this post was submitted on 19 Jun 2023
246 points (100.0% liked)

Technology

37735 readers
44 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it's visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
top 50 comments
sorted by: hot top controversial new old
[–] ffmike 133 points 1 year ago (8 children)

In my opinion it's unreasonable to think anything can truly be deleted in a federated system. Even if the official codebase is updated to do complete deletion & overwrite, it's impossible to prevent some bad actor from federating in a fork that just ignores deletion requests.

Seems sensible to just not post anything that you don't want to be available for the lifetime of the internet.

[–] dudeami0@lemmy.dudeami.win 53 points 1 year ago

Just as it's impossible to stop scrapers from archiving data on traditional websites. "Deleted" data is probably in a database somewhere, being sold by someone. As you said, you lose some degree of control over your data as soon as you post it. Data is valuable, and if there is a will there is a way.

[–] alyaza 50 points 1 year ago (2 children)

In my opinion it’s unreasonable to think anything can truly be deleted in a federated system.

yeah like. this is just a byproduct of how federation works currently. i don't even know how you'd begin to design a federated system where some of these critiques can't be levied

load more comments (2 replies)
[–] yourgodlucifer@kbin.social 30 points 1 year ago* (last edited 1 year ago)

I don't expect my data to be fully deleted in a centralized system either. even if it was deleted from the central server someone might have made an archive of it

and reddit is definitely guilty of this since they were bringing back peoples deleted comments and accounts

load more comments (5 replies)
[–] 0xtero@kbin.social 94 points 1 year ago* (last edited 1 year ago) (5 children)

First - we're all using alpha/beta software (Lemmy is 0.17.4, Kbin is 0.10.). None of these services are "production quality" software yet, so let's keep that in our minds - we're all early adopters.

The points mentioned in the OP are a bad look. Naturally. User should have expectation of their data being deleted on request - especially since this request might be regulatory privacy request (GDPR related). It's a clear failure from the software and should be improved and iterated upon.

The expectation shouldn't be "oh well it's on the Internet, live with it". While Facebook might keep mining your data after deletion request, our software shouldn't behave like that, we should strive to be better with this stuff.

And finally, ensuring privacy in federated system is hard. Mastodon suffers from same problems. We shouldn't give up on the idea though.

[–] YMS@kbin.social 21 points 1 year ago* (last edited 1 year ago) (1 children)

It is an early stage software and such things can be worked out, you're right. But on the other hand, such basic elements should be based on a thorough concept before a single line is coded, and implementing something like a delete button with "Let's just make it delete the most visible stuff for now, we can always improve that later when there is time" is recipe for disaster.

load more comments (1 replies)
[–] aard@kyu.de 19 points 1 year ago (6 children)

The more important part for privacy: Mail address is optional, and IP addresses are not stored in the database. A correctly configured instance (at least for EU legislation) also will not log IP addresses in the web server - with that you can have profiles that can't be tied to an actual human, and you don't have location and movement data.

The data deletion is pretty much a nice to have - it's on the level of the Exchange feature to recall Emails: Sure, you can ask nicely, but outside of your own server pretty much nobody will care. Lemmy is federated over multiple jurisdictions, so even with full deletion implemented there'll almost certainly be instances which will ignore the deletion request - and it will be completely legal for them to do so. More important is education about what you publish, and a basic understanding of the technical and legal realities you'll have to deal with if you later decide you want that information gone.

I already had that discussion with my 6 year old when she wanted to publish some videos - and she understood the problems quite well.

load more comments (6 replies)
load more comments (3 replies)
[–] russjr08@outpost.zeuslink.net 84 points 1 year ago (5 children)

So, I was born in the late 90's - I don't know if they still have "computer literacy" as a core course in schools these days, but they did when I was going through K-12 (or, well K-9.. once you were in high school they assumed you knew the basics of how to use a computer, and had more advance courses).

One of the very first things we learned about the internet is that once you put something on the internet, there is no way to take it back. At the time, uploading pictures to the "cloud" and such wasn't really a thing so we learnt this by using email: Once you've sent an email to someone, you cannot "unsend" it. You can kindly ask the other party to delete the copy of the email without opening it, but you cannot guarantee that the email wasn't saved on another computer, or saved somewhere else along the route between your computer and the receiver's computer. Clicking the send button was taught to us as "etching your letter into stone".

