160

Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it's visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
top 50 comments
sorted by: hot top controversial new old
[-] ffmike@beehaw.org 78 points 1 year ago

In my opinion it's unreasonable to think anything can truly be deleted in a federated system. Even if the official codebase is updated to do complete deletion & overwrite, it's impossible to prevent some bad actor from federating in a fork that just ignores deletion requests.

Seems sensible to just not post anything that you don't want to be available for the lifetime of the internet.

[-] dudeami0@lemmy.dudeami.win 35 points 1 year ago

Just as it's impossible to stop scrapers from archiving data on traditional websites. "Deleted" data is probably in a database somewhere, being sold by someone. As you said, you lose some degree of control over your data as soon as you post it. Data is valuable, and if there is a will there is a way.

[-] alyaza@beehaw.org 31 points 1 year ago

In my opinion it’s unreasonable to think anything can truly be deleted in a federated system.

yeah like. this is just a byproduct of how federation works currently. i don't even know how you'd begin to design a federated system where some of these critiques can't be levied

load more comments (2 replies)
[-] yourgodlucifer@kbin.social 23 points 1 year ago* (last edited 1 year ago)

I don't expect my data to be fully deleted in a centralized system either. even if it was deleted from the central server someone might have made an archive of it

and reddit is definitely guilty of this since they were bringing back peoples deleted comments and accounts

[-] pkulak@beehaw.org 12 points 1 year ago

This is how I treated Reddit too. And Twitter. And everything else. I have two modes; public and private. And private is private; strong encryption and local storage. Having some middle ground is a recipe for disaster.

load more comments (4 replies)
[-] 0xtero@kbin.social 66 points 1 year ago* (last edited 1 year ago)

First - we're all using alpha/beta software (Lemmy is 0.17.4, Kbin is 0.10.). None of these services are "production quality" software yet, so let's keep that in our minds - we're all early adopters.

The points mentioned in the OP are a bad look. Naturally. User should have expectation of their data being deleted on request - especially since this request might be regulatory privacy request (GDPR related). It's a clear failure from the software and should be improved and iterated upon.

The expectation shouldn't be "oh well it's on the Internet, live with it". While Facebook might keep mining your data after deletion request, our software shouldn't behave like that, we should strive to be better with this stuff.

And finally, ensuring privacy in federated system is hard. Mastodon suffers from same problems. We shouldn't give up on the idea though.

[-] aard@kyu.de 17 points 1 year ago

The more important part for privacy: Mail address is optional, and IP addresses are not stored in the database. A correctly configured instance (at least for EU legislation) also will not log IP addresses in the web server - with that you can have profiles that can't be tied to an actual human, and you don't have location and movement data.

The data deletion is pretty much a nice to have - it's on the level of the Exchange feature to recall Emails: Sure, you can ask nicely, but outside of your own server pretty much nobody will care. Lemmy is federated over multiple jurisdictions, so even with full deletion implemented there'll almost certainly be instances which will ignore the deletion request - and it will be completely legal for them to do so. More important is education about what you publish, and a basic understanding of the technical and legal realities you'll have to deal with if you later decide you want that information gone.

I already had that discussion with my 6 year old when she wanted to publish some videos - and she understood the problems quite well.

load more comments (5 replies)
[-] YMS@kbin.social 16 points 1 year ago* (last edited 1 year ago)

It is an early stage software and such things can be worked out, you're right. But on the other hand, such basic elements should be based on a thorough concept before a single line is coded, and implementing something like a delete button with "Let's just make it delete the most visible stuff for now, we can always improve that later when there is time" is recipe for disaster.

load more comments (1 replies)
load more comments (3 replies)
[-] russjr08@outpost.zeuslink.net 65 points 1 year ago

So, I was born in the late 90's - I don't know if they still have "computer literacy" as a core course in schools these days, but they did when I was going through K-12 (or, well K-9.. once you were in high school they assumed you knew the basics of how to use a computer, and had more advance courses).

