this post was submitted on 23 Jun 2023
0 points (50.0% liked)
Fediverse
27848 readers
22 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
"Wants to post on a social media website" "Wants pure privacy on the social media website"
I'm not sure what the issue is here... Did you know that your ISP has a record of every website you've ever been to on a server you don't control and they can look at it whenever they want?
Did you know you leave a record of your device on any network you join, leaving a unique ID behind that can be mapped back to you? This record is stored on severs you don't control and the operatora can view this record whenever they want?
Did you know that the admins of raddle have access to all your comments and DMs?! And they can read them at any time?!
It is part of the purpose of HTTPS that your ISP does not have the URLs of pages you visited, nor the content of the data sent in either direction. That information is all encrypted from your browser to the web server and vice-versa.
Classically, they would have the domain names (e.g.
lemmy.world
) as you'd usually be using your ISP's DNS server; and even if you were using a remote DNS server the DNS traffic would be unencrypted.But these days, they might not even have the domain names, as DNS over HTTPS is a thing in many browsers today.
Yes there is a distinction between webPAGE and webSITE. Which is why I used site and not page. I never said they have the URLs, that was you.
I build and maintain networks for a living, so I know what the network operators do and do not have access to.
As a user of any network, you should be walking around under the assumption that every network is hostile.
Regardless, my point still stands. You should have no expectation of privacy when you don't control the system your using. Especially these self hosted federated systems. Let alone a public webform where your sharing your thoughts and ideas and other PII.
If you leave a trail of breadcrumbs, you will be found.
Unless the DMs are encrypted using your own keys, your DMs are one SQL query away from being nightly reading material for any instance admin.
That's the leading privacy concern with these systems. You might think your DMs are private, but unless their encrypted, any DBA can read them. You better hope the Admins of your instance have no voyeuristic intentions.