this post was submitted on 12 Jun 2023
108 points (100.0% liked)

Technology

37739 readers
50 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Please check my post, I think everything I said is very valid, but I want this community to see it too, and help steer the discussion, I think reddit is doing this intentionally.

you are viewing a single comment's thread
view the rest of the comments
[–] communist 1 points 1 year ago* (last edited 1 year ago) (1 children)

You’ve never worked with a company using Google Workspace or Office 365/Exchange Online?

One of the companies i've worked for does use exchange, actually, my bad, I forgot it was exchange because it was on their domain.

How Lemmy instances interact is a function of the Lemmy software and federation. Archive.org is not federated with a Lemmy instance. It’s literally scraping content and saving a local copy of it. This isn’t preventable without requiring a login to view any content.

If it's not preventable, why do you care if lemmy does it? Does this actually matter at all?

Why do you expect privacy on a public forum? You're assuming something that's impossible to get, reddit doesn't give you privacy, tildes doesn't give you privacy, you don't know that your content is actually being deleted their either, again, you're forgetting that you're comparing lemmy to something, not an imagined perfect choice.

https://github.com/LemmyNet/lemmy/issues/2977 also lemmy does delete your shit if you delete your account. So, this really is a non-issue.

I just can’t agree with this. My parents are going to understand how to use Twitter and how Twitter works much faster than they’d be able to figure out how Mastodon works. They’d also be able to figure out how Tildes or Reddit works faster than Lemmy.

Why do you assume they need to know how it works in order to use it?

Do they need to know how email works in order to use it? This is a wrong assumption. Yes, centralized services are easier to explain how they work fundamentally, but if you told someone lemmy was centralized, what incorrect assumptions would the end user actually make to actually impact their experience? Virtually nothing, once the issue trackers for instance-agnostic linking and automatically staying on your federated instance are resolved.

[–] mainfrog 1 points 1 year ago* (last edited 1 year ago) (1 children)

If it’s not preventable, why do you care if lemmy does it? Does this actually matter at all?

Are you really going to use the nothing to hide argument? I care because we should design software to respect privacy. What Lemmy does with user data is within the span of control of Lemmy. Lemmy should treat user data with respect and value user privacy to the extent it doesn't break the fundamental usage of the product.

Why do you expect privacy on a public forum? You’re assuming something that’s impossible to get, reddit doesn’t give you privacy, tildes doesn’t give you privacy, you don’t know that your content is actually being deleted their either, again, you’re forgetting that you’re comparing lemmy to something, not an imagined perfect choice.

Lemmy is open source. Tildes is open source. I know what both of them do, in theory, when I click the delete button. I know that Lemmy doesn't actually delete the post. Reddit is closed source - I edit and then delete my posts there. You are correct, I don't know what happens after that. I'm not arguing in favor of Reddit.

I don't expect privacy, but I want privacy. I use Signal for messaging for privacy. I use a smaller third party email provider for privacy. If Lemmy can be more verifiably respectful of privacy I think that will draw more users into the platform over time.

Why do you assume they need to know how it works in order to use it?

Do they need to know how email works in order to use it? This is a wrong assumption. Yes, centralized services are easier to explain how they work fundamentally, but if you told someone lemmy was centralized, what incorrect assumptions would the end user actually make to actually impact their experience? Virtually nothing, once the issue trackers for instance-agnostic linking and automatically staying on your federated instance are resolved.

I don't even know how to respond to this. Why does someone need to know how something works to use it?

Here is the flow for Reddit:

  1. Search join reddit
  2. Click top link ( https://www.reddit.com/register/ )
  3. Create account

< 5 clicks

Here is the flow for Lemmy:

  1. Search join Lemmy
  2. Click top link ( https://join-lemmy.org/ )
  3. Read page, maybe click "Join server"? Or do I want to host a server? The call to action on this page isn't clear. Lets assume join.
  4. Instances page. Talks about "lemmyverse" and "server/instance" top result is vlemmy.net for 19 users / month? I guess that one? Click join.
  5. I'm now on vlemmy.net, which looks like the reddit homepage. It didn't take my to sign up. Click sign up.
  6. Create account

This process forces the user to make more choices (probably uninformed choices) and requires more navigation.

The join-lemmy page should probably be centered around non-technical users with an emphasis on joining and instance (not hosting one). Hosting an instance should be towards the bottom of the page. It should explain the benefits in plain and easy to understand text.

[–] communist 1 points 1 year ago (1 children)

Are you really going to use the nothing to hide argument? I care because we should design software to respect privacy. What Lemmy does with user data is within the span of control of Lemmy. Lemmy should treat user data with respect and value user privacy to the extent it doesn’t break the fundamental usage of the product.

No, because lemmy ISN'T PRIVATE FUNDAMENTALLY, it's a PUBLIC FORUM I do not know what else needs to be said, don't post public things if you want privacy.

Lemmy is open source. Tildes is open source. I know what both of them do, in theory, when I click the delete button. I know that Lemmy doesn’t actually delete the post. Reddit is closed source - I edit and then delete my posts there. You are correct, I don’t know what happens after that. I’m not arguing in favor of Reddit.

You have no way of knowing what tildes actually does, you just know what the code on github says it does, unless you're running tildes yourself, you have no way of knowing.

https://docs.tildes.net/policies/privacy-policy

"If you delete a post, it is marked for deletion and hidden from the site, but the contents are not deleted immediately. The content of deleted posts is removed from our databases 30 days after deletion."

