this post was submitted on 07 Jul 2023
499 points (98.1% liked)

Technology

34989 readers
348 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 157 points 1 year ago (9 children)

Ok ... so I think false preconceptions are polluting this topic. Apart from the passwords, nothing serious has happened here for your data. As for the DMs ... yea there aren't DMs with any real privacy on the fediverse, they don't exist ... you should presume DMs are public.

Because the fediverse is not in any way private. See for a good treatment of this: https://blog.bloonface.com/2023/07/04/the-fediverse-is-a-privacy-nightmare/

The basic story is that the fediverse is all about duplicating what we post all over the place ... essentially to anyone who decides to run a server on the fediverse. The FBI could (and probably do?) have a server scooping up all sorts of stuff onto their server and you wouldn't know about and probably couldn't do much about it. Google is scraping mastodon (and probably lemmy?) ... try a google search for mastoodn content.

This is all public internet stuff, you're basically running a public blog that happens to be well connected to lots of other public blogs.

As nice as the fediverse is as a nice anti-capitalist-big-corp monopolisation of our social online lives ... it is very much born out of the web2.0 era and doesn't have any of the privacy concerns many of us would now hope for from technologies.

I've argued this elsewhere ... I like the fediverse and am here out of principle ... but in many ways it highlights some of the failings of our world at this time ... because it's about 10 years too late and the future is coming in hot and fast ... in retrospect I wouldn't be surprised if it will make a lot of sense to look back on the fediverse and think that it was effectively redundant at just about the time it gained popularity. An AI dominated internet with massive privacy concerns is here very soon, and the fediverse isn't ready IMO, it's still trying to catch up to web2.0 big social circa 2010.

[–] [email protected] 22 points 1 year ago (1 children)

What about 2013 seemed more favorable to the fediverse than now? Twitter, reddit and Facebook were pretty useful at that time - I don't think I'd have left.

[–] [email protected] 40 points 1 year ago

Principles. That the whole internet and all of the freedom and diversity it can harbour was being monopolised by big giant corporations that had no interest in embracing an open web. Instead, they were convincing the world, especially those growing up in that/this era that the internet had to be constrained to the few walled gardens of big platforms.

These principles were as obvious and relevant then as they are now. Unfortunately convenience is a helluva drug. And, in the "Google" era of the internet (~2005-2020 ?), there was a certain naive optimism about big-tech and the internet, which no doubt lulled us in by its being "free".

In reality, we all really thought that good and useful world-changing stuff was just going to be made for us for free. That the internet was going to inexorably make the world a better place. It was dumb and naive IMO and marks very well the failings of the Millennial generation (to which I belong FWIW). Unfortunately, it's a lesson we had to learn the hardway. There were probably only a handful of people in the world that understood what the new industry was actually doing and was actually about and that had the philosophical will and ability to think it through and communicate to the masses what the choices we were actually making.

[–] joelthelion 14 points 1 year ago (2 children)

Wouldn't it be possible to add end to end encryption for DMs?

[–] [email protected] 25 points 1 year ago (2 children)

We could turn to good ol’ PGP

[–] [email protected] 13 points 1 year ago

That's the only way. I don't think there's any other solution that would allow for you being able to be sure that the instance you are on doesn't have a way to acess your data - any other e2e encryption integrated into Lemmy UI would not and cannot be reliable, because an admin can just rewrite the code as he sees fit.

Only solution to this is to just encrypt the message manually before it touches anything Lemmy UI.

load more comments (1 replies)
[–] [email protected] 18 points 1 year ago (3 children)

Possible doesn't mean easily doable, unfortunately. Technically speaking, I don't know how hard it would be for the fediverse. I get the sense that overall it's been a mismanaged aspect of the ecosystem for a long time.

It touches on a broader issue of to what extent the software ecosystem enables users to exist on the fediverse at large as a single user or through a single interface. At the moment, it's basically not really a thing. Arguably, if the fediverse wants to make any claim to being an actual "federated universe" rather than just separate FOSS decentralised platforms (there is a big difference IMO) ... then it should definitely be a thing.

