Comment

Comment on Upvotes and downvotes are public information on Lemmy

rumba@lemmy.zip ⁨7⁩ ⁨months⁩ ago

It would be unusual to be able to exactly identify someone purely from their IP, but let’s say someone posted from their work IP in a small company. It would substantially lower the bar to dox them.

Let’s go further and ponder if an authoritarian regime setup an admin and started coorelating dissent ip’s collected from user when they did things like paying parking fines, or signing their online tax forms.

Let’s say that they collected all that and trained an LLM on it, then when you go to get a passport renewed or are stopped for a traffic violation and ask the LLM if you’re a dangerous person based on their criteria.

It’s not a direct problem, but it has slippery slope all over it.

source

Sort:hotnew top

M0oP0o@mander.xyz ⁨7⁩ ⁨months⁩ ago
Let’s just say you don’t understand how IP or llms work.

source
- rumba@lemmy.zip ⁨7⁩ ⁨months⁩ ago
  ohh, so you can’t put train a small compendium everything a person wrote then infer things about that person based on their life. Good to know.
  
  I’ve been dealing with IP’s for about 30 year now, also good to know.
  
  source
  - M0oP0o@mander.xyz ⁨7⁩ ⁨months⁩ ago
    Well I hope you have been, unless this is your first week going online.
    
    source
anarchiddy@lemmy.dbzer0.com ⁨7⁩ ⁨months⁩ ago
IP addresses are not something that can be pulled from just any instance. You would need to be the administrator, and even then you’d only get access to the ip address of just your own instance users. AFAIK, at least - maybe they’ve made efforts to mask ips, too, but im not even sure how that’d work.

Federated posts and comments are copied from server to server. When someone from .world is looking at a comment from .dbzer0, what they are seeing is information that was synced from the dbzer0 server address, not the user’s.

There was a brief moment when there was a vulnerability with linked images sent via DM that could route you to an external server and log your IP address, but that has been patched now by most instances.

As with anything on the internet: assume your activity is not private at all times, or take active precautions to mask your identity, or both. No opsec is perfect and often the only thing standing in the way of a hack or dox is the endurance and motivation of the bad actor.

source
- rumba@lemmy.zip ⁨7⁩ ⁨months⁩ ago
  
  IP addresses are not something that can be pulled from just any instance.
  
  That’s what I thought about votes too. I’d be very happy to know that you can’t access ips the same way you can votes on other nodes by simply being an admin on a given node. Honestly, I never would have guessed lemvotes could exist.
  
  source
  - anarchiddy@lemmy.dbzer0.com ⁨7⁩ ⁨months⁩ ago
    That’s just how a federated exchange needs to work, though. Without sharing which user is creating activity, there would be no way of verifying the legitimacy of activity without some convoluted blockchain process. On the other hand, sharing IP addresses isn’t just unnecessary but more involved.
    
    There’s frankly no point in making votes private, anyway. Why should it matter who knows how you vote?
    
    source