Because of this, I've always (or at least, as far as I can remember) made sure that anything I put on the internet, or even "put into digital form" (such as even writing something in a file on your computer - you can recover deleted files from a hard drive unless you really put in the effort to actually erase it... there is a huge difference between erasing a file, and marking it as "deleted") is something that I'm okay being tied with me forever. I'm sure if you looked hard enough, you could find me participating on message boards as a young teenager - and to that I just say "Oh well". Is some of it probably very cringe-inducing and embarrassing? I have no doubt.

(This is also why you should take extreme caution when talking about say, your friend, on the internet - if you post something about them on the internet, you're condemning them to this same exact thing)

Now funnily enough, as far as I understand the ActivityPub protocol, it is for all intents and purposes the exact same as email in this regard. Once you've sent something, there are no "take backs". All you can do is kindly ask others to delete their copy, and that comes with zero guarantees. If I had a mastodon server, and someone deletes their toot - I could take down my server and my server would never receive that delete request. Or, just simply change the source code of the Mastodon instance on my server to straight up ignore deletion requests.

Would it be nice for Lemmy to have a way to actually delete your content? Sure. But that's not technically feasible, and personally (as controversial as it may seem) I would rather Lemmy not try to give you the false sense that everything was completely gone forever. I'm not saying that you shouldn't be able to delete your account off a Lemmy instance, but it shouldn't come with an option that says "Check here to remove your data/media from all federated instances" because Lemmy/no one can promise that, and I really hate it when software (or really anyone/anything) attempts to make a promise in bad-faith knowing that they can't possibly ever uphold it.

Anyone who thinks Reddit is "better" than Lemmy in this regard probably doesn't realize that Reddit is making a claim they can't keep. The most obvious example of this is all of these subreddits that have gone dark? You can bring up most of their posts on the Wayback Machine or Google Cache. That would be the case regardless of whether they were set to private, or even if they were just straight up "deleted".

We really should not be setting the belief for people that there exists a way to completely nuke a piece of data off the internet, because you cannot make a guarantee of that being the case.

load more comments (5 replies)
[–] lowleveldata@programming.dev 71 points 1 year ago* (last edited 1 year ago) (13 children)

It is reasonable that people should be able to delete their posts / comments. However I don't see how is this related to "privacy". How can something you post on a public forum be private?

[–] Lols@lemm.ee 29 points 1 year ago (1 children)

its the principle behind the 'right to be forgotten'

if you posted something to a public forum and changed your mind, deciding it shouldnt be public after all, you should have that option

load more comments (1 replies)
[–] rstein@discuss.tchncs.de 21 points 1 year ago (1 children)

You can’t delete a mail you sent me, nor put your hand written letter to me in the bin. I can keep both and I can keep your name and addresses in my little black book. So there isn’t even that level of privacy in the real old fashioned communication.

And communication over the Internet was always the subject of storage. Your mail may be on the backup tape of a mail server. Your usenet posting is on archive.

So the assumption that the fediverse can forget….

load more comments (1 replies)
load more comments (11 replies)
[–] rubywingedflier@possumpat.io 68 points 1 year ago (9 children)

I understand the impulse but the way some people get so hung up on trying to make a way to permanently and universally delete posts made on public facing social media and framing it as a "privacy" issue feels kinda like saying something you regret on mic at a town hall and being mad that you can't permanently delete the memory of it from the minds of everyone present, and claiming that they violated your privacy by remembering it

load more comments (9 replies)
[–] NightOwl@lemmy.one 66 points 1 year ago (2 children)

Did anyone use reddit thinking it was private? With stuff like push shift and way back machine people shouldn't be posting stuff they aren't comfortable sharing anyways on a wide open message board.

Always weirded me out the people who'd treat their reddit accounts like Facebook.

[–] CheshireSnake@iusearchlinux.fyi 20 points 1 year ago (1 children)

With stuff like push shift and way back machine

So much this. I don't get why people don't remember this first thing when it comes to data storage.

load more comments (1 replies)
load more comments (1 replies)
[–] communist 60 points 1 year ago

https://github.com/LemmyNet/lemmy/issues/2977

It's not like they're doing it on purpose, there's a lot of things being worked on, and this is one of them.