One of the very first things we learned about the internet is that once you put something on the internet, there is no way to take it back. At the time, uploading pictures to the "cloud" and such wasn't really a thing so we learnt this by using email: Once you've sent an email to someone, you cannot "unsend" it. You can kindly ask the other party to delete the copy of the email without opening it, but you cannot guarantee that the email wasn't saved on another computer, or saved somewhere else along the route between your computer and the receiver's computer. Clicking the send button was taught to us as "etching your letter into stone".

Because of this, I've always (or at least, as far as I can remember) made sure that anything I put on the internet, or even "put into digital form" (such as even writing something in a file on your computer - you can recover deleted files from a hard drive unless you really put in the effort to actually erase it... there is a huge difference between erasing a file, and marking it as "deleted") is something that I'm okay being tied with me forever. I'm sure if you looked hard enough, you could find me participating on message boards as a young teenager - and to that I just say "Oh well". Is some of it probably very cringe-inducing and embarrassing? I have no doubt.

(This is also why you should take extreme caution when talking about say, your friend, on the internet - if you post something about them on the internet, you're condemning them to this same exact thing)

Now funnily enough, as far as I understand the ActivityPub protocol, it is for all intents and purposes the exact same as email in this regard. Once you've sent something, there are no "take backs". All you can do is kindly ask others to delete their copy, and that comes with zero guarantees. If I had a mastodon server, and someone deletes their toot - I could take down my server and my server would never receive that delete request. Or, just simply change the source code of the Mastodon instance on my server to straight up ignore deletion requests.

Would it be nice for Lemmy to have a way to actually delete your content? Sure. But that's not technically feasible, and personally (as controversial as it may seem) I would rather Lemmy not try to give you the false sense that everything was completely gone forever. I'm not saying that you shouldn't be able to delete your account off a Lemmy instance, but it shouldn't come with an option that says "Check here to remove your data/media from all federated instances" because Lemmy/no one can promise that, and I really hate it when software (or really anyone/anything) attempts to make a promise in bad-faith knowing that they can't possibly ever uphold it.

Anyone who thinks Reddit is "better" than Lemmy in this regard probably doesn't realize that Reddit is making a claim they can't keep. The most obvious example of this is all of these subreddits that have gone dark? You can bring up most of their posts on the Wayback Machine or Google Cache. That would be the case regardless of whether they were set to private, or even if they were just straight up "deleted".

We really should not be setting the belief for people that there exists a way to completely nuke a piece of data off the internet, because you cannot make a guarantee of that being the case.

load more comments (5 replies)
[-] NightOwl@lemmy.one 55 points 1 year ago

Did anyone use reddit thinking it was private? With stuff like push shift and way back machine people shouldn't be posting stuff they aren't comfortable sharing anyways on a wide open message board.

Always weirded me out the people who'd treat their reddit accounts like Facebook.

[-] arandomthought@vlemmy.net 15 points 1 year ago

Yes. "The internet never forgets" is actually a thing.

[-] CheshireSnake@iusearchlinux.fyi 14 points 1 year ago

With stuff like push shift and way back machine

So much this. I don't get why people don't remember this first thing when it comes to data storage.

load more comments (1 replies)
[-] lowleveldata@programming.dev 50 points 1 year ago* (last edited 1 year ago)

It is reasonable that people should be able to delete their posts / comments. However I don't see how is this related to "privacy". How can something you post on a public forum be private?

[-] Lols@lemm.ee 18 points 1 year ago

its the principle behind the 'right to be forgotten'

if you posted something to a public forum and changed your mind, deciding it shouldnt be public after all, you should have that option

load more comments (1 replies)
[-] rstein@discuss.tchncs.de 16 points 1 year ago

You can’t delete a mail you sent me, nor put your hand written letter to me in the bin. I can keep both and I can keep your name and addresses in my little black book. So there isn’t even that level of privacy in the real old fashioned communication.

