So. I thought about the potential of bad actors sniffing on lemmy data. In theory, you’ld have to trust your lemmy-instance hosted to not be a bad actor and every single server they federated with. That means, it should be really - REALLY - easy for a bad actor of even a nation state actor to set up an instance and just wait for the data of users to pour in.

Theoretically they could see all the posts you ever made, and, every post you upvoted. Which also gives clues on: When are you active, what region are you from, what you like and dislike (obviously), political views, etc.

I mean - Maybe I’m too suspicious but tbh the more I read into this, the more I get a bad feeling about this…

  • Limeey@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    What is “data of users”? Federated instances don’t get anything except username. Only the instance owner sees your IP address and browsing habits

    • NicestDicerest@lemmy.worldOP
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      Yes. But it is pretty easy to “connect the dots”. A lot of people are reusing their usernames, which makes them identifiable. And since the other instances do save data like Posts you made, likes or dislikes you send, it can be pretty easy to make a profile out of your data and identify you.

      • ᴅᴜᴋᴇᴛʜᴏʀɪᴏɴ@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        Hmm…if people followed basic privacy rules, like not reusing usernames, it wouldn’t be an issue.

        Lemmy is not a privacy focused platform. End of story. Neither is Reddit or Facebook.

        If you want to be anonymous and private, either use TOR or disconnect your internet.