Privacy drove me off reddit, I looked around for these answers but not sure where to come across them.
Am I sharing my IP address/ location with my host instance?
is there a log of my view history
are there general privacy concerns that I am not thinking of?
I do not want to be in a position where a Government creates an instance, and allows them to monitor.
Am I sharing my IP address/ location with my host instance?
Yes. If you connect to any server whatsoever, the server will have to know your IP, otherwise it can not send any data to you and the whole connection cannot be established. With your IP, one can figure out your (rough) location.
is there a log of my view history
As far as I can tell, yes. There is the option “show read posts” in your option menu which hides posts you have already read. In order for this to work, your read history has to be saved somewhere.
are there general privacy concerns that I am not thinking of?
There are always privacy concerns when accessing/using any service or server on the internet, at the end of the day it comes down to protecting yourself and using services you trust.
A potentially specific issue with federated, decentralized and self-hosted services such as lemmy is that the people who are running the servers are mostly hobbyists. Most will probably also work in IT professionally, but in general, people who host lemmy are doing it in their spare time at their own cost. This could potentially mean that they have less resources to secure their servers and the data on it than a multi-million dollar company.
Another thing to keep in mind on lemmy is that private/direct messages are not encrypted, which means that server admins can read your direct messages (there is a warning about this when you write a direct message).
I do not want to be in a position where a Government creates an instance, and allows them to monitor.
I’m not quite sure if I understand your worry here correctly. In general, most of the content that is posted on lemmy is publicly available anyway, so they wouldn’t even need an account to get that information, let alone their own instance.
And if governments have an issue with a user where they want information on a user, they can just contact the site admin and demand the information from them. So if you are planning on posting stuff that is considered illegal where you are from or if you are planning to access content that is considered illegal, Lemmy is probably a bad place to do that
There is the option “show read posts” in your option menu which hides posts you have already read. In order for this to work, your read history has to be saved somewhere.
I just want to add to this, the read history is marked as read if you upvote downvote the post not if you just look at it which is good.
The project is open source so you can see what they are logging, if you can read the code.
But simply some things that are logged:
- IPs are logged but I don’t see them being associated with a user account. This looks to mainly be for rate limiting.
- What posts/comments you’ve looked at are logged. This is so the UI can gray out posts you’ve already seen or mark replies to you own comments as read.
From what I can tell neither of these data points are federated so only the instance your logged into has that information.
** Don’t use this as an exhaustive list. These are just the two items you specifically asked about and what I’ve seen looking through the code so far. **
I cannot read code so this is much appreciated. i guess the hard part me, and maybe for people who also want to join lemmy but are intimidated, is building trust with a host. IMO I think this will hold Lemmy back. thank you for answering
building trust with a host.
This is indeed one of the risks with lemmy and other federated, decentralized and self-hosted services. Those services are generally hosted by hobbyists, not by companies, which seemingly makes it a bit harder to evaluate if you can trust a given server or not.
But it’s worth it to keep in mind that even though companies generally have a lot more resources to take care of security, there are still a lot of examples where they simply don’t do that, for example to cut cost. You also have no idea who works as an admin at “socialmediacompany x”. For example, there are a lot of admins working at twitter or reddit who you have never heard about (and never will hear about) who probably have access to your data.
And companies often just sell your data, an issue that you probably don’t have to worry with lemmy anytime soon (hopefully).
The way I deal with that and why I don’t worry very much about lemmy is to take care about what information I share. I don’t care that a server admin could theoretically find out which country I’m from through my IP. I don’t post sensitive information and I don’t send sensitive direct messages. I use throw away e-mail addresses. I also don’t plan on reading illegal content. And I don’t feel attached to a specific server/lemmy instance, I don’t care if my account is lost.
Try thinking about it more in the terms that everything you do will be public. Don’t assume posts, comments, dms, etc will be private to you only. Some admins will for sure respect privacy better than others, but there could always be data breaches, etc.
I’m hoping there will be some sort of e2e encrypted messaging in the future for DMs, but I don’t think something similar makes since for posts and comments.
host your own instance and use that for your account.
if you can’t host, you’ll have to trust somebodies instance like you do with reddit etc
Join lemmy.dbzer0.com, the admin would rather die than to share any info with any government agency.
Ok, so by visiting a server you are sharing your IP (obviously you could use VPN/Tor to prevent that). By clicking your username I can see your posts but I cannot see what you view. I’m not even sure if a server admin could see that, but they could potentially correlate your IP with the pages you request. However, I don’t think a server admin with federation would be able to see what you visit since the federated content is duplicated on your home server, so i think it would still only be visible to your server’s admin. Not 100% sure tho, hopefully someone will chime in that knows more
But this is a great example of why you need to find a server admin you trust, because servers could also run modified lemmy code or be tracking user data, etc
Or create your own instance and federate
Every time you visit any website someone will know your IP address. Unless very specific measues are taken that “someone” will be whoever operates that website.
Lemmy has features (I think they are optional) that will tell you that you viewed a post and how many new comments a post has from the last time you viewed it, that necessarily requires tracking. I cannot say whether turning this feature off disables the tracking or just doesn’t show you that information without digging into the code, this is only local to your instance.
There is also likely to be some level of logging at the server and any reverse proxy layers that could, with effort, be used to figure out what you looked at with reasonable accuracy. Again, this is only on your instance. Some instances may not create/store logs, but it is usually important to do so to troubleshoot if things go wrong, especially with as immature a software project Lemmy is.
Any time you visit a website you are putting a large amount of trust in the site operator, your ISP, your DNS provider, etc. if state actors are in your threat model.
If you run your own instance you have better condom of this, and the only thing potentially externally observable is that a post has been sent to your server. Also, you should run your own server anyway.
Yep, anytime anyone accesses anything on the internet, there are certain privacy concerns to be had. They are generally not an issue if you aren’t being reckless, but there is still always a risk.
If you are worried about anyone knowing your IP, the only way to avoid that is to not access the internet at all. The IP address is the address which is used to send you data, which is a necessity if you want to access anything. When you access a website for example, you are asking the web server to send you a webpage which you then see on your screen, otherwise you could not see it. In order for the server to send you that webpage, it needs your IP.
It’s as if you asked “If I order a package online, do they know my address?”. Well yes, they have to know your address, otherwise they cannot send you the package.
1st one is yes and it has to be yes in order for you to use internet.
deleted by creator
Am I sharing my IP address/ location with my host instance?
You share your IP Address with ANY online service you interact with. This is how it talks back to you to send you content.
is there a log of my view history
Not by default. However, enabling verbose logging on the webserver can indeed log this information. Just- not in a pretty way.
are there general privacy concerns that I am not thinking of?
Anytime you comment, post, or vote, that data is stored in a database and sent to every other instance subscribed to the community for which you are interacting with, and then stored in their database as well.
So- tldr; lemmy isn’t really a privacy-focused place. Although, its honestly not much different then reddit. Reddit logs EVERYTHING you do, and then shares that data with third parties for the purpose of advertising.
Although, there isn’t anything in place in lemmy to prevent this data from doing the same thing. Silently, and without you knowing.
You need to separate what the instance owner sees vs what other federated instances see about you.
The instance owner will have access to everything, including your IP and view history. That is true for every website.
Other instance owners could potentially see what content you fetch from them. Not always, because usually it’s them sending the info over to your server, but there are “signed fetch requests” that the ActivityPub protocol supports and become relevant when you try to load content your instance hasn’t seen before.
Your upvotes and downvotes are currently also visible across instances.
The best way to use the fediverse is with a pseudonymous account with a username that isn’t tied to your identity.