this post was submitted on 11 Nov 2024
623 points (97.0% liked)

Lemmy Shitpost

26897 readers
2532 users here now

Welcome to Lemmy Shitpost. Here you can shitpost to your hearts content.

Anything and everything goes. Memes, Jokes, Vents and Banter. Though we still have to comply with lemmy.world instance rules. So behave!


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means:

-No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...

If you see content that is a breach of the rules, please flag and report the comment and a moderator will take action where they can.


Also check out:

Partnered Communities:

1.Memes

2.Lemmy Review

3.Mildly Infuriating

4.Lemmy Be Wholesome

5.No Stupid Questions

6.You Should Know

7.Comedy Heaven

8.Credible Defense

9.Ten Forward

10.LinuxMemes (Linux themed memes)


Reach out to

All communities included on the sidebar are to be made in compliance with the instance rules. Striker

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] Saik0Shinigami@lemmy.saik0.com 7 points 1 week ago* (last edited 1 week ago) (11 children)

instance owners have quite a lot more information on their user’s activities

Not really. Only thing additional that could be identified is browsing patterns while on the site itself. I don't think it's that valuable. You likely already gave up what you're likely to see by commenting in communities. That's going to be tracked best through a proxy or something, not lemmy itself. And can even be tracked externally through other means. Ex: This post has a tracking image on it and because you need to connect to me to load it I now see everyone that had loaded this comment. So this can be done externally without even being an instance owner. Click view source to see it at the end of the post.

Votes are federated, kbin instances see them as "likes" publicly. Messages are federated, sent in clear text. And posts that are loaded can be tracked via other means... Think of sites that display ads... They do this exact thing and collect information by the boatload because they can inject on every page that shows an ad. Without needing to be an admin on the site itself.

Edit: In theory someone could canvas/comment on every post with a bot and embed tracking images everywhere. Rotate usernames doing it from different servers and rotate through domains that are all cnamed back to the same tracking node and you could attack the whole fediverse with this type of tracking. Probably already being done... But it would be visible in that we have the ability to check source of each comment. But who the hell is going to take the time to do that?

Edit2: Here's example of what was collected with that embedded image. Keep in mind that this type of tracking can happen with REAL images as well, making it impossible to track. And I'm specifically not tracking much of anything. But things like IP address used to access is on the backend. There's also Browser, OS, referrers... etc...

[–] Dave 1 points 1 week ago (4 children)

In a recent Lemmy version they added support for proxying images. So for people worried about this, see if you can find an instance (or set up your own) that does image proxying.

Before you ask, I'm not aware of any but I'm sure there are some.

[–] Saik0Shinigami@lemmy.saik0.com 2 points 1 week ago (3 children)

Yeah that was 19.4. It's doesn't proxy everything unless explicitly set to. Just thumbnails I believe. But I could be wrong. And many instance owners would be allergic to that as it leaves them on the hook for storing content. For example... someone posts CSAM... a copy of that is now on your server. You get police raided and you're fucked.

https://github.com/LemmyNet/lemmy/blob/705e86eb4c0079d0775f0c1490968f1183095fcc/config/defaults.hjson#L51

Actually going over it briefly looks like it has a few available options for what it will cache...

I refuse to enable it myself for the above reason. I would venture 99% of instances out there would also refuse for liability and bandwidth costs.

[–] Dave 1 points 1 week ago (1 children)

Certain (but not all) thumbnails have been sort of proxied for a while, but it's complicated. But for example if someone posts a link to some questionable content on imgur, your instance will have a copy of that cached (and never delete it, because... Lemmy reasons). The recent changes just mean you can now enable other images to be proxied, though this is disabled by default. This proxy has an age (a day or a week or whatever you set) and content is deleted if it hasn't been accessed in that timeframe - this is in contract to the normal Lemmy image stuff that I believe still stays forever unless that was fixed recenty.

And many instance owners would be allergic to that as it leaves them on the hook for storing content

This is already a risk whether via the existing thumbnail storage or via user uploads. It's a pretty common recommendation that you should never host a website like Lemmy on a home server, always use a VPS for this reason. Then make sure you understand your local laws as well.

[–] Saik0Shinigami@lemmy.saik0.com 2 points 1 week ago (1 children)

This is already a risk whether via the existing thumbnail storage

Not anymore. You can opt out of it for the most part.

# Leave images unchanged, don't generate any local thumbnails for post urls. Instead the the
# Opengraph image is directly returned as thumbnail
"None"

[–] Dave 1 points 1 week ago* (last edited 1 week ago)

Oh I didn't realise this! I'll have to investigate more. Even if you want proxying, it makes way more sense to use the proxy image functionality that actually deletes the images after a period of time.

Thanks for bringing this to my attention, I'm quite excited about it 😆

Edit: seems like it's been an option since 0.19.0!

load more comments (1 replies)
load more comments (1 replies)
load more comments (7 replies)