And communication over the Internet was always the subject of storage. Your mail may be on the backup tape of a mail server. Your usenet posting is on archive.

So the assumption that the fediverse can forget….

load more comments (1 replies)
load more comments (10 replies)
[-] heartlessevil@lemmy.one 48 points 1 year ago

What does this have to do with Mastodon?

The same privacy issues also exist with Mastodon and all distributed systems.

[-] rubywingedflier@possumpat.io 41 points 1 year ago

I understand the impulse but the way some people get so hung up on trying to make a way to permanently and universally delete posts made on public facing social media and framing it as a "privacy" issue feels kinda like saying something you regret on mic at a town hall and being mad that you can't permanently delete the memory of it from the minds of everyone present, and claiming that they violated your privacy by remembering it

load more comments (5 replies)
[-] loving_kindness@midwest.social 39 points 1 year ago

Anything put on the internet is forever. No one should be publicly posting anything with the expectation that they have any control of it after it goes out. If it’s not held by the server, there’s the way back machine or even just folks taking screenshots.

[-] knotthatone@lemmy.one 13 points 1 year ago

I completely agree. I just don't see how there can be any realistic expectation of privacy when publishing something publicly.

I appreciate the idea of laws establishing a right to be forgotten and I think there's still some value in being able to take your data away from certain companies, but there's no guarantee it wasn't copied many times before the original location is taken down.

The Fediverse works like email. Once somebody hits send, there's no real way to claw that back.

load more comments (13 replies)
[-] knova@links.dartboard.social 38 points 1 year ago

BTW, the OP on Raddle was spamming that message around Reddit last week and directing people to Raddle. I think he has a bone to pick with the developers' politics more than anything.

load more comments (3 replies)
[-] communist@beehaw.org 38 points 1 year ago

https://github.com/LemmyNet/lemmy/issues/2977

It's not like they're doing it on purpose, there's a lot of things being worked on, and this is one of them.

[-] db0@lemmy.dbzer0.com 34 points 1 year ago

The same is true for raddle. They kid themselves if they think anyone can't record anything in there forever.

Anyway it's also inaccurate. Deleted accounts are purged from the DB, so they're definitelly not visible anymore

Likewise you you edit your comment, it's edited in the DB.

load more comments (8 replies)
[-] retronautickz@beehaw.org 32 points 1 year ago* (last edited 1 year ago)

The illusion of Privacy is Mastodon (or social media in general)

There's a reason why when you go to "private mentions" on Mastodon, this appears:

Private mentions. Post on mastodon are not end-to-end encrypted.Do not share any sensitive information over Mastodon

While yes, we should be able to delete our content if we want, but it's a bit naive to think there could be true privacy in any decentralised social media platform.

There's a reason why one of the think people tell you when you come to the fediverse is not to share personal and sensible information.

The only decentralised social media that has some level of privacy is Matrix, and that's why it has it's own protocol and only federates within/between its own servers.

[-] KitemanHellYeah@lemm.ee 24 points 1 year ago

In general I think we should go back to separating personal identities from internet identities on discussion forums like these. There are already platforms for promoting your personal identity that are way better than these types of forums

load more comments (5 replies)
load more comments (3 replies)
[-] nerodessertking@beehaw.org 27 points 1 year ago

i mean raddle is a site that has an anti doctor post pinned in the mental health community ... like c'mon I and many others need medicine to survive and you are encouraging anti-psychiatrist posting, Church of Scientology levels of anti-medicalist posting

load more comments (1 replies)
[-] kool_newt@beehaw.org 26 points 1 year ago* (last edited 1 year ago)

The fediverse is the real internet, it's not a company providing a service. On the real internet, once something gets out there, there can never be a guarantee that it's taken back. Even on Reddit, once you post something, Reddit might fully delete it but someone out there may have copied it.

load more comments (7 replies)
[-] teawrecks@sopuli.xyz 24 points 1 year ago* (last edited 1 year ago)

This demonstrates a fundamental misunderstanding of digital privacy. You can never be guaranteed that data is deleted, just like you can never be guaranteed that someone has "forgotten" something. It doesn't matter what any entity claims they are doing under the hood, you have to assume they can't be trusted. That's not an expectation you can have, and not something privacy advocates are asking for.

