It’s developers working on their time to build an app they want. You don’t have the right to demand they do things your way.

Mastodon and friends are built as open conduits with very little in the way of safety or permissions. Spam should be expected.

It’s not a Fediverse vulnerability. It’s a Mastodon vulnerability. Don’t want spam? Use a better fediverse technology.

Conversations, Cheogram, Dino are the ones I’ve used.

That’s lip service to privacy with spyware in reality.