That is really concerning
The only way is it be absolutely private by not interacting…
This is not a lemmy specific problem and basically applies to the entire internet…
Comment on YSK Lemvotes.org will show you votes on any post, comment, or by user, or anything on the fediverse
cmgvd3lw@discuss.tchncs.de 1 day ago
That is really concerning. Activity Pub should have a mechanism to hide those. If by any chance, one’s identity is reviled, their entire behaviour history would be out in the wild. The more one use an account, the more information is getting shared. Social engineering is a real thing.
The only way is it be absolutely private by not interacting (lurkers), which is not good for a social media like Lemmy or by changing accounts often.
carrylex@lemmy.world 1 day ago
tal@lemmy.today 23 hours ago
The only way is it be absolutely private by not interacting…
I don’t know if this is news to you but this is not a lemmy specific problem and basically applies to the entire internet…
Hyphanet’s Frost can provide pretty solid pseudonymity.
But that comes with its own performance and functionality tradeoffs.
tal@lemmy.today 1 day ago
identity is reviled [I assume revealed]
The fact that most instances permit external image hosting permits obtaining user IP addresses by posting inline images hosted on a server created by an attacker, then harvesting IPs there. I noticed when going through the code that Lemmy, as of 0.19.4 has an option to protect users of a home instance by proxying images viewed there. However, it’s bandwidth-intensive and I don’t think that many instances have it on.
join-lemmy.org/…/2024-06-07_-_Lemmy_Release_v0.19…
Image Proxying
There is a new config option called image_mode which provides a way to proxy external image links through the local instance. This prevents deanonymization attacks where an attacker uploads an image to his own server, embeds it in a Lemmy post and watches the IPs which load the image.
Instead if image_mode is set to ProxyAllImages, image urls are rewritten to be proxied through /api/v3/image_proxy. This can also improve performance and avoid overloading other websites. The setting works by rewriting links in new posts, comments and other places when they are inserted in the database. This means the setting has no effect on posts created before the setting was activated. And after disabling the setting, existing images will continue to be proxied. It should also be considered experimental.
Many thanks to @asonix for adding this functionality to pict-rs v0.5.
I donlt know whether PieFed and Mbin presently have comparable functionality.
One major issue is that proxying the images will create more bandwidth usage on a home node, since they’re serving up all the images viewed by users of that home node — it’s more-expensive to run a node in that mode.
Mniot@programming.dev 1 day ago
If by any chance, one’s identity is reviled, their entire behaviour history would be out in the wild.
So close to a sweet meter. What do you think of
“If, by some chance, one’s handle’s reviled / their foul history would be out in the wild.”
? It’s not perfect. Probably just a little more work-shopping.
Croquette@sh.itjust.works 1 day ago
No we shouldn’t. Anyone can create an instance and scrape whatever data.
Assume that all the posts and comment you make are public and linked to your real identity and don’t say things you wouldn’t say in person.
It’s a pretty simple concept.
HereIAm@lemmy.world 1 day ago
Shame, guess I can’t say categorising Palestine Action as a terrorist group is dumb.
Croquette@sh.itjust.works 1 day ago
My comment was misguided because it didn’t take the US social context into account.
You can’t say it, but I can though.
Categorising Palestine Action as a terrorist group is ultra dumb.
Substance_P@lemmy.world 1 day ago
You may want to be careful then if you need to travel through the United States.
archive.md/…/marco-rubio-revoke-us-passports-terr…