I'm posting this comment publicly, and there's nothing stopping any random user (or non-user) from scraping this lemmy instance and archiving the data themselves. I know that when I post it. Same for reddit, raddle, any mastodon instance, etc. I can copy the text and usernames of everyone involved in that raddle thread and do whatever I want with it, there's nothing anyone can do to stop me.

To think otherwise reminds me of that first day on the internet kid meme. "I deleted my comments, hah, they'll never get them now!"

What I can demand is: if I send a message directly to another party, I want to be able to verify that that party and ONLY that party can read the message (end-to-end encryption). I can also demand that they not require me to dox myself to them, that they not run weird js-based fingerprinting/port scanning processes on my system/network, and that I am allowed to connect to their services through a VPN should I so choose.

[-] nix@midwest.social 14 points 1 year ago

This is all true personal best practices, but that doesn't mean it's bad to ask for better retention policies from the services you use. What you're talking about is true privacy and security; the critiques OP outlines are about reducing exposure when you are public. Will that reduction be verifiably perfect? No. But it's still better than nothing, especially in cases where you're just trying to protect from a specific threat, like someone you know irl seeing something that you regret posting.

load more comments (1 replies)
[-] BitOneZero@beehaw.org 21 points 1 year ago

Given the beta status of Lemmy, I don't even think it's a great idea to give the appearance of privacy. I think the core purpose of a webapp like Lemmy is public messages.

I think it's a can of worms for server operators to get into the business of thinking they can safely hold private messages between users/strangers. None of the Lemmy instances I've joined have had a "terms of service" or anything like that on SIgn Up, I really think the message should be sent far and wide that Lemmy is about posting IN PUBLIC and that messages are being FEDERATED to peers, even people that you don't know could be collecting the data for a search engine.

With small-time server operators opening up hundreds of Lemmy instances, without giving away their experience or human identity, how can you have any confidence that someone is properly securing a server they only have part-time job to update and operate? Major corporations are having their database stolen, Valve, Sony, Nintendo, health care companies, mobile network companies (AT&T)... you think a low-budget shoestring server by a hobbyist running Lemmy should be held to the same standards as a corporation who has an entire team and services to defend their data?

load more comments (1 replies)
[-] ManeraKai@programming.dev 21 points 1 year ago* (last edited 1 year ago)

Opposite to Instagram or Facebook, on Lemmy or Mastodon you can create an anonymous account. Yes it will be logged (normal public internet), but you won't be treacable. The UI doesn't have any tracking scripts, and many instances don't require an email even to sign up. Use the Tor browser to spoof your IP.

[-] Dee_Imaginarium@beehaw.org 21 points 1 year ago

Damn, Raddle seems worse than Reddit when it comes to toxic attitudes. I never looked much into it since it's just another centralized platform like Reddit with different management, but boy oh boy are those comments just awful. Great community you folks got over there 😬

[-] buckykat@lemmy.fmhy.ml 20 points 1 year ago

I didn't even give this shit an email address

[-] tmpod@lemmy.pt 19 points 1 year ago* (last edited 1 year ago)

I didn't know anything about Raddle besides the name until now. But gosh, is that a needlessly toxic pit. There's a poor guy there getting completely beaten up by an admin and some others which seem to be enjoying their time-wasting public bullying. Oh well...

[-] roofuskit@kbin.social 18 points 1 year ago

Anyone who has open discussions on the Internet and thinks they're somehow private is a fool. Short of end to end encrypted chat I'm not sure what they expect.

