this post was submitted on 20 Aug 2023
90 points (96.9% liked)

Fediverse

28362 readers
813 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS
 

I've been on Lemmy for some time now and it's time for me to finally understand how Federation works. I have general idea and I have accounts on three federated instances, but I need some details.

Let Alpha, Beta, Gamma and Delta be four federated instances. I have an account on Alpha and create a post in a community on Beta. A persoson from Gamma comments on it and a person from Delta upvotes the post and the comment.

The question: On which instances are the post, the comment and the upvotes stored?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (2 children)

So if I make an instance, I can scrape all the content and gather data on every user and sell it to Cambridge analytica?

[–] [email protected] 3 points 1 year ago (1 children)

Technically, yes. But if you are caught red handed, be ready for the mass ban to your account/instance.

[–] [email protected] 3 points 1 year ago (2 children)

But if it's just sat there silently data gathering, nobody would know?

[–] [email protected] 4 points 1 year ago

Yup, that is what professional/corporate scrapper do from the very beginning. Fediverse has poor privacy, and it is designet that way. It is better to share only safe content to fediverse for our safety, and share more private things on messaging/chatting apps like matrix or email only to person we trust.

[–] [email protected] 1 points 1 year ago (2 children)

What info do you think they will get? The only info is what you put in the public info on the user profile on your instance. So they can get your username (well user@instance), avatar, about info. That's about it. Anything else like email address and password hashes are only stored on the instance you signed up to.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Every single comment and post anyone ever names and anything they are subscribed to. Run everyone's content through some sentiment analysis, and now you have a great set of users, emails and their commonly used IP, grouped into interests, general mood, and political leanings, perfect for advertising.

[–] [email protected] 1 points 1 year ago

Where are you getting email and ip from?

[–] [email protected] 0 points 1 year ago (1 children)

your votes are visible to all instances. it's easier to think about when you think of voting like favoriting in mastodon except lemmy doesn't send a notification

[–] [email protected] 1 points 1 year ago

Yes, I discussed this in another thread. There could be ways to protect this info. But, it would mean totally changing (and agreeing with all other threadiverse apps) the way this is handled. Even then, I'm not sure you could prevent exploitation if the full info isn't sent. On kbin this info is visible anyway. You don't need any fake instance to do it.

[–] [email protected] 1 points 1 year ago

What's my name?