- cross-posted to:
- foss@beehaw.org
- fediverse@lemmy.world
- cross-posted to:
- foss@beehaw.org
- fediverse@lemmy.world
Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.
- Deleted comments remain on the server but hidden to non-admins, the username remains visible
- Deleted account usernames remain visible too
- Anything remains visible on federated servers!
- When you delete your account, media does not get deleted on any server
i use kbin because I don’t like lemmy’s devs 🙃
bonus points that it actually deletes things
Do you think kbin is just reaching into other servers and pulling the bytes off the disk? You can’t guarantee anything is deleted in a federated system, other servers can just ignore your delete request. So this makes no difference.
And it breaks easily. I still can see several posts on my private instance that have been deleted. The delete command never made it to my server for any number of reasons. As some posts never make it to my instance either. I guess in the long term some kind of delivery queue and guarantee would be nice.
deleted by creator
Surely this and “a federated system of deletion” is something that can be fixed by the open source devs after there done with the ungodly amount of work the influx of users creates?
There is a federated system of deletion, it just doesn’t have guarantees to work. The problem is that it’s a distributed system among untrusted actors. Usually the only way to have a distributed, secure, untrusted system is to use a blockchain. In the absence of a blockchain or equivalent, we keep the “distributed” and “untrusted” but concede the “secure”.
This doesn’t just go for deletions. It also means submissions or edits might not affect other servers. Malicious servers could also change all your posts to say “I’m an ugly moron” and those could get propagated to other servers.
This is being naive. Don’t trust a server you don’t run yourself.