[–] loving_kindness@midwest.social 58 points 1 year ago (17 children)

Anything put on the internet is forever. No one should be publicly posting anything with the expectation that they have any control of it after it goes out. If it’s not held by the server, there’s the way back machine or even just folks taking screenshots.

load more comments (17 replies)
[–] heartlessevil@lemmy.one 56 points 1 year ago

What does this have to do with Mastodon?

The same privacy issues also exist with Mastodon and all distributed systems.

[–] retronautickz 52 points 1 year ago* (last edited 1 year ago) (3 children)

The illusion of Privacy is Mastodon (or social media in general)

There's a reason why when you go to "private mentions" on Mastodon, this appears:

Private mentions. Post on mastodon are not end-to-end encrypted.Do not share any sensitive information over Mastodon

While yes, we should be able to delete our content if we want, but it's a bit naive to think there could be true privacy in any decentralised social media platform.

There's a reason why one of the think people tell you when you come to the fediverse is not to share personal and sensible information.

The only decentralised social media that has some level of privacy is Matrix, and that's why it has it's own protocol and only federates within/between its own servers.

[–] KitemanHellYeah@lemm.ee 32 points 1 year ago (5 children)

In general I think we should go back to separating personal identities from internet identities on discussion forums like these. There are already platforms for promoting your personal identity that are way better than these types of forums

load more comments (5 replies)
[–] BitOneZero 20 points 1 year ago (1 children)

While yes, we should be able to delete our content if we want, but it’s a bit naive to think there could be true privacy in any decentralised social media platform.

Especially an email or "reddit" threaded conversation systems where quoting of messages is routine. Here I am, quoting you.

You are putting a billboard up in public, on a bulletin board in the center of the Internet, the assumption should be that anyone can photograph it.

load more comments (1 replies)
[–] Zetaphor@zemmy.cc 18 points 1 year ago

There’s a reason why when you go to “private mentions” on Mastodon, this appears:

Lemmy carries the same warning:

[–] db0@lemmy.dbzer0.com 52 points 1 year ago (9 children)

The same is true for raddle. They kid themselves if they think anyone can't record anything in there forever.

Anyway it's also inaccurate. Deleted accounts are purged from the DB, so they're definitelly not visible anymore

Likewise you you edit your comment, it's edited in the DB.

load more comments (9 replies)
[–] knova@links.dartboard.social 51 points 1 year ago (3 children)

BTW, the OP on Raddle was spamming that message around Reddit last week and directing people to Raddle. I think he has a bone to pick with the developers' politics more than anything.

load more comments (3 replies)
[–] teawrecks@sopuli.xyz 46 points 1 year ago* (last edited 1 year ago) (2 children)

This demonstrates a fundamental misunderstanding of digital privacy. You can never be guaranteed that data is deleted, just like you can never be guaranteed that someone has "forgotten" something. It doesn't matter what any entity claims they are doing under the hood, you have to assume they can't be trusted. That's not an expectation you can have, and not something privacy advocates are asking for.

I'm posting this comment publicly, and there's nothing stopping any random user (or non-user) from scraping this lemmy instance and archiving the data themselves. I know that when I post it. Same for reddit, raddle, any mastodon instance, etc. I can copy the text and usernames of everyone involved in that raddle thread and do whatever I want with it, there's nothing anyone can do to stop me.

To think otherwise reminds me of that first day on the internet kid meme. "I deleted my comments off of their servers, hah, they'll never get them now!"

What I can demand is: if I send a message directly to another party, I want to be able to verify that that party and ONLY that party can read the message (end-to-end encryption). I can also demand that they not require me to dox myself to them, that they not run weird js-based fingerprinting/port scanning processes on my system/network, and that I am allowed to connect to their services through a VPN should I so choose.

[–] nix@midwest.social 20 points 1 year ago* (last edited 1 year ago)

You're talking about real privacy, the critiques above are all about exposure reduction (incorrectly framed as privacy). Good retention policies are still important for situations like trying to delete something that you regret posting.

An example I could think of from the other site is the very common occurrence of posting some relationship questions and then deleting them later so that the person they're about can't stumble onto them. In that case you want finding the thing you deleted to be nontrivial enough that it can't accidentally be found. Someone with both the skills and knowledge about what they're looking for may still find it, because it was once public, but that's a different threat.

load more comments (1 replies)
[–] nerodessertking 43 points 1 year ago (1 children)

i mean raddle is a site that has an anti doctor post pinned in the mental health community ... like c'mon I and many others need medicine to survive and you are encouraging anti-psychiatrist posting, Church of Scientology levels of anti-medicalist posting

load more comments (1 replies)
[–] kool_newt 43 points 1 year ago* (last edited 1 year ago) (6 children)

The fediverse is the real internet, it's not a company providing a service. On the real internet, once something gets out there, there can never be a guarantee that it's taken back. Even on Reddit, once you post something, Reddit might fully delete it but someone out there may have copied it.

