this post was submitted on 11 Nov 2024
235 points (97.6% liked)

Technology

59415 readers
3102 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 22 comments
sorted by: hot top controversial new old
[–] bruhduh@lemmy.world 29 points 6 days ago (1 children)

Feds always used ANY reason to justify what they do

[–] BD89@lemmy.sdf.org 14 points 6 days ago (1 children)

Think of the children! We care so much about the children! (That we let get shot in school and don't give free lunches to)

[–] sunzu2@thebrainbin.org 4 points 6 days ago

Catholic church rapes children for generations.. limp dick state do nothing.,,

Parent send a picture of a naked child to the doctor, picture gets uploded into google photos, scanned, flagged, some google brain dead wage slave calls police...

Welcome to America folks... proper people can rape your kids but god forbid you to seek medical attention 🤡

[–] OpenStars@piefed.social 25 points 6 days ago (2 children)

I wonder if Lemmy will be included. On the one hand we are tiny, but there are also a lot of extremists here so it's enriched in precisely the types that they would most want to know about.

[–] SnotFlickerman@lemmy.blahaj.zone 19 points 6 days ago (1 children)

true, but Lemmy is at least pseudo-anonymous.

[–] OpenStars@piefed.social 9 points 6 days ago (1 children)

How much though? I mean we have usernames yes there's that, but can the federal agencies simply request that an instance turn over all signup data for all users and accounts? That might be an argument to avoid using US-based instances (though those mostly use Mbin or PieFed rather than Lemmy).

Or Lemmy is notoriously leaky itself - couldn't someone simply put a thumbnail that pings a server owned by those agencies, and thereby get IP data directly? (or if not a thumbnail then a link to some website, like maybe supposedly a wordpress software or something, which functions yet also feeds IPs too) They could even spin up their own instance and watch all voting and posting traffic coming in as well, which in correlation to the IP addresses could tie down a user account. I guess a proxy would solve this particular issue. iirc there is all kinds of traffic from all kinds of servers whenever you visit every single Lemmy page, so simply putting out a post seems like it would be enough to get data from anyone that even so much as views it in their feed?

Another one relates to that time that Lemmy.World put out a user survey based on Google - anyone that responded would thereby tie a Google account to using Lemmy.

Sorry, I am all questions here and no answers, but this is going to be life & death & livelihood to so many people - splitting families apart all over again (I am referring to the previous border incidents, where e.g. babies were ripped from their mothers' arms, some of which never did get reconnected even multiple years later).

[–] Wildly_Utilize@infosec.pub 4 points 6 days ago (2 children)

Well my approach is to sign up and use Lemmy over Tor with throwaway email (Onionmail)

[–] OpenStars@piefed.social 3 points 6 days ago (1 children)

Oh I thought that was blocked, but I guess maybe that's just Lemmy.World that did that, while other instances can do otherwise (I thought I recalled that lemmy.cafe could - not from an onion b/c Lemmy itself somehow precludes that, but over Tor perhaps?).

[–] Wildly_Utilize@infosec.pub 4 points 6 days ago* (last edited 6 days ago)

Lemmy world uses cloudflare, privacy respecting instances would never block tor

Mander.xyz even has an .onion hidden service

I signed up w/o an email address, though I think my instance now requires one.

[–] cmnybo@discuss.tchncs.de 9 points 6 days ago (1 children)

Everything posted on Lemmy is public though.

[–] OpenStars@piefed.social 5 points 6 days ago (2 children)

The content is, but the IP addresses used to interact are not.

[–] Toribor@corndog.social 2 points 6 days ago

They are for your instance admin but not the whole fediverse.

[–] sugar_in_your_tea@sh.itjust.works 2 points 6 days ago (1 children)

And they're more interested in matching up user accounts to people, and there's no public link there unless you provide it.

[–] OpenStars@piefed.social 3 points 6 days ago (1 children)

Not a public one no, but instance admins can see it.

And what is to stop someone from hosting content - like an image - onto their personal server, then collect the IP addresses of everyone who visits? e.g. couldn't you receive a message in your DM, and without being asked, merely viewing the (auto-loading!) image could reveal that it was your account (that the DM was sent to) that came from the IP address that the image hosting server recorded in the incoming traffic?

Maybe I'm wrong? But that's what I fear.

[–] sugar_in_your_tea@sh.itjust.works 3 points 6 days ago (1 children)

Yeah, that's certainly possible, and AFAIK Lemmy doesn't really do anything to protect against it (they'd have to intercept any outgoing content fetches).

However, in order to do that, they'd need to make a honeypot account that posts to get that data. That's a lot of effort for a border patrol agent to go through on a quick stop, so they're probably only going to bother for specific targets. So unless you're targeted, they're probably not going to bother making an effort to gather that type of information. The big tech companies will just hand that data over (for a fee, of course), whereas the federated nature of Lemmy means your admin would need to do that, and I just don't think that's very likely.

That said, if you're worried about it, practice good OPSec. Use a VPN, burner email addresses, and don't post personal info (or if you do, post conflicting personal info as often as you post accurate info).

[–] OpenStars@piefed.social 2 points 6 days ago

THIS is indeed the way:-).

[–] AnUnusualRelic@lemmy.world 12 points 6 days ago

You wouldn't download a migrant.

[–] funtrek@discuss.tchncs.de 10 points 6 days ago

That’s one of the reasons why I’ll never again visit the USA.

[–] uriel238@lemmy.blahaj.zone 4 points 6 days ago* (last edited 6 days ago)

Oh good, so different from using Terrorists to justify the surveillance state.

Speaking of which the NSA Haiku Generator has been lifeboated!

Consul Leak Toxic
DDOS Agro Burst
Hazmat Ebola

Our surveillance goons are bored and lonely! Give them something to scan every day! 👋

[–] rottingleaf@lemmy.world 4 points 6 days ago

Of course they do. Holding someone's leash it's easier to control them and thus, among other things, prevent them from violating some rule.

Doesn't mean all people need leashes and collars, except for private life.

[–] homesweethomeMrL@lemmy.world 0 points 6 days ago

Is this news for someone?