Now is a good time to remind users that you are placing some trust in the instance that you use. Lemmy is not anonymous. It is pseudo-anonymous. Your instance can do pretty much anything with your account up to and including turning your account into a sock puppet, and they know exactly where you’re connecting from.
With that said, it’s a lot better than most social media today that actively tries to violate your privacy at every turn.
This is part of why I signed up through FMHY. If anybody is going to try to protect my privacy it is probably going to be the very actively pro-piracy group.
To add to this: some instances require your email address, and others don’t.
Obviously there are plenty of other ways you won’t be really anonymous, but if it’s important to you, one step in mitigating issues is not to have an email associated with your account.
I’ve been partial to https://mailinator.com, but some services are getting wise to it (and blocking *@mailinator.com addresses). Thanks for sharing an alternative!
Your instance could (edit: theoretically, if they’re running custom Lemmy code) track you by your browser fingerprint (screen size, installed fonts, plugins, etc.). Others could keep a profile on you based on what you comment/post/upvote and when.
So if I’m on an app instead of a browser, that app developer would have to provide info on me too?
As for what I comment/post/upvote, that’s not really what I’m asking about as that’s a profile on what I do, not who I am from an identifiable point of view (correct me if I’m wrong)
Depending on the content you post though, it could hypothetically be traced to you. Potentially even mundane things like mentions of geographic locations, word choices, common phrases you use, common topics – all of those could be considered at least partly identifying in the right contexts (assuming someone was looking for it and already had info about some particular cue that indicates you).
The point is: you can’t really be too careful, and realistically should assume there is always a way someone (including yourself) could be jeopardizing your privacy, if not overtly (by some kind of software or network tracking) then by holes in operational security.
Now is a good time to remind users that you are placing some trust in the instance that you use. Lemmy is not anonymous. It is pseudo-anonymous. Your instance can do pretty much anything with your account up to and including turning your account into a sock puppet, and they know exactly where you’re connecting from.
With that said, it’s a lot better than most social media today that actively tries to violate your privacy at every turn.
This is part of why I signed up through FMHY. If anybody is going to try to protect my privacy it is probably going to be the very actively pro-piracy group.
To add to this: some instances require your email address, and others don’t.
Obviously there are plenty of other ways you won’t be really anonymous, but if it’s important to you, one step in mitigating issues is not to have an email associated with your account.
You can always use https://10minutesemail.net/ for the required email. No muss no fuss
I’ve been partial to https://mailinator.com, but some services are getting wise to it (and blocking *@mailinator.com addresses). Thanks for sharing an alternative!
What about using something like a protonmail address for all social media email?
A good strategy, but still less secure by definition than no email at all.
Iirc proton mail has a backdoor. Though they likely won’t be used outside of ‘nať-sećurity interests’.
Guys, this is fact, also downvotes aren’t private.
You may know the answer to this. If I’ve signed up with no email, and whilst on a secure VPN, how are they going to track me?
Your instance could (edit: theoretically, if they’re running custom Lemmy code) track you by your browser fingerprint (screen size, installed fonts, plugins, etc.). Others could keep a profile on you based on what you comment/post/upvote and when.
Screen size?! I’ll just buy another monitor then.
So if I’m on an app instead of a browser, that app developer would have to provide info on me too?
As for what I comment/post/upvote, that’s not really what I’m asking about as that’s a profile on what I do, not who I am from an identifiable point of view (correct me if I’m wrong)
Depending on the content you post though, it could hypothetically be traced to you. Potentially even mundane things like mentions of geographic locations, word choices, common phrases you use, common topics – all of those could be considered at least partly identifying in the right contexts (assuming someone was looking for it and already had info about some particular cue that indicates you).
The point is: you can’t really be too careful, and realistically should assume there is always a way someone (including yourself) could be jeopardizing your privacy, if not overtly (by some kind of software or network tracking) then by holes in operational security.