- cross-posted to:
- foss
- cross-posted to:
- foss
Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.
- Deleted comments remain on the server but hidden to non-admins, the username remains visible
- Deleted account usernames remain visible too
- Anything remains visible on federated servers!
- When you delete your account, media does not get deleted on any server
This is a negative behavior by Lemmy, in my opinion. Deleted comments should be purged after some time. Tildes does the same thing - I think with 30 days?
These should be replaced with some random string of characters or something like DeleteUser<numberhere> or something.
This is just a concession of federation.
This is an issue, too, in my opinion.
Honestly, this is definitely something that can be added - and in fact it might even be beneficial to server costs. Alongside optional deletion of cached data from other instances maybe a year or two after the data arrived.
People need to remember that Lemmy is an alpha software - we haven’t even reached the big 1.0 release
can’t anyone who runs a lemmy instance script all that in the db? alternately, can’t anyone who claims to do so just not do it in the db? it’s not like you would ever know.
A sketchy instance operator isn’t really a solid defense against implementation of better privacy features in the source code.
No, but it’s important with privacy features for people to actually understand how they function and what their limitations are.
Lots of people think that incognito mode hides their activity from their ISPs. Last thing we want are people using Lemmy and thinking they can e.g. use it for secure communication, and getting caught by the feds.