Is Your Privacy Safe? The Hidden Dangers of Fediverse - eviltoast
  • fubo@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    edit-2
    1 year ago

    This is a service for publishing your thoughts, your links, etc.; of course it’s not private. If you put something out in the public view, anyone can copy it. That’s not a fact about the Fediverse; it’s a fact about what it means to publish something.

    The same is true if you print your thoughts on paper and distribute them as flyers in your local town square. Anyone can grab one and keep it; later on, they can tell people what it says. That is not a privacy failure; it’s a publicity success.

    • CarloDaTeti@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      8
      ·
      edit-2
      1 year ago

      While it’s true that the Fediverse is primarily a platform for sharing thoughts and content publicly, privacy concerns arise when users might inadvertently share sensitive information or when data gets accessed without their consent. I believe striking the right balance between sharing publicly and safeguarding privacy is crucial. Users should be aware of the privacy settings and be cautious about the information they share, even in a public space, to ensure a safer and more secure experience on the Fediverse.

      • fubo@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        ·
        edit-2
        1 year ago

        Sure. However, characterizing this as a privacy failure is egregiously wrong.

        Imagine this scenario:

        You walk into the public park in your hometown. Someone has put a machine there with a keyboard on it. It has a sign on it that says, “Any words you type here will be automatically copied to hundreds of machines owned by different people all around the world.”

        If you type words into it, they are indeed copied to hundreds of machines owned by different people all around the world.

        That is not a privacy failure.

        It’s a publicity success.

        Nobody is fooling you into copying your medical records or your criminal history into that machine. You can type into it whatever you like. You can post URLs. You can post poop emojis like Elon Musk does. You can post tankie propaganda. You can create seventeen different fake identities and post ASCII art of your gonads.

        None of that is a privacy problem.

        Now, if seventeen years later you want to take back some things that you wrote, because you live in Florida and it’s run by the DeHitler Party, yeah, you’ve got a problem. But that problem is no different from if you had written a print magazine article or a book with your anti-DeHitler views.

        • CarloDaTeti@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          Indeed, the Fediverse operates on the premise of public visibility, allowing users to share their thoughts and content with a broad audience. It’s more about publicity than privacy.

          However, the concerns about privacy in the Fediverse arise not from the act of sharing content itself, but rather from the potential risks associated with sharing personal information unintentionally or without proper consent. While people are aware that their posts are public, there can still be instances where sensitive data is inadvertently exposed, leading to unintended consequences.

          Moreover, the issue isn’t limited to the immediate act of posting but extends to the longevity and persistence of data. Information shared on the Fediverse may persist on various servers, and as you pointed out, circumstances or perspectives might change over time. Ensuring that users have control over their data, even after many years, is a crucial aspect of privacy protection.

          The intent is not to stifle free expression or prevent people from sharing their thoughts openly. Rather, it’s about empowering users to maintain control over their data and make informed decisions about what they share, with whom, and for how long. Striking a balance between publicity and privacy is essential in fostering a healthy and respectful online environment.

          • fubo@lemmy.world
            link
            fedilink
            English
            arrow-up
            9
            ·
            1 year ago

            Does a person have a right to distribute their thoughts in a way they can’t take back?

            For instance, do I have the right to print my words on paper and hand them out to people in the town square?

            If I do that, I cannot subsequently chase all those people down and demand that they destroy their copies of my words.

            The notion of a “right to be forgotten” entails that if I give you a book I have written, that you must keep track of me so that I may later demand that you burn that book. This is directly contrary to your right to retain that book as your personal property; to our culture’s right to retain historical facts that I might later find politically inconvenient; etc.

  • Leraje@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    Not sure the author of this piece really understands the concept of privacy.

    If I choose to post something to any service - a Lemmy instance, Twitter, a Mastodon instance, FB, reddit - whatever. I’m making the choice to share that info.

    A privacy invasion is when that service uses the personal data I’ve supplied in creating a profile/account and the meta data I created along with it and bundles it all up to create a shadow profile of me which they then use to serve me ads or sell to 3rd parties etc. That’s why using Meta products or reddit or twitter or just about any commercially owned service is a privacy invading nightmare and why the fediverse isn’t.

      • Leraje@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        That’s true, but I would imagine (or hope) that any instance that started running privacy invading algorithms or harvesting data would be defederated by the rest of the fediverse.

  • Rottcodd@kbin.social
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    1 year ago

    There’s nothing “hidden” about the dangers of the fediverse. They’re there, and even obvious really, for anyone with the wit to see them.

    It’s a funny thing really, because one of the recurring things I see people say about the fediverse is that it reminds them of the early days of the internet - just people sharing stuff with people, without this whole layer of corporate scumbags squatting over everything, trying to extract profit.

    And another of the hallmarks of the early days of the internet was that it was commonly understood that the ONLY person who could protect your privacy was you, and that you accomplished that by not being a dumbass.

    It’s really a very simple concept - if there’s information about yourself that you don’t want to be public property, YOU DON’T SHARE IT.

    And if there’s information about yourself that you don’t want to be public property and you go ahead and share it anyway, well… you’re a dumbass.

