YSK: Your Lemmy activities (e.g. downvotes) are far from private - eviltoast

Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • Waltzy@lemdit.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Aye, my proposal was a trade off between privacy and convenience for non technical users ( it’s only as bad as a non federated social media site).

    The best balance here would be a client on the user device that manages the keys for you, and an API in lemmy for accepting and sending encrypted messages.

    As a side note, I thing PGP is more or less superseded by AGE