They’re already intercepting every packet that leaves your modem before it even reaches your ISP. They’ve got your data before Lemmy even has it.
Lol, how would that work large scale? Or was it tongue in cheek?
No, dude. Did you not pay attention to the Snowden leaks?
Point taken. That’s just yours three letter agency though. Ours are blissfully unaware, without resources (or maybe will) to tap sea cables or pay ISPs for direct access.
A number of the Five Eyes have restrictions that they’re not supposed to spy on their own nationals. They get around this by having arrangements where they each spy on each other’s nationals and then share the data. That way it isn’t “spying on their own nationals”, it’s “a partner country ran across this in the course of their own activities and felt we should be informed”.
You see, of course, how those two things are entirely different, right? Nothing to see here …
It was only after it reaches your ISP, not before…
“They” are not intercepting the entire world’s internet usage. That’s absurd.
The data is already public, that’s how ActivityPub works
Your account details (email, password hash, IP address) are held only on one instance, but yeah, the rest is shared.
You don’t even need to set up a server, you can scrape pretty much anything of value. And they already will have done.
I think that some data such as every single upvote and downvote an account makes isn’t public but can be viewed by admins
As far as I understand votes are published as ActivityPub messages, otherwise multiple servers could not have the same vote counts. They need to be able to deduplicate the same vote coming from two different servers.
So everyone can read your votes there’s just not an easy UI for it.
This is a public facing site, none of that data is secret.
I could honestly see them doing it just because niche tech-ish communities are where they’ll find like 90% of their tech related workers and agents.
Nothing, as far as I know there are already three-letter agencies working here.
They won’t see the data of people they don’t follow, and if they pop up and start following everyone they’re going to get defederated.
Of course, it’s relatively trivial to scrape the information without setting up a fediverse instance, so I don’t think mastodon.prism.gov is something we’ll need to worry about any time soon.
What sort of data are you talking about? I see posts and comments from people I don’t follow in Local and All communities. Actually how do you follow an account in Lemmy?
So, on lemmy, you get content federated to you from remote instances by subscribing to communities on those remote instances. If a community exists on a remote instance, but no one from your instance subscribes to it, then no one on your instance will see any of the content posted to that community.
It works similar for mastodon and the regular fediverse, but in those cases, you follow people instead of communities.
Either way though, if no one from your instance subscribes to a particular remote account, be it a person or a community, then you don’t get the content from that account on your instance.
Holy shit. TIL.
Thanks!
Fun fact, this is because lemmy communities are the same type of entity as mastodon accounts. They’re basically a “person” to the rest of the Fediverse.
And they basically “boost” content to the timelines of accounts that subscribe (ie follow) the community account. Just like a boost on Mastodon.
The fact that they have that info already
Nothing.
So be extra careful with any sort of personally identifiable information that you share here.
Yeah, kids, this is the public facing internet. If you dox yourself and have said comments you wouldn’t say out loud to someone, it could come back to haunt you. Be careful out there.
I haven’t said anything I wouldn’t say out loud to someone but the tricky thing is that you are saying things to the entire planet essentially. Someone, somewhere is bound to be offended.
For that reason, anonymity is important online.
Did you know that a simple beauty hack is to match your lipstick colour to your nipples?
I’m struggling to find green lipstick though.
Someone, somewhere is bound to be offended.
NO I’M NOT! WHY WOULD YOU PERSONALLY ATTACK ME LIKE THAT???
There there now, don’t worry. It was just a bot, not a human.
Just like me.
And you.
Ha. Ha. Ha. Humans are funny
Exactly. People need to understand. They aren’t breaking in or doing anything wrong. You are blasting all of your posts and comments out to anyone who wants to listen
I’m old and crusty, and remember an internet without user accounts that were tie to a real name. This was the norm, and so it should be again.
Anyone could creep theough my posts and comments, and get a rough idea about me, but not accurate enough to identify me.
If you just assume that everything you put online is being saved and used by everyone and everything you’d be better off.
This used to be the default when I was a kid. Never give out your real name. Never give out personal information. Don’t post pictures or videos of yourself or anyone you know or that contain identifying info like addresses, landmarks or anything else that might make it easier for someone to figure out where/who you are.