This process forces the user to make more choices (probably uninformed choices) and requires more navigation.

This is not a fundamental issue, this is a growing pain, and it's solved by just linking somebody to an instance instead of explaining all of that, this is opt-in complexity, not a fundamental problem.

The join-lemmy page should probably be centered around non-technical users with an emphasis on joining and instance (not hosting one). Hosting an instance should be towards the bottom of the page. It should explain the benefits in plain and easy to understand text.

Yeah, that would be better, or you can just link non-technical users instances and explain none of that.

[–] mainfrog 1 points 1 year ago (1 children)

No, because lemmy ISN’T PRIVATE FUNDAMENTALLY, it’s a PUBLIC FORUM I do not know what else needs to be said, don’t post public things if you want privacy.

A public form doesn't mean it can't respect privacy. Why even allow delete at all in Lemmy if this is your argument? Make comments immutable. It would be easier to code.

Lemmy is also aware of your IP address - should it make that information available since it's a public form? Of course not, that would be absurd. When I click delete the post should be deleted because that aligns with what the user would expect to happen.

You have no way of knowing what tildes actually does, you just know what the code on github says it does, unless you’re running tildes yourself, you have no way of knowing.

Yep, but that's also true for pretty much all Lemmy instances including the one you use - right? You have to place some level of trust in the maintainers and administrators.

I think the way Tildes handles deleted posts (removed 30 days later) is a benefit when compared to how Lemmy handles deleted posts. I'm fine if the delete isn't instant.

This is not a fundamental issue, this is a growing pain, and it’s solved by just linking somebody to an instance instead of explaining all of that, this is opt-in complexity, not a fundamental problem.

I agree that it isn't a fundamental issue, but it does seem to be a reoccurring issue in federated software. The process for getting people onto the software tends to be focused on tech savvy people. That's why a lot of these platforms end up dominated by IT/software developers.

Yeah, that would be better, or you can just link non-technical users instances and explain none of that.

That requires 'recruiting' someone to a specific instance instead of them finding it on their own. That's not an organic process. Nobody recruited me into Reddit - I found it myself.

If I Google Lemmy my top three links are:

  1. Wikipedia entry for Lemmy Kilmister
  2. Join-Lemmy.org
  3. Lemmy Github repo

None of these are specific instance someone could join. There isn't a single instance in the first page of results. There are some variations of words that I can use that direct me to lemmy.ml first, but the signup page for that instance literally asks you to go to joinlemmy before signing up.

We need to improve this process if we want people to continue migrating to federated services.

[–] communist 1 points 1 year ago (1 children)

A public form doesn’t mean it can’t respect privacy. Why even allow delete at all in Lemmy if this is your argument? Make comments immutable. It would be easier to code.

It respects your privacy just as much as the alternative, which again, is reddit.

If you edit your post, the previous version isn't saved.

You are posting on a public website, you can't expect that level of privacy, nothing ever gets deleted on the internet.

[–] mainfrog 1 points 1 year ago (1 children)

It respects your privacy just as much as the alternative, which again, is reddit.

The alternative isn't Reddit. It's Tildes, Lobste.rs, Lemmy forks, etc...

News aggregation isn't a binary choice with Reddit on one side. I think if you are saying your software/platform "respects privacy as much as Reddit" that should really be a red or yellow flag. The way Reddit treats user data shouldn't really be an aspiration.

If you edit your post, the previous version isn’t saved.

I haven't dived into how Lemmy handles edits specifically yet, but my understanding is that a version of the edit is saved into a log. This also brings up the point - if I can edit my post with a period to "delete" it, why doesn't the delete work that way too?

You are posting on a public website, you can’t expect that level of privacy, nothing ever gets deleted on the internet.

I didn't say I expected it. I said I wanted it. Just because Twitter is terrible for privacy doesn't mean Lemmy can't aspire to better than Reddit or Twitter for privacy.

[–] communist 1 points 1 year ago* (last edited 1 year ago) (1 children)

I haven’t dived into how Lemmy handles edits specifically yet, but my understanding is that a version of the edit is saved into a log. This also brings up the point - if I can edit my post with a period to “delete” it, why doesn’t the delete work that way too?

You can do that, and delete doesn't work that way in case you want to restore your post.

You can also, again, delete your account, and that will remove all of your posts.

This respects privacy, and is convenient.

https://github.com/LemmyNet/lemmy/issues/2977 I recommend actually checking the issue tracker for that.

[–] mainfrog 1 points 1 year ago (1 children)

I just disagree. Let me restore my post for a limited amount of time before hard deleting it. Make the policy around that data transparent.

I have checked the issue tracker. Privacy concerns are coming up pretty regularly there. Other people seem to value it too. Lemmy has an opportunity to set a new standard around user privacy in this space and I hope we can take that opportunity.

[–] communist 1 points 1 year ago (1 children)

Post it to the issue tracker, it seems like it just hasn't been updated with that functionality yet, not that they won't do it.

[–] mainfrog 1 points 1 year ago (1 children)

My intention is to be a contributor. Rust is my second favorite language. Thank you for the discussion.

[–] communist 1 points 1 year ago

I can't imagine they'd reject a pull request for such a thing.