this post was submitted on 10 Mar 2024
38 points (93.2% liked)
Free and Open Source Software
17966 readers
10 users here now
If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The difference:
Like, if there was a stalker wanting to attack you in particular... neither is good, but one is worse than the other.
How matrix with its end to end encryption giving my data to everyone????
Matrix encrypts by default when starting a "DM room", otherwise it doesn't force encryption, only allows it.
All the unencrypted rooms out there, are susceptible of getting their contents scraped by either the server, a federated server, an invited user, or even anyone.
Encrypted rooms, can also get scraped unless they're set with security in mind (only send to validated users, make it invite only, don't show past history).
Right, you do have to understand that either way, if you put something on the public internet, it is gone.
I don’t want a company to sell my data, making money off of me, then having the audacity to ask me for MORE money on top (nitro). It feels gross.
I don’t mind sharing bits of myself online otherwise.
The owners of federated instances can also just start selling your data too at any point. And as you said, advertisers will also just scrape public data trivially. Basically, the internet and world is a terrible place.
Stuff gets deleted from the Internet all the time... other stuff goes viral and lasts for decades. YMMV
It seems to me like your threat model is different from OP's, though. Worrying about ad blockers not being enough, is not the same as fearing for your life because someone might decide to track down where you are IRL.
Lemmy is not enriching the data you put on it with data that Lemmy purchases from third parties, in order to create a
user-product
to sell to advertisers. Meta and Discord are (obviously Meta much moreso). That's why advertisers buy from them instead of just scraping your posts themselves.Advertisers buy from data brokers, not necessarily directly from Meta or Discord. Meta and Google act as data brokers themselves, but they also sell to other data brokers. Those data brokers, will definitely scrape your posts themselves, if they can't buy them, or the derived data, directly.
Lemmy, and the Fediverse, has multiple instances that federate and get handed out copies of what we post. We don't really know what's going on at each and every instance, and there's no way of knowing.
(don't do this)
If I was a data broker wanting to siphon data from the Fediverse, I'd set up several instances with fake communities and fake users, federate with the different shards of the Fediverse, have the fake users subscribe to as many feeds as possible (easier to do on Lemmy/Kbin than on Mastodon), create accounts on some of the larger instances to get the "Local" feed, and just wait for the data to arrive. It would miss some of the posts, mostly from smaller less federated non-Lemmy instances, but I'm guessing close to 99% could be siphoned with relatively little effort, and for cheaper than buying the data from any single instance. Scraping historical data is extra easy with instances returning some JSON and having clients parse it, be it in JS or in apps. Deleted messages can be either gathered with the custom instance setup, or retrieved from instances that didn't honor the delete action (there still are some out there).