this post was submitted on 18 Jun 2023
4 points (100.0% liked)

Privacy

31991 readers
805 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I've been sent this article about privacy on Lemmy and I would like to have more opinions about it.

I come from the Matrix world where there is no history deletion neither but at least everything is encrypted.

Can we hope anything about privacy on Lemmy ?
Especially with all the attention it's getting right now.

all 18 comments
sorted by: hot top controversial new old
[–] 3migo@lemmy.world 8 points 1 year ago (2 children)

"Arguably worse for privacy than Reddit"

This poster clearly has some sort of vendetta against Lemmy and/or its creators with the comments on politics, etc.

Reddit takes your activity and packages/sells your data to advertisers. Lemmy does not. To say Lemmy is worse than Reddit for privacy is just not true.

I'd take that post with a hefty grain of salt.

[–] Generator 2 points 1 year ago

This poster clearly has some sort of vendetta against Lemmy and/or its creators with the comments on politics, etc.

It does https://join-lemmy.org/news/2023-06-17_-_Update_from_Lemmy_after_the_Reddit_blackout

Not taking sides, but saying that is worse than Reddit is more a vendeta than something else

[–] venoft@lemmy.world -1 points 1 year ago

On lemmy (and mastodon, kbin, etc) it seems like it's extremely easy for a third party company to datamine everyone's data, even deleted ones. Federated software is terrible for privacy because it creates hundreds of backups to the federated instances. Any one of those instances can decide not to actually delete anything when requested.

[–] GlitzyArmrest@lemmy.world 6 points 1 year ago

Just like on reddit, treat everything here as public. Do not post things that you want to be private to either site; this goes for literally any website you don't own.

It reads like someone has just discovered that if you toss out public data on the public internet via federation it becomes public and out of your direct control.

That's how all federated services basically work: once it is relayed to someone else's server, there's essentially nothing you can do to force deletion.

Easy example: if you send me an email, but delete it from your sent messages, did you delete the message I got?

[–] underisk@lemmy.ml 3 points 1 year ago

Any claims made about privacy on a social media site, especially ones run by private companies or individuals, should be met with extreme skepticism. The reality of privacy on the internet is that it is not something you can get by picking a different service, it is something you must constantly maintain with vigilance and an up to date understanding of infosec practices.

[–] TwilightKiddy@programming.dev 3 points 1 year ago

Sites like these cannot be private by design. Their whole purpose is making data publicly avaliable.

If you want none of data here linked to you, register on an instance that does not require email and don't use your nickname, that's all there is to it.

[–] butter@lemmy.jamestrey.com 2 points 1 year ago

Privacy is tricky. I've seen complaints that anything you post stays forever. But honestly, is that what you consider private?

Do you think it's more private to make and delete posts than to just use a VPN and an anonymous account? Having the ability to delete posts doesn't help your privacy at all. At least there's no advertisers being sold all our data.

And the chat thing really needs fixed. But for quick one-off messages, it's fine. Maybe just too exchange secured accounts

[–] MentalEdge@sopuli.xyz 2 points 1 year ago* (last edited 1 year ago)

Everything you post on lemmy is intended to be public, so there really isn't a point to it having privacy features like encryption. There is the one sticking point of dms being readable by the relevant instance admins, perhaps that will change at some point, but for now lemmy supports attaching a matrix handle to your account for secure messaging.

That said, something the underlying protocol (ActivityPub) does have, are standards for both editing and deleting your own posts. It will be quite possible to have everything or anything you've put out there changed or removed, much like on reddit. The action will propagate to all federated instances.

Also I'm not sure what you mean by there being no history deletion in matrix? I run a node, and purging a room, or an entire account, is absolutely possible. You can even set a node up to only retain data for a certain amount of time. Or are you referring to the fact that you can't make another node that has the history for people you've talked to on it, delete it?

There ActivityPub has matrix beat, if you delete your comment, any instances it was visible on (unless they defederated since) will also delete it.

[–] ProfessorFlaw@kbin.social 2 points 1 year ago

Might sound dumb, but why privacy? All you do here is post publicly random cat photos, it isnt a messenger where you have private conversations.

[–] poVoq@slrpnk.net 2 points 1 year ago

Lemmy is meant to be a public website with public content. And in general, that post is either very uninformed or in bad-faith as most of these things are unavoidable in federation or even protect former users from impersonation.

[–] MiddleWeigh@lemmy.world 0 points 1 year ago (1 children)

Is there currently an option to delete all your individual comments like power delete suite on lemmy?

Not that I know of. Should be relatively (to reddit) simple to build one though, as lemmy's API is pretty decently documented.

[–] makos@programming.dev 0 points 1 year ago (2 children)

Since Lemmy is free software, can someone just fork it and change it to be more privacy-focused?

[–] Generator 1 points 1 year ago

It can, but without E2EE nothing is private. You can be sure that stays encrypted and only the other person is able to read it.

Someone definitely could, but what privacy-oriented features would even be useful on a social media site, aside from encrypted DM's?