All the data you send to Lemmy can be viewed by just about anyone. Including your votes. Deleting something doesn’t necessarily get rid of every instance of your content across the whole fediverse or anything that’s scraping data (including other users who just have a habit of saving every single thing). If you have an app that lets you share content and you find a “deleted by creator” post, you can even copy the post body and paste it elsewhere to see what it said prior to the deletion.
Always assume everything you put anywhere on the internet is going to be saved somewhere whether you want it to or not.
Listen to this person
It’s wild to me how many people have forgotten or refuse to follow basic Internet safety. People complain about privacy and then attach things to their real name. Stop that. Make up a name and use that one instead. No, don’t put your birth year in your email address. You think using a reversed version of your mother’s maiden name is real clever but it really isn’t. Stop that.
The infuriating issue I’m dealing with lately is the crossover between IRL and internet friends. They refuse to stop naming when typing or speaking. I don’t care that they know who I am, but there’s a reason that I want my nickname being used when we’re in a discord server and random fucking people join in. It’s even worse on forums. You go to one meetup and suddenly someone wants to make a post saying, “it was great to meet X, Y, Z, AA, AB, AC, AD, AE, AF…” using the names of the people instead of their aliases, or worse using both. And of course they took a picture.
I blame facebook. It introduced and reinforced the concept of name=person=online to everyone.
-
They already did.
-
Lemmy appears in Google search.
-
Nothing. A social network is a public forum, and you have no expectation of privacy on a public forum.
DMs are the exception, and it should be explained to users that they are not private. E2E DMs would be cool, but the potential for spam and abuse is just too high.
If Lemmy became popular, what would prevent any three-letter agency from opening a server to get all the user data?
What makes you think they haven’t already?
I honestly don’t know why AI companies aren’t pushing Lemmy and Mastodon. Meanwhile they’re paying Reddit millions. If everyone switched, they could just open an instance and vacuum everything over activity pub.
I like this, we should generally encourage companies to put out quality open source stuff to undermine each other
Reddit has 15+ years of content. We have soon 1 year of “many” users and a few years before that with sparse content. There is no comparison now and the companies need the data now.
It’s easier/faster/cheaper to just pay for it and they get a lot of already existing data as well. Even if they’d pay the low price of a dollar for every monthly active user on Reddit to switch over to lemmy, that’d cost them 850 millions.
Assume they do have access, as do the Russians and the Chinese and whoever else. Don’t share identifying info. Limit even non-identifying info that is unique to minimize opportunities for triangulation.
I think back to training I had many years ago about posting enough info that my identity could be obtained. Post that I was a soldier and it does next to nothing to identify me. Post that I lost a leg and it starts narrowing down but still not enough to identify me. Post that I am from Idaho and someone with any websearch skills can make a pretty good guess who I am, or at least narrow down to where more direct techniques can be used. And because it’s quite difficult to remember all the details I’ve posted, I tend to nuke my account and start from scratch periodically, especially any account that touches on the political.
Those were examples btw, I am not a legless vet nor a potato farmer. Or am I?
This is really good and a great example. Also, can’t hurt to poison the well a bit and just straight up bullshit about your background in some posts.
As a world leader in cybersecurity, recipient of a nobel prize, liquid billionaire, and hobbiest musician making #1 on the Billboard Hot 100, I agree.
Corollary I am already doxed and I don’t post things I would not associate with in my personal or professional life.
I assume that someone vindictive could use things against me that I say, so I only say things I believe in or that are obvious satire. I’m outright hostile to people that don’t have any empathy or critical thinking ability. I’m hostile to my co-workers when they don’t show any critical thinking skills and I guess that’s privilege I enjoy.
On the other side of the coin, I use my real name openly and have done so for decades. I’m also openly trans, and it’s not hard to work out where I’m from, so with that, it’s trivial to track me down. Yet I’d rather roll the dice of that possibility than interact anonymously, and lose my connections and community.
Have you had any trouble with this approach or has it worked out?
No problems so far
It’s always important to keep as much as possible in the something, but let people assume it’s not.
-Mark
Oh shit is that you Frank?
No Frank Drebin is a fine police officer
Nothing. Anytime telling you signing up to a bunch of random servers is more private than reddit is lying to you.
