this post was submitted on 05 Mar 2024
69 points (87.1% liked)

Privacy

39506 readers
709 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Like even if they have nothing else they could just leak IP is there any law against it ? Or any technical aspect stopping them ?

top 50 comments
sorted by: hot top controversial new old
[–] ryannathans@aussie.zone 78 points 1 year ago (2 children)

Ethically it'd be shitty and people don't want to be part of an instance with shitty admins so people would migrate away. Technically, nothing unless you're using a VPN. Welcome to the internet, the same is true for every website

[–] wizardbeard@lemmy.dbzer0.com 35 points 1 year ago (2 children)

Also there's the aspect of just... not caring. As someone who technically could read the email, browse the files, or track the apps installed and used on the phone of nearly any person where I work, any small bit of idle curiousity died before I was done my first day.

Even if I was nosy, 99% of people are just not that fucking interesting. What would even be the point of abusing my access?

I've seen someone put it like this: male gynecologists don't get excited looking at lady bits at work.

[–] TexasDrunk@lemmy.world 9 points 1 year ago

I was able to do that for years. For me to give a shit what's in your email you have to be more interesting than the rest of the internet, which pretty much means you'd have to be doing something at least borderline illegal and have it brought to my attention by someone who noticed it over your shoulder.

[–] ryannathans@aussie.zone 6 points 1 year ago* (last edited 1 year ago)

Though, there's always some malicious doctors

[–] SinningStromgald@lemmy.world 2 points 1 year ago

Haven't some instances started blocking VPN traffic after the CSAM incident(s)?

[–] henfredemars@infosec.pub 31 points 1 year ago* (last edited 1 year ago) (1 children)

An IP address by itself isn't going to let you dox users unless you have access to the databases that map these to the subscriber accounts. Typically, you would need to be an ISP or law enforcement to do this, but you can also purchase this information from a data broker if you know what you're doing.

With that said, there is absolutely nothing stopping the instance operator from getting your IP address. You're connecting to his or her computer which they own, so they can easily see where you're connecting from.

[–] BombOmOm@lemmy.world 21 points 1 year ago* (last edited 1 year ago) (1 children)

A notable way to protect against this is to use a VPN. Then the operator only knows you use a VPN.

Also need to be careful of what you write in comments (this is a public forum!). People sometimes write a surprising amount of detail about their life and it makes it much easier to narrow you down to a single individual the more you do it.

[–] givesomefucks@lemmy.world 23 points 1 year ago (2 children)

Eh, have faith in people

Even on Reddit, I was always 100% honest about living in Monetenagro as a Canadian Mexican immigrant. Sure life is busy as CEO of Disney but I always make time to attend a Lakers game with Leonardo DiCaprio when I'm visiting Panama.

But to comb thru a large account would take a bot to look for keywords and frequency mentioned.

So if you're concerned about it, a less honest person could just randomly make outrageous but specific claims. Even when in the same comments and obviously contradictory, it would throw it off as long as you're not constantly disclosing identifying information

That's how I was able to become Batman and buy a house in Tokyo anyways

The biggest thing is don’t accidentally give away your security questions to reset passwords to anything important.

[–] N0x0n@lemmy.ml 2 points 1 year ago* (last edited 1 year ago) (3 children)

Ewwww ! Imagine having faith in people... gross !!

load more comments (3 replies)
[–] southsamurai@sh.itjust.works 22 points 1 year ago

Serious answer: nothing except their own lack of access to anything except the ip address and whatever you give them.

But that's easy to counter with a VPN and a bit of common sense.

[–] frozen@lemmy.frozeninferno.xyz 22 points 1 year ago (8 children)

I run an instance. I promise, I have literally 0 care about who you are. I have much more productive things to do with my time.

load more comments (8 replies)
[–] Undertaker@feddit.de 13 points 1 year ago (1 children)

Oh my... This whole thread is literally the best of 'Do you have something to hide?', 'Why should they use it?', 'What could happen?', 'That's paranoid' and so on.

Really disappointing.

load more comments (1 replies)
[–] sudneo@lemmy.world 12 points 1 year ago

Technical measures are impossible in this particular case. However, I would say that the complete lack of benefits or incentives makes it very unlikely. Doing so could be illegal and collecting data which is otherwise useless is only a liability and a waste of resources. Basically the admin own self-interest I would say is what's stopping them. That said, if someone is individually afraid due to a bad relationship with an admin, then personal motives could void the above, in which case, they should change instance probably or use a VPN at least.

[–] Imprint9816@lemmy.dbzer0.com 11 points 1 year ago (1 children)

What info would an admin even have? Just my public ip and my email?

