You’re 100% not anonymous. On Lemmy it’s trivial to see who you are. If your activities put you in danger from your local authorities, lemmy is going to be very dangerous for you.
Let’s suppose your documenting human rights abuses in authoritarian country A. You post that documentation to a local Lemmy instance. That instance is federated. Your post makes it across the lemme verse. All is good. But repressive government A wants to kill that post. So they Target the original Lemmy instance, and all of the users using it, that they can exert control over. They may not know a specifically you, but an authoritarian government would have no problem talking to everybody using that instance.
If you’re in danger from local authorities, you need to use more than just Lemmy. Use tor, using anonymous VPN, follow the EFFs guide for investigative journalists.
We are not a big instance, but there is no way on earth we are handing any details of our users to some foreign government. It would actually be against Australian law to do that if we even wanted to.
Hell, we don’t even know anything about our users. Most of them have provided an email. That’s literally all we know about them.
An oppressive government doesn’t need your cooperation, they can simply monitor the traffic and see who’s connecting to your instance from their country. Especially if the user isn’t using a VPN. Some governments are in the habit of logging all internet traffic, maybe not the data itself, but the flow information. So then they just look at who from their country was connected to your instance at the time of this post. And it becomes fairly easy for them to backtrack responsibility
If it happens to be the government of the location of the server, they can physically take it and take the logs.
If the country of the servers location, and the oppressive government have legal agreements, it could be part of a criminal investigation which gives up the users information, or civil discovery.
Lemmy is decentralized, which is great, but it is not anonymous.
Not to mention the Mosaic theory of information discovery, most users are probably outing themselves through all of their posts. If they post frequently. Especially if you have domestic information sources, you can take photos find locations, take all the constraints from all their posts and find a fingerprint for the person. You could do it for me. I’ve outed enough information from my posts where you can find who I am if you have enough ancillary data.
Our servers sit behind cloudfront, the same as half the Internet. All that foreign government will see is cloudfront traffic. That won’t tell them much. I don’t think Amazon will give out their data to some foreign government easily either, since that’s their whole business model.
It isn’t as trivial to identify a user from their metadata as you seem to be saying.
Especially because the OP is posting from suppo.fi and not using your setup from Aussie.zone.
If someone is at risk, they should follow the data hygiene suggested by the EFF. Especially if they’re concerned about their safety. Which was the implication in OP’s post.
To your point about cloud front, not all web clients use encryptid hello yet, or encrypted DNS, so people monitoring connections to cloud front can see the domain you’re trying to connect to. This is exactly why CloudFront and AWS were upset with the signal foundation for doing domain front running when connecting to their services.
I think there’s a real fear that federation can potentially leak a significant amount of user data, down to IPs and tracking fingerprints. Even if the version in the main git doesn’t do that, it’s not inconceivable that this kind of data mining could be quietly implemented as extensions/forks at some point. The threat surface just seems so massive with all the different servers involved in the trust model.
I wanna add to this that censoring is a bit more relaxed. Every post lies on an instance, and control is given to hosts of an instance. So to censor, an actor has to gain control of the instance or the account that made the post.
That said, if you are in the confines of political oppression, as the commenter above me said, never take your anonymity for granted and take active steps to stay safe.
You’re 100% not anonymous. On Lemmy it’s trivial to see who you are. If your activities put you in danger from your local authorities, lemmy is going to be very dangerous for you.
Let’s suppose your documenting human rights abuses in authoritarian country A. You post that documentation to a local Lemmy instance. That instance is federated. Your post makes it across the lemme verse. All is good. But repressive government A wants to kill that post. So they Target the original Lemmy instance, and all of the users using it, that they can exert control over. They may not know a specifically you, but an authoritarian government would have no problem talking to everybody using that instance.
If you’re in danger from local authorities, you need to use more than just Lemmy. Use tor, using anonymous VPN, follow the EFFs guide for investigative journalists.
https://ssd.eff.org/
I’m sorry, what?
We are not a big instance, but there is no way on earth we are handing any details of our users to some foreign government. It would actually be against Australian law to do that if we even wanted to.
Hell, we don’t even know anything about our users. Most of them have provided an email. That’s literally all we know about them.
An oppressive government doesn’t need your cooperation, they can simply monitor the traffic and see who’s connecting to your instance from their country. Especially if the user isn’t using a VPN. Some governments are in the habit of logging all internet traffic, maybe not the data itself, but the flow information. So then they just look at who from their country was connected to your instance at the time of this post. And it becomes fairly easy for them to backtrack responsibility
If it happens to be the government of the location of the server, they can physically take it and take the logs.
If the country of the servers location, and the oppressive government have legal agreements, it could be part of a criminal investigation which gives up the users information, or civil discovery.
Lemmy is decentralized, which is great, but it is not anonymous.
Not to mention the Mosaic theory of information discovery, most users are probably outing themselves through all of their posts. If they post frequently. Especially if you have domestic information sources, you can take photos find locations, take all the constraints from all their posts and find a fingerprint for the person. You could do it for me. I’ve outed enough information from my posts where you can find who I am if you have enough ancillary data.
Our servers sit behind cloudfront, the same as half the Internet. All that foreign government will see is cloudfront traffic. That won’t tell them much. I don’t think Amazon will give out their data to some foreign government easily either, since that’s their whole business model.
It isn’t as trivial to identify a user from their metadata as you seem to be saying.
I stand behind my advice.
Especially because the OP is posting from suppo.fi and not using your setup from Aussie.zone.
If someone is at risk, they should follow the data hygiene suggested by the EFF. Especially if they’re concerned about their safety. Which was the implication in OP’s post.
To your point about cloud front, not all web clients use encryptid hello yet, or encrypted DNS, so people monitoring connections to cloud front can see the domain you’re trying to connect to. This is exactly why CloudFront and AWS were upset with the signal foundation for doing domain front running when connecting to their services.
I think there’s a real fear that federation can potentially leak a significant amount of user data, down to IPs and tracking fingerprints. Even if the version in the main git doesn’t do that, it’s not inconceivable that this kind of data mining could be quietly implemented as extensions/forks at some point. The threat surface just seems so massive with all the different servers involved in the trust model.
I wanna add to this that censoring is a bit more relaxed. Every post lies on an instance, and control is given to hosts of an instance. So to censor, an actor has to gain control of the instance or the account that made the post.
That said, if you are in the confines of political oppression, as the commenter above me said, never take your anonymity for granted and take active steps to stay safe.