fraksken

joined 2 years ago
sorted by: new top controversial old
What to do with a broken monitor? in c/technology@lemmy.world
[–] fraksken 4 points 2 years ago

Best answer

How reddit crushed the biggest protest in its history: Did it, though? in c/fediverse@lemmy.world
[–] fraksken 15 points 2 years ago

Saw Lemmy, never looking back. I hated the mobile web interface anyway.

This is Fine: Optimism & Emergency in the P2P Network in c/infosecpub
[–] fraksken 2 points 2 years ago

i understand that for these channels there is little oversight in how admins would (ab)use the platform amd it would indeed be easy for a bad actor to set up its own instance and invite users. My point is that a Lemmy instance perhaps has 10 or 20 admins who can access privileged data, while larger platforms have thousands of admins, with or without an NDA in place. I agree that users on the internet are more often than not oblivious to the fact that - if they don't own the service (self host) - they don't own the data. This is nothing new. Microsoft administrators (within an organisation, not affiliated with microsoft itself) are able to read user e-mails. there is no secrecy on any network unless you have e2ee in place. There are a few specialised services who'se selling points are security and privacy (signal, proton, ...). Outside of those services, I would not trust my data to be private. In my opinion, what you're describing is a problem of educating people. with the current popular mindset of "I have nothig to hide", education becomes increasingly difficult. Everybody has things to hide. Their social security number, their passwords, their medical data, their darkest fantasies or deepest fears, all can be exploited by bad actors, and all is just beig published on the internet without afterthought.

In a perfect world, I agree, pm should have e2ee. I also recognise that the current version of Lemmy is 0.18. no major release yet. I'm confident they will work on it at some point. I might do it myself if I were a programmer (am not, no idea how to get started). Lemmy is young and open source, it will need time to mature.

This is Fine: Optimism & Emergency in the P2P Network in c/infosecpub
[–] fraksken 1 points 2 years ago (2 children)

While I agree that to the layman this may sound freaky, I would imagine it not being ao much different than google/twitter/... where admins/moderators being much more plentiful with full access to your accounts and data (no references, this is an educated guess). it's the same with hosting e-mail for yourself and onboarding users. full disclosure to the users: disks are encrypted, but messages are stored in plain text. like the peer comment mentioned, for true e2ee, you'd use different tools than mail or pm messages on any message board.

I do celebrate security and encryption, but best use them where it counts.

view more: ‹ prev next ›