To expand on this. If you are talking about anything online it is not private. That doesn’t matter if it’s in a WhatsApp chat, a telegram chat, a Lemmy post, a Facebook feed, etc. as soon as it hits a computer if someone wants to see it they will. There’s just hurdles to get it.
Few things more fun than telling people who harp about vaccines being tracking chips that if they’re worried about tracking they should ditch their smartphone, and watching them rage.
You mean the always-on GPS-enabled internet-connected microphone and camera which is also likely Bluetooth and NFC beaconing and contains all of my most personal data including my name, contacts, unencrypted chats facilitated by major cell phone carriers, photos, emails, and other personal files which are also likely synced with a cloud service operated by major multi-national corporations, and also stores biometric data such as facial recognition, fingerprints, time spent sleeping, and even heart rate and number of steps taken assuming you have “fitness” features enabled?
With those last couple items, these massive companies that regularly share data with law enforcement are literally tracking your every step and nearly every beat of your heart.
Well don’t worry about that, I’ve got Express VPN.
Detectives were able to run relatively simple tests to determine that the file had last been saved by a user named “Dennis,” and it had been printed using one of the printers at the nearby Christ Lutheran Church.
Maybe the article is badly worded, but it seems like they got metadata from the file, not the floppy disk itself.
Depends what and how you do it. VPN gives some level of anonymity. TOR even more so. These give you probably greater anonymity than anything else you have in offline live.
Yup. About 7 years ago I used to darkweb pretty hard in the drug scene (I haven’t in years so have at it, Mr. FBI).
Anyway I used Reddit subs a lot for info on new markets and onions, reliable sellers, and news on exit scams etc, but I only lurked - never commented. Anyone with a brain in their head knew they were honeypots.
I’m not sure that this is how it works in practice, but ideally:
Unless you are registered in their stance / are browsing directly in their website, your client shouldn’t be making any direct requisitions to their instance, so there is nothing they can infer your IP from.
(Everything you interact with is comes directly your instance - the only thing that interacts with other instances is the server)
That said, it’s possible for some links to direct to the original stance, in which case your client will have to make requests directly to the original instance hosting the content… looking around in this page a bit, it looks like the Community images (banner, icon etc.) are linking directly to the original instance, so I guess that’s a little bit of a problem - but just that shouldn’t be enough information for them to connect the dots between the IP address fetching the image and the account you’re using to browse
Associating IPs with social media accounts is a step towards identifying people so they can threaten them and force them into settlements.
It’s a numbers game for the lawyers. They want as much data as they can get to identify the largest number of people so they can demand an out-of-court settlement.
The “DMing pictures” part is just an example of how they could gather that kind of data from a social network like Lemmy that can’t be so easily subpoenaed, and allows image hotlinking. I don’t have any evidence that they are doing this (yet), I just know that it would work.
Is it possible a film studio, or legal agency, could set up a Lemmy Instance and then capture all our IPs?
AP protocol doesn’t propagate your IP
Absolutely. One of the biggest child porn groups is an FBI front for this purpose. I’d google the subject for a link but umm…no
So basically the only thing protecting our anonymity is the relative unpopularity of Lemmy?
To expand on this. If you are talking about anything online it is not private. That doesn’t matter if it’s in a WhatsApp chat, a telegram chat, a Lemmy post, a Facebook feed, etc. as soon as it hits a computer if someone wants to see it they will. There’s just hurdles to get it.
If you want anonymity stop using computers.
Ain’t this the truth.
Here’s story about a serial killer being caught by a floppy drive’s meta data.
https://www.grunge.com/332018/heres-how-the-btk-killer-was-finally-caught/
Few things more fun than telling people who harp about vaccines being tracking chips that if they’re worried about tracking they should ditch their smartphone, and watching them rage.
You mean the always-on GPS-enabled internet-connected microphone and camera which is also likely Bluetooth and NFC beaconing and contains all of my most personal data including my name, contacts, unencrypted chats facilitated by major cell phone carriers, photos, emails, and other personal files which are also likely synced with a cloud service operated by major multi-national corporations, and also stores biometric data such as facial recognition, fingerprints, time spent sleeping, and even heart rate and number of steps taken assuming you have “fitness” features enabled?
With those last couple items, these massive companies that regularly share data with law enforcement are literally tracking your every step and nearly every beat of your heart.
Well don’t worry about that, I’ve got Express VPN.
Maybe the article is badly worded, but it seems like they got metadata from the file, not the floppy disk itself.
It was either the FAT file or the file itself. The case is famous.
Privacy and anonymity are not the same thing.
You’re not anonymous online either FYI.
Depends what and how you do it. VPN gives some level of anonymity. TOR even more so. These give you probably greater anonymity than anything else you have in offline live.
Tell me you know nothing about computers without telling me you know nothing about computers.
CC BY-NC-SA 4.0
The internet is at it’s worst when it’s popular
The Federation of lemmy/mastodon instances is the worst part about it
Yup. About 7 years ago I used to darkweb pretty hard in the drug scene (I haven’t in years so have at it, Mr. FBI).
Anyway I used Reddit subs a lot for info on new markets and onions, reliable sellers, and news on exit scams etc, but I only lurked - never commented. Anyone with a brain in their head knew they were honeypots.
Hope I didn’t fall for Any honeypots. I sometimes wonder about posts in Piracy communities.
I’m not sure that this is how it works in practice, but ideally: Unless you are registered in their stance / are browsing directly in their website, your client shouldn’t be making any direct requisitions to their instance, so there is nothing they can infer your IP from. (Everything you interact with is comes directly your instance - the only thing that interacts with other instances is the server) That said, it’s possible for some links to direct to the original stance, in which case your client will have to make requests directly to the original instance hosting the content… looking around in this page a bit, it looks like the Community images (banner, icon etc.) are linking directly to the original instance, so I guess that’s a little bit of a problem - but just that shouldn’t be enough information for them to connect the dots between the IP address fetching the image and the account you’re using to browse
Don’t images also link back to the original instance?
They would just have to start DMing us meme images hosted on a server they control, and they’d get a list of IPs. All we’d have to do is look.
Fwiw, this would work on Reddit too.
Unless anyone shared the in image link anywhere else on the internet. “Judge, they looked at this publicly accessible image” is hardly evidence
Sometimes you don’t have to win a court case legally, to win a court case. Just the harassment of the lawsuit is enough.
That’s not a lawsuit they would even attempt, as it would get immediately thrown out.
People use the threat of lawsuit as an intimidation tactic all the time.
So they would send random DMs with pictures, to threaten lawsuits they couldn’t enforce, to achieve what exactly?
They wouldn’t have to send random DM’s if they got the IP addresses more directly, as the article describes.
The comment I originally replied to:
They know what torrents people download by IP.
anyone can figure that out: https://iknowwhatyoudownload.com/
Associating IPs with social media accounts is a step towards identifying people so they can threaten them and force them into settlements.
It’s a numbers game for the lawyers. They want as much data as they can get to identify the largest number of people so they can demand an out-of-court settlement.
The “DMing pictures” part is just an example of how they could gather that kind of data from a social network like Lemmy that can’t be so easily subpoenaed, and allows image hotlinking. I don’t have any evidence that they are doing this (yet), I just know that it would work.
Yeah, but do you publicly share every spam DM image that is shared with you? Would you even know if this happened, so you could react?
unless you visit the instance yourself or activitypub starts including user ips
I think not as the only instance that has your ip is the one you are registered on.
One would hope…
Only if you directly use their instance.