• Chozo@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    They’re already intercepting every packet that leaves your modem before it even reaches your ISP. They’ve got your data before Lemmy even has it.

    • berg@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      Lol, how would that work large scale? Or was it tongue in cheek?

        • berg@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          8 months ago

          Point taken. That’s just yours three letter agency though. Ours are blissfully unaware, without resources (or maybe will) to tap sea cables or pay ISPs for direct access.

          • athos77@kbin.social
            link
            fedilink
            arrow-up
            0
            ·
            8 months ago

            A number of the Five Eyes have restrictions that they’re not supposed to spy on their own nationals. They get around this by having arrangements where they each spy on each other’s nationals and then share the data. That way it isn’t “spying on their own nationals”, it’s “a partner country ran across this in the course of their own activities and felt we should be informed”.

            You see, of course, how those two things are entirely different, right? Nothing to see here …

    • Blackmist@feddit.uk
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      Your account details (email, password hash, IP address) are held only on one instance, but yeah, the rest is shared.

      You don’t even need to set up a server, you can scrape pretty much anything of value. And they already will have done.

    • PatMustard@feddit.uk
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      I think that some data such as every single upvote and downvote an account makes isn’t public but can be viewed by admins

      • april@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        8 months ago

        As far as I understand votes are published as ActivityPub messages, otherwise multiple servers could not have the same vote counts. They need to be able to deduplicate the same vote coming from two different servers.

        So everyone can read your votes there’s just not an easy UI for it.

  • Ð Greıt Þu̇mpkin@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    I could honestly see them doing it just because niche tech-ish communities are where they’ll find like 90% of their tech related workers and agents.

  • Ada@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    8 months ago

    They won’t see the data of people they don’t follow, and if they pop up and start following everyone they’re going to get defederated.

    Of course, it’s relatively trivial to scrape the information without setting up a fediverse instance, so I don’t think mastodon.prism.gov is something we’ll need to worry about any time soon.

    • bamboo@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      What sort of data are you talking about? I see posts and comments from people I don’t follow in Local and All communities. Actually how do you follow an account in Lemmy?

      • Ada@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        0
        ·
        8 months ago

        So, on lemmy, you get content federated to you from remote instances by subscribing to communities on those remote instances. If a community exists on a remote instance, but no one from your instance subscribes to it, then no one on your instance will see any of the content posted to that community.

        It works similar for mastodon and the regular fediverse, but in those cases, you follow people instead of communities.

        Either way though, if no one from your instance subscribes to a particular remote account, be it a person or a community, then you don’t get the content from that account on your instance.

  • Lvxferre@mander.xyz
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    Nothing.

    So be extra careful with any sort of personally identifiable information that you share here.

    • FigMcLargeHuge@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      Yeah, kids, this is the public facing internet. If you dox yourself and have said comments you wouldn’t say out loud to someone, it could come back to haunt you. Be careful out there.

      • LibertyLizard@slrpnk.net
        link
        fedilink
        arrow-up
        0
        ·
        8 months ago

        I haven’t said anything I wouldn’t say out loud to someone but the tricky thing is that you are saying things to the entire planet essentially. Someone, somewhere is bound to be offended.

        For that reason, anonymity is important online.

    • Scrubbles@poptalk.scrubbles.tech
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      Exactly. People need to understand. They aren’t breaking in or doing anything wrong. You are blasting all of your posts and comments out to anyone who wants to listen

    • neidu2@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      I’m old and crusty, and remember an internet without user accounts that were tie to a real name. This was the norm, and so it should be again.

      Anyone could creep theough my posts and comments, and get a rough idea about me, but not accurate enough to identify me.

  • If you just assume that everything you put online is being saved and used by everyone and everything you’d be better off.

    This used to be the default when I was a kid. Never give out your real name. Never give out personal information. Don’t post pictures or videos of yourself or anyone you know or that contain identifying info like addresses, landmarks or anything else that might make it easier for someone to figure out where/who you are.

    All the data you send to Lemmy can be viewed by just about anyone. Including your votes. Deleting something doesn’t necessarily get rid of every instance of your content across the whole fediverse or anything that’s scraping data (including other users who just have a habit of saving every single thing). If you have an app that lets you share content and you find a “deleted by creator” post, you can even copy the post body and paste it elsewhere to see what it said prior to the deletion.

