mo_ztt ✅

Yep.

There are two big end-user security decisions that are totally mystifying to me about Lemmy. One is automatically embedding images in comments without rehosting the images, and the other is failing to warn people that their upvotes and downvotes are not actually private.

I’m not trying to sit in judgement of someone who’s writing free software but to me those are both negligent software design from an end-user privacy perspective.

Of note about this is that image links in comments aren’t rehosted by Lemmy. That means it would be possible to flood a community with images hosted by a friendly or compromised server, and gather a lot of information about who was reading that community (how many people, and all their IP address and browser fingerprint information, to start with) by what image requests were coming in kicked off by people seeing your spam.

I didn’t look at the image spam in detail, but if I’m remembering right the little bit of it I looked at, it had images hosted by lemmygrad.ml (which makes sense) and czchan.org (which makes less sense). It could be that after uploading the first two images to Lemmygrad they realized they could just type the Markdown for the original hosting source for the remaining three, of course.

It would also be possible to use this type of flood posting as a smokescreen for a more targeted plan of sending malware-infected images, or more specifically targeted let’s-track-who-requests-this-image-file images, to a more limited set of recipients.

Just my paranoid thoughts on the situation.

Ah yah makes sense 👍🏻

Hm, you might have to take specific steps to get subscribed to stuff you want to see. Personally I find browsing ‘ALL’ to be a pretty unproductive experience… what I might do instead is just navigate to a couple of the likely-seeming instances (roughly in order of “big -> good”: lemmy.world, lemmy.ml, sh.itjust.works, kbin.social, sopuli.xyz, lemmy.blahaj.zone, mander.xyz) (also beehaw), pop up their big community lists, and do some copy-pasting into your own instance’s search bar so you can subscribe to a bunch of the stuff from everywhere that you want to see. I’ve done that one time from a smaller instance and it seemed like worked out pretty well for me (in terms of the time investment being worth it for setting up a feed that I wanted to see.)

This is just me, but I just sort by “new” and make a particular effort to unsubscribe from stuff that’s cluttering the feed, and that seems to give me a pretty good mix of content.

Quickly this doesn’t scale as disk space is consumed storing useless information that served a function during testing but now nobody cares about. “Let’s use log levels”. Alright now we’re off to the confusing Olympics.

I laughed out loud and returned to upvote before reading more.

So I agree 100% with this concern (and I think that in the long term a lot of this has the potential to be a bigger issue than is really being realized). At the time when reddit was imploding and people there were talking about getting together to build something better, I put together a pretty detailed proposal for software that I think can help to mitigate this issue. Basically, shift a lot of the load on an individual instance to be carried by simple proxies that can be run by the users of that instance. A bunch of people told me they were interested in this idea, and I was just now putting up an update after doing a bit of work on some actual code. If you’re interested in helping or taking a look, here are:

• The original proposal and details
• Today’s status update with some implementation details + link to the not-very-far-along code

And:

• Federation-friendly link to both of the above