In relation to DMs, then, in a "true fediverse" the answer would be simply something like integrating matrix into your interface such that you and I could easily start a space on matrix and start chatting there if we wanted to.

I've come to the conclusion that for this to happen it needs to happen at the UI/client/app level. In fact, I wouldn't be surprised if that happens in not too long a time. An app that understand and works well with all of the major platforms and gives you a single and well designed interface for working with all of them from a single space. This way the platform developers can focus on their specific funcionality and backend while the app/client developers can focus on the UI and the challenge of bringing things together. I see it as similar to the way we all have email apps that easily bring together multiple email clients.

load more comments (3 replies)
[–] [email protected] 8 points 1 year ago (1 children)

thanks for the link, explains it very well. how bout my activity, like IP address, up/down votes, clicks on links, favorites and whatnot, is that federated around or how does that work, i.e. who has access to it?

load more comments (1 replies)
load more comments (6 replies)
[–] nostalgicgamerz 123 points 1 year ago* (last edited 1 year ago) (7 children)

FBI needs to go after the actual “domestic terrorists” The one wrapping fascism with a cross and holding a bible

[–] [email protected] 73 points 1 year ago* (last edited 1 year ago) (1 children)

Why would they go after their own families?

[–] [email protected] 38 points 1 year ago (2 children)

Some of those that work forces...

[–] root 9 points 1 year ago
load more comments (1 replies)
load more comments (5 replies)
[–] [email protected] 43 points 1 year ago (3 children)

You aren't allowed to have anarchist worldviews in the US?

[–] [email protected] 49 points 1 year ago (2 children)

In mid-May 2023, the home of one of Kolektiva.social's admins was raided, and all their electronics were seized by the FBI. The raid was part of an investigation into a local protest. Kolektiva was neither a subject nor target of this investigation. Today, that admin was charged in relation to their alleged participation in this protest.

[–] [email protected] 14 points 1 year ago
[–] [email protected] 7 points 1 year ago (1 children)

The raid was part of an investigation into a local protest.

Protests are illegal? Since when?

load more comments (1 replies)
[–] [email protected] 27 points 1 year ago

It says he was arrested for activities unrelated to Mastodon, just happened to be working on an unencrypted backup which was also seized. No clue why he was arrested.

[–] [email protected] 9 points 1 year ago* (last edited 1 year ago)

You aren't allowed to have leftist views of any kind in the USA. Ask Fred Hampton.

[–] [email protected] 37 points 1 year ago (1 children)

mfs doing stuff like this really need to stop living in america bruh 💀

[–] [email protected] 17 points 1 year ago (3 children)

Wait til you hear about extradition

load more comments (3 replies)
[–] [email protected] 33 points 1 year ago (1 children)

[...] This is exactly what the admins over at Kolektiva.social have done and now one of them has been raided and charged by the FBI for activities unrelated to Mastodon

Clickbait.

[–] [email protected] 13 points 1 year ago (2 children)
[–] [email protected] 34 points 1 year ago

Yes, but the title makes it sound like it was because he was running an anarchist Mastodon instance. That's not why, he just happened to be doing a backup when he was raided, the backup was unencrypted, and they seized it. Has nothing to do with him running an anarchist instance from what I can tell.

load more comments (1 replies)
[–] [email protected] 27 points 1 year ago (6 children)

Well thats worrying for everyone federated with them.

[–] [email protected] 68 points 1 year ago (1 children)

Is it? As far as I know, identifying data such as IP addresses are not transmitted between instances.

load more comments (1 replies)
[–] [email protected] 33 points 1 year ago

oh no! they have all the posts that people publicly posted onto the Internet!

[–] aski3252 26 points 1 year ago (3 children)
[–] [email protected] 12 points 1 year ago* (last edited 1 year ago)

Maybe the thinking is that whatever that server was raided for may have been federated to other servers, making them also targets for FBI raids.