[–] The_wild_card@lemmy.today 5 points 1 year ago

And your post history but so does everyone else and their cats.

[–] Omega_Haxors@lemmy.ml 10 points 1 year ago* (last edited 1 year ago) (3 children)

You're connecting to their servers. They're going to get your IP. This is unavoidable.

They can even * [gasp] * read the messages and things you willingly post onto their servers.

load more comments (3 replies)
[–] poVoq@slrpnk.net 7 points 1 year ago

They have no business incentive for it, contrary to most other websites that are funded by targeted advertisement which basically means doxxing their users to advertisement companies.

[–] Gutless2615@ttrpg.network 6 points 1 year ago

Technically nothing but vibes

[–] arran4@aussie.zone 6 points 1 year ago (1 children)

Don't let your guard down but at some point trust and risk consideration is required for most systems to work. If you're after solutions; you could run your own node in the cloud and federate it.

[–] The_wild_card@lemmy.today 3 points 1 year ago

Was thinkin about it and read some docs which brought me to the conclusion that its too much work for me

[–] Oha@lemmy.ohaa.xyz 5 points 1 year ago (1 children)

Nobody cares about ips. This is mine: 193.81.127.151 . Try to find out anything about me exept my approximate location.

load more comments (1 replies)
[–] Titou@feddit.de 5 points 1 year ago

The counter-question is : what do you win by doing this ?

[–] h3ndrik@feddit.de 4 points 1 year ago* (last edited 1 year ago) (13 children)

Yes, there are laws against doxxing in several countries.

There is no technical aspect stopping it. Every website has your IP, sometimes also the people you chat with or write emails to, as this might (or might not) be part of the meta-information.

An IP address is a boring piece of information. Usually you can just infer the country and which internet service provider someone uses. You'd need to sue the ISP or get a court order to get the name and address of who's using that IP number.

Running these services is a lot of work and requires some skill, at least to do it sustainably. Usually it's certain people who are dedicated enough and willing to put in the effort... They are motivated to build something or help people. That's what drives them. It's somewhat unlikely but not impossible that they participate in malicious behaviour. Sometimes internet drama happens. But users aren't stupid either.

(But people who want to destroy and troll, rarely have the character traits to succeed at something like this. You'd pass on easier methods to wreak more havoc, to instead spend time learning webhosting, Linux, build up a community and maintain the server... You wouldn't do all of that unless it were worth it. I can only imagine that happening in a targeted attack that pays a good amount of money. Or a really good amount of internet fame because you doxxed a high-profile celebrity or something like that.)

load more comments (13 replies)
[–] TexMexBazooka@lemm.ee 4 points 1 year ago

Nobody cares about your IP. Admins can see it, they can see mine, they don’t care.

If you want to be paranoid use mullvad and call it a day.

[–] randombullet@programming.dev 4 points 1 year ago (3 children)

Here's my IP

42.74.98.48

Here's my device information.

Device: husky    
Model: Google Pixel 8 Pro    
Android: 14
[–] Zoot@reddthat.com 6 points 1 year ago (1 children)

But are you on wifi or mobile data, gotta know before doing absolutely nothing with that information

[–] randombullet@programming.dev 2 points 1 year ago

Pfft if you're a pro hacker you would already know where I live and my mother's maiden name.

load more comments (2 replies)
[–] Rustmilian@lemmy.world 4 points 1 year ago

Maliciously Leaking IP is doxxing, doxxing is illegal.
That said, law enforcement can just request for the IP/Logs and they'll likely hand them over.

[–] bloodfart@lemmy.ml 4 points 1 year ago (6 children)

Nothing stops them.

Don’t worry too hard about the ip though, there’s plenty of servers still running versions with insecure pms and that seems like a much bigger problem than ip addresses.

What are you concerned about? maybe I can help you figure out a way to mitigate it.

load more comments (6 replies)
[–] onlinepersona@programming.dev 2 points 1 year ago (1 children)
[–] The_wild_card@lemmy.today 4 points 1 year ago (1 children)

I do for most things but not lemmy i just like jerboa

[–] onlinepersona@programming.dev 4 points 1 year ago* (last edited 1 year ago) (4 children)

Oh, it's an android app? Then your IP is pretty much worthless if I'm not mistaken. You should get a new IP every time you make a new connection. Just test it. Go to https://whatismyipaddress.com/ , turn off your data, turn it back on, reload the webpage. Mine gives me a new IP every time I turn off cell data.

Also, there's a TOR android app.

CC BY-NC-SA 4.0

load more comments (4 replies)
[–] possiblylinux127@lemmy.zip 2 points 1 year ago

Because its a waste of there time? What's stopping anyone from doxxing you?

load more comments
view more: next ›