Lemmy has many privacy problems that have nothing to do with public comments you make. For example, the “hide posts that you have already read” option requires that the server track what posts you have read. There is no public activity involved in reading a post. So the Lemmy server should not track that info. If that feature is to exist at all, it should be implemented purely on the client. The same can be said about subscriptions, and for that matter about voting (server should discard voting info after a brief interval for abuse detection). The Lemmy software in many ways naive about this stuff.
I don’t disagree on those points, but I think it’s the nature of Lemmy being decentralized that makes all those things necessary.
server should discard voting info after a brief interval for abuse detection
What if the server has not federated out the votes yet? Some of that stuff can get backed up in a queue. There’s definitely a possibility that votes could get “lost” on the way. Hell, that already happens, and that’s with a system that tracks them.
Servers have to keep a lot of this info to pass to other servers. If I upvote something on Lemmy.blahaj.zone, it doesn’t mean that upvote has been federated outward to hundreds of other servers yet. I would assume this is part of how Lemmy is able to keep things “organized” between all servers.
In other words, a lot of the privacy complaints come from technical limitations of how Lemmy works. Lemmy, by it’s decentralized nature, has to transfer tons of data back and forth between all Lemmy instances.
However, there are technologies that are trying to work around this kind of technical limitation. You might be interested in something like Veilid. I’m not sure about the details of putting together a Veilid-based social-network, but I’m willing to believe it’s possible.
I don’t see anything in your post that indicates any reason to track what posts a person has read. That should not be tracked at all. Reading posts should be completely anonymous.
I don’t see why voting necessarily has to track who casts the votes. But, because untracked voting can be abused so easily, I can understand deciding to retain the info for let’s say 24 hours. Hopefully that is also enough to handle those propagation issues.
Really, imho, server instances shouldn’t have a web interface at all, just an API. Web apps would make API calls to the server and reformat the response for use by the browser. The API call to read a post should not require any identifying info or require the user to be logged in. Read tracking and subscriptions should be handled by the client, and in the case of a public client (web app shared by many users), the private user info should be encrypted in case of a server breakin or seizure. The encryption key would be based on the user password and transformed to a browser cookie when the user logs in, so it is never stored by the web app. With most people using mobile clients these days, alternatively, the info can be kept completely on the client device and maintained by the mobile app.
It’s on a Fairphone 3 on Android 13. On Wi-Fi Private DNS works perfectly, but as soon as I switch to 4G the internet connection don’t work anymore. As soon as I reset the private DNS to default it works as intended again. That’s seems to be a carrier issue.
I have no idea if sms (ew) is an option, or if it is paid limited, but yeah I’ve had TOTP for years on my account and it’s still working fine, no financial transactions made, so…
The very nature of Lemmy and most social media, is that what you put out there is public. If you don’t want everyone in the world to read something you wrote, then social media may not be your kind of thing.
Because it seems that, to exist in society, is to give up some form of privacy by dint of existing in it.
You cannot stop yourself from being observed by other people, if they can see you. That’s just basic reality.
To be completely private, you would have to live in the woods and not interact with anyone or speak with anyone.
Is it defeatist to be realistic about the limitations of the idea of privacy?
As someone who has spent a lot of time seeking internet privacy, I’ve learned that more often than not I’m making myself more conspicuous. That doesn’t mean I’m going to give up on privacy, but it does mean that I’m going to consider its limitations.
EDIT: I’m reminded of an interview with Mark Hossler from Negativland. The interview is long gone from the internet (it was on an obscure website pre-youtube) but the center of it always stuck with me.
“If you really want full control of your art, don’t show it to anybody, keep it in your home.” His argument was Richard Dawkins’ argument for memes. The human mind functions by copying and mimicking. When someone else has viewed your artwork, they’ve already created an internal image of it in their memory. That memory is inconsistent with reality, but if they have a good memory, they can recreate it relatively easily (if they have similar artistic skills). You can’t really stop that kind of copying from happening, so the only way to fight it and keep “complete control” is to not share it at all.
Similarly, the only way to have complete control over your privacy is by not interacting with anyone at all.
When you have privacy settings, what you really have is a lie.
It starts out with good intentions, like those in this post, but eventually everyone forgets that the platform still sees your posts and does not give a shit about selling them.
I would rather acknowledge from the very beginning that this entire system is not private, so there is never such a misunderstanding.
Everyone should post and comment with caution, just like you use caution with what you say in public places.
The way you use caution saying something in a public place that you don’t want everyone to hear is by keeping your voice down so that only certain people can hear it. Without privacy settings there is no equivalent to that.
Sup. And all this data would still be federating, it has to be. That just means that some data-collecting company could make a fake instance and get everything together. Or someone could just fork it back.
Given the state Lemmy is in (barely functional with loads of papercuts) and the barebones developer funding it has (barely above minimum wage), these honestly feel like low priority “nice to have” features for a software that is meant for public forums.
I don’t care how little money they have and how few developers they have, they need to bring a feature-set that is on par with corporations with billions of dollars at their disposal and thousands of developers! Fuck that, they need to even do better than those companies on the privacy issue!
The way I see it, community-based social media is a public forum, where every post / comment is public (Obviously less applicable on an individualized platform like Instagram). Everyone has an inherent right to privacy, but not when they’re using a platform like Lemmy. Twitter and Facebook are fundamentally different platforms. You can’t expect privacy while using lemmy, so use a different platform to post private content.
These people should be looking into spinning up Matrix servers if they want a private club with real privacy so bad.
It’s definitely a weird thing to constantly be upset about: “People can see what I posted in public when I post them publicly!”
It’s like complaining about people being able to take photos with you in the background in public. It’s a public space, there is no expectation of privacy.
If you want a private internet experience, you have to put some work in.
I’m a big fan of Firefox’s email mask feature. Not sure which update it was but recently it showed up when clicking on an email field. FF creates an email address for you and forwards any mail you get to your main email. It’s been great for signing up for random crap cus you can just delete the email mask “account” afterwards.
I started listening not too ago, sad to see this go… I really wanted to re-listen podcasts about self hosting, but does not seem an option anymore… But all the best luck for him!
privacy
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.