this post was submitted on 13 Jul 2023
9 points (73.7% liked)

Privacy

31913 readers
863 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Is this a good idea for privacy?

top 13 comments
sorted by: hot top controversial new old
[–] [email protected] 18 points 1 year ago* (last edited 1 year ago) (1 children)

Your instance knows

  • Your IP address
  • Your E-Mail (if provided
  • Your password (salted of course)
  • Your session type (browser, app, etc)
  • Your interactions (posts, comments, saved, upvotes, downvotes, etc
  • Your social graph (following and followers, etc)

Everyone in public knows

  • Your session type (optional)
  • Your interactions (posts (if set public), comments, saved (depending on service), upvotes, downvotes, boosts, etc)
  • Your social graph (may be optional depending on service)
[–] [email protected] 0 points 1 year ago (1 children)

How is session type made available in the federation? I wasn't aware that was shared on the protocol.

[–] [email protected] 1 points 1 year ago (2 children)

Im not sure, but on mastodon for example you will often see tusky, or web, etc at the bottom of post details. https://digitaldarkage.cc/@shortwavesurfer2009/110691099097120908

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

You can disable it, in the settings. Still a feature which shouldn't be there in my opinion.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

Hmm good point. I guess it is optional though so on the client end you can probably avoid sending anything (or just spoof as "web" at worst).

[–] [email protected] 2 points 1 year ago

I know mastodon has a checkbox to disable it from the server end.

[–] [email protected] 15 points 1 year ago

Nope. It's public. Assume everybody has a copy of everything sent over ActivityPub.

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (1 children)
[–] [email protected] 6 points 1 year ago

I concur.

The services/platforms/networks on ActivityPub, for the most part, serve as a public forum. I don't expect privacy in that context and others shouldn't either.

I personally believe we shouldn't conflate the two (private/public spaces) and have private End-to-end encrypted messaging via an alternate platform/service to ensure people don't mix them up - maybe something like Matrix, since that's also federated and self-hostable. But that's just my opinion.

[–] [email protected] 8 points 1 year ago (1 children)

Only your instance host could monitor your personal metrics and fingerprinting. These are what are so invasive with big tech.

Everything you post here as content is public and can be scraped you should assume everything will be mined for data.

They can't see your IP, dwell time, votes, what you read, what you didn't read, and most importantly they can't inject content into a structured echo chamber and observe how you react.

[–] [email protected] 4 points 1 year ago (1 children)

Only your instance knows your IP and what links you visited. But everyone can see your votes.

[–] [email protected] 2 points 1 year ago (1 children)

How does everyone see votes? I looked in the page source and could find comments but not votes

[–] [email protected] 1 points 1 year ago

If you host a federated instance you can see all votes. Some platforms display votes in the UI (kbin I thought? by hovering over the vote button or score). I figure it's only a matter of time before someone puts up a website to just see people's votes.

load more comments
view more: next ›