    Always assume everything you put anywhere on the internet is going to be saved somewhere whether you want it to or not.

    • Mossy Feathers (She/They)@pawb.social
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      It’s wild to me how many people have forgotten or refuse to follow basic Internet safety. People complain about privacy and then attach things to their real name. Stop that. Make up a name and use that one instead. No, don’t put your birth year in your email address. You think using a reversed version of your mother’s maiden name is real clever but it really isn’t. Stop that.

      • FilterItOut@thelemmy.club
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        8 months ago

        The infuriating issue I’m dealing with lately is the crossover between IRL and internet friends. They refuse to stop naming when typing or speaking. I don’t care that they know who I am, but there’s a reason that I want my nickname being used when we’re in a discord server and random fucking people join in. It’s even worse on forums. You go to one meetup and suddenly someone wants to make a post saying, “it was great to meet X, Y, Z, AA, AB, AC, AD, AE, AF…” using the names of the people instead of their aliases, or worse using both. And of course they took a picture.

        I blame facebook. It introduced and reinforced the concept of name=person=online to everyone.

  • scoobford@lemmy.zip
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    Nothing. A social network is a public forum, and you have no expectation of privacy on a public forum.

    DMs are the exception, and it should be explained to users that they are not private. E2E DMs would be cool, but the potential for spam and abuse is just too high.

  • roadkill@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    If Lemmy became popular, what would prevent any three-letter agency from opening a server to get all the user data?

    What makes you think they haven’t already?

  • phoneymouse@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    I honestly don’t know why AI companies aren’t pushing Lemmy and Mastodon. Meanwhile they’re paying Reddit millions. If everyone switched, they could just open an instance and vacuum everything over activity pub.

    • ReallyKinda@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      I like this, we should generally encourage companies to put out quality open source stuff to undermine each other

    • RBG@discuss.tchncs.de
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      Reddit has 15+ years of content. We have soon 1 year of “many” users and a few years before that with sparse content. There is no comparison now and the companies need the data now.

    • berg@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      It’s easier/faster/cheaper to just pay for it and they get a lot of already existing data as well. Even if they’d pay the low price of a dollar for every monthly active user on Reddit to switch over to lemmy, that’d cost them 850 millions.

  • Vanth@reddthat.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    8 months ago

    Assume they do have access, as do the Russians and the Chinese and whoever else. Don’t share identifying info. Limit even non-identifying info that is unique to minimize opportunities for triangulation.

    I think back to training I had many years ago about posting enough info that my identity could be obtained. Post that I was a soldier and it does next to nothing to identify me. Post that I lost a leg and it starts narrowing down but still not enough to identify me. Post that I am from Idaho and someone with any websearch skills can make a pretty good guess who I am, or at least narrow down to where more direct techniques can be used. And because it’s quite difficult to remember all the details I’ve posted, I tend to nuke my account and start from scratch periodically, especially any account that touches on the political.

    Those were examples btw, I am not a legless vet nor a potato farmer. Or am I?

    • treadful@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      8 months ago

      This is really good and a great example. Also, can’t hurt to poison the well a bit and just straight up bullshit about your background in some posts.

      • funnystuff97@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        8 months ago

        As a world leader in cybersecurity, recipient of a nobel prize, liquid billionaire, and hobbiest musician making #1 on the Billboard Hot 100, I agree.

    • bane_killgrind@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      Corollary I am already doxed and I don’t post things I would not associate with in my personal or professional life.

      I assume that someone vindictive could use things against me that I say, so I only say things I believe in or that are obvious satire. I’m outright hostile to people that don’t have any empathy or critical thinking ability. I’m hostile to my co-workers when they don’t show any critical thinking skills and I guess that’s privilege I enjoy.

      • Ada@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        0
        ·
        8 months ago

        On the other side of the coin, I use my real name openly and have done so for decades. I’m also openly trans, and it’s not hard to work out where I’m from, so with that, it’s trivial to track me down. Yet I’d rather roll the dice of that possibility than interact anonymously, and lose my connections and community.