The title doesn't even make sense. First, does "Every economist" mean literally every one? What does it even mean to be "on Mastodon", considering that Mastodon is software, not a platform?
Is the author really saying that every Mastodon instance on the planet has been compromised and scanned, and all instances of economists found, and their data downloaded? Or do we just not care about silly things like facts and correctness?
The article starts with a complete lack of context and without any explanations at all. It's as though we walked in to the middle of a conversation, and nobody bothered to recap.
The title is unclear because the author confuses Mastodon as a software with Mastodon servers. The majority of economists are on a Mastodon server called econtwitter.net.
It's worth noting that the author (Christopher Brunet) is an intentionally inflammatory right-wing commentator, not an economist. Do not take this blog seriously.
The short story: EJMR is an anonymous forum used by economists that occasionally has job market rumors, but is more often filled with sexism/racism/etc. They anonymized using a hash of IP + thread ID with no salt. Three economists realized you could identify the location of many posts and wrote a paper showing how much of the toxic language came from top university IP addresses. Naturally people on the forum (and sympathizers like this writer) are collectively losing their minds, realizing that they may not be as anonymous as they had assumed. So they are threatening legal action, claiming "doxxing", and writing stupid blog posts.
So in other words they did get doxxed, you're just happy about it. You say not to take the blog seriously but then affirm his claims
It's very short-sighted to gloat about someone else's anonymity being lifted just because you don't like them. You may not think you have something to hide today, but that doesn't mean you'll have nothing to fear tomorrow
The claim that this is "Every economist on Mastodon" is of course a stupid exaggeration, but it's still a significant enough event to warrant reporting
Saying they "realized you could identify the location of many posts and wrote a paper" is downplaying the situation. The authors essentially ran a lookup table attack, computing over 3 quadrillion hashes to crack the IPs. The website owner incorrectly thought and claimed this would protect IPs, which are PII.
Best I can figure it, an anonymous webboard for economists used lousy identity hashing and some data scientists wrote a security analysis showing that fact. Part of it was showing that, surprise surprise, a bunch of economists at big name schools were posting a bunch of middle school taunts of women and minorities. (Not much to do with Mastodon here except just as one among many services that has IP address info of users.)
That's basically correct. The one other thing to note is that many in the profession are now wanting to use this to settle their personal and professional vendettas under a culture war aegis.
The other thing is that allegedly (I am not privy to any details so this is only based on what I've publicly read) the posters on that webboard had exposed some plagarism issues of one of the authors of the paper that doxxed them.
One of the coauthors also operates a Mastodon instance with over 5000 economists signed up. His complete access to these people’s credentials, such as IP address, email, and names, makes it easy for him to cross reference these people in the webboard. People are questioning if he intentionally set up the server to harvest people’s credentials for doxxing.
Is the author really saying that every Mastodon instance on the planet has been compromised and scanned, and all instances of economists found, and their data downloaded? Or do we just not care about silly things like facts and correctness?
The article starts with a complete lack of context and without any explanations at all. It's as though we walked in to the middle of a conversation, and nobody bothered to recap.