What is the fh did I just read
I’ve seen this “deletion is not guaranteed on lemmy” warning shouted loudly and often by a few individuals over the past month or two, mostly on reddit. It makes no sense in context, because deletion is not guaranteed on reddit, either. Or on any other public forum.
For the record, lemmy devs addressed it in a discussion here.
I’m starting to think it’s propaganda sponsored by reddit, hoping to scare people out of leaving.
Agreed with everything you said. The anti-Lemmy posts over there are starting to smell like astroturf. Although who knows, a lot of it follows similar anti-Mastodon posts I’ve also read there, so either some people really dislike federated social media that much or Twitter astroturfers were busy on Reddit after the blue bird was “stunned” by Elon.
Just to add more information or context to your answer, this site exists, so instead of people arguing about “Lemmy sucks on privacy” or “This place is a hell hole for anonymity”, maybe people should rethink about what they’re going to write.
There’s a vast difference between someone archiving your comments and not being able to remove content from a public facing position on the site where you originally posted it. I don’t find the “…but anyone can archive it” argument very compelling. For example, on reddit it was quite easy for me to delete a comment, and from the point of view of most users, that comment was gone. Same with Twitter, or Facebook, or Tumblr, or the vast majority of forums. This has been normalized since the earliest days of the internet, and archiving/screenshotting/downloading content aside, most of us have come to act accordingly. Not that we don’t take proper precautions, not that we don’t treat content as if someone could grab it, but again this is quite a different scenario.
I think we need to be realistic about the fact that this forum (Lemmy in general, not this instance specifically) has some uniquely troubling privacy concerns, even by fediverse standards. I wish the devs would address this, but they don’t seem willing.
I do agree with you that people need to be extra careful about what we write or share on this forum, even moreso than in other forums we may have used in the past.
I would be curious to know more. As far as I am aware, what lemmy does differently is that it still shows username when you delete a comment, and lets you restore your comments until you delete your account. If you delete your account everything is deleted. That isn’t the normal policy but it’s better than reddit’s where the site owners can unilaterally decide to restore content users deleted.
Good link
Reddit is required by EU law to delete all of your data if you ask them to (and you’re an EU citizen). I suspect it’s much harder to do on the fediverse, though in theory they’re subjected to the same law.
Reddit can only delete their own copy, not the copies made by other parties. That’s the reality of public media.
Stuff you post in public could end up staying in public forever… It’s like there are consequences for our actions…
Maybe i shouldn’t use my real-life name anymore. Oh, wait. That’s a nickname.
This seems more like something to keep in mind when posting rather than a “DON’T USE LEMMY!!” kind of thing.
If your starting assumption on the internet is that each keystroke is ephemeral, Lemmy is not the problem.
If that is not your starting assumption, this is not news.
OK, let’s check the status of that today:
- Point 1 has already been fixed after our insistence, messages will be available for undelete to admins for 30 days then get scrubbed
- Point 2 is true but frankly I don’t see the issue, you’ll see that a person wrote a message they deleted, no exploitable information has been leaked, and if the account is ever deleted even that gets deleted too
- Point 3 is outright false, the moment something is deleted, ActivityPub spreads a delete command to anything federating it
- Point 4 is also false, you can check the source to confirm it, i did
As an aside, the politics of the Lemmy creators are still mentioned a lot, but at this point the tankie population has been pretty much utterly outnumbered due to the Reddit migration, Lemmy has grown from a few hundred people to thousands and is STILL growing, hopefully it’s no longer an issue.
Hey, you wanna give more context to point 3? I only found comments regarding that delete will spread but the servers can just replace the deleted object with a “Tombstone” object and thus not really delete.
I’m busy right now, will look for the exact code snippets later, but in summary from what i read earlier when i first came across these claims last month or so, any activity that happens with a comment is also federated: Creation, editing and deletion, so barring any cache that will eventually expire, or an instance going down, the lifetime of a message will be replicated across anything that federates with it.
And yes, a patched instance could just ignore deletion and save everything, but at that point you’re fighting a rogue element and the rules change, we’re discussing the normal, designed behavior of the software.
Yeah I understand that of course a random instance could just change the code so that nothing is deleted. However, what I meant is that in the documentation states that the instance can use this Tombstone instead of deleting and it seems like it is completely “fine” and within the rules to do so. I am referring to this:
… the server receiving the delete activity SHOULD remove its representation of the object with the same id, and MAY replace that representation with a Tombstone object.
From https://www.w3.org/TR/activitypub/#delete-activity-inbox
So they should do it but it is also OK to use this different thing. Or am I misunderstanding this comment and it means that instances need to delete the object, and after the fact it is allowed for instances to furthermore make this Tombstone to somehow track that yes there was a deleted object here?
Everything I put on Lemmy stays on Lemmy? This article is eye-opening (not).