[–] Zetaphor@zemmy.cc 19 points 1 year ago* (last edited 1 year ago) (2 children)

I had years worth of posts and comments that I deleted via the interface a while ago. Then as part of the reddit exodus I decided to run a removal tool that used the API, and it turns out 11 years worth of "deleted posts" were all still sitting out there, they were just hidden from me.

I did find it strange when I received a reply to a years old comment that my profile page said was deleted, but I just thought it was a caching issue. Turns out all of that content was still out there with my name attached, I was the only one who couldn't see it.

load more comments (2 replies)
load more comments (5 replies)
[–] Dee_Imaginarium 33 points 1 year ago

Damn, Raddle seems worse than Reddit when it comes to toxic attitudes. I never looked much into it since it's just another centralized platform like Reddit with different management, but boy oh boy are those comments just awful. Great community you folks got over there 😬

[–] BitOneZero 33 points 1 year ago (1 children)

Given the beta status of Lemmy, I don't even think it's a great idea to give the appearance of privacy. I think the core purpose of a webapp like Lemmy is public messages.

I think it's a can of worms for server operators to get into the business of thinking they can safely hold private messages between users/strangers. None of the Lemmy instances I've joined have had a "terms of service" or anything like that on SIgn Up, I really think the message should be sent far and wide that Lemmy is about posting IN PUBLIC and that messages are being FEDERATED to peers, even people that you don't know could be collecting the data for a search engine.

With small-time server operators opening up hundreds of Lemmy instances, without giving away their experience or human identity, how can you have any confidence that someone is properly securing a server they only have part-time job to update and operate? Major corporations are having their database stolen, Valve, Sony, Nintendo, health care companies, mobile network companies (AT&T)... you think a low-budget shoestring server by a hobbyist running Lemmy should be held to the same standards as a corporation who has an entire team and services to defend their data?

load more comments (1 replies)
[–] ManeraKai@programming.dev 30 points 1 year ago* (last edited 1 year ago) (1 children)

Opposite to Instagram or Facebook, on Lemmy or Mastodon you can create an anonymous account. Yes it will be logged (normal public internet), but you won't be treacable. The UI doesn't have any tracking scripts, and many instances don't require an email even to sign up. Use the Tor browser to spoof your IP.

load more comments (1 replies)
[–] furrowsofar 29 points 1 year ago

It is all public just as most forums on Reddit. No real difference. No difference with Usenet either. Relax.

[–] lohrun@fediverse.boo 29 points 1 year ago (2 children)

It’s no different than me sending an email to someone and then sending a request to delete it. There likely is still a copy on the email provider’s server and the recipient could have potentially backed up their emails to something outside of the email ecosystem.

Unfortunately the only way to be absolutely sure that there isn’t information you don’t want on the internet is to not share it at all. There will always be an issue of making sure every system actually deletes content when you request it. Like I said, that doesn’t stop anyone from backing up the data to another system. (E.g. Reddit archives from 2005 to now are available to download, even content that has already been deleted)

load more comments (2 replies)
[–] tmpod@lemmy.pt 28 points 1 year ago* (last edited 1 year ago)

I didn't know anything about Raddle besides the name until now. But gosh, is that a needlessly toxic pit. There's a poor guy there getting completely beaten up by an admin and some others which seem to be enjoying their time-wasting public bullying. Oh well...

[–] static@kbin.social 26 points 1 year ago* (last edited 1 year ago)

Mastodon's privacy issues are just the same as the rest of the fediverse/threadiverse.

With federation there is more openness, transparency and accountability. Take care of your privacy, use alts.

[–] Thorny_Thicket@sopuli.xyz 26 points 1 year ago (1 children)

I assume anything I post online to remain there forever anyways. That's why I regularly make a new account so atleast everything isn't behind one username

load more comments (1 replies)
[–] Prunebutt@feddit.de 26 points 1 year ago* (last edited 1 year ago) (1 children)

I find all the "privacy isn't possible on the clearnet, lol" Commets quite troubling. Yes, the internet doesn't forget and we should always behave on the internet as if our moms could read it.

