this post was submitted on 30 Jan 2024
95 points (81.0% liked)

Privacy

32159 readers
236 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

So I was going through /all and this admin is snooping at vote counts for posts in his instance and then posting it publicly.

Just a reminder that these kind of petty people exist. Pick a trustworthy instance or better yet, host your own.

Archive: https://archive.md/oybyL

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 10 months ago (1 children)

Can you be more specific? I might be able to hunt down answers.

Recently, federation vulnerabilities got exploited by an ex-Truth Social employee who apparently believes consent is only when someone shouts "no" at him, so pretty much anything is possible (without even going through the effort of spinning some kind of proxy server, if I'm reading this correctly).

[–] [email protected] 1 points 10 months ago (1 children)

Well, as in let's say instance A is federated to B, B federated to C, A blacklisted C.

So, clearly, A isn't getting data about C. It will drop it on ingress (I expect).

But, will C have access to the exact same data about A, through B, that it would have access to from A if not blocked by A?

[–] [email protected] 2 points 9 months ago* (last edited 9 months ago) (1 children)

"Indirect federation" (what I ended up eventually trying to find info on) appears non-existent.

That answered the question, I think, but it caused me to ask a few more, like this one:

What happens if a community is on Server A and Person C wants to check out how Person B is interacting on it. I think, in that case, that Person C can check out Person B's profile and see comments left on a Server A community, but they cannot navigate to the post itself because Server A would not send the content to their server.

It's relatively easy to switch servers, by clicking the little rainbow icon next to a particular comment to see the server where it would have been viewed in Person B's context, but servers on their own are not running around scraping missing data... At least, not as they are currently designed.

ETA: More background on the major defederation in question (mostly political, not technical)

[–] [email protected] 2 points 9 months ago

Thanks for digging and reporting on this, but I'm gonna take a break with my phone (the main way I interact with Lemmy), since it is such a steaming pile of shit.

I'll try to find a way to use Lemmy on a proper OS without using the horrendous web interface (hopefully there are cool clients out there), and then I'll see. 👋