• 1 Post
  • 29 Comments
Joined 1 year ago
cake
Cake day: June 17th, 2023

help-circle
  • So, obviously an anti Lemmy bias there, and not entirely true, but there are some aspects of federation it can be dangerous to ignore.

    There is a different primary privacy focus here, and it provides an extreme level of privacy but places an extreme level of responsibility on the user for their own privacy, more than most places.

    There is a distinction to a potential scrape and a system designed to duplicate, often irreversibly at submit.

    There are also other things people are often not aware of and the community is not doing a great job communicating. Admins are not doing a great job of protecting themselves either.

    For instance many, still don’t know votes here are entirely public.

    If you understand this all and are comfortable, great. Many do not prepare themselves and would engage differently if they had a better understanding.

    For a take by someone who is pro-federation but not ignoring these concerns see: https://lemmy.ca/post/948217


  • I feel you didn’t read the original post. It isn’t about expecting privacy, it isn’t a criticism of the fundamentals of Lemmy as many seem to be taking it (there are many ways I explain how it is more private from being tracked and profiled).

    It is about understanding how privacy is maintained on a federated platform.

    Many users coming from other platforms do not understand the mechanisms here and how they are different. Take a look for the comment here about vote privacy, which many assumed was private due to coming from a platform where this was.


  • ceddit and others you have noted historically have broken for a variety of different reasons, and the others are are currently not functioning as the API they used was banned May 1st. Pushshift, which these services often used, had a mechanism to remove sensitive data you accidentally posted or otherwise wanted removed.

    Archive.org is not searchable, not indexed in mainstream search engines. Also would be responsive to legal requests. It is hard to get a complete profile history on someone.

    All of these external sources require a great deal of extra effort from someone to pry.

    The concern to be aware of here isn’t that it could be scraped, which yes it can. The concern is that it is duplicated by design, wide and broad, on a platform that somewhat functions as a single entity, the instant you hit submit.

    People make mistakes. The Unabomber got caught by doxxing himself with a single phrasing of an idiom. Not complaining, simply saying “be very, very, very, very, very, very, very, very, very careful here”

    And ultimately this comes down to different conceptions of privacy, sure, but one of these conceptions is suspiciously impossible to fix yet simultaneously deflective of the other, that other being directly beneficial to companies and any seeking to control mass populations.

    Exactly. The privacy goal on federation is different. If people are educated, they can be safer.

    You can’t eat your cake and have it too.


  • I’d also argue stalking has more to do with the mental health issues of the stalker than the victim being to blame for how they interacted with the world. We don’t tell a student not to participate in lectures because someone may latch onto something they said and become infatuated. We punish stalkers instead.

    If someone is aware and engaging to their comfort level, no matter how open, I would not blame them, the victim, for being stalked. If someone wanted to be cautious, but they didn’t know the risks here, I would feel guilty for not educating them on how they can protect themselves.

    Idk this is a ramble. I see so many things so often that used to be personal responsibility on online safety, that instead of teaching the skills we make tools. And i feel like not teaching good personal safety and protection is goong to doom any project ultimately.

    You can’t fix ignorance without education.

    Which is the entire point of my post, to encourage education in this space (which again, again, again, is different than what many are coming from with its own unique set of risks)






  • Yeah. I can see a case made on either side.

    This is the point I am trying to drive home. Even with zero comments, zero posts, you could doxx yourself accidentally with votes alone. You came here from another platform and had a certain expectation of how privacy works here. It does intuitively feel like it should be private.

    You are trading some privacy for censorship resistance and community safety in this case, because the goals are different here.

    If you trust your admin to keep your IP and email private, and you manage your comments and posts carefully, I encourage you to let your voice be heard and upvote every sinnerdotbin’s pantless picture post of the week (just don’t like the posts in a different, very small and niche category that can link to you publically as you are the chair of the board at never-nude.social, and there are only 5 members who always like the same posts) . If you are in a country where that support might end with you in a work camp, I’d maybe advise against it in case your local turns out to be a honeypot.

    There is a privacy component to federation that the world really would benefit from, but it will be lost if people are not informed. Incredibly private if you are aware how to navigate it. Horrible if you aren’t.



  • It’s the same camp.

    I’m not making the claim other platforms are better because you might be able to slip in a ninja edit before it is captured. I am making the claim that if you are not on high alert here, more than ever, it will bite you.

    For better or worse, some people are coming here from other services expecting a measure of control of their data that you don’t get here.

    The experimental aspect of this space is the other thing I feel warrants more explicit warning about, and noted in my policy template.


  • Votes are entirely public, Lemmy just made a UI choice not to show them. They show up if someone views it from kbin and ultimately something that could be mined from a self hosted admin.

    I think this information may make some of those who profess “everything is saved on the internet and why care change their tune.”

    Saves I am not sure about yet. Think that may be locals only.

    Edit: community subscriptions are another. I believe the admin that hosts the community has access to the sub, but this may also be available to anyone self hosting. Haven’t confirmed anything regarding subs yet, maybe that is locals only too.


  • Like, IP addresses. If you sign in to YouTube from a phone with account X at IP I and also sign in to a Lemmy instance from that IP, then from another IP, also sign in to both your YouTube account and your Lemmy account, maybe repeat the process a few more times, chances are pretty good that the YouTube user and the Lemmy user are the same person.

    Yeah, all part of managing your own privacy and understanding when your IP leaks from Lemmy.

    Or via email addresses (Because remember that email you used to sign up with? Did you use that email account anywhere else?)

    The hope is your admin is responsible and guards your IP and email from being public. That responsibility would be what an admin is highlighting in a policy.




  • If you self host, or find an admin you have incredible trust in, you should remain untraceable if you manage your engagement responsibly.

    Though another thing I highlight in the policies is this is experimental software. Leaks can and will happen. We have a voice and can play an active part in preserving that privacy.

    Recorder is always on by default with your engagement; recorder is always off by default when it comes to things that automatically identify you. It is the opposite in a monolith service.




  • I don’t think the word “privacy” is a good word for the concept. I believe “user data control” or “right to be forgotten” is more appropriate for the “deletion issue”. However, there are few privacy issues such as instance admins having access to private messages and the potential for a hack to expose users e-mail addresses and usernames.

    This has been debated, and is very dependent on the context. It is a very broad concept to try to address and the lines do get blurred on the definition of what is “private data”. The hope here is to partition the responsibilities of the admin from the user.


  • Me too! The world is different now.

    Existing social media never really gave you a real edit/delete button anyway either. It’s all anonymity theater. The reality is that your data was always being scrapped and archived, somewhere by someone. This is just a reality created by digitization and virtually free recording/copying. No specific digital medium was ever going to protect you from this.

    I explain the distinction to federated in the post. It is very different than a scrape or archive.

    In the early days of the internet, everyone knew to use pseudonyms and not share personal information. We seemed to have forgotten this lesson. Maybe it’s time to relearn this lesson. Life is full of lessons. Let this be just one more.

    Exactly. I am bringing awareness back to this.

    No one should fool themselves into thinking they can use a pseudonym and not eventually doxx themselves accidentally if they have any level of engagement. People have grown accustom to being able to somewhat reverse that mistake. Many are also not accustom to their interests, their votes, and their voice is all retained, in one, easily digested and public place.