Don’t forget about the fact that a while back they secretly whitelisted Facebook trackers in their adblocker to “make pages run more smoothly” they got a lot of shit for it when people found out looking through the source code. When I heard that they did that it basically cemented in my mind that they were shady and untrustworthy, that’s in addition to the Crypto and rewards stuff.
See guys, I know people didn’t believe me when I said there are people who push for and encourage for projects to be corporatized instead of community run but here is one of them. These types of garbage arguments always bring up the idea of cybersecurity but always neglect to mention one of the biggest security and privacy threats to the corporate governed model, the corporation itself. Especially once enshittification really sets in.
And before you vomit some horrible misrepresenting argument reminiscent of Dave Plumber’s speech against backdoors in Windows, you know damn well that when I say the company itself is a privacy and security threat to the project that I’m talking about deliberate attempts by the company to make money off the project through tracking, ads, crypto mining, and any other number of shady shit. You know, things that are officially sanctioned.
I like it, it’s nice to be able to bring RSS News feeds automatically into the Fediverse, and if people don’t like it they can just ignore or block the communities.
I think you’re misunderstanding just like the Mastodon users who think every tool should be opt-in. The consent piece IS moving to a closed system with whitelisted federation. If you’re giving data out publicly with no restrictions but trying to put stipulations on how it’s used, it’s the same as trying to enforce control through robots.txt, which is by the way a standard protocol.
So if you’re going to whine about votes being shown, you should be using a whitelist to block those actors from seeing it, and should be using authorized fetch to limit access to those whitelisted instances specifically, otherwise this is every stupid argument about “why robots.txt should be respected”.
Oh I didn’t know that, that’s good. Though I think the point still stands since it’s not a guarantee instance admins will use it (unless it’s a default).
You can use the Tesseract Lemmy frontend to view votes in your communities. However it will only work on instances on version 0.19.8 or greater, so if your mod accounts are on an instance like that it won’t give you the option or let you see them.
You can usually use another instance that shows names if you have an account there, it’ll show at least the federated stuff.
Exactly, that’s why I said for ones that aren’t cached. They can be cached, but it’s not a guarantee they will be.
And it wouldn’t be caught quickly or maybe even ever if they opted to use hashes instead of just showing who voted and when.
Mods can already see voting data, at least through the API on the latest version of Lemmy.
I know, it’s a really big problem here and on the Fediverse in general because people get so outraged and entitled over something that just is the way things are, this wouldn’t work any other way.
Except ActivityPub data is by in large already not private, it is handed out to any tom dick and harry who run a server and have subscribed to actors on this one, and most of the time, it doesn’t even really require extra authorization. That is fundamentally how ActivityPub and federation work, but you can’t have any expectation of privacy in this system when it comes to the content shared. Expecting it to be private because it’s labeled is as dumb as expecting your website not to get scraped because you said so in robots.txt.
It’s not good practice. Really one shouldn’t be assuming anything is private or some entitlement to privacy on a service where all content you post is made publicly available to any and all linked instances. They miss the point of a federated public forum. If one wants privacy, data must be kept locally only. That’s why Lemmy has local-only communities, the “private” community aspect that many people want just won’t be federated, because you can’t make something like this private otherwise.
That’s almost as bad as using robots.txt to claim sites are private and secure and just whining that people/bots should respect it.
You should assume voter data is fully public and fully open. It otherwise is in the federated ecosystem.
If image embeds aren’t cached by your server they can be abused to gain IP, but that’s a hack, it’s not intended.
The whole concept of the Fediverse as social media is that all the data is public. Stop acting like these servers are giving out private data. This data has never been private, and it never will be. Data like this being shared with any other server is how ActivityPub and the Fediverse work.
I posted the main thread from blahaj.zone, his comment here and all our replies don’t show up on blahaj.zone at all. I checked the modlog and he was banned from the instance.
you can, names are shown in other frontends like phtn.app.
He’s been suspended from the lemmy.blahaj.zone instance I don’t think he can do that.
You should also add secretly whitelisted Facebook trackers in their adblocker, something they did a while back.
Yikes I didn’t know they did that but I’m not surprised. There’s a reason the people behind Tor say it should only be used via the official Tor browser, because only the Tor browser can provide that level of protection against those kind s of leaks, as well as much better fingerprinting resistance than chromium-based brave is going to give you.