this post was submitted on 19 Jun 2023
154 points (99.4% liked)

Technology

37747 readers
278 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it's visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
(page 2) 50 comments
sorted by: hot top controversial new old
[–] Stimmed@reddthat.com 11 points 1 year ago

If you think anything on the Internet can ever be forgotten... Your going to have a bad time. Passwords, one of the most protected data types, are compiled from beaches into huge databases so that hackers can use them to try to log into website. There are literally dozens of not hundreds of those password databases on the public Internet to be downloaded, not to mention private or dark web collections. If passwords are not safe, what makes you think publicly available social media would be any different?

Even if somehow the whole federation agreed to purge all post every year, things like the Internet archive and Google cache of pages would retain the data.

[–] iuseit@iusearchlinux.fyi 11 points 1 year ago

Personally when I want to share what I'm saying with the world I write a letter, burn it, and snort the ashes. This is the only truly private way to do this.

[–] ellabella@beehaw.org 10 points 1 year ago (1 children)

If I wanted privacy, I wouldn't be browsing online.

load more comments (1 replies)
[–] VexCatalyst@lemmy.fmhy.ml 9 points 1 year ago* (last edited 1 year ago)

In both services you are basically shouting into a giant megaphone. What’s so private about it? If you don’t want say it in public, don’t say it there.

If you need privacy there are much better tools available such as pgp encrypted email or encrypted Matrix DMs (a nonfederated Matrix sever would be even more secure but rather overkill).

Edit: specified encrypting Matrix DMs. I forgot for a moment that you can send unencrypted DMs over Matrix.

[–] grizzzlay@beehaw.org 9 points 1 year ago

I don't think much of Mastodon as it is, so they're free to rag on Lemmy all they want.

[–] AllonzeeLV@vlemmy.net 9 points 1 year ago

I wasn't planning on doing any banking through Lemmy.

[–] tiny_electron@beehaw.org 9 points 1 year ago (2 children)

This is a big issue because in the EU you have the right to remove your data. It could make Lemmy illegal in the EU

[–] communist@beehaw.org 8 points 1 year ago

https://github.com/LemmyNet/lemmy/pull/3208 there's already a pull request, it's being fixed soon.

load more comments (1 replies)
[–] GadgeteerZA@beehaw.org 8 points 1 year ago (4 children)

Not sure what the point of "Mastodon's" opinion is? Firstly, Mastodon is pretty big and decentralised, and it has no-one who really speaks on behalf of all its users. Lemmy is not a privacy central network like a direct messenger service. It never claimed to be privacy centric as far as I know. The point is to share posts in communities, and the more that see them, the better.

But it is federated which means posts do get shared to other servers everywhere, and deleting those is not as easy as for a centralised server. Whatever I post on any sharing type service, I consider to be public.

load more comments (4 replies)
[–] Penguincoder@beehaw.org 8 points 1 year ago

In order for me to be offended, I'd first have to care about that opinion. I don't.

[–] The_Terrible_Humbaba@beehaw.org 7 points 1 year ago* (last edited 1 year ago) (6 children)

After reading some more comments, I think I came up with a good analogy to explain this issue, and I wanted to share.

Think of websites like a bar that also has an open mic.

Now, when I go to a bar, I don't want to have to give the bouncers and staff my full name as well as my address. I also wouldn't want them to know that I just came, for example, from a store where I was looking for a vacuum, and then have them warn a vacuum seller about it. A vacuum seller who is then going to sit next to me, while I'm trying to have a drink, and show me a pamphlet regarding the "amazing vacuum" he has for sale.

Ideally, I can also look for a bar that will allow me to come in costumed and not show my face. Or I could ask the bar to delete footage of me at some point, and to not store my ID if I do have to show it to a bouncer at the entrance.

All of that is relatively feasible and within the realm of reason; and all of that are things that privacy advocates might advocate for.

However, what is not feasible, or within the realm of reason, or what privacy advocates tend to advocate for, is the ability for me to willingly go up on stage, say something on the mic which I immediately regret, and then ask everyone present to forget it ever happened and delete any footage they might have of it. No reasonable person would ask for something like that, because it is not a reasonable request.

That is how regular websites work. With federated websites, that becomes enhanced; it's like if the bar you're in has a camera pointed at the microphone, and transmits both video and audio directly into several other bars. So when you go up to that mic, you better make sure you're okay with what you are saying being made public and available to anyone.

load more comments (6 replies)
[–] trent@kbin.social 6 points 1 year ago

The stuff listed in OP doesn't really seem like much concern. "What you put on the internet is there forever!" is completely true, and things like this should only make it more concrete that you can't rely on your service provider to delete information somebody else already archived.
With that being said, default privacy settings - at least on Kbin - seem pretty bad.

[–] ISometimesAdmin@the.coolest.zone 6 points 1 year ago (1 children)

Other people have already commented on how federated social media often requires certain data just for implementations to work and make sense, and there's not much more to add to that.

If you want private, end-to-end-encrypted, decentralized communication, the best modern solution to that is #matrix.

load more comments (1 replies)
[–] exoteefs@kbin.social 6 points 1 year ago

I'm not sure what this has to do with mastodon all I see are some salty idiots on raddle moaning.

[–] Kushi@beehaw.org 6 points 1 year ago

This is a link to Raddle.me, what does this have to do with Mastodon?

load more comments
view more: ‹ prev next ›