• Help promote apps (third-party app ecosystem). Mastodon does not have an official app, and cannot point everyone to one app they should download. Letting people see which apps other people use, is therefore the only way in Mastodon itself that any apps can be linked (other ways are all outside Mastodon itself, e.g. documentation)
• If an application you previously authorized suddenly begins posting spam from your account, it's easy to see which one it is

[jomo]

I think spam identification and application based muting are some valid points. I suggest that the account owner can decide for each application whether or not they want to display the source application publicly.

Something like this (the wording could be improved):

Of course, the owner would still be able to see the source themselves.

[trwnh]

Fixed by #9897?