I have been using Lemmy for 20 days, at first I opened an account at Lemmy.world because you can join without writing a text and waiting approval. I have been enjoying the experience overall but despite the admin teans best efforts Lemmy.world has been experiencing some serious performance issues. If you want to avoid that join a smaller instance, preferably hosted in your country. I joined discuss.tchncs.de today and everything is so much faster it has added benefit of being able to see beehaw.org posts too. It will improve not only your but all other Lemmy.world users experience too.

  • Dave@lemmy.nz
    link
    fedilink
    arrow-up
    32
    ·
    1 year ago

    Don’t forget that the admin basically has all your info

    What info? Lemmy is a public forum - anyone can see anything you post. Many Lemmy instances don’t even require an email address to sign up.

    • Zikeji@programming.dev
      link
      fedilink
      arrow-up
      21
      ·
      1 year ago

      At the very least they would get access to your IP address (assuming you aren’t ok a VPN/proxy) and browsing habits. Whether they take the steps to log those in a usable format and do something with it? I wouldn’t say the risk is much different on an instance with 1000 users vs 100.

      My main concern would be instance longevity.

      • Dave@lemmy.nz
        link
        fedilink
        arrow-up
        17
        ·
        1 year ago

        At the very least they would get access to your IP address (assuming you aren’t ok a VPN/proxy)

        A public IP address is (by definition) public. If you’re behind CG-NAT you don’t get your own public IP and if you have a public IP but not a static one then restarting your router will change it. I don’t think there are many cases where an instance knowing your public IP is an issue. Lemmy instances hotlink media from other instances so many different instances get your IP just from browsing Lemmy.

        My main concern would be instance longevity

        This is a different conversation but if your account is meaningful then this should be a real concern. A month ago there were about 80 instances, now there are nearly 1000. How many of those will still exist in a year?

        • Zikeji@programming.dev
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          1 year ago

          I am aware of how a public facing IP address works, and how little information it does give, by itself. It is still a privacy concern, and can be used in conjunction with other data to launch social engineering attacks or to help narrow down other data.

    • Poob@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      The biggest issue is that you’re giving them your email address and then posting info online. If you use your main email and then post something inappropriate or private, someone could easily leak that info. Someone who posts nudes without their face for example. A malicious admin could easily try to blackmail you with that info. Is it going to happen? Probably not, but why risk it?

      • Dave@lemmy.nz
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        You don’t need to provide an email address to sign up at most of the big instances. I think lemmy.world is the exception. Even your instance lemmy.ca does not require an email address.

        If you really want to provide one, you could use a service that does email forwarding. Some examples are https://simplelogin.io (owned by Proton Mail), and Firefox Relay (Owned by Mozilla, makers of the Firefox browser). These both have free tiers. There is also https://duckduckgo.com/email/ from the people who make the privacy focused search engine DuckDuckGo. That one I believe gives you unlimited new randomised email addresses for free. Very low attachment size limit but great for something like Lemmy.

        • Poob@lemmy.ca
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          You’re right that you don’t have to on most large instances, and that you can make burner email accounts if you have to.

          But this post was simply about telling people to be careful of smaller, less known instances. The links you provided are excellent ways to protect yourself, even outside of Lemmy.