YSK: Your Lemmy activities (e.g. downvotes) are far from private - eviltoast

Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • Captain Janeway@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    What happens if someone posts something illegal? Does the instance owner have to know enough SQL to remove the row and the image connected to it or is there a friendly way to do it in an admin interface?

      • Captain Janeway@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        So if someone posts illegal images, it’s up to admins to know how to remove it from their database(s). That might be a bit of a sweaty, scary, moment for some people who can follow instructions to setup an instance but aren’t familiar with databases.

          • Captain Janeway@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            Ok at least y’all have that. Do you happen to know how much legal trouble you’d be in if your server did - temporarily - contain illegal images? Is that the sort of thing that - if you immediately deleted and worked with the FBI, you wouldn’t get in trouble? I’m considering starting an instance for me and my wife because we have slow internet but - if we cached everything in an instance at home - it would be über fast. But I’m worried about the legality.

        • zalack@kbin.social
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Thems the breaks when using what is essentially alpha software. The devs of both Lemmy and Kbin are aware that the admin tools need work, but stuff takes time.

          • Captain Janeway@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Yeah but maybe we should provide some unix tools which help people delete data from their server. Imagine someone is upset at an admin. So they post cp to the server as revenge and then immediately report the server to the FBI. The poster puts themselves at risk, but it’s much easier to avoid that risk than it is for an admin.

            The unix tools can become the base for an actual admin interface, but I don’t have the time for all that lol but scripting something that:

            1. Finds the offending post in the database
            2. Deletes any images in the post from the pictures foder
            3. Deletes the row from the DB

            That wouldn’t take too long.