I was thinking about this recently… By going to a federated system, one that essentially copies all of your content from one instance to another, when you delete a comment, does that comment get deleted on every instance? Is that even possible?

  • animist
    link
    English
    31 year ago

    Is it okay to encrypt a home server hard drive in this case?

    • Monkey With A Shell
      link
      fedilink
      English
      51 year ago

      That’s always an option, and my usual go-to when disposing of drives at least. It gets a bit scary to do so with the main prod data though, lose a key and everything is toast. If you have a solid means to keep crypto keys secure and redundant though by all means. It can put a hit on CPU and disk performance depending on how many random read/writes it has to do. I wouldn’t think it’s a great plan with a lot of fedi services just because of that factor. My mastodon instance has something like 116GB of attachment data in almost half a million objects, that’s a lot of encrypt/decrypt action to maintain.

      • GuyDudemanOP
        link
        fedilink
        English
        4
        edit-2
        1 year ago

        I’m not all that concerned with ACTUAL privacy/encryption but rather more concerned with lower-level things like stalking, harassment, employers doing research about their employees’ non-work habits, insurance companies, etc.

        I’m not talking about doing anything illegal and hiding from authorities who can use forensics on your data. Just general anti-corporate snooping and anti-harassment privacy protection.

        Like, I feel more inclined to sign up and use something more like Raddle.me instead of lemmy because the owner of that site has a philosophical mission in favor of privacy.

        • Hot Saucerman
          link
          fedilink
          English
          3
          edit-2
          1 year ago

          because the owner of that site has a philosophical mission in favor of privacy.

          Daniel Micay, the head programmer of GrapheneOS thankfully stepped down from his position, but not after entirely torching the goodwill of Louis Rossman, who liked GrapheneOS because it respected his privacy. Louis was then accused by Daniel of trying to destroy the GrapheneOS project and threatened with “exposure” which Louis expertly documented and lead to the GrapheneOS developer stepping down because of how absolutely unhinged he looked accusing Louis of this.

          https://www.youtube.com/watch?v=4To-F6W1NT0

          How are you so sure that the owner won’t pop off on you in such a way in the future? Lemmy at least you can 1. run your own instance and be in tighter control of your data and 2. If you really want to make it more secure, contribute to the codebase or 3. Make your own fucking fork of the codebase that is more secure and privacy oriented. Raddle may be open source, but it doesn’t look like you’re encouraged to run your own Raddle.

          Also, you’re still handing your data off to a stranger, who has made promises. What about those promises makes you think this stranger will keep them? It’s still inherently a risk, even if they never end up doing anything nefarious. You just don’t know their mind and can’t know their mind, and being just a user instead of someone who actually knows them in person, you’re only basing it on promises they’ve made in an attempt to try to draw people to use their service. Are you really sure the code that is running on Raddle.me is exactly the same as the open sourced codebase? This is a question that regularly gets asked in respect to Signal Messenger, is the code on the servers the same as what is actually released. How far does this “trust” based on words alone, go?

          To quote Mark Zuckerberg about people sharing information with him and why:

          people just submitted it

          i don’t know why

          they “trust me”

          dumb fucks

          You know whose mind you can know and trust? Your own. Thus making your own instance.

          And last but not least… You’re already here. You’re making a post about this here. You have an account. You have 23 posts and 352 comments. Sorry to say but you’re just not that worried about this issue, so this feels a little like concern trolling.

          • GuyDudemanOP
            link
            fedilink
            English
            21 year ago

            Definitely not concern trolling. Just finally thinking about all this stuff. Thanks for the insight.

        • Monkey With A Shell
          link
          fedilink
          English
          21 year ago

          It’s one’s own line and what you’re looking to accomplish. Privacy can have a lot of different faces.

          There’s public/profile data, does a site demand full identity authentication to get an account, is that info public on your profile, is your comment/browsing/post history public or concealed? All those things still generally will reside with the service and be readily available if someone asks.

          There’s the privacy of data in flight, my ISP actually has it in their TOS that they reserve the right to collect browsing data and sell it to third parties after the FCC (US based) gutted what little network privacy/neutrality we had in the past administration, so since then virtually all outgoing traffic goes over a pair of VPNs just to avoid, or at least make more difficult being another data-point in the internet marketing machine.

          There’s the privacy of data at rest, can anyone on my own network or that comes into contact with my systems read things that they shouldn’t be? File permissions or to the extreme end full disk encryption comes into play.

          All personal preference and risk tolerances. Some are fine with putting all their personal info and that of their contacts in public hands, that’s why places like Facebook exist to begin with. I’m pretty far on the other end of that spectrum.