Ignoring the users’ aggressiveness against Lemmy, is what they say true?if so, I hope this can be patched.

  • simeon@reddthat.com
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    1 year ago

    They’re exaggerating the problem. You can get a users IP and user-agent string, but only in a vacuum, not linked to your username or anything else. And even if you could, this wouldn’t be mutch of a problem, because this information gets passed to basically everyone and doesn’t reveal mutch(only strongly approximated location(next big city in the worst case) and what browser an operating system you’re using). Comparing this to email tracking pixels is a misleading comparison, because these can be connected to a single person(the recipient of the email), making the information more valuable(and add another layer of information, such as the time the email was first opened).

    • tal@kbin.social
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      1 year ago

      It doesn’t give up the IP alone, but it could be a component in that. You could deanonymize people by correlating vote data. That is, if only one user and IP has both viewed an inline image in and voted on any set of posts, then the IP and the user probably go together.

      EDIT: That being said, I doubt that it’s that much worse than ordinary, non-inline images in that regard, unless users are voting on images without actually viewing them.

    • PriorProject@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Comparing this to email tracking pixels is a misleading comparison, because these can be connected to a single person (the recipient of the email), making the information more valuable…

      Lemmy private messages are directly comparable to the individual user scenario of emai, and they support tracking images like this.

    • solrize@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      If yes that should be fixed. Transcluding images from 3rd party servers enables tracking. It might be ok to enable a few trusted lemmyverse servers as image hosts.

  • Teppic@kbin.social
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    Depending how the user made the post, this is/was equally true on Reddit. It is a function of the post linking to the image in it’s original location …but this is no worse than browsing images/data in any other way; you always give away some data (like your IP address) when you browse.

  • cakeistheanswer@lemmy.fmhy.ml
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’m not immersed enough in the specific code to load images and would like to know as well, but I can attest it’s definitely a problem in email architecture. @dessalines@lemmy.ml is probably the party you want if you want first hand info.

    Also a stellar example of why I wish we could actually work together a little more. The ideological opt out of raddles software shows there are indeed legitimate concerns on platform privacy, but rather than work to harden it we’re behind walls hucking pejoratives. Hundreds of years of team red vs team black, and I am exhausted with it.