Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
  • heartlessevil@lemmy.one
    link
    fedilink
    arrow-up
    25
    ·
    2 years ago

    Do you think kbin is just reaching into other servers and pulling the bytes off the disk? You can’t guarantee anything is deleted in a federated system, other servers can just ignore your delete request. So this makes no difference.

    • raphael@lemmy.mira.pm
      link
      fedilink
      arrow-up
      8
      ·
      2 years ago

      And it breaks easily. I still can see several posts on my private instance that have been deleted. The delete command never made it to my server for any number of reasons. As some posts never make it to my instance either. I guess in the long term some kind of delivery queue and guarantee would be nice.

      • cwagner@discuss.tchncs.de
        link
        fedilink
        arrow-up
        3
        ·
        2 years ago

        Heh, I had the opposite, my comment was accidentally deleted by a mod, but the restore command never reached my server. So now it’s deleted for me (and I can’t see replies to it), but lives on in the original instance :D

        • webghost0101@lemmy.fmhy.ml
          link
          fedilink
          arrow-up
          2
          ·
          2 years ago

          Surely this and “a federated system of deletion” is something that can be fixed by the open source devs after there done with the ungodly amount of work the influx of users creates?

          • heartlessevil@lemmy.one
            link
            fedilink
            arrow-up
            4
            ·
            2 years ago

            There is a federated system of deletion, it just doesn’t have guarantees to work. The problem is that it’s a distributed system among untrusted actors. Usually the only way to have a distributed, secure, untrusted system is to use a blockchain. In the absence of a blockchain or equivalent, we keep the “distributed” and “untrusted” but concede the “secure”.

            This doesn’t just go for deletions. It also means submissions or edits might not affect other servers. Malicious servers could also change all your posts to say “I’m an ugly moron” and those could get propagated to other servers.