Looked through the docs a bit and it’s not really clear to me: I’m posting this on lemmy.ca, does that mean only that instance knows my IP? Or does every instance it federates with get my ip alongside this post?

This seems maybe important, did I miss a privacy guide to Lemmy someplace? Cursory searching didn’t come up with much official. Are there other aspects we should be thinking about here? I’d come across some mention of deleted posts being still available everywhere they were sent but that sorta makes sense – hard to “unpublish” anything.

You are viewing a single thread.
View all comments
1 point
*

Sorry for replying late; I just saw this question.

It’s worth noting that images that people include in their posts are hosted on their instance, not your home instance. That means the admins of those other instances can see your IP address and (normally) page you were reading when your browser loads those images.

Browser extensions exist that will let you block off-site images if you want to.

permalink
report
reply
1 point

Good point! And ya, when I open umatrix on a comment thread I see a whole menagerie of instances serving me images as I guess that goes for the profile image too.

But I find that somehow less concerning as they just know “someone at this IP viewed this thread containing these images” than “the user at this IP wrote this comment (or post)”.

Hmmm, but if DMs allow images and they work like this, a user with their own instance who wants to know which IP wrote a comment could perhaps send a message to the author with a unique image…

permalink
report
parent
reply
1 point

Yeah, it can be abused. I don’t want to raise an alarm about it because I don’t think it’s worth scaring people who are just dipping their toes in the fediverse waters, and because it can be fixed.

For now, I block remote images by default and allow them from a few specific instances.

permalink
report
parent
reply
1 point

I don’t want to raise an alarm about it because I don’t think it’s worth scaring people who are just dipping their toes in the fediverse waters, and because it can be fixed.

Informing people is always the right move. People should be as aware of the security situation as possible & it’d be irresponsible to withhold that info.

The warning should also come with the solution: use Tor. That solution would solve countless other problems stemming from the marginalization of the Tor community. The advice should be:

  1. install Tor
  2. get on the fedi
permalink
report
parent
reply

privacy

!privacy@lemmy.ca

Create post

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

Community stats

  • 387

    Monthly active users

  • 211

    Posts

  • 1.4K

    Comments