Wait, eyes can open?
When did people forget basic internet safety? ANYTHING you put on the internet could stay there forever.
You’d be surprised by how many people don’t consider this at all before they post stuff online.
Just look at the millions of muppets posting on Facebook.
You’re right. I think a lot of people who didn’t grow up right at the cusp of the internet weren’t actually taught any internet safety.
Rule 1: never tell anyone your ASL, especially location.
Rule 2: No personally identifying details. If you could get doxxed using this information you shouldn’t be putting it online.
Rule 3: Runescape will never ask you for your password
This has been discussed several times before and it’s still as incorrect as it was originally. The author of that post has both a severe misunderstanding of how federation works, and a severe beef with the developers of Lemmy over their political differences.
And this is different from everywhere and anywhere else… how?
Edit: No, seriously, this is meant to be a public square where people can talk freely.
What part of “public” do people not understand?
So, obviously an anti Lemmy bias there, and not entirely true, but there are some aspects of federation it can be dangerous to ignore.
There is a different primary privacy focus here, and it provides an extreme level of privacy but places an extreme level of responsibility on the user for their own privacy, more than most places.
There is a distinction to a potential scrape and a system designed to duplicate, often irreversibly at submit.
There are also other things people are often not aware of and the community is not doing a great job communicating. Admins are not doing a great job of protecting themselves either.
For instance many, still don’t know votes here are entirely public.
If you understand this all and are comfortable, great. Many do not prepare themselves and would engage differently if they had a better understanding.
For a take by someone who is pro-federation but not ignoring these concerns see: https://lemmy.ca/post/948217
Holy fuck. I’m glad I never heard of or went to Raddle until now. The comments in that thread, including mod comments, are CANCER. There’s one guy who repeatedly tries to correct their falsehoods, but he just gets belittled and called a liar. Fuck that shit.
Right? While I can understand trepidation, these guys seem to hate lemmy on a level that I don’t understand.
It’s more of the same tankies vs. anarchists fighting you see in a lot of leftist spaces, if I were to guess, and the Raddle set doesn’t notice that not all Lemmy instances are tankie ones by a long shot.
I certainly don’t like the Raddle community’s reaction to this, however Beehaw’s community has shown somewhat similar reactions to certain topics that have come up. Having some reactionary drama seems unavoidable in any social group. That said, the software that Raddle runs on is pretty sleek. Seems to rival Tildes in quality for a link aggregation and forum software. But it’s inability to federate makes it fundamentally different from lemmy.
It’s ironic that the anarchist devs created a centralized aggregator in Postmill, while the tankie devs who initially made Lemmy, made it a part of the fediverse. I’d honestly expect it to go the other way around.
It’s not what I would have bet on, that’s for sure.
And deletion on Usenet was effectively impossible. So? “Be conservative in what you send” (RFC 1855) remains good advice nearly thirty years later.
It gave me AIDS just reading the comments, and the content of the post is not only irrelevant to the title to attract users, it’s stupid, there is not a single social network in the world that allows its users to be 100% anonymous, which the OP think Lemmy was going to be, I mean, in that case we should all use Lemmy instances through Tor and not even then, we also need to use a VPN and a proxy.
It depends on each person how much information they want to leave on the network, but as far as I know, 99% of social networks do not have a button to “Delete my information immediately and permanently”, usually that little hidden button only allows you to no longer be able to access to your information, but by creating an account you accepted the terms that they retain your data even after deleting your account.
Lemmy does have some unique privacy concerns though. This is not just sensationalism, and I don’t think it’s healthy to just handwave it away. Even reddit is more private in some ways than Lemmy. Even in the fediverse, Mastodon has more privacy. You can’t really compare a site storing your data internally or someone screenshotting your comments to the inability to remove content from a public-facing position.
Obviously I choose to use Lemmy regardless, but we would do well to advise other users to take even more precautions than usual on this platform, to inform potential users upfront, and to continue to request more control over our data from the devs and admins.
I hate to link to reddit, but this archived thread is a realistic discussion about the topic from some users whose opinions I respect: https://archive.ph/XeEMF
You might want to put a note about the sensationalist title, so that people don’t just read the headline and come away with the wrong idea.
There’s really no other way to implement this sort of a network. Once someone federates your messages, they can disconnect their server and keep your message forever. It doesn’t matter what sort of protocol you put in to try to “securely redact” messages after the fact, there is still an edge case that the information that you make publicly available is available for eternity. If not by Lemmy itself, then by web scrapers, search engines, archives etc.
Cycle through generic accounts and don’t put PII up. That’s the best you can do with this sort of social media. If you want more privacy you need to take it to a non-public space, like chat rooms.
“Amazing how many ‘leftists’ are tripping over themselves to give untold power to a literal red fascist.”
I just made the biggest facepalm ever after reading this and decided to close the page, lol.