So I was going through /all and this admin is snooping at vote counts for posts in his instance and then posting it publicly.
Just a reminder that these kind of petty people exist. Pick a trustworthy instance or better yet, host your own.
Archive: https://archive.md/oybyL
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
Off day 😉
I should have been more specific when I said website, as… If you scan my other comments, you might have the hint that I have access to one such Lemmy instance. And they federate with minimal effort. I don’t know how to automate it yet, but it wasn’t hard to do so manually.
I’m actually curious to know if federated instances share the data of their federated instances… if so, there is a proper reason to be actually alarmed, as ACLs would essentially be cosmetic only.
Can you be more specific? I might be able to hunt down answers.
Recently, federation vulnerabilities got exploited by an ex-Truth Social employee who apparently believes consent is only when someone shouts “no” at him, so pretty much anything is possible (without even going through the effort of spinning some kind of proxy server, if I’m reading this correctly).
Well, as in let’s say instance A is federated to B, B federated to C, A blacklisted C.
So, clearly, A isn’t getting data about C. It will drop it on ingress (I expect).
But, will C have access to the exact same data about A, through B, that it would have access to from A if not blocked by A?
“Indirect federation” (what I ended up eventually trying to find info on) appears non-existent.
That answered the question, I think, but it caused me to ask a few more, like this one:
What happens if a community is on Server A and Person C wants to check out how Person B is interacting on it. I think, in that case, that Person C can check out Person B’s profile and see comments left on a Server A community, but they cannot navigate to the post itself because Server A would not send the content to their server.
It’s relatively easy to switch servers, by clicking the little rainbow icon next to a particular comment to see the server where it would have been viewed in Person B’s context, but servers on their own are not running around scraping missing data… At least, not as they are currently designed.
ETA: More background on the major defederation in question (mostly political, not technical)
Thanks for digging and reporting on this, but I’m gonna take a break with my phone (the main way I interact with Lemmy), since it is such a steaming pile of shit.
I’ll try to find a way to use Lemmy on a proper OS without using the horrendous web interface (hopefully there are cool clients out there), and then I’ll see. 👋