Posts on NSFW communities on Burggit are inaccessible to visitors of the site who are not logged in, meaning these communities can only be browsed pseudonymously. There are two reasons why I think this restriction should be lifted:
- Security and privacy: Some people on the internet may wish not for their browsing habits to be connected to an account and may wish to minimise identifiers. Some browse the internet with cookies disabled. Some have to live paranoidly on the internet due to where they live and other life situation reasons, and these people won’t be able to enjoy the NSFW communities on Burggit.
- Discoverability: To check out NSFW communities, people have to register an account, so it’s not possible to make a decision after seeing if you like the instance. Previously, you could browse Burggit’s NSFW communities on lemmynsfw.com without an account but after they defederated, this isn’t an option either. There might be other instances you can use now, but it’s not a good idea to count on other instances for this purpose.
I’m curious about what you think about this.
If you’re not subscribing to communities, liking posts, commenting, upvoting, posting or doing any interacting the account isn’t much of a data point. There’s no correlation as to the content you viewed or clicked on tired to your account and it’s the exact same as a brand-new account in every single way. It holds no more data than if you were not logged in, if you don’t use it for any interacting.
While this feature isn’t something i’m against inherently, we don’t have the resources right now to make a fork of lemmy to do this unless they add it in to the main lemmy software.
Well, along with an HTTP request sent to burggit for certain things, you send your account authentication information. For example, when viewing an NSFW post, since you have to be logged in. So everything banks of your (referring specifically to you lol) operational security being perfect or you being entirely trustworthy if someone doesn’t want their posts viewed to be stored or processed and therefore correlated to their account. This is why someone would make a new account every time they open up burggit.
You can just end this conversation by saying “Well, that’s not gonna happen” or “It’s not that big of a deal” but that’s for the user to decide. (I’m not putting words in your mouth. I’m just preemptively responding to such thoughts that someone might have.) Ignoring that, there is a real concern here, the way I see it. Data and system breaches are very commonplace, and people do people things.
Going to tag @Burger@burggit.moe so he can correct me if I get any of the following information wrong.
In the event of a data breach: We have a 50mb disk in ram for logs, this disk is purged at machine power down and once the 50mb is run up the old logs start being overwritten. We don’t have terrabytes of logs storing every bit of user data or every interaction they make. Even if somehow we had a breach of that 50mb file, it’d include at most an IP (which if using Tor/VPN wouldn’t link back to you) and a username. Unless it’s a username that you use literally everywhere, this is hardly information that anyone could do anything of value with.
Let’s also assume that somehow some of your post interactions got logged, too. Alright, so Burganon viewed this image of a loli… alright, if you’re using a VPN/Tor that doesn’t mean anything, there’s no tie to you. If you aren’;t using a VPN/Tor it doesn’t matter if you have 1 account or 200 since your IP would be there (if it was part of that 50mb file), this would be what people cared about, and it wouldn’t matter if you were logged in or not.
Obviously, we also have a list of usernames, emails (if provided) and hashed passwords which we obviously can’t delete, but these on their own are useless (except email, but you shouldn’t be providing that, frankly.)
In the end if people want to make a million accounts each time they log in, that’s up to them. An account uses little to no resources and we might look at purging old accounts that have never logged in and old accounts with no activity in the future, but it’s not an issue right now.
Pretty good, but forgot to mentioned ramdisk is only used for our IPS (Intrusion Prevention System) this is necessary to keep bad actors out and necessitates the daemon ingesting the logs and making decisions on who to drop connections from via iptables.
Well, the thing with systems is they get breached. This sounds cool, but there’s no assurance to anyone that a) there isn’t actually more logging, b) the NSA isn’t reading from your live 50 MB logs (lol), c) Burger won’t turn on us all one day. Apart from that, what a skilled person (with a lot of resources as their disposal) can do with very little data to find out where and who someone is using that minimal account correlation, even behind TOR, can be surprising. Some people are worried about that sort of stuff, and they’re not really in a position to come out and talk about it, either. “Will my speech patterns in my post be analyzed and traced back to me,” etc. A user can take whatever precautions they need (wear their internet condom, go through their internet condom ritual), and worry about everything else, but the part they can’t control is where they have to trust an instance to keep their account-to-HTTP-requests data completely safe forever.
I find this really offensive so I’m going to disengage. You have yourself a good one.
That was just an example of the general idea about how you can never trust someone running a service on the internet. I meant no offense toward you specifically even thought I used you as an example, so I apologize.
And people are welcome to use whatever measures makes them feel comfortable. There’s not really anything else I can say on the matter beyond what I already have. There’s nothing that can feasibly be done about NSFW content being visible for non-logged in users unless it get implemented into the Lemmy software, or we fork it, but we do not have the resources to properly maintain a fork. I’ll have to leave the conversation here.
I understand. In my reply, I wasn’t trying to push my request. I was just responding to your points.