this post was submitted on 05 Jul 2023
62 points (93.1% liked)

Comradeship // Freechat

2166 readers
51 users here now

Talk about whatever, respecting the rules established by Lemmygrad. Failing to comply with the rules will grant you a few warnings, insisting on breaking them will grant you a beautiful shiny banwall.

A community for comrades to chat and talk about whatever doesn't fit other communities

founded 3 years ago
MODERATORS
 

I was unsure where to cross-post this. But maybe we should discuss this to make sure Lemmygrad users are staying safe? Similar to the unspoken rule that we strongly discourage people using their real names or giving away too many personal details.

cross-posted from: https://mylemmy.win/post/89871

Edit: obligatory explanation (thanks mods for squaring me away)...

What you see via the UI isn't "all that exists". Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see "under the hood". Any instance admin, proper or rogue, gets a ton of information that users won't normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 1 year ago (1 children)

There's a lot of info and discussion on this post that explains why. Pretty much that voting has never been private on other platforms as votes must be tied to users, otherwise users could add more than one vote per post. And this data must also be federated so that other instances' posts are also safeguarded.

Lemmy isn't designed as a privacy platform, it's a socia media type link aggregator powered by ActivityPub. And with this federation brings decentralization, where it's possible to not share data with other instances, but it will have to be shared in some way with any linked instances. There are pros/cons to each style: the current issues with Reddit show the problems with centralization, and there's going to be an adjustment period as more people join Lemmy who don't already know about the Fedi.

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (1 children)

I see that, but I didn't vote on other platforms. I knew I'd be giving data directly to the owners and their five eyes operatives. I know this platform is public, so I'm careful with my words. Now I know I should be careful with voting, too.

The people who want our details are incredibly creative at how to interpret data that seems innocuous.

Edit: that link is very informative, thanks. I should confirm that I assume everything on the internet is public in one way or another and confirm that I don't have any major concerns with the general security architecture of the Lemmy software or the way Lemmygrad is run. I just thought it's something that we should talk about to make sure that we're not increasing the chances of being doxxed by giving away useful metadata.

Edit 2: when I say, 'I don't have any major concerns with the general security architecture', people should know that I'm not qualified to judge this from the coding side of things!

[–] [email protected] 13 points 1 year ago (2 children)

For sure, people definitely should be educated on what data is open (posts/comments), closed (voting on Lemmy as kbin seems to show them publically), "private" (DMs which are explicitly described as not private and to use Matrix etc. for actual encryption), or secure (Matrix). I feel like a lot of us on Lemmygrad are aware of privacy more than the average netizen, but it wouldn't hurt to have a primer for new users.

I think for social media the best thing would just be compartmentalization of identities, so the usual advice of don't give away too much of who you are and keep usernames separate unless you want them to be connected/known.

[–] [email protected] 7 points 1 year ago

A pinned post with this information would probably go a long way for new users. I didn't know that until you pointed it here :')

But definitely, being careful with this data can help against brigading and other risks.

[–] [email protected] 6 points 1 year ago

A primer would be useful. Especially from someone who knows what their talking about! My knowledge has served me well enough but it's basic.