Edit: Looks like the admin was raided for participating in a protest and the Mastodon instance wasn't the target at all, in which case why did they take that data at all?

load more comments (2 replies)
load more comments (3 replies)
[–] [email protected] 23 points 1 year ago* (last edited 1 year ago) (4 children)

FBI claiming it's for non-Mastodon related reasons, but that could be a cover. https://kolektiva.social is still up

Regardless, I don't think they even have to ask to get this sort of data from any of the big platforms.

[–] [email protected] 15 points 1 year ago (1 children)

There was never any lag in service. I'm on that instance. I believe the person was raided due to their activism and had a backup of some data but not the actual server. They made an announcement and told people to change their passwords. Many lost a degree of trust but are being as transparent as possible with members. https://kolektiva.social/@admin/110637031574056150

[–] [email protected] 17 points 1 year ago

Yeah, what the fuck are you supposed to do? Ask the FBI to please come back later?

It's a good reminder for folks with concerns to not say anything on a platform that isn't end-to-end encrypted that you don't want folks finding out about, to not use an email you don't want associated with yourself, and to use some sort.of VPN or Tor if you need to hide your IP address.

And if course use unique passwords but I would really hope people do that already.

[–] [email protected] 13 points 1 year ago (1 children)

Yeah the 'happened to have a bunch of unencrypted data laying around' bit seems odd. Would make sense if they got picked up for something else and that was the bargain. Fucked if I know though

load more comments (1 replies)
load more comments (2 replies)
[–] [email protected] 15 points 1 year ago (1 children)

What did they get raided for?

[–] [email protected] 16 points 1 year ago (1 children)

Something involving a local protest here's the post announcing what happened https://kolektiva.social/@admin/110637031574056150

[–] [email protected] 22 points 1 year ago* (last edited 1 year ago) (1 children)

Unfortunately, at the time of the raid, our admin was troubleshooting an issue and working with a backup copy of the Kolektiva.social database. This backup, dated from the first week of May 2023, was in an unencrypted state when the raid occurred and it was seized, along with everything else.

Oh the FBI just happened to visit when they unencrypted the database? How convenient!

load more comments (1 replies)
[–] [email protected] 13 points 1 year ago (2 children)

How is the data handled on Lemmy compared to Mastodon?

[–] [email protected] 49 points 1 year ago (3 children)

Probably the same. This bears repeating: All your information online is and always has been available for others to collect and see, from FBI to advertisers. If you want any amount of protection, it must be with E2E encryption for which you own the keys.

We taught online safety in the 90s. Did we all just collectively forget this in the last two decades?

[–] [email protected] 19 points 1 year ago (1 children)

They stopped teaching about computers. I tutored high schoolers about 10 years ago and they didn't know how to use computers fluently. It moved to the realm of expecting parents to teach to their kids along with taxes and career planning.

Speaking of which, I grew up in the 90s pre Internet, and started using the Internet in middle school. Definitely never got any official Internet safety lessons. Maybe I was a little too early? Idk. But by the time I was 30 schools were not teaching this at least from what I saw

[–] [email protected] 10 points 1 year ago (2 children)

The other day, I spoke to an 18 year old who didn't know the difference between "copy and paste" and "cut and paste". I want to know what the hell they're doing in IT classes. Do they just assume that kids these days are good at tech because it's so ubiquitous? Because that's a dangerous assumption

load more comments (2 replies)
[–] [email protected] 11 points 1 year ago

Yeah pretty much. As soon as facebook broke the ice on "never use your real name on the internet" it was over. Now we have entire generations that were introduced to the internet as one that was ruled by social media sites. They were never even taught the same online safety stuff that we grew up with.

load more comments (1 replies)
[–] AlmightySnoo 11 points 1 year ago (1 children)

DMs aren't stored securely (Lemmy even warns you of that)

load more comments (1 replies)
[–] Rhoeri 9 points 1 year ago

Insecure data? Does it just need a few compliments?

[–] [email protected] 8 points 1 year ago

You need to consider anything and everything you post to the Fediverse to be part of a public, everlasting record. At least in it's current state, the Fediverse is not the place for privacy oriented users.

[–] [email protected] 8 points 1 year ago

And that’s why it’s good to join a small instance that aligns well with your privacy stance.

load more comments
view more: next ›