this post was submitted on 02 Aug 2024
1280 points (95.3% liked)

Memes

51764 readers
945 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 6 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] davel@lemmy.ml 128 points 1 year ago (6 children)

I don’t know why people keep attributing privacy to Lemmy when ActivityPub is anything but.

[–] OsrsNeedsF2P@lemmy.ml 44 points 1 year ago (2 children)

Is ActivityPub logging which IP I post from? Is ActivityPub monitoring which communities I view? Is ActivityPub blocking me from browsing with my VPN on?

[–] davel@lemmy.ml 43 points 1 year ago (2 children)

Is ActivityPub logging which IP I post from?

That depends on the implementation.

Is ActivityPub monitoring which communities I view?

That depends on the implementation.

Is ActivityPub blocking me from browsing with my VPN on?

That—believe it or not—depends on the implementation.

[–] puppy@lemmy.world 42 points 1 year ago* (last edited 1 year ago) (2 children)

We already have an implementation. You me and OP are all on Lemmy. So can you answer these in the context of Lemmy again?

[–] davel@lemmy.ml 28 points 1 year ago* (last edited 1 year ago) (2 children)

I actually can’t answer them, because I only admin this instance, I don’t run it.

While I’m sure this is not the case, it’s entirely possible that the people who do run this instance are running a fork of it that does all of those things. It couldn’t log your IP address or block your VPN, but it could mine, and your instance could yours. And I haven’t read the Lemmy source code, so I don’t know what even an unmodified Lemmy logs.

(Actually this instance is running a fork right now, or rather a branch: 0.19.6-beta1, because lemmy.ml is the core Lemmy developers’ instance for testing beta code before releasing production versions.)

[–] GoodEye8@lemm.ee 19 points 1 year ago

But you can read the source code and get an understanding of whether it is collecting private information or not. You can theoretically also fork the code and make your own version of Lemmy where you're ripped out the parts that collect private information. Can you do any of those things with Reddit? Absolutely not. You have no idea what exactly Reddit collects and even if you did you have no control over that collection.

What you're doing is questioning the privacy aspect without putting in the effort to check if your questioning is valid. Nobody is preventing you from reading the source code. And if you don't trust anyone else running the instance you can fork Lemmy, make whatever privacy changes you need and host your own instance. That goes beyond the capabilities of the average user but that's the catch with privacy, if you can't trust others then you have to learn more to get by without others.

[–] TechNerdWizard42@lemmy.world 7 points 1 year ago

Many Lemmy instances block VPN posting. You can view, but not vote or post. I have a secondary private VPN I use sometimes for that. But honestly the whole thing just sucks.

[–] JackbyDev@programming.dev 3 points 1 year ago

ActivityPub does not share your IP with other instances, but of course, like all websites, your home instance can see your IP.

[–] growingentropy@lemmy.dbzer0.com 14 points 1 year ago (3 children)

I got off lemmy.world because they block VPN connections. Not happening, under any circumstances. I don't trust anyone that much.

[–] jaybone@lemmy.world 5 points 1 year ago (3 children)

Is your IP passed on to other instances along with your post/comment?

[–] JackbyDev@programming.dev 5 points 1 year ago

No. ActivityPub does not share your IP with other instances.

[–] mp3@lemmy.ca 2 points 1 year ago

Nope, that info stays on the home instance.

No idea. I installed a VPN on my router to get privacy. That's all I ask.

[–] uis@lemm.ee 3 points 1 year ago

Meanwhile I know lemmy instance that blocks most clearnet connections and can be accessed from tor and i2p

[–] Mango@lemmy.world 1 points 1 year ago (2 children)

Trust them with what though? What are you posting?

[–] growingentropy@lemmy.dbzer0.com 1 points 1 year ago (1 children)

Did you just do the "if you don't have anything to hide, what's the big deal" move?

I want privacy. That's all.

[–] Mango@lemmy.world 1 points 1 year ago (1 children)

I'm just saying that you're literally making posts and comments specifically to be heard. What's getting obscured here?

[–] growingentropy@lemmy.dbzer0.com 1 points 1 year ago (1 children)

Well, my ISP doesn't need to know anything about my posts. And the fediverse doesn't need to know who I am beyond "growingentropy," so...

[–] Mango@lemmy.world 3 points 1 year ago

Ah yeah that makes sense.

I have a router with a VPN. I'm not disabling that just to post on lemmy.world.

[–] Serinus@lemmy.world 40 points 1 year ago (1 children)

And generally that's fine. If you're posting stuff publicly, expect it to be public.

Lemmy gives away for free what Reddit is desperately trying to put up walls on so they can sell it, but I wouldn't call it "private" because it's monetized.

Lemmy is the opposite of privacy, and that just makes sense if you 🤔.

[–] JackbyDev@programming.dev 4 points 1 year ago

I desperately want all my posts on all forum like sites to be easily indexable by search engines. That Reddit blocked other search engines besides Google from indexing is crazy.

[–] Phegan@lemmy.world 12 points 1 year ago (2 children)

Privacy in the sense that no one is selling your information for profit

[–] Un4@lemm.ee 11 points 1 year ago

In terms of privacy reddit has it better(still bad but better than Lemmy) because your content is locked behind a paywall only few companies can access. On the other hand, any one can train their AI on Lemmy posts and access all history of all users freely. The difference is that on lemmy only the companies that collect your data profit, while on reddit also the owners of the platform (reddit itself) profit.

[–] wizardbeard@lemmy.dbzer0.com 9 points 1 year ago (1 children)

No, it's just open free for the taking by anyone who decides to spin up their own instance, or to anyone who decides to scrape from an instance frederated with yours without robots.txt set against web scrapers. Hosters could even intentionally break federation to prevent deletions from syncing.

I love lemmy, but privacy is not one of its features.

[–] davel@lemmy.ml 4 points 1 year ago

Any script kiddie can scrape the entirety of Lemmy, with the exception of direct/private messages. robots.txt is merely a request, with no enforcement capability.

[–] Salvo@aussie.zone 7 points 1 year ago (2 children)

That was what I was going to say.

That said, if someone detects some sort of data-mining plagiarism bot sucking down everything on an instance, it can be defederated very quickly.

[–] Serinus@lemmy.world 11 points 1 year ago (1 children)

New instances basically suck down everything as the most normal use case. That's what activitypub is for.

[–] uis@lemm.ee 1 points 1 year ago

There is script that marks entire fediverse for backfilling

[–] jaybone@lemmy.world 1 points 1 year ago

Why would such a bot need to be on a new instance?

[–] vonxylofon@lemmy.world 4 points 1 year ago

The amount of magical thinking around federated protocols both on Lemmy and Mastodon is astounding. Sure, design decisions make a difference, but federations gonna federate.

See, the app won't track your clicks, views, interests. Only public thing is the thinh you post. Which is great for public communities. Theese are meant to be public. But things facebook or reddit or google does is enough to call lemmy private