So. I thought about the potential of bad actors sniffing on lemmy data. In theory, you’ld have to trust your lemmy-instance hosted to not be a bad actor and every single server they federated with. That means, it should be really - REALLY - easy for a bad actor of even a nation state actor to set up an instance and just wait for the data of users to pour in.
Theoretically they could see all the posts you ever made, and, every post you upvoted. Which also gives clues on: When are you active, what region are you from, what you like and dislike (obviously), political views, etc.
I mean - Maybe I’m too suspicious but tbh the more I read into this, the more I get a bad feeling about this…
What is “data of users”? Federated instances don’t get anything except username. Only the instance owner sees your IP address and browsing habits
Yes. But it is pretty easy to “connect the dots”. A lot of people are reusing their usernames, which makes them identifiable. And since the other instances do save data like Posts you made, likes or dislikes you send, it can be pretty easy to make a profile out of your data and identify you.
Hmm…if people followed basic privacy rules, like not reusing usernames, it wouldn’t be an issue.
Lemmy is not a privacy focused platform. End of story. Neither is Reddit or Facebook.
If you want to be anonymous and private, either use TOR or disconnect your internet.