[-] furrowsofar@beehaw.org 18 points 1 year ago

It is all public just as most forums on Reddit. No real difference. No difference with Usenet either. Relax.

[-] static@kbin.social 18 points 1 year ago

Mastodon's privacy issues are just the same as the rest of the fediverse/threadiverse.

With federation there is more openness and transparency. Take care of your privacy, use alts.

[-] Prunebutt@feddit.de 18 points 1 year ago* (last edited 1 year ago)

I find all the "privacy isn't possible on the clearnet, lol" Commets quite troubling. Yes, the internet doesn't forget and we should always behave on the internet as if our moms could read it.

But that kind of "privacy realism" fosters an additude that doesn't care about privacy at all; no matter how it could be improved (even if it's never perfect). Just because anyone on the street can follow me home and therefore can find my home address, I'm not carrying a sign with my address when going to a protest.

According to this comment, privacy is worse than with mastodon. And while data always can be scraped, it still isn't too much to ask to properly federate deletions.

Yes, the internet is a public place and reddit is bad and you might not like raddle, but come on, people. Have you all given up on improving things already? And do only tech-savvy people with the knowledge and resources to run their own servers have a right to privacy on the internet?

load more comments (1 replies)
[-] Forcen@lemmy.one 17 points 1 year ago* (last edited 1 year ago)

One thing that mastodon does is proxying all the media from the federated servers, lemmy does not do this.. (yet)

For example on this comment page there are 9 domains trying to connect directly to me according to ublock origin. I suggest blocking all third party requests on your instance using ublock origins advanced mode because the website works fine without them, it might be mostly avatars?

load more comments (2 replies)
[-] Thorny_Thicket@sopuli.xyz 16 points 1 year ago

I assume anything I post online to remain there forever anyways. That's why I regularly make a new account so atleast everything isn't behind one username

[-] j0s3f@feddit.de 15 points 1 year ago

That's a non issue. You just cannot expect to be able to delete anything you post on the internet. Even the great reddit with the awesome deletion feature cannot help you. You might be able to delete your comment there, but there is https://www.unddit.com/ https://archive.is/ https://web.archive.org/ and many others, where your comment will still be available.

load more comments (4 replies)
[-] FrostBolt@kbin.social 14 points 1 year ago

Use a pseudonym that you don’t use anywhere else and don’t dox yourself in your posts or comments

load more comments (5 replies)
[-] lohrun@fediverse.boo 14 points 1 year ago

It’s no different than me sending an email to someone and then sending a request to delete it. There likely is still a copy on the email provider’s server and the recipient could have potentially backed up their emails to something outside of the email ecosystem.

Unfortunately the only way to be absolutely sure that there isn’t information you don’t want on the internet is to not share it at all. There will always be an issue of making sure every system actually deletes content when you request it. Like I said, that doesn’t stop anyone from backing up the data to another system. (E.g. Reddit archives from 2005 to now are available to download, even content that has already been deleted)

load more comments (2 replies)
[-] Stimmed@reddthat.com 14 points 1 year ago

If you think anything on the Internet can ever be forgotten... Your going to have a bad time. Passwords, one of the most protected data types, are compiled from beaches into huge databases so that hackers can use them to try to log into website. There are literally dozens of not hundreds of those password databases on the public Internet to be downloaded, not to mention private or dark web collections. If passwords are not safe, what makes you think publicly available social media would be any different?

Even if somehow the whole federation agreed to purge all post every year, things like the Internet archive and Google cache of pages would retain the data.

[-] iuseit@iusearchlinux.fyi 13 points 1 year ago

Personally when I want to share what I'm saying with the world I write a letter, burn it, and snort the ashes. This is the only truly private way to do this.

load more comments
view more: next ›
this post was submitted on 19 Jun 2023
160 points (100.0% liked)

Technology

37739 readers
942 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS