this post was submitted on 11 Aug 2023
32 points (97.1% liked)
Sync for Lemmy
15137 readers
16 users here now
๐
Welcome to Sync for Lemmy!
Welcome to the official Sync for Lemmy community.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Community Rules
1- No advertising or spam.
All types of advertising and spam are restricted in this community.
Community Credits
Artwork and community banner by: @MargotRobbie@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Oh wow... That's an excellent point. And even if the client downloads it the moment it fetches the message, that would still be enough to help determine when somebody is using Lemmy. I don't think advertisers would have a reason to do that^1^, but I wouldn't put it past a malicious individual to use it to create a schedule of when somebody else is active.
^1^ It's probably easier for them to host their own instance and track the timestamp of when somebody likes/dislikes comments and posts since that data is shared through federation.
That would be ideal, I agree. This comment on the GitHub issue explains why some instances would want the ability to disable it, though. If it does eventually get implemented, having Sync as a fallback for instances where media proxying is disabled would be a major benefit for us Sync users.
A small side note: that comment also points out a risk of a media proxy running the risk of downloading illegal media. I don't necessarily think lj would need to worry about it in the same way, though. From my understanding, the risk with that is that an instance would download the media immediately after receiving a local or federated post pointing it. An on-demand proxy would (hopefully) not run the same risk since it would require action (or really bad timing) on the part of a user.
Fair, but it's a bit of a moot point. Sending the message between instances is already copying that data around, and even if it's between two users of a single instance, it's not end-to-end encrypted. Instance admins can see absolutely everything their users do.
Interesting! I wasn't aware that there were any Android VPNs capable of doing per-app tunneling.