But that kind of "privacy realism" fosters an additude that doesn't care about privacy at all; no matter how it could be improved (even if it's never perfect). Just because anyone on the street can follow me home and therefore can find my home address, I'm not carrying a sign with my address when going to a protest.

According to this comment, privacy is worse than with mastodon. And while data always can be scraped, it still isn't too much to ask to properly federate deletions.

Yes, the internet is a public place and reddit is bad and you might not like raddle, but come on, people. Have you all given up on improving things already? And do only tech-savvy people with the knowledge and resources to run their own servers have a right to privacy on the internet?

load more comments (1 replies)
[–] buckykat@lemmy.fmhy.ml 24 points 1 year ago

I didn't even give this shit an email address

[–] roofuskit@kbin.social 23 points 1 year ago

Anyone who has open discussions on the Internet and thinks they're somehow private is a fool. Short of end to end encrypted chat I'm not sure what they expect.

[–] j0s3f@feddit.de 23 points 1 year ago (4 children)

That's a non issue. You just cannot expect to be able to delete anything you post on the internet. Even the great reddit with the awesome deletion feature cannot help you. You might be able to delete your comment there, but there is https://www.unddit.com/ https://archive.is/ https://web.archive.org/ and many others, where your comment will still be available.

load more comments (4 replies)
[–] iuseit@iusearchlinux.fyi 21 points 1 year ago

Personally when I want to share what I'm saying with the world I write a letter, burn it, and snort the ashes. This is the only truly private way to do this.

[–] The_Terrible_Humbaba 20 points 1 year ago* (last edited 1 year ago) (6 children)

After reading some more comments, I think I came up with a good analogy to explain this issue, and I wanted to share.

Think of websites like a bar that also has an open mic.

Now, when I go to a bar, I don't want to have to give the bouncers and staff my full name as well as my address. I also wouldn't want them to know that I just came, for example, from a store where I was looking for a vacuum, and then have them warn a vacuum seller about it. A vacuum seller who is then going to sit next to me, while I'm trying to have a drink, and show me a pamphlet regarding the "amazing vacuum" he has for sale.

Ideally, I can also look for a bar that will allow me to come in costumed and not show my face. Or I could ask the bar to delete footage of me at some point, and to not store my ID if I do have to show it to a bouncer at the entrance.

All of that is relatively feasible and within the realm of reason; and all of that are things that privacy advocates might advocate for.

However, what is not feasible, or within the realm of reason, or what privacy advocates tend to advocate for, is the ability for me to willingly go up on stage, say something on the mic which I immediately regret, and then ask everyone present to forget it ever happened and delete any footage they might have of it. No reasonable person would ask for something like that, because it is not a reasonable request.

That is how regular websites work. With federated websites, that becomes enhanced; it's like if the bar you're in has a camera pointed at the microphone, and transmits both video and audio directly into several other bars. So when you go up to that mic, you better make sure you're okay with what you are saying being made public and available to anyone.

load more comments (6 replies)
[–] Forcen@lemmy.one 19 points 1 year ago* (last edited 1 year ago) (2 children)

One thing that mastodon does is proxying all the media from the federated servers, lemmy does not do this.. (yet)

For example on this comment page there are 9 domains trying to connect directly to me according to ublock origin. I suggest blocking all third party requests on your instance using ublock origins advanced mode because the website works fine without them, it might be mostly avatars?

load more comments (2 replies)
[–] FrostBolt@kbin.social 19 points 1 year ago (5 children)

Use a pseudonym that you don’t use anywhere else and don’t dox yourself in your posts or comments

load more comments (5 replies)
[–] binwiederhier@discuss.ntfy.sh 18 points 1 year ago (1 children)

The privacy stinks you say? Did you know that Likes and Dislikes are public too? That was the most shocking to me. Because it is very much not like Reddit or others.

It's still a fantastic piece of software, with all its flaws, though.

[–] poVoq@slrpnk.net 25 points 1 year ago (5 children)

It's impossible to federate these without making them public in this way.

The up-votes are also mapped to favourites in Mastodon etc, so that was always public anyway.

You could argue that this should not be hidden in the Lemmy UI, but there are also good reasons to not highlight that much who voted on a post.

load more comments (5 replies)
load more comments
view more: next ›