Posts on NSFW communities on Burggit are inaccessible to visitors of the site who are not logged in, meaning these communities can only be browsed pseudonymously. There are two reasons why I think this restriction should be lifted:

  1. Security and privacy: Some people on the internet may wish not for their browsing habits to be connected to an account and may wish to minimise identifiers. Some browse the internet with cookies disabled. Some have to live paranoidly on the internet due to where they live and other life situation reasons, and these people won’t be able to enjoy the NSFW communities on Burggit.
  2. Discoverability: To check out NSFW communities, people have to register an account, so it’s not possible to make a decision after seeing if you like the instance. Previously, you could browse Burggit’s NSFW communities on lemmynsfw.com without an account but after they defederated, this isn’t an option either. There might be other instances you can use now, but it’s not a good idea to count on other instances for this purpose.

I’m curious about what you think about this.

  • MomoNeedsCorrection@burggit.moe
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Reading the comments, you seem incredibly paranoid about this. Like, incredibly. I don’t mean this to be disparaging, but like, this kinda reads like “I live in a bunker because standard construction is not sufficiently resistant to hellfire missiles”.

    I bring this up because at the level of security risk you’re concerned over, the only actual threats would be groups with significant resources specifically interested in you, personally, or at least your online presence. And given your reference to the NSA, I would presume you live in the US, where you realistically aren’t breaking any laws in browsing except maybe some trivial copyright law that isn’t worth the resources to enforce, meaning the biggest security threat, the government, isn’t a particularly realistic one.

    • Kusa Mower@burggit.moe
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      Or, shudder a concern troll at work. If they’re genuine then the admins have provided enough input in the topic.

  • talozazz@burggit.moe
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    The front page sidebar indicates that NSFW content is hidden away from visitors without an account, and this is a Lemmy restriction, rather than a Burggit one.

    I don’t follow Lemmy’s development so perhaps it might change in the future (either with an upstream change or forking the codebase and making further adjustments, which is what I think lemmynsfw did).

    • burganon@burggit.moeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I missed that. Is this a new development? I have browsed NSFW-tagged posts from Burggit on the lemmynsfw.com front end before. I doubt other instances can un-NSFW posts from other communities.

    • burganon@burggit.moeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      As for the third point, you can reason yourself into limiting the usage of something a lot using that thinking. I think extending public access to NSFW posts is reasonable considering the potential harms. People who might, for example, want to target users who might be into a certain category of pornography can right now target the meme communities of such categories. They would then be able to target the NSFW communities as well. But again, that kind of thinking will make you take away access to a lot. This is a public community that is very easy to get into afterall.

    • burganon@burggit.moeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Couldn’t they create an account here or in a federated instance and abandon it if they didn’t like the content?

      They could, and it would create a waste. Further extending the problem, if someone wants to limit links to viewing habits and some identifier (an account), they would need to create a brand new account every single time they browse an instance. This also does not address the no-cookies problem.

      But, to that end, wouldn’t having the content publicly available lull some into a false sense of security?

      Sites with NSFW content usually display some warning about how you must be X years old and so on. I imagine once the toggle is implemented, such a warning can be displayed. This isn’t a good enough reason to require the creation of an account anyway IMO.

        • burganon@burggit.moeOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          I’m talking about how wasteful it is for the instance. Names will be taken and orphaned forever. If, again, someone creates an account each time they browse the site, which is reasonable as things stand, it’s wasteful for the instance. Not to mention it’s a waste of time for the user (and for the admin if they decide to run and then run a cleanup script), which is a more important resource.

          • Disa@burggit.moeM
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            An email is not required, it doesn’t make sense someone would want to make a new account every single time, they’d just make 1 account without an email connected and browse through that. There’s no difference between a 1 minute old account and 1 year old account if they don’t publicly interact with anything. I’m just not understanding your logic here.

            • burganon@burggit.moeOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              1 year ago

              An account is a data point, an identifier, that builds a correlation between the account and the posts and communities viewed. People who wish to remain anonymous online therefore would have to create a new account every time they want to browse NSFW communities so as not to have one point (account) that gives away all their interactions. I don’t mean public interactions. Every HTTP request they make is an interaction in this context.

              • Burger@burggit.moe
                link
                fedilink
                English
                arrow-up
                5
                ·
                edit-2
                1 year ago

                That logic does not make sense. Say if for example, we do make NSFW public, by browsing this site anonymously, you’re already caching images. My best advice is if you’re in a country where what we’re hosting is illegal for you, then do not use our site and if you do, know the risks and use a VPN or Tor.

                • burganon@burggit.moeOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Of course, by just visiting the site, the user is already taking the risk of leakage from many angles. The user can, as you have said, use TOR and take other precautions. You can always reply with “Well, if the user isn’t doing X, they’re already too exposed anyway” but I’m trying to point out that an account is yet another thing to worry about that complicates the things that a user trying to stay anonymous has to do.

              • Disa@burggit.moeM
                link
                fedilink
                English
                arrow-up
                4
                ·
                1 year ago

                If you’re not subscribing to communities, liking posts, commenting, upvoting, posting or doing any interacting the account isn’t much of a data point. There’s no correlation as to the content you viewed or clicked on tired to your account and it’s the exact same as a brand-new account in every single way. It holds no more data than if you were not logged in, if you don’t use it for any interacting.

                While this feature isn’t something i’m against inherently, we don’t have the resources right now to make a fork of lemmy to do this unless they add it in to the main lemmy software.

                • burganon@burggit.moeOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  There’s no correlation as to the content you viewed or clicked on tired to your account

                  Well, along with an HTTP request sent to burggit for certain things, you send your account authentication information. For example, when viewing an NSFW post, since you have to be logged in. So everything banks of your (referring specifically to you lol) operational security being perfect or you being entirely trustworthy if someone doesn’t want their posts viewed to be stored or processed and therefore correlated to their account. This is why someone would make a new account every time they open up burggit.

                  You can just end this conversation by saying “Well, that’s not gonna happen” or “It’s not that big of a deal” but that’s for the user to decide. (I’m not putting words in your mouth. I’m just preemptively responding to such thoughts that someone might have.) Ignoring that, there is a real concern here, the way I see it. Data and system breaches are very commonplace, and people do people things.

                • burganon@burggit.moeOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  It would be difficult to arrange a shared account between enough people to form a significant crowd so that every individual user, using TOR, blends in. I have just never heard of something like that happening, and I wouldn’t bet on it.

          • Nazrin@burggit.moe
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            You can always do a database query to delete accounts that never posted and haven’t logged in for a year.

            • burganon@burggit.moeOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I’m sure a pig or an outrage artist would have more time and tolerance to fill out a signup form (either by hand or automatically) than a random user who just wants to browse a based lemmy instance.