Lemmy

12864 readers

4 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 5 years ago

MODERATORS

[email protected]

Can instance admins see users' history of visited post? (reddthat.com)

submitted 2 years ago by [email protected] to c/[email protected]

16 comments fedilink hide all child comments

As we are concerned about privacy, I am curious just to understand if lemmy can be at some point exploited by someone to profile its users.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 2 years ago (9 children)

That may not be possible with web technology.

Browsers send URLs to web servers. The web server has to have the URL the user wants in order to serve a response; and it has to know who the user is in order to check permissions (e.g. don't accept a moderation action from a user who is not a moderator).

This inherently creates an opportunity for the web server to record any details about that exchange.

[–] [email protected] 2 points 2 years ago (8 children)

What if database entries are encrypted, so that a person cannot match email and username with the requests in the urls?

Users' client create encryption key on client side. Would it make sense?

[–] [email protected] 1 points 2 years ago (1 children)

Somehow the server has to be able to look up the user's subscriptions so it knows what posts to show them.

[–] [email protected] 1 points 2 years ago

I am mainly thinking about matching navigation history with identifiable information... You are right, It's a tricky thing...

I also wonder, if lemmy becomes a thing, with numbers in the same order of magnitude of reddit, if and how gdpr will affect server admins... Having a privacy anonymization tool built in by design might avoid headaches on the long term

load more comments (6 replies)