I’m a big fan of Firefox’s email mask feature. Not sure which update it was but recently it showed up when clicking on an email field. FF creates an email address for you and forwards any mail you get to your main email. It’s been great for signing up for random crap cus you can just delete the email mask “account” afterwards.
When it comes to location tracking and many other things, data retention and use policies are just a useful distraction from the real problem which is that they're able to collect the data at all.
It’s similar. I made it to solve my spam problem, but it’s also really good for staying organized. When you sign up for something, you can use yourname-whatever@port87.com, then if you don’t want it anymore, you can block that address. Each address has its own label in your account, and blocking the address is just one click.
This is a security feature to let you know that the sender may be an imposter, right? Like matrix’s verified sessions, if my friend gets a new phone or pc it’s unverified and I have to verify the new session through another means, like in person or phone.
It gets weird fast, because before privacy controls in the Lemmy source code mean anything, we need trusted third party verification of a server’s patch level, and security controls.
That can be done, and I think Lemmy has a shot at getting to that point, but it’ll be awhile.
In the meantime, I suspect the Lemmy developers are hesitant to add and advertise features that you can’t be sure are actually correctly enabled on your instance.
But yeah, let’s not let perfect be the enemy of moving toward better.
Edit: Assuming you completely trust your instance admin, we could start adding some basic privacy to actions taken on your home instance.
But as soon as the user starts interacting via federation, all bets are off - because the federated instance may he malicious.
I think we might see one or more “trusted fediverse” groups emerge in the next few years, with instance admins making commitments to security controls, moderation, code of conduct, etc.
So, in theory, the lemmy software could start implementing privacy controls that allow users to limit their visibility to whichever part of the fediverse their instance admin has marked as highly trusted.
But even then, there’s risks from bad actors on highly trusted instances that still allow open signups.
Anyway, I totally agree with you. It’s just a genuinely complex problem.
If all the people complaining would just contribute to the codebase this wouldn’t even be an issue.
Often, you even see the devs coming into threads like this and making suggestions, like “make a pull request.” They want more people contributing.
It’s tons of people whining, very few people contributing. Guess what? While at a certain point, adding developers stops increasing productivity, there’s a small window where adding developers does increase productivity.
If I am correct, Lemmy only has four main developers. That’s well within the range to add more developers and increase the productivity, making new features and security come faster.
So I get it, but things take time, and are complicated, which you thankfully can see.
People whinging about it in threads does nothing to change it. Donating to Lemmy’s development costs or contributing code does.
So much of it sounds like it sounds like its from less-technically-inclined people (some of its valid critique from experts, but they generally… write bug reports and do pull requests…) who just want it to be better but the only way they know how is to “bring awareness.” Well, all that “awareness-bringing” just amounts to spreading FUD.
I think we might see one or more “trusted fediverse” groups emerge in the next few years, with instance admins making commitments to security controls, moderation, code of conduct, etc.
There is now at least one system in place for admins to vouch for other instances being non-malicious, and to report suspected instances. It is called the fediseer: gui.fediseer.com
When you have privacy settings, what you really have is a lie.
It starts out with good intentions, like those in this post, but eventually everyone forgets that the platform still sees your posts and does not give a shit about selling them.
I would rather acknowledge from the very beginning that this entire system is not private, so there is never such a misunderstanding.
Everyone should post and comment with caution, just like you use caution with what you say in public places.
The way you use caution saying something in a public place that you don’t want everyone to hear is by keeping your voice down so that only certain people can hear it. Without privacy settings there is no equivalent to that.
Sup. And all this data would still be federating, it has to be. That just means that some data-collecting company could make a fake instance and get everything together. Or someone could just fork it back.
privacy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.