The downside of everything being federated is that it’s really easy to listen in. Make sure to keep yourself anonymous online!
I don’t think they really need to run an instance to conduct surveillance on the Fediverse. Maybe it makes things easier, but a lot of this is public anyway. Just because Google isn’t putting a lot of this in search results yet doesn’t mean it can’t be scraped by people who are interested in scraping it.
Yeah but the traffic from scraping other instances is going to get noticed real quickly, whereas a small instance federating with everyone else isn’t really suspicious.
Doesn’t even have to be an instance.
Custom code that runs the pubsub protocol… Without publishing anything.
Everything is open.
Unless instance admins find thepubsub instance suspicious and defederate it, at which point it won’t be able to receive posts/comments
I bet the Kremlin is sponsoring one at least
Running free instances is a) way easier if you’re a government, and b) gives you important moderation control.
Also, a government running an instance that allows and promotes material that is very critical of said government could very well happen. It might sound contradictory, but allows for future control over “problematic” movements, if the need ever occurs.
There are some fedi scrapers.
At least some people on Mastodon really noticed it after they managed to look up their name on chatGPTAt least for a while (dont know the current case) some people bragged about being able to scrape fedi content or something
Dont know it some of the scrapers are gov spies tho
Gonna edit this after finding the saved messages that support my comment, needs probably a while ;.;
Edit: did not find it but searching for “Fediverse Scraper” has at the top two fediverse scraper tools hosted on GitHub, so yea, its easy
There are also instances that most likely exist just to suck up data for AI/LLM training. People were up in arms about it happening on Reddit and trying to torch their comments when here they’re giving it away for free and there are less bots because it’s a newer platform.
I honestly don’t care as long as the bots don’t cause a denial of service
Im not scared. Ill lay it all out. im Hubert Manne. Thats H-U-B-E-R-T and I live at 1397 Prince Ave, Athens, GA 30606. My ssn is 123-45-6789. Are you bro enough, to come at me?
Weird. Just like passwords, all I saw for your ssn is asterisks. Must be a Fediverse security feature.
Really?? Let me try! My password is: RhaedasFromLemmyIsAHumanDildo
Wow, that must be a very secure password to be so long. :P
Hunter2
Fuck.
Will do, Francis Bacon Tumminowson III of Wilburville, Kentucky!
thank you for the reminder, Robert Paulson.
theybgonna get real bored if they look at mine
deleted by creator
I’ve always considered myself a small enough target that it’s unlikely very many people give a shit.
This is not about you specifically, this is about all of us together
I didn’t expect my comment to cover all of us, presumably everybody makes their own assessment of their security concerns.
I was suggesting that you are missing the point of the OP
They don’t care about any single one of us unless you are Luigi but they want data on all of us. That’s where Intel and money is at.
Probably, there are also bots on lemmy already bcz it’s grown quite a bit. They are definitely trying to direct the conversation as well.
If you’re going to start spreading conspiracies about government bots astroturfing our small corner of the internet you’re gonna need to present at least some kind of evidence.
deleted by creator
According to the rest of lemmy, everyone on lemmygrad is a bot
deleted by creator
Uh, the Russia is doing that on every possible platform. Why would ours be an exception? What makes Lemmy so special?
It’s too small to bother with?
We have some odd encounters with allegedly non tankies pro Russia account but I couldn’t tell if they were a bot or rather just a useful idiot
Not worth the effort, to be honest
Easy: “Everyone I don’t like is either a shill or a bot!”
Please don’t underestimate the ignorance and stupidity of the current administration and please stop giving them ideas that they would be unlikely to find on their own.
Sounds like someone who was big into monitoring would say.
If you are doing anything that’s publicly visible, you’re not anonymous.
That’s not quite true, although technically in this case you would be pseudononymous.
You can use Lemmy at opsec level 4-5:
http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/index.html
Register an email over tor browser, use that to verify a Lemmy account over tor browser, only ever access over tor browser. Be mindful of what you say and post.
On graphene you can also install always-on orbot/invizible in a seperate profile or private space and use apps like Voyager
Note: some instances like.world block tor users.
dbzer0, Lem.ee, and mander.xyz I know are cool with it
Here are some other options for anonymous email:
https://onionmail.org/ https://tuta.com/ https://mailfence.com/ https://www.guerrillamail.com/ https://yopmail.com/en/email-generator (Generate Randomly an Anonymous Email for Free) https://nbox.notif.me/ (Free Anonymous and Private Disposable Address Provider) https://addy.io/ (Open-source Anonymous Email Forwarding) https://www.secure-email.org/ https://maildrop.cc/ https://www.mailinator.com/ https://www.secure-email.org/ https://librem.one/ https://flashbox.5july.org/ (Flashbox - Anonymous Disposable Email) https://user.disroot.org/pwm/public/newuser (Disroot) https://www.throwawaymail.com/ https://nbox.notif.me/ (Anonymous, Private, Free) http://csmail3thcskmzvjicww3qdkvrhb6pb5s7zjqtb3gdst6guby2stsiqd.onion/ (cs.email - Disposable Temporary E-Mail Address) http://torbox36ijlcevujx7mjb4oiusvwgvmue7jfn2cvutwa6kl6to3uyqad.onion/ (TorBox) http://6n5nbusxgyw46juqo3nt5v4zuivdbc7mzm74wlhg7arggetaui4yp4id.onion/src/register.php (Morke) http://mail2torjgmxgexntbrmhvgluavhj7ouul5yar6ylbvjkxwqf6ixkwyd.onion/ (Mail2Tor) http://2nxpboa3ya52j5au4gxwkdt4nxoh5g4y4f3tuqedlza46y35jmv6doid.onion/ (SecretMail) http://ovhcd6qhuz22bid42pw7unwfqf7i55rghb5x62q4kxchjnk2gz2ot6id.onion/ (Hobe Onion Mail) http://5nm4mdhzyfbif6i5qv3kh4i7j2trlbuvujsencsqn55opaa3d6qhfcqd.onion/ (Hidden Mail Onion Server) https://onionmail.org/ (Clearnet) http://pflujznptk5lmuf6xwadfqy6nffykdvahfbljh7liljailjbxrgvhfid.onion/ (Onion Mail) http://en.vzoc4aylgsqwexe6okjbz2ix5atgdv5xyibnkcekmtg4u23syz6a7rid.onion/ (OnionMail) http://j3bv7g27oramhbxxuv6gl3dcyfmf44qnvju3offdyrap7hurfprq74qd.onion/ (adunanza Onion Mail) http://eot3almpracnkz7gz3r5yr3qaymngqsrmvbica2shw5zuc52az2gxoqd.onion/ (Dozaru Onion Mail) http://2nxpboa3ya52j5au4gxwkdt4nxoh5g4y4f3tuqedlza46y35jmv6doid.onion/ (Systemli) https://www.systemli.org/en/ (Systemli Clearnet) http://fozdean5ayswi6jtseg2fgyysqt3dskoosmoc6gnqia4dxwxiuvg3oad.onion/ | Underworld.dog Onion Email"
Aren’t there instances that don’t require e-mail verification?
What are you going to use except Tor?
Anyway the risk is pretty low that you are going to get targeted by law enforcement. Even if you are a person of interest it is going to be easier just to wait until you make a Sec Opps. They would need to control every node in the path plus they would need to decrypt the traffic on the exit. Somehow I don’t see that happening.
Also if you use Onion sites it is even harder to trace since there isn’t a clear exit.
After following up on a post on Reddit and two years of investigation, the reporters came to the conclusion that Tor users can be de-anonymized by correlating the timing patterns of network traffic entering and exiting the Tor network, combined with broad and long-term monitoring of Tor nodes in data centers.
I’ve been saying this for years. It’s an open system, all you need are entry notes and exit nodes and you can launch exits for a pittance.
https://blog.torproject.org/tor-is-still-safe/
Tor is still alive and well I promise
It is not perfect but it is by far the best thing we have. If it’s legal for you to use you should be doing so.
For sensitive operations you should take further steps (follow the blog) like properly setting up your device, and connecting via a network not connected to you
what if I prefer mozilla firefox? Ive heard when you check every data security option the browser is private enough
Whats the difference
That is a very bad idea
Use Tor since For is designed to make every user apprear identical. Firefox is packed full of telemetry and leaves a pretty heavy fingerprint.
No, they’re not the same.
Tor browser gives you ANONYMITY, which is not the same as privacy.
What is Anonymity ? Why is it Important ? http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/anonymityexplained/index.html
Why isn’t privacy enough for anonymous use?
http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/anonuse/index.html
(BTW stock Firefox is not even private at all)
these websites dont work for me… and the link looks very wrong - do you have like more accessible sources for me? Id be very thankful
As is tradition.
It’s Nicole, isn’t it?