    But somewhere along the way - somewhere between those early days of which the fediverse is reminiscent and today - we moved into an era in which the standard way to interact with the internet is to be a dumbass and share virtually everything, then go “Waaahh! Somebody needs to protect my privacy!”

    No - you just need to stop being a dumbass.

    Yes - the fediverse, due to its decentralized structure, is and will likely continue to be a threat to dumbasses, because there is no central authority that can be meaningfully tasked with protecting them from the consequences of their own dumbass actions or sanctioned for not doing so.

    And I wouldn’t have it any other way.

    • Samæ@lemmy.menf.in
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      A counterpount: You can be a young user and not realize yet how wide is public sharing, you may be in an altered state (griefing, drunk) or be pushed around by disability (adhd, or other cognitive impairements). IMO these are not all qualifying as “being a dumbass”.

      Additionnally, it’s possible nobody is able to correctly predict the future. Are your thoughts today going to cause you grief tommorrow, in a year, in 10? How about you post today about how good the orange juice you had was, but that is later on an excuse to put you in a labor camp with others due to the fact that eating fruits is now seen as unholy and that you are a sinner, in need of correction?

      There is a balance to be struck between “all is public and it is your own fault”, and privacy nightmare. There should be some teaching happening. As somebody else mentions, having a habbit to use Matrix for DMs and more personal matters is one of these good habbits.

      • GregorGizeh@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Everyone who grew up with the early internet were in those kinds of danger. It is up to the parents to ensure their kid acts responsibly on the internet, not everyone else’s. If you cannot be sure your child knows how to safely and properly navigate the internet you shouldn’t give them access to it. Teaching people responsibility and that there are consequences to their actions they cannot always fully grasp is an important cautionary lesson people need to learn.

  • Betch@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    What a title! If you’re looking for privacy on a public internet platform where you post things for everyone to see, I don’t know what to tell you.

  • ᴇᴍᴘᴇʀᴏʀ 帝@feddit.uk
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    absolutely nothing posted on it, including direct messages, can be seen as even remotely secure.

    If lack of secure DMs are a concern, sign up to Matrix and add your ID into the relevant slot in your profile. You now have a button on your profile for secure DMs

  • Pons_Aelius@kbin.social
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    Who has an expectation of privacy online?

    I have been using forums for decades.

    But have always known you post nothing identifying about yourself or linking back to you in real life.

    • CarloDaTeti@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      You make a valid point about the importance of being cautious while sharing information online. It’s true that adopting a mindset of not revealing personal identifying details can add an extra layer of privacy and security.

      However, it’s essential to recognize that not everyone may fully understand the implications of their online actions. Some individuals might be more tech-savvy and privacy-conscious, while others may be less aware of the risks involved.

      As technology continues to evolve, so does our understanding of digital privacy. Striking a balance between responsible sharing and safeguarding personal information is crucial. Empowering users with knowledge and tools to make informed decisions about their online presence can contribute to a more privacy-aware and secure online community.

  • rezz@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    8 months ago

    The internet isn’t private by design. There are a limited scope of steps you can take to enable “privacy.” But this is a pointless article.

    • CarloDaTeti@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      1 year ago

      While it’s true that achieving complete privacy on the internet can be difficult, discussions around privacy in the Fediverse serve as a reminder that users value their data protection. Interestingly, many people express concerns about privacy issues in mainstream apps like Instagram, or the new Threads app, yet they might overlook similar concerns on the Fediverse. It’s essential for users to be consistent in their expectations of privacy, regardless of the platform they use.

  • CarloDaTeti@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    According to the author, the fediverse is not a place for sensitive or private information. Users should be cautious about what they post, as the lack of central enforcement or authority makes it difficult to ensure privacy across the network. Requests for post deletion may not be honored, and server owners in different jurisdictions might not adhere to data privacy rules. Instances could also not be immune to data scraping from big companies. Ultimately, the fediverse lacks the necessary privacy measures, making it a privacy nightmare.

    What are your thoughts on this? Can the fediverse be constructed as a privacy stronghold for its users?

    • Erk@cdda.social
      link
      fedilink
      English
      arrow-up
      12
      ·
      edit-2
      1 year ago

      I think it’s weird to pin this on the lack of central authority given that all the evidence is that any service with a central authority has been deeply and woefully inappropriate with their security. Absolutely, you should always treat any service like this as though it’s untrustworthy.

      The logical flaw here is the implicit assumption that Reddit, or any other corporate social medium, is safe for privacy just because they’re corporate. At least with Lemmy I can set up a server with my friends and know where my info is being stored and who has the keys.

      • CarloDaTeti@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        You make a valid point about the risks associated with trusting central authorities, especially considering the history of security issues with some corporate social media platforms. I agree that the decentralized nature of the Fediverse can offer more control and transparency, allowing users to set up servers and know where their data is stored.

        While the internet itself may not be inherently private, it’s essential to recognize that users’ expectations for privacy and security have evolved over time. People have become more aware of the potential risks and are rightly concerned about their data being mishandled.

        Aspirations for greater privacy, security, and anonymity in the Fediverse are important I believe. By emphasizing these aspects and encouraging best practices, we can collectively work towards a safer and more privacy-respecting online environment. The absence of a central authority doesn’t guarantee perfect security, but it does provide an opportunity to rethink data ownership and control.