Final post: Ah fuck it, I made it all up. Lemmy.world is a good instance you folks have nothing to worry about here. I doubt they took that meeting, I’m out.

Go ahead, ask the admins, surely they’ll tell you they did not take the meeting.

Removed by mod

Removed by mod

Yeah so what? Its not like either of you signed up here.

Removed by mod

I’ll respond to comments on this thread, and no matter what, I’m done using lemmy.world after this.

I will not ask my fellow lemmy community members to blindly trust me on this.

I also will not expose my sources.

I thought it would take a long time for me to be sure enough to make this post. But I’m making it less than three weeks after joining lemmy.

If you want, you can take a wait and see approach.

I never wanted to admin an instance, I don’t think I have time for it, but I have enough to convince me that I should.

I don’t expect blind trust from you guys, because youve proven to be intelligent and diligent in my time here. But for the love of Foss and open, distributed platforms and what WE believe that means, please use your judgment when considering your home instance for lemmy.

I am almost certain lemmy.world admins will ignore this claim.

[we are doing it for the] “integrity of information and resources connected to the Clemson network”.

They’re not doing it to censor or discourage use. They’re doing it because they don’t want the software running on their network alongside their network resources.

You can still use tiktok, just not while connected to their network infrastructure.

Removed by mod

Removed by mod

Removed by mod

Removed by mod

Removed by mod

Removed by mod

Removed by mod

I’d love to take credit but that was midjourney (and all the artists that feed its capabilities.)

I think my prompt was “a logo featuring a mouse holding a magnifying glass”

I’ve since realized that I should have said lemming instead of mouse, but a dummy like me can only do so much.

Great point and ideas, I hope to see things like this introduced as the lemmy project matures

Those are good practices if you have privacy concerns.

we’re just talking about custom interfaces to analyze public data

Semi-public. As it stands, only instance admins have access to per-user vote data. Possibly also API users, but I’m not sure the lemmy api has an endpoint for exposing per-user vote data, I believe it just gives you a tally of the up/down votes of posts and comments, but not who made each vote. But most people don’t have the skillset to host their own instance and process the data into something meaningful/easy to digest.

You could make the argument that semi-public is basically public, but I think there is some nuance to be explored:

Once a site like open lemmy stats launches, it becomes trivial for any user to query that data, who upvoted what, who downvoted what, when they up/downvoted it, etc.

There’s a difference between something being available to people motivated enough to get it vs it reaching critical mass and being trivial to access by anyone with a browser. How the data is ultimately used, whether it is used nefariously or not, is going to be up to the people that access openlemmystats and what they wish to use it for.

Which has me considering an analogy, without expressly intending to make this political, please consider the statement “guns don’t kill people, people kill people”. “Openlemmystats doesnt harass political dissenters! The people who use it do!”. One could argue that openlemmystats wouldn’t do anything inherently bad, it’s the people who would use it. Just like with guns, there will likely be debate on whether or not the world would be better without openlemmystats or if we should start doing things to make it impossible for openlemmystats-alike sites to exist.

That said, I mostly agree with you, and I appreciate your privacy suggestions/best practices, good stuff!

Edit: for the record, I think “guns don’t kill people, people do” is a stupid statement, but I thought it was an interesting analogy. That is to say nothing of my feelings on gun control, I’m just not a fan of distilling complex issues into dismissive one line statements.

it’s an absolute nightmare

Indeed! I felt it was important to illustrate this, to Jumpstart discussion and hopefully motivate some talented/passionate devs to start thinking about this. Not that they haven’t, but there’s been a lot of handwaving on lemmy this week when someone brings up the vulnerabilities of the fediverse. I wanted to further illustrate the possibilities.

I’m encouraged by seeing folks like yourself taking the implications seriously (not to say you ever didn’t take it seriously)

I definitely expect a drawn out game of whack a mole as lemmy devs, instance admins and key contributors start seeing stuff like this pop up, and they develop tools or tech to mitigate abuse, until another exploit is found by bad actors, rinse and repeat.

Some say it’s an inherent flaw with federation/activitypub but I expect/hope it progresses the way other vulnerable tech has.

For example, in the early days of wifi it was pretty trivial to packet sniff (a practice that lets you peer into other folks network activity). Now most sites encrypt their transmitted data and while the packets could be sniffed over an unsecured network, the data within stays safe because it’s encrypted (assuming most sites that deal with sensitive data now encrypt, which in my experience, they do)

Furthermore WIFI as a technology has gone through many iterations, each one bringing with it better and stronger security, to the point where average Joe can setup a secure home network by following the quick start guide included with their router, which these days is essentially plug in, power on, choose a password, and authenticate with your devices.

I expect activitypub and fedi tech to develop in the same way: releasing patches and updates and ammending the standard to combat/mitigate abuse of an open federated platform., it’s gonna